Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
HtTP://6t.NZ:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI

Overview

General Information

Sample URL:	HtTP://6t.NZ:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI
Analysis ID:	1585230
Infos:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Suricata IDS alerts for network traffic

AI detected suspicious Javascript

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

None HTTPS page querying sensitive user data (password, username or email)

Stores files to the Windows start menu directory

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 6376 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 3976 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1980 --field-trial-handle=1908,i,11143923296459145557,6145508390765661560,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4692 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "HtTP://6t.NZ:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

ET MALWARE DNS Query to Raspberry Robin Domain (6t .nz)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2025-01-07T11:03:57.276789+0100	2045463	1	A Network Trojan was detected	192.168.2.16	56319	1.1.1.1	53	UDP
2025-01-07T11:04:31.728815+0100	2045463	1	A Network Trojan was detected	192.168.2.16	60542	1.1.1.1	53	UDP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected suspicious Javascript

Source: 0.0.id.script.csv

Joe Sandbox AI: Detected suspicious JavaScript with source url: http://6t.nz:8080/... This script demonstrates high-risk behavior by redirecting the user to a dynamic URL with a random query parameter. The redirection to an unknown or potentially malicious domain poses a significant security risk.

Source: http://6t.nz:8080/cgi-bin/

HTTP Parser: Number of links: 1

Source: http://6t.nz:8080/cgi-bin/

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: http://6t.nz:8080/cgi-bin/

HTTP Parser: Title: GuNas does not match URL

Source: http://6t.nz:8080/cgi-bin/

HTTP Parser: Has password / email / username input fields

Source: http://6t.nz:8080/cgi-bin/

HTTP Parser: <input type="password" .../> found

Source: http://6t.nz:8080/cgi-bin/

HTTP Parser: No <meta name="author".. found

Source: http://6t.nz:8080/cgi-bin/

HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Networking

Suricata IDS alerts for network traffic

Source: Network traffic	Suricata IDS: 2045463 - Severity 1 - ET MALWARE DNS Query to Raspberry Robin Domain (6t .nz) : 192.168.2.16:56319 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2045463 - Severity 1 - ET MALWARE DNS Query to Raspberry Robin Domain (6t .nz) : 192.168.2.16:60542 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.159.71
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:06 GMTServer: http server 1.0Content-type: text/html; charset=UTF-8Last-modified: Wed, 02 Mar 2022 21:37:57 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 360Keep-Alive: timeout=15, max=100Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 6d 52 db 4e c3 30 0c 7d 26 5f 61 85 87 76 2a 6b c6 0b 48 ed b2 7d 01 e2 03 b6 09 65 89 bb 16 da 26 a4 ee b4 09 f1 ef a4 bb 32 c4 93 1d eb 1c 9f 63 3b d3 92 9a 1a 3a da d7 28 f9 5a e9 8f 8d b7 7d 6b b2 fb c9 e4 59 63 c1 67 6c 5a a2 32 21 34 48 0a 4a 22 37 c6 cf be da 4a 8e 3b 57 79 ec 38 68 db 12 b6 24 f9 64 80 77 da 57 8e 80 f6 0e 65 44 b8 23 f1 ae b6 ea 58 8d 66 cc 79 19 1b ab fb 26 30 d2 da 6a 45 95 6d 53 e7 2d 59 6d 6b 90 12 a2 41 a4 cb a2 11 cc 4f 79 04 d9 31 8b 72 e6 48 c6 57 9a f5 74 a0 1c c1 07 5c 16 41 02 37 88 9c 79 34 c1 aa a6 b7 ae 2f 8a 6a 07 12 b8 38 d7 d2 61 03 73 1d a6 0e 13 24 2f 8a ca d4 ab d6 d8 26 1e e5 ac 2a ae 62 a5 ed a8 55 0d a6 55 6b 70 f7 5a c4 41 6a 34 a8 8f 1f 47 ec 8b 5d 24 4b 8f 85 74 3e e1 99 10 3c b9 96 4f f4 c4 51 f2 c7 4f ce be 19 d6 1d de 09 11 7c d4 06 d6 08 95 db 3e 81 32 c6 87 d6 5b e5 a1 f7 61 39 c0 79 ce 42 76 6e bf e0 bf 46 bd f8 f3 e8 6a a5 31 16 8b e5 62 b9 5a 89 cd c3 61 41 09 5f f1 7f c5 6f 9c 07 91 20 30 38 9a 8a e3 d1 c2 4d c5 e9 0f ac ad d9 0f cf 73 1c 56 37 63 3f 1c f1 8c 38 44 02 00 00 Data Ascii: mRN0}&_avkH}e&2c;:(Z}kYcglZ2!4HJ"7J;Wy8h$dwWeD#Xfy&0jEmS-YmkAOy1rHWt\A7y4/j8as$/&bUUkpZAj4G]$Kt><OQO\|>2[a9yBvnFj1bZaA_o 08MsV7c?8D
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:06 GMTServer: http server 1.0Content-type: text/html; charset=UTF-8Last-modified: Wed, 02 Mar 2022 21:35:26 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 548Keep-Alive: timeout=15, max=99Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 6d 53 4d 6f db 30 0c 3d cf bf 42 d3 c5 76 bd d8 e9 3e 72 48 e2 15 d8 5a 0c 3d 14 ed d0 60 c0 90 06 85 2a d1 b1 16 5b d2 64 3a 4b 50 f4 bf 8f 76 92 a6 1d 76 91 48 ea 91 7c 7a 94 a6 6f cf af bf ce 7e de 5c b0 12 eb ea 73 30 3d 6c 20 14 79 35 a0 a0 13 74 03 f8 dd ea 75 ce 61 e3 b4 87 86 33 69 0d 82 c1 9c 0f 39 e1 b2 72 87 7f b0 6a cb 1a dc 56 90 87 4a 37 ae 12 db b1 b1 06 26 61 07 ea 4e 69 6f a4 d7 0e 19 6e 1d a1 10 36 98 fd 12 6b b1 8b 12 ae 68 8d 44 6d 0d 5b da 2b a1 cd 8d 58 42 e4 44 d3 c4 8f 01 fa ed 63 a0 0b 16 29 2b db 9a da a7 4b c0 8b 0a 3a f3 cb f6 52 45 dc 43 ad 8d fa 21 aa 16 78 9c ca 12 e4 0a 14 65 ae 85 67 7b ee 2c 67 06 fe b0 73 81 10 c5 93 60 1f 4d 1b c0 99 ae 21 3a f8 54 b9 f7 63 96 b0 0f a3 4f ec 84 bd ff 48 cb 68 78 58 4e 87 c3 21 e5 3f 53 91 d6 ae 34 e4 bc 59 69 77 7f 79 71 af 00 41 62 7e 3a 39 34 ce 79 72 28 8e f6 db d5 ec 16 bd 36 cb 8e c3 53 f0 24 05 ca 32 02 a2 4a 5e e0 7c 7e bc 63 65 e9 90 04 49 9d b7 68 a5 ad 58 9e b3 b0 9b 4a 33 0e 63 76 b6 b7 43 36 de 59 e1 24 70 98 47 c7 34 eb b1 4f d9 81 7b dc 38 a4 6b bd 42 4c 02 0f 8a 66 2b f1 be 69 8b 42 6f 48 27 9e c9 a5 1e 3c 68 93 7d 9f dd a6 64 9f 49 db 76 43 4f ae 04 96 69 51 59 eb a3 de f4 c2 28 5b 47 f1 49 a7 ca 4e 18 5d 1c 29 94 b6 41 23 6a 48 69 38 b0 b9 2e 22 22 10 77 9c 06 a7 71 f0 18 3c 13 29 3d 14 b9 f3 09 1f 67 19 4f 8e e1 7d 7a e2 30 f9 87 65 27 1e 54 0d bc c9 32 e2 56 29 f6 00 4c bb f5 88 09 a5 3c 95 ee 06 df 7a 92 8c 71 3e 09 c8 3a 94 9f f3 17 02 3c f3 f3 40 6f 56 42 94 cd ef e6 77 8b 45 b6 7c d7 cb 96 f0 05 ff 6f f3 57 cc a9 09 35 e8 c7 19 bc 78 bc 34 e0 69 b6 7b de fd 57 e9 3f da 5f c9 a6 43 73 79 03 00 00 Data Ascii: mSMo0=Bv>rHZ=`*[d:KPvvH\|zo~\s0=l y5tua3i9rjVJ7&aNion6khDm[+XBDc)+K:REC!xeg{,gs`M!:TcOHhxXN!?S4YiwyqAb~:94yr(6S$2J^\|~ceIhXJ3cvC6Y$pG4O{8kBLf+iBoH'<h}dIvCOiQY([GIN])A#jHi8.""wq<)=gO}z0e'T2V)L<zq>:<@oVBwE\|oW5x4i{W?_Csy
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:07 GMTServer: http server 1.0Content-type: text/html; charset=UTF-8Last-modified: Wed, 11 Dec 2024 09:12:11 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 2605Keep-Alive: timeout=15, max=100Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 19 59 73 da 48 fa dd 55 fb 1f 3a 9a a9 38 a9 8a c0 38 de 4c 0e cb 29 82 e5 84 32 06 02 22 d9 79 52 35 52 63 da d6 65 75 0b cc 64 f2 df f7 fb 5a 37 c8 8e 9d 4d d5 54 ed 83 2d a9 8f ef be 39 7e 72 3a ea 59 7f 8e 4d b2 94 be 77 b2 77 8c 0f 92 04 82 79 cc 91 74 ee 31 43 0b 03 8d 08 b9 c1 d7 39 75 ae 2f e3 30 09 dc b7 bf 1d 1c fc e1 b0 85 86 77 18 75 e1 e1 33 49 01 8c 8c 74 76 93 f0 95 a1 fd 47 9f 75 f5 5e e8 47 54 72 80 a4 11 27 0c 24 0b a4 a1 f5 4d a3 73 f0 8e c0 e3 8d fa ff fa 05 71 96 71 e8 33 a3 83 00 15 24 67 49 63 c1 e0 f0 cc 3a d3 5f e3 f2 85 69 75 c9 27 cb 1a eb e6 e7 59 ff 8b a1 f5 ba bd 4f a6 de 1b 0d ad c9 68 a0 11 7c 31 87 96 a1 0d 47 ba da 6a bc 34 9e 74 3f 5e 74 ef 38 ad 30 07 14 08 d1 56 9c ad a3 30 96 15 b2 d7 dc 95 4b a3 d3 79 7d 80 90 25 97 1e 3b f9 ca 3c 07 08 27 32 24 9f 87 dd 31 b1 92 78 1e 92 61 77 7a dc 4e 0f ec 1d 7b 3c b8 26 31 f3 0c 8d 83 04 34 22 37 11 c0 c7 f7 f6 ad ce 7d 7a 09 a2 59 c6 6c 61 68 6d e7 92 eb 73 1e b4 d5 aa 68 fb e1 9c 7b ac ed 85 97 a1 dd 79 d5 82 2b ef 3b af 8e 5e 1d fe fb d5 9b c3 23 8d b4 81 8a 12 b8 58 02 b5 4e 22 49 8a e5 17 40 a4 51 e4 31 5d 86 89 b3 d4 53 a0 82 ff c5 84 a1 75 3a 47 b7 f0 f7 20 b2 8f 8e 5a 51 70 59 a5 bb 4e f6 36 12 3d 8a 19 48 34 0a 05 73 c1 f0 7e 11 c2 9a a0 d0 98 c5 92 31 d0 6d aa 0b c9 6e 65 db 11 a2 60 68 f5 d2 f6 59 90 e0 5a fb 46 0a 7d 01 96 db 82 8f f7 b6 eb 18 f7 a8 a0 02 79 4b fe a0 43 1e 58 4b e6 b3 b6 c4 ff 1d d4 2a 0f 14 d0 d8 58 84 b1 ff b4 0a 77 9b 2e 9f b9 9c 1a 9a 70 62 c6 02 6d 4b f1 15 ac d9 b9 67 3e bd d5 97 8c 5f 2e e5 5b f2 c7 ab d7 d1 ed f3 1d 65 dd 41 91 5e 5e d5 e1 66 46 e0 9a 7a de bd 04 22 49 40 1d 8f 64 55 a6 57 74 45 d3 55 f0 98 15 8d c9 e7 d1 d4 3e 35 cf ba 33 6b 30 35 2d ab 3f fc 68 7c fb fe 4e 6d 45 60 f2 13 1a b8 a1 6f 04 6c 4d 4e a9 64 cf 9e b7 2e 99 b4 b8 0f 6f e9 a1 d9 64 60 4f ba c3 d3 d1 85 3d 9c 5d 80 25 96 ee 90 1e 88 19 04 8d 73 b6 21 06 d1 7e 9f 98 80 c4 3e 37 ff fc 5d 4b 77 59 e0 4a 80 a6 36 cd e1 a9 d5 bf 30 f3 2d 2e be 50 8f bb 13 bc 3f 5e bb ea 48 7f 6a 7f e9 0e fa a7 76 0a 68 fc f5 b4 3c 3d 8e 19 86 08 38 b7 a0 9e 60 29 7c 67 c9 9c eb 21 c4 0f 75 1d 42 50 ef dc 1e 76 4b 24 60 3e b0 d3 cc 1e 5f 90 67 4b 2e 64 18 6f 5a 51 22 96 53 09 12 78 fe 6d 6f 67 ed d9 b7 ef 2f f6 f7 5f ec 17 d1 62 1f 84 f3 7d ef b8 9d 4a fa 47 8a 20 22 76 20 d4 78 7c 8e 01 26 80 80 0c 0f b0 76 d9 f2 c1 1e af 44 d5 55 4f 1e 09 34 8f 5f 1e 0d 2e 13 d0 67 0b 16 6a 21 eb 67 01 5e 81 1f 86 42 77 c2 98 e9 a9 e3 d4 09 25 3f 0d d8 51 34 d6 fd fa a9 34 ae c4 d3 85 71 75 93 b0 78 a3 77 5a 9d 83 d6 61 26 1e ed a7 51 dd e1 70 5b 22 af 81 7f a2 eb e4 7e b7 ca b4 99 0b fe ea b1 ec 00 97 b9 3c b5 52 86 44 d7 4f f6 c0 a2 b2 d4 3e 0f d
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:07 GMTServer: ApacheLast-Modified: Wed, 02 Mar 2022 21:38:20 GMTETag: "3b7-5d94319a78b00-gzip"Accept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 253Keep-Alive: timeout=15, max=99Connection: Keep-AliveContent-Type: text/css; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 93 4d 8b c2 30 10 40 ff ca de aa 60 5b 41 61 b1 bd b8 7b 10 0f 7a f0 83 bd ca b4 9d 68 60 92 40 92 2a 22 fd ef 26 6d 51 7b 2b c8 82 a7 24 33 6f 0e 6f 32 33 67 4a da 90 41 8e b7 f6 26 38 5d 93 60 b3 df 7d 2d 5c 2a 48 eb b0 b1 57 c2 44 2a 2d 80 9a c8 05 f9 f1 64 93 c9 78 9c 1a 9d 27 a5 a6 41 7c 9e 1c 04 ca 32 f6 25 26 de aa 4c 59 d5 1e e1 ca e3 91 b5 6c 38 22 95 03 0d 82 25 d2 19 2d cf 21 78 84 7e 34 07 7a 3e 77 20 4d 68 50 73 f6 8c fd a1 2e 40 be d4 ec e1 a4 84 7b a7 d5 fc 4d 97 69 5f 97 2d 1e 4b 02 fd d9 36 df 7d 6d d6 58 f0 52 7c b6 cc ac af cc af a2 e2 7f 55 a2 7a ca c8 8f f3 28 62 d4 ac cd cb 36 54 0d d0 ec 8a 23 64 87 f0 33 d6 12 a2 ee bb 23 44 87 f0 ff d6 12 99 93 71 f9 ac 93 f7 ad a8 ee 48 55 5d 2c b7 03 00 00 Data Ascii: M0@`[Aa{zh`@"&mQ{+$3oo23gJA&8]`}-\HWD*-dx'A\|2%&LYl8"%-!x~4z>w MhPs.@{Mi_-K6}mXR\|Uz(b6T#d3#DqHU],
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:07 GMTServer: http server 1.0Content-type: text/cssLast-modified: Wed, 02 Mar 2022 21:37:56 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 3745Keep-Alive: timeout=15, max=97Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 5b 6d 6f e3 36 12 fe 2b 46 83 62 13 2c e5 17 39 4e 36 36 ae 87 a2 c0 7e 3c f4 d0 7e 3b 1c 02 4a a2 6d 36 b2 a4 48 b4 93 ac 91 ff 7e 33 43 52 22 25 da c9 ee a5 f0 66 23 4b e2 70 66 38 f3 cc 0b 99 ad da e5 2c 29 b3 17 96 c9 03 6b 2a 5e 30 5e 55 b9 50 ac 4c fe 12 a9 62 72 5d f3 9d 60 db 19 db c6 6c 3b 67 db 6b b6 5d b0 ed 0d ab 58 92 97 e9 c3 e3 be 54 82 55 b5 60 9c f1 24 a9 19 4f eb b2 78 d9 31 9e 65 b5 68 1a 96 c8 0d 4b 25 bc 93 96 99 60 99 c8 59 b6 2e 98 d8 31 b9 db 30 59 34 ec 21 c9 d8 23 6b 58 c3 77 15 6b 76 3c cf 59 a3 6a f9 20 f0 57 59 6c 58 b3 4f e0 a7 62 4a b1 03 af 59 c2 f6 4c b2 54 14 4a d4 2c 03 72 8a 65 19 2b 73 b6 cf 59 2e d9 5a 8a 3c 6b 40 80 75 59 ef 58 ce 13 98 31 17 1b 51 64 4c f1 24 07 3e 78 a5 64 59 30 45 62 ab 75 59 2a a6 b6 82 c3 f3 1a 2e 98 ca 18 af 95 4c e1 55 de 48 e0 39 e5 c5 81 37 c0 ba e2 32 6f 80 f5 44 64 30 cd 66 0f 42 c3 2f 4b 0f 09 01 47 48 09 7f 6d ea 12 78 de 89 62 cf 0a 7e 60 e5 5e 55 7b c5 ea 7d f2 c2 1a 50 2c 72 d0 ec 77 3b 5e 03 0f 12 34 0c 57 0f 8c ef 33 59 b2 03 cc 5a b2 64 af 54 59 1c e1 fe 46 16 cb e9 aa 02 8d ca 62 03 57 49 59 c3 14 70 b1 2e 0b 15 35 f2 9b 58 ce a6 d3 9f e9 eb 52 16 5b 51 4b a5 9f ad f9 4e e6 2f cb 4f ff fe f3 8f d1 57 78 fa 69 75 10 28 1b cf 23 9e cb 4d b1 4c 78 23 72 59 88 55 b4 6b a2 7d 23 ea 08 be 03 7b cb a2 a4 9b e5 b7 c0 dd 87 2d 58 4d e0 fe 93 48 1e a4 0a 3c 28 87 f7 06 73 81 82 90 11 3d f1 ab 16 1e ec 03 94 76 24 31 87 a2 f8 23 fc 35 b3 8b e5 ae 8f 59 b1 b3 cb 64 96 e6 98 c9 a6 ca f9 cb 92 6c 7c f5 8a 02 1f b7 42 6e b6 4a ab fa 49 66 6a ab 2f 5f d1 8e bc 87 dd 8b 87 ed ca 79 b3 bd 3c 3c ad 4a 58 88 75 5e 3e 2d b7 32 cb 44 b1 22 2a a3 71 c2 d3 07 b4 9c 2c 92 3b be 11 47 fb bd 30 37 96 fb 3a bf 9c e4 32 69 26 e2 59 fd d5 44 f3 31 7c 26 e0 69 e5 be 4e 45 33 a1 61 cd 24 13 6b be cf d5 a4 19 6f e4 fa 9f b3 9b eb 9b 78 71 73 17 5f 5f ad 1c 8a 55 d9 48 34 c4 a5 76 26 f7 51 2d 2a c1 d1 0a 22 7d b5 72 85 7f 8f 7c 2d ed b5 7c 16 d9 4a 95 15 d8 6b 58 c8 65 22 c0 57 c5 31 85 65 06 af 5e 7e fa e4 72 92 96 79 59 2f eb 4d c2 2f a7 8c 3e e3 f9 d5 ff cb ce 2b 19 d6 72 89 56 5f 8b 83 e0 b9 36 35 7d 07 5c 9f d7 ad 09 90 27 bc 8e 9b 5c a6 02 56 65 c3 2e f2 12 3c f2 2b c0 cb 68 9c 6e 45 fa 90 94 cf 11 c1 ce 88 e0 c6 ca d3 69 5a af 5a ba 91 51 22 8b 09 0d ff 73 2b 76 62 02 b8 b3 13 b3 a9 5d 35 7a 72 4f 33 8d ab 62 e3 ad 9b c3 41 14 3b 76 e1 d3 06 f0 6e 26 95 a8 9b b2 e0 f9 1f 42 29 40 8c d6 28 e2 fb 46 89 ea 1d f4 e7 27 ec ce 4a d0 1a 59 f3 00 0b 3b 41 c8 4b 78 3d 21 c6 ef 01 eb 77 cd 80 7d c7 ec 06 b6 e5 8a 96 e6 65 e3 9a fd 7b 55 47 e3 06 b3 0e 28 9f 51 dd e9 65 21 da 27 d5 a6 01 df 02 c0 f5 4d f5 ec fa bc 23 b7 b6 e4 8b 38 8e 57 61 ef 18 03 26 34 e0 8f c7 de e3 a4 84
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:07 GMTServer: http server 1.0Content-type: application/x-javascriptLast-modified: Wed, 02 Mar 2022 21:37:56 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6404Keep-Alive: timeout=15, max=98Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c 0b 77 da c6 b6 fe 2b 54 ed 49 a0 16 b2 b1 93 f4 1c 1c 25 cb 71 48 42 e3 57 0c e9 e3 f4 74 b1 06 21 40 b1 90 b0 24 70 5c c2 7f bf df de 33 92 46 42 90 c7 e9 bd eb b6 c5 45 f3 d8 33 b3 67 bf f7 16 4b 11 d5 c2 d8 5c 78 c7 ef af cf 06 d7 27 17 2f 2f cf 07 17 ef cf 6d a3 f5 e4 d1 93 c3 c7 4f fe 75 f8 c8 38 5e 62 d4 5c 4c dc 6b 11 8c c2 99 1d b8 77 b5 97 22 71 eb 0d 6b e2 26 7d 6f 86 6f 3c e6 73 30 bc f8 2a 72 97 9e 7b 67 df 79 80 74 67 65 0d 9f 3e 8d 85 1f bb 0c 65 30 72 b6 2f 71 75 72 dd b9 e8 0f 7e ed 5e a4 30 c2 b9 1b b8 d1 a7 4f 0a e4 5c 44 6e 90 1c 7b e3 fa d4 8b 93 30 ba b7 e6 8b 78 da 4b b0 df c6 6a a3 a9 be 5a 9b 86 61 1a d6 be d1 58 63 8e 02 f2 ee e2 e4 aa 1f 86 7e 63 95 7e b3 fc 50 8c 7e 8e eb c6 be 33 f1 9a 43 2f d8 f7 45 30 59 00 29 16 1a 9e 1b 7b d9 40 a0 e4 34 0c 6f 3c b7 6e 04 22 1e d0 30 a3 b1 67 d8 c6 5e 11 3d 8d f5 78 11 38 89 17 06 b5 f7 dd 7a 63 45 47 bf b7 0d 37 8a c2 c8 30 cf 6c c3 0b c6 a1 c2 bd 9d 63 67 62 ef 7b 57 d3 30 70 f7 3d 2b 71 e3 a4 1e 88 a5 37 11 38 a9 b5 88 dd e8 64 82 d3 37 cc 31 8d 0a 47 3b c7 5c d2 18 b1 7b cc 6b fb f2 d3 a7 09 6e 87 6f e6 df f2 96 ed 55 af df b9 1a b4 da 46 9c b8 f3 41 cb 30 f9 f9 50 3d 1f aa e7 23 f5 7c 64 98 6b 9e 78 c5 7f c5 c8 5e ad e9 7e 5e cb 33 5f db da 11 c4 7c fe 8b 1b c5 40 4a c3 9a 89 c4 99 d6 f7 2f 7b b5 fa 7f 46 7b 8d 81 fc fb 9c ff f7 7c bf 71 fc 6f fb 0f 5c 76 ec 76 83 a4 7e fd 47 eb 4f b3 75 d0 30 b5 96 c3 8d 96 23 6e f9 33 47 fc ef c0 3b 76 32 6f ac 22 37 59 44 c1 3a 00 25 7b f8 cc ed 24 5a b8 b4 cb 30 06 95 5e bb 62 74 5f 6f 34 56 2f eb 8d b5 0b 42 5d a1 39 0c ea 46 44 1d 86 f9 b2 b1 ce 81 62 cc 8a 38 e2 16 9f 0b 7c c4 10 7f 46 f8 9c e3 f3 43 dd f8 9e ee 29 10 33 d7 68 58 e3 d0 59 c4 80 99 91 c2 2b 4c a6 31 91 3b 73 67 44 b5 8b 18 c3 e6 51 38 af 1b ce d4 75 6e dc 91 61 62 71 50 d9 35 86 9c 38 8e 1c 84 cd a9 dd 96 e8 af 35 10 06 36 4e 30 e7 77 23 c0 5a 0a 9f 0e 45 9b b0 d0 b2 b1 25 bd 5f 38 4e b8 00 3d 11 6b 54 2f ca 80 b5 03 55 cd 96 d7 3e b6 25 04 9d 39 78 73 9f 3e 19 cd 8f fc af 71 2c c6 76 c6 48 ee 5f 2f 5d 27 1c b9 f5 cd 16 31 c6 71 f5 b1 8b 64 fc cf 24 6c 3d a9 a3 67 13 0f b7 49 78 e3 06 60 73 a3 61 db 36 fe 96 d0 81 16 be 98 6a 04 c9 0b 67 d2 9d 60 f2 f1 38 8c ea f4 b4 b4 0f 8e 97 4f 1f 1f 2f f7 f6 1a 2b 31 d9 b3 33 da 3b 17 c9 d4 8a 58 58 d6 1b 3f 82 e4 d6 45 e8 62 02 7a c9 ef 1c 84 c2 dc 8f 03 01 45 4e 18 8c bd 89 75 e7 fa be 13 ce dc e3 11 48 64 06 a6 b6 12 2f f1 5d 6d c4 34 8c 13 22 23 e0 8f 30 54 eb 2f a2 61 58 bb 38 e9 19 c7 a0 22 3e 90 1f 4e bc e0 55 18 cd 70 ef e1 78 1c bb 49 1d cd 90 65 68 6e e2 1c b3 e6 30 09 f2 3e 20 95 f7 31 b5 69 72 ec 3a 8b c8 4d 69 f0 58 4c ab c9 b0 d7 3b 3b f3 82 9b 32 19 aa 63 c4 c9 22 08
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:08 GMTServer: http server 1.0Content-type: application/x-javascriptLast-modified: Wed, 02 Mar 2022 21:37:36 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 8506Keep-Alive: timeout=15, max=100Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c 89 7b e2 38 b2 ff 57 18 cf bc 2c 2c 0a 09 e4 e8 6e 68 cf 7c 04 92 74 a6 73 75 08 21 c7 66 f9 8c 11 c1 09 d8 b4 6d 42 12 c2 ff fe 7e 25 c9 27 4e 1f f3 f6 78 bd b3 c1 96 4a 52 a9 54 2a d5 25 3f 1a 6e ee cb 71 fd f4 dc 71 46 b5 e0 41 cf 0f a6 b6 e9 5b 8e 9d 2f cc 1f 01 31 d3 07 c6 c8 e3 cc d4 b5 fa 4e a3 b9 bb b7 ff e9 e0 cf cf 87 47 c7 27 a7 5f ce 5a e7 ed 8b ce e5 d5 b5 d1 33 fb 7c 70 37 b4 ee 1f 46 63 db 99 7c 75 3d 7f fa 38 7b 7a 7e 59 2f 57 36 36 b7 b6 df bd ff 50 5c d3 d8 50 b7 f9 2c 57 77 5d e3 39 bf 5a 66 ff dd ff b6 2b 11 02 db 1b 6c ab c2 b6 f0 77 93 6d 6d b1 ad 6d b6 f5 8e 6d bd 67 5b 1f d8 f6 3a db 7e 03 d5 75 56 66 15 b6 c1 d0 86 6d b3 77 ec 3d fb c0 ca 28 2c b3 72 85 95 37 58 79 93 95 b7 58 79 9b 95 df b1 f2 7b 56 fe c0 2a eb ac 82 36 15 56 d9 60 95 4d 56 d9 ca a0 41 65 9b 55 de b1 ca 7b 56 f9 c0 36 d6 d9 46 99 6d 60 90 0d b6 b1 c9 36 b6 d8 c6 36 db 78 c7 36 de b3 8d 0f 6c 73 9d 6d 96 d9 66 85 6d 02 87 4d b6 b9 c5 36 b7 d9 e6 3b b6 f9 9e 6d 7e 60 5b eb 6c 2b 8d 78 a1 46 6b 7a a7 af fd f3 1f 5e f1 15 ff ff 6d ed ae 16 ac 78 ee 21 bf 23 17 fd 85 d5 19 67 8d da 8b ae 69 35 ae ef 94 46 dc be f3 87 b5 81 e3 e6 eb fa 7a ad fe 91 d7 ea c5 62 61 de 40 9d 39 34 dc 86 d3 e7 75 3f 5f 2f d4 ac 41 3e df f8 5d 2f 17 56 56 f2 8d 8f 7a b9 f2 ae 50 98 bf 14 15 9c 80 59 70 30 d4 1c 80 8d df 2b eb 9b ef 44 75 cb 77 2d fb ae 34 70 9d 71 43 f5 97 af 54 36 5f a9 b3 df cb 95 c2 4a 79 ab 50 a8 bd 01 58 ae bc 97 80 db 85 95 ed 8d 1f 80 5b 97 70 12 91 b7 3a fd 50 09 3b dd 28 ff 44 a7 8b 85 cb fd a9 6b e7 5e 16 21 65 7b f9 66 40 d9 1d 50 76 57 2c 43 83 d5 03 0a 37 03 0a ef 80 ba b3 a1 35 e2 f9 9d 8f bc 30 df d5 9b 71 fa ee 80 e6 35 6f 66 f9 e6 30 bf fb fb ef 9b 85 b9 69 78 3c b7 5e 15 3f 65 f9 53 91 3f 1b f2 67 53 fe 6c c9 9f 6d f9 f3 ae 8a 49 cb 9e b1 22 3b ab e5 42 ad e7 72 e3 a1 26 fb 51 3d 94 37 aa 8d 8c f1 df a0 57 3e bf bb 02 3a 7d fc b8 5d 78 cd 37 e4 3a c4 3b dd cc ec ac fe 73 03 80 0b 3e 7e 04 3b d0 ca d0 10 72 b4 7c 5d 3e af 17 0a 59 c4 9f e4 f7 24 f1 77 59 93 ed b0 17 45 7c 0e f2 73 7d 2f a0 7c 83 f8 9a f8 5d 92 bf 41 e4 ef 3b 58 81 e1 cd 5e 7c 0d 1a 58 83 95 ca d6 d6 ed 22 04 5c 59 d9 d5 75 9d a8 08 a6 56 8f 73 31 f7 05 7a 68 fe 50 0f cd a8 07 f5 a8 7a a8 67 6f 8e fc ee c7 8f 82 0e cd 95 cd f7 05 e2 85 42 0d 83 ed 60 42 b1 0d 19 20 4b 88 ed 60 84 ed 72 61 ae b8 b3 be d8 01 62 3b 89 69 10 88 9a 86 7a fc 0e 12 18 5d 2c c9 26 61 b2 b3 b2 bd 0e 4c 2a 12 93 97 b7 31 79 49 63 f2 02 4c 5e 12 98 10 88 c2 44 3d 7e 0f 93 9d 15 c5 0e 2f 85 60 03 d6 a3 0d 88 75 91 3c 50 67 0d c6 05 07 48 5e e0 fa ee b7 38 a0 89 ea 37 e8 d9 00 8a e0 11 ac 8f 29 40 b0 93 9a 34 7b 48 c6 a8 04 04 22 b4 36 45 a9 a6 eb 9a dc 68 a0 f
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:08 GMTServer: http server 1.0Content-type: application/x-javascriptLast-modified: Wed, 02 Mar 2022 21:37:57 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 14006Keep-Alive: timeout=15, max=100Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 7d 09 57 1b c7 b6 ee 5f 11 bd 62 5e 0b 35 42 02 8c 6d e1 42 cb 09 1e 92 18 db 39 90 38 b6 e0 78 f5 24 a9 d1 04 92 30 c6 88 fb db df f7 ed aa ea ae 96 c0 b9 e7 ac b7 1e 4e a4 1a 77 cd 7b ae d2 5a f7 6a 1c cf b3 c9 d8 4f 82 b8 7a eb 4d a2 f3 34 9e 7b 4a cd 6f 2e d2 49 b7 92 7e bb 98 4c e7 b3 f5 75 ef 6a 9c a4 dd 6c 9c 26 de 9a cd 1c 4d 92 ab 61 da d6 5f 75 53 54 c5 7e b5 e5 59 b0 05 24 5d 7b 7d 5d 7f d7 c3 51 d2 d6 41 3f ae b6 92 fa 68 32 4a c7 73 56 be f3 e7 fd 6c 16 e4 1d ab de da 60 25 f9 e6 57 6f a7 e9 fc 6a 3a ae 84 3b f5 f0 e2 62 78 e3 8f af 86 c3 20 9c f6 ae 08 60 56 bd 2b 4a 5f fb 51 f5 36 dc 51 91 93 f6 95 69 1a 84 d7 d1 a3 ad bc 98 4e c3 9b 33 74 55 bd 97 e1 d7 2f a6 93 f9 84 33 50 9f 4f 8e e7 d3 6c dc ab c7 e1 70 88 aa 0e a4 ab 02 52 25 aa 64 e3 d9 3c 1c c7 9c b3 c3 70 9e 2e 16 39 74 46 ff 63 e0 73 bf 1b a4 d5 db af e1 b4 d2 0f 7a aa 73 b6 df 9d 4c fd be 6a ec f7 9f 77 eb c3 74 dc 9b f7 f7 6b b5 7e f5 b6 57 bf b8 9a f5 fd d4 ef 76 fa 67 41 bf 5a bd 33 13 d4 73 fa 3a d5 cb 6b 72 56 46 d9 0f 67 ef af c7 1f a6 93 8b 74 3a bf d1 63 e5 7e 70 20 5c f8 69 90 60 29 d0 0b 76 aa 8b 01 57 10 4f 08 b9 5b 5d 5f f7 d3 4e f7 4c 25 f8 c8 3b 20 79 9e 9d 41 4f 0a e5 13 aa 92 3c 58 0d 74 c9 af e1 f0 2a 7d df 35 05 4d 0c e5 4c a8 1a a4 4e 7f c6 9c a0 00 73 93 6f 88 f4 a5 4d 0a d6 1a d5 fa d5 9c 7b a9 d8 0c c3 7c eb dc a6 a3 8b f9 4d 6b ad 19 5c 8d af 66 69 72 32 19 a4 e3 59 ab 73 66 e2 bf 8e 2f ae e6 8c 4e be a6 d3 ee 70 72 dd da dc 0e e2 7e 38 9d bd 4d bb f3 f7 48 6c 35 02 ee 3a 5d 10 70 b2 31 fa 98 25 47 93 f1 bc df 92 fd 68 52 5e 4d a6 a3 70 2e 4d cd d2 e9 af ba 18 f6 43 c2 a4 6c 36 c1 d7 9d d3 c7 73 67 4b 11 8c 52 51 fd cb 45 17 13 27 df 2a c1 20 aa 81 84 9d 5a 7d 1f 0b 91 75 e5 20 28 cc d7 97 6c f6 17 bb a3 b7 4f ac 92 73 14 d8 2f d2 d5 5a 36 7b 17 be f3 91 92 d4 7b e9 fc 24 1b a5 80 bb be 1e d7 ed 88 9f 37 d6 d7 d7 e2 ba 4c 94 84 dc 11 4a 42 3e 7e 37 5b 0f 57 52 96 c6 1b a0 b1 19 4e 52 3c c7 60 9c ae 14 c1 f5 f5 06 0e 60 5c 2f 4d b4 4d 74 17 ca ec fe f5 f5 af 93 2c a9 e8 4a 51 d6 7b 33 b9 9a 16 5b 2f 9f 04 67 9e 7a 9c 27 6e 5e 4c c9 d8 6f 6c 35 aa fb e6 40 70 30 6b 0a 08 e9 c2 c7 64 c5 d8 90 40 49 0c 2c 0f 43 ad 35 82 d8 01 d9 f5 7b d8 fd 02 f4 3c c8 82 fe 3e 96 e1 3e 4c d9 65 7f 5e 1c 09 8e d3 a7 0f d3 d0 5b 49 54 ab e5 aa c1 43 f0 0c 04 a9 f3 60 29 ee 1d b4 d3 65 a9 ee 83 a5 86 ba d4 90 a5 86 0f 96 ca d7 0f 00 75 98 e5 75 e8 c1 4a f3 ef 23 0d 1c 01 16 c7 d7 83 65 b3 d9 9f 27 bf d8 89 41 50 4f 07 02 0f d6 98 74 bb b3 94 5b 0a 5d d2 61 d6 d1 a1 07 2b c9 81 42 05 1e a8 73 bf 8b 13 f5 c0 14 0f 27 c0 fa a9 99 1b 09 cb 04 49 a8 1a 84 5f cd 4e 3c 68 68 bc 78 4e 9c 18 7e c5 59 54 e1 d7 ce 39 90 b1 ea 76 b2
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:08 GMTServer: ApacheCache-Control: private, max-age=604800, pre-check=604800Pragma: privateExpires: Tue, 14 Jan 2025 10:00:08 GMTEtag: "1646256652-gzip"Last-Modified: Wed, 02 Mar 2022 21:30:52 GMTContent-type: application/x-javascript; charset=UTF-8Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 4284Keep-Alive: timeout=15, max=100Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 d5 5a eb 6e db c8 19 7d 95 59 a1 40 b3 80 ea 58 76 76 37 ab a2 2d 28 89 b6 b9 d6 2d 22 65 37 45 00 82 92 46 36 d7 14 47 25 a9 38 de b6 c0 3e 48 fb 72 fb 24 3d 67 66 78 91 64 6f da a0 7f fa 23 89 42 ce ed bb 9d ef 7c df 30 7c 17 fa c1 cc 1b 5f fa 7f f8 db 85 37 f3 83 a9 73 e9 86 17 93 d9 7c d4 6d 5d a8 6c b7 69 b5 eb e7 c3 89 33 c0 d8 d0 1b 61 54 b7 35 54 d1 2a 4e ef 4e 4e 4e 9a 83 de cd bd fe f5 d0 1b 5f fb dd 96 fe 2d f4 7f 9a 43 7c 77 76 e3 f5 b1 42 7f 97 17 6a 23 33 e1 cb ec 63 bc 94 cd 41 b7 de b5 d7 6d dd c6 0f 71 ab ed b9 5e 38 76 fc b0 37 0f 82 c9 38 ec 3b e3 be 3b c4 f4 28 5d ca e4 f8 f5 70 e2 73 f1 44 e5 58 f1 60 ee e4 ba db 9a 5c d7 8f 6b e9 a0 88 d3 0e a4 8e 13 29 fc 22 2a 62 95 be 34 ec 1c 07 93 0b 7d 6a 99 bd 34 e8 9b 6e 6b b4 4b 8a 78 23 57 71 f4 b9 15 bf eb b6 06 ea 31 4d a0 d2 cf 0d fd be db 72 56 9b 38 8d f3 22 fb b5 53 9e e1 00 be 3f 14 89 ba 8b 5f 92 e4 0c 8b f9 3b 48 11 27 09 95 59 ef 3d 9c 5c 7a e3 f0 6a e0 cc 26 93 20 bc 98 0f 87 e1 c8 f5 7d 6d f8 e0 5e 8a 55 9c 3f 88 28 93 91 28 ee a3 02 7f 49 b1 54 e9 3a be db 99 43 89 35 f5 98 c9 3c 5e c9 5c c4 b9 58 ef 92 a4 2d 52 25 72 59 14 70 9b 5c 2c a3 54 2c ea 69 72 85 b7 8f 27 62 9a c8 28 d7 8f 8b 68 59 88 7c b7 dd aa ac 10 6b 95 61 8d 0c 1b 65 22 ca 73 48 cf 03 c3 f5 cc 49 6f dd 1e fd ac 3e 64 b9 4c 12 2f 1f f4 f1 d6 2a 49 d4 23 76 16 49 9c 3e bc ca bf 16 85 12 d1 72 29 f3 5c bf 7f 94 8b 3c 2e 1a 2b 5e 8c be 70 b5 a6 0b 55 07 1c f8 5f b8 da a1 5f 60 c5 b1 d7 0f a7 57 93 60 c2 e8 ed c0 1b ff 2b 61 8f bd 12 4b 4e 9d e0 aa db 7a fd f1 3c dc c8 74 f7 3a de 44 77 32 7f 2d d3 bb b0 d5 7e 37 76 a6 e1 b4 0a 3f 7f de 1b 79 01 1d 67 b1 89 0b bc 66 94 9f be e1 59 4e df 76 5b f3 5c 66 69 b4 41 e8 35 5f c0 d1 a6 30 db a3 ca 56 ad b6 ef dc b8 e1 1c 30 30 76 46 f0 a7 99 dc c8 cd 02 76 dd 55 53 ab 11 d3 db 41 63 c0 b6 5a 82 61 ed 41 a7 06 be de 60 f9 21 fd 5c ac a3 38 d9 65 b2 2d b6 c6 8d 8a ec 49 44 77 51 9c 42 c6 52 0e ed 31 76 02 0e 03 bb 8c e7 e1 37 6f 43 07 6e 90 e6 08 af ed 16 5e 63 63 ab 21 c4 b7 80 87 52 ba ee 9e 78 df 9e d5 e2 e1 8d ff de 0f 87 ce f8 72 6e 70 32 4a ef 76 50 67 ab 0d 27 0d 09 7e ee 2c 1c 78 be d3 1b ba 83 70 e6 8e bc f1 c0 9d 19 48 81 02 00 29 8c 17 04 58 b4 48 e4 aa 0a 08 1d c7 f4 59 1b 6b 45 a6 12 b1 8d 52 99 88 28 5d 09 99 72 b8 f6 62 bd 06 e4 2d a1 cf 19 ba b3 a0 73 0a 1d bd 57 3b 71 1f 7d 94 88 3b 99 12 19 ee 10 75 6a 57 20 a2 44 c4 68 05 Data Ascii: Zn}Y@Xvv7-(-"e7EF6G%8>Hr$=gfxdo#B\|0\|_7s\|m]li3aT5T*NNNN_
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:08 GMTServer: http server 1.0Content-type: text/cssLast-modified: Wed, 02 Mar 2022 21:37:56 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 155Keep-Alive: timeout=15, max=99Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 7d 8e 41 0e 83 20 10 45 af 62 e2 b6 43 6a b5 2e e8 be d7 30 48 08 10 81 41 99 45 13 d3 bb 57 89 0b 4c 4c b7 f3 ff 7b 7f 6a 87 da 86 37 2e be 62 06 13 41 10 5e dd ea e2 ea 50 4e 60 25 06 00 27 46 e5 56 2f 96 0d 01 c2 c8 db 7b fc bc be 65 3b 91 8a c3 a3 62 64 c9 9d 3d 39 69 8f e4 bf c4 27 bd 1a 65 b5 21 fe ec f6 05 36 c7 49 83 a4 12 eb 9a cb ed 6d 61 c7 8f 27 47 24 42 cf 9b 3e 77 67 95 c8 62 18 0a 7f 9f fd 3f 81 3e a1 7e 06 01 00 00 Data Ascii: }A EbCj.0HAEWLL{j7.bA^PN`%'FV/{e;bd=9i'e!6Ima'G$B>wgb?>~
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:08 GMTServer: http server 1.0Content-type: application/x-javascriptLast-modified: Wed, 02 Mar 2022 21:37:56 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6404Keep-Alive: timeout=15, max=100Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c 0b 77 da c6 b6 fe 2b 54 ed 49 a0 16 b2 b1 93 f4 1c 1c 25 cb 71 48 42 e3 57 0c e9 e3 f4 74 b1 06 21 40 b1 90 b0 24 70 5c c2 7f bf df de 33 92 46 42 90 c7 e9 bd eb b6 c5 45 f3 d8 33 b3 67 bf f7 16 4b 11 d5 c2 d8 5c 78 c7 ef af cf 06 d7 27 17 2f 2f cf 07 17 ef cf 6d a3 f5 e4 d1 93 c3 c7 4f fe 75 f8 c8 38 5e 62 d4 5c 4c dc 6b 11 8c c2 99 1d b8 77 b5 97 22 71 eb 0d 6b e2 26 7d 6f 86 6f 3c e6 73 30 bc f8 2a 72 97 9e 7b 67 df 79 80 74 67 65 0d 9f 3e 8d 85 1f bb 0c 65 30 72 b6 2f 71 75 72 dd b9 e8 0f 7e ed 5e a4 30 c2 b9 1b b8 d1 a7 4f 0a e4 5c 44 6e 90 1c 7b e3 fa d4 8b 93 30 ba b7 e6 8b 78 da 4b b0 df c6 6a a3 a9 be 5a 9b 86 61 1a d6 be d1 58 63 8e 02 f2 ee e2 e4 aa 1f 86 7e 63 95 7e b3 fc 50 8c 7e 8e eb c6 be 33 f1 9a 43 2f d8 f7 45 30 59 00 29 16 1a 9e 1b 7b d9 40 a0 e4 34 0c 6f 3c b7 6e 04 22 1e d0 30 a3 b1 67 d8 c6 5e 11 3d 8d f5 78 11 38 89 17 06 b5 f7 dd 7a 63 45 47 bf b7 0d 37 8a c2 c8 30 cf 6c c3 0b c6 a1 c2 bd 9d 63 67 62 ef 7b 57 d3 30 70 f7 3d 2b 71 e3 a4 1e 88 a5 37 11 38 a9 b5 88 dd e8 64 82 d3 37 cc 31 8d 0a 47 3b c7 5c d2 18 b1 7b cc 6b fb f2 d3 a7 09 6e 87 6f e6 df f2 96 ed 55 af df b9 1a b4 da 46 9c b8 f3 41 cb 30 f9 f9 50 3d 1f aa e7 23 f5 7c 64 98 6b 9e 78 c5 7f c5 c8 5e ad e9 7e 5e cb 33 5f db da 11 c4 7c fe 8b 1b c5 40 4a c3 9a 89 c4 99 d6 f7 2f 7b b5 fa 7f 46 7b 8d 81 fc fb 9c ff f7 7c bf 71 fc 6f fb 0f 5c 76 ec 76 83 a4 7e fd 47 eb 4f b3 75 d0 30 b5 96 c3 8d 96 23 6e f9 33 47 fc ef c0 3b 76 32 6f ac 22 37 59 44 c1 3a 00 25 7b f8 cc ed 24 5a b8 b4 cb 30 06 95 5e bb 62 74 5f 6f 34 56 2f eb 8d b5 0b 42 5d a1 39 0c ea 46 44 1d 86 f9 b2 b1 ce 81 62 cc 8a 38 e2 16 9f 0b 7c c4 10 7f 46 f8 9c e3 f3 43 dd f8 9e ee 29 10 33 d7 68 58 e3 d0 59 c4 80 99 91 c2 2b 4c a6 31 91 3b 73 67 44 b5 8b 18 c3 e6 51 38 af 1b ce d4 75 6e dc 91 61 62 71 50 d9 35 86 9c 38 8e 1c 84 cd a9 dd 96 e8 af 35 10 06 36 4e 30 e7 77 23 c0 5a 0a 9f 0e 45 9b b0 d0 b2 b1 25 bd 5f 38 4e b8 00 3d 11 6b 54 2f ca 80 b5 03 55 cd 96 d7 3e b6 25 04 9d 39 78 73 9f 3e 19 cd 8f fc af 71 2c c6 76 c6 48 ee 5f 2f 5d 27 1c b9 f5 cd 16 31 c6 71 f5 b1 8b 64 fc cf 24 6c 3d a9 a3 67 13 0f b7 49 78 e3 06 60 73 a3 61 db 36 fe 96 d0 81 16 be 98 6a 04 c9 0b 67 d2 9d 60 f2 f1 38 8c ea f4 b4 b4 0f 8e 97 4f 1f 1f 2f f7 f6 1a 2b 31 d9 b3 33 da 3b 17 c9 d4 8a 58 58 d6 1b 3f 82 e4 d6 45 e8 62 02 7a c9 ef 1c 84 c2 dc 8f 03 01 45 4e 18 8c bd 89 75 e7 fa be 13 ce dc e3 11 48 64 06 a6 b6 12 2f f1 5d 6d c4 34 8c 13 22 23 e0 8f 30 54 eb 2f a2 61 58 bb 38 e9 19 c7 a0 22 3e 90 1f 4e bc e0 55 18 cd 70 ef e1 78 1c bb 49 1d cd 90 65 68 6e e2 1c b3 e6 30 09 f2 3e 20 95 f7 31 b5 69 72 ec 3a 8b c8 4d 69 f0 58 4c ab c9 b0 d7 3b 3b f3 82 9b 32 19 aa 63 c4 c9 22 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:08 GMTServer: http server 1.0Content-type: application/x-javascriptLast-modified: Wed, 02 Mar 2022 21:37:36 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 8506Keep-Alive: timeout=15, max=100Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c 89 7b e2 38 b2 ff 57 18 cf bc 2c 2c 0a 09 e4 e8 6e 68 cf 7c 04 92 74 a6 73 75 08 21 c7 66 f9 8c 11 c1 09 d8 b4 6d 42 12 c2 ff fe 7e 25 c9 27 4e 1f f3 f6 78 bd b3 c1 96 4a 52 a9 54 2a d5 25 3f 1a 6e ee cb 71 fd f4 dc 71 46 b5 e0 41 cf 0f a6 b6 e9 5b 8e 9d 2f cc 1f 01 31 d3 07 c6 c8 e3 cc d4 b5 fa 4e a3 b9 bb b7 ff e9 e0 cf cf 87 47 c7 27 a7 5f ce 5a e7 ed 8b ce e5 d5 b5 d1 33 fb 7c 70 37 b4 ee 1f 46 63 db 99 7c 75 3d 7f fa 38 7b 7a 7e 59 2f 57 36 36 b7 b6 df bd ff 50 5c d3 d8 50 b7 f9 2c 57 77 5d e3 39 bf 5a 66 ff dd ff b6 2b 11 02 db 1b 6c ab c2 b6 f0 77 93 6d 6d b1 ad 6d b6 f5 8e 6d bd 67 5b 1f d8 f6 3a db 7e 03 d5 75 56 66 15 b6 c1 d0 86 6d b3 77 ec 3d fb c0 ca 28 2c b3 72 85 95 37 58 79 93 95 b7 58 79 9b 95 df b1 f2 7b 56 fe c0 2a eb ac 82 36 15 56 d9 60 95 4d 56 d9 ca a0 41 65 9b 55 de b1 ca 7b 56 f9 c0 36 d6 d9 46 99 6d 60 90 0d b6 b1 c9 36 b6 d8 c6 36 db 78 c7 36 de b3 8d 0f 6c 73 9d 6d 96 d9 66 85 6d 02 87 4d b6 b9 c5 36 b7 d9 e6 3b b6 f9 9e 6d 7e 60 5b eb 6c 2b 8d 78 a1 46 6b 7a a7 af fd f3 1f 5e f1 15 ff ff 6d ed ae 16 ac 78 ee 21 bf 23 17 fd 85 d5 19 67 8d da 8b ae 69 35 ae ef 94 46 dc be f3 87 b5 81 e3 e6 eb fa 7a ad fe 91 d7 ea c5 62 61 de 40 9d 39 34 dc 86 d3 e7 75 3f 5f 2f d4 ac 41 3e df f8 5d 2f 17 56 56 f2 8d 8f 7a b9 f2 ae 50 98 bf 14 15 9c 80 59 70 30 d4 1c 80 8d df 2b eb 9b ef 44 75 cb 77 2d fb ae 34 70 9d 71 43 f5 97 af 54 36 5f a9 b3 df cb 95 c2 4a 79 ab 50 a8 bd 01 58 ae bc 97 80 db 85 95 ed 8d 1f 80 5b 97 70 12 91 b7 3a fd 50 09 3b dd 28 ff 44 a7 8b 85 cb fd a9 6b e7 5e 16 21 65 7b f9 66 40 d9 1d 50 76 57 2c 43 83 d5 03 0a 37 03 0a ef 80 ba b3 a1 35 e2 f9 9d 8f bc 30 df d5 9b 71 fa ee 80 e6 35 6f 66 f9 e6 30 bf fb fb ef 9b 85 b9 69 78 3c b7 5e 15 3f 65 f9 53 91 3f 1b f2 67 53 fe 6c c9 9f 6d f9 f3 ae 8a 49 cb 9e b1 22 3b ab e5 42 ad e7 72 e3 a1 26 fb 51 3d 94 37 aa 8d 8c f1 df a0 57 3e bf bb 02 3a 7d fc b8 5d 78 cd 37 e4 3a c4 3b dd cc ec ac fe 73 03 80 0b 3e 7e 04 3b d0 ca d0 10 72 b4 7c 5d 3e af 17 0a 59 c4 9f e4 f7 24 f1 77 59 93 ed b0 17 45 7c 0e f2 73 7d 2f a0 7c 83 f8 9a f8 5d 92 bf 41 e4 ef 3b 58 81 e1 cd 5e 7c 0d 1a 58 83 95 ca d6 d6 ed 22 04 5c 59 d9 d5 75 9d a8 08 a6 56 8f 73 31 f7 05 7a 68 fe 50 0f cd a8 07 f5 a8 7a a8 67 6f 8e fc ee c7 8f 82 0e cd 95 cd f7 05 e2 85 42 0d 83 ed 60 42 b1 0d 19 20 4b 88 ed 60 84 ed 72 61 ae b8 b3 be d8 01 62 3b 89 69 10 88 9a 86 7a fc 0e 12 18 5d 2c c9 26 61 b2 b3 b2 bd 0e 4c 2a 12 93 97 b7 31 79 49 63 f2 02 4c 5e 12 98 10 88 c2 44 3d 7e 0f 93 9d 15 c5 0e 2f 85 60 03 d6 a3 0d 88 75 91 3c 50 67 0d c6 05 07 48 5e e0 fa ee b7 38 a0 89 ea 37 e8 d9 00 8a e0 11 ac 8f 29 40 b0 93 9a 34 7b 48 c6 a8 04 04 22 b4 36 45 a9 a6 eb 9a dc 68 a0 f
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 07 Jan 2025 10:00:09 GMTServer: http server 1.0Content-type: application/x-javascriptLast-modified: Wed, 02 Mar 2022 21:37:57 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 14006Keep-Alive: timeout=15, max=100Connection: Keep-AliveData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 7d 09 57 1b c7 b6 ee 5f 11 bd 62 5e 0b 35 42 02 8c 6d e1 42 cb 09 1e 92 18 db 39 90 38 b6 e0 78 f5 24 a9 d1 04 92 30 c6 88 fb db df f7 ed aa ea ae 96 c0 b9 e7 ac b7 1e 4e a4 1a 77 cd 7b ae d2 5a f7 6a 1c cf b3 c9 d8 4f 82 b8 7a eb 4d a2 f3 34 9e 7b 4a cd 6f 2e d2 49 b7 92 7e bb 98 4c e7 b3 f5 75 ef 6a 9c a4 dd 6c 9c 26 de 9a cd 1c 4d 92 ab 61 da d6 5f 75 53 54 c5 7e b5 e5 59 b0 05 24 5d 7b 7d 5d 7f d7 c3 51 d2 d6 41 3f ae b6 92 fa 68 32 4a c7 73 56 be f3 e7 fd 6c 16 e4 1d ab de da 60 25 f9 e6 57 6f a7 e9 fc 6a 3a ae 84 3b f5 f0 e2 62 78 e3 8f af 86 c3 20 9c f6 ae 08 60 56 bd 2b 4a 5f fb 51 f5 36 dc 51 91 93 f6 95 69 1a 84 d7 d1 a3 ad bc 98 4e c3 9b 33 74 55 bd 97 e1 d7 2f a6 93 f9 84 33 50 9f 4f 8e e7 d3 6c dc ab c7 e1 70 88 aa 0e a4 ab 02 52 25 aa 64 e3 d9 3c 1c c7 9c b3 c3 70 9e 2e 16 39 74 46 ff 63 e0 73 bf 1b a4 d5 db af e1 b4 d2 0f 7a aa 73 b6 df 9d 4c fd be 6a ec f7 9f 77 eb c3 74 dc 9b f7 f7 6b b5 7e f5 b6 57 bf b8 9a f5 fd d4 ef 76 fa 67 41 bf 5a bd 33 13 d4 73 fa 3a d5 cb 6b 72 56 46 d9 0f 67 ef af c7 1f a6 93 8b 74 3a bf d1 63 e5 7e 70 20 5c f8 69 90 60 29 d0 0b 76 aa 8b 01 57 10 4f 08 b9 5b 5d 5f f7 d3 4e f7 4c 25 f8 c8 3b 20 79 9e 9d 41 4f 0a e5 13 aa 92 3c 58 0d 74 c9 af e1 f0 2a 7d df 35 05 4d 0c e5 4c a8 1a a4 4e 7f c6 9c a0 00 73 93 6f 88 f4 a5 4d 0a d6 1a d5 fa d5 9c 7b a9 d8 0c c3 7c eb dc a6 a3 8b f9 4d 6b ad 19 5c 8d af 66 69 72 32 19 a4 e3 59 ab 73 66 e2 bf 8e 2f ae e6 8c 4e be a6 d3 ee 70 72 dd da dc 0e e2 7e 38 9d bd 4d bb f3 f7 48 6c 35 02 ee 3a 5d 10 70 b2 31 fa 98 25 47 93 f1 bc df 92 fd 68 52 5e 4d a6 a3 70 2e 4d cd d2 e9 af ba 18 f6 43 c2 a4 6c 36 c1 d7 9d d3 c7 73 67 4b 11 8c 52 51 fd cb 45 17 13 27 df 2a c1 20 aa 81 84 9d 5a 7d 1f 0b 91 75 e5 20 28 cc d7 97 6c f6 17 bb a3 b7 4f ac 92 73 14 d8 2f d2 d5 5a 36 7b 17 be f3 91 92 d4 7b e9 fc 24 1b a5 80 bb be 1e d7 ed 88 9f 37 d6 d7 d7 e2 ba 4c 94 84 dc 11 4a 42 3e 7e 37 5b 0f 57 52 96 c6 1b a0 b1 19 4e 52 3c c7 60 9c ae 14 c1 f5 f5 06 0e 60 5c 2f 4d b4 4d 74 17 ca ec fe f5 f5 af 93 2c a9 e8 4a 51 d6 7b 33 b9 9a 16 5b 2f 9f 04 67 9e 7a 9c 27 6e 5e 4c c9 d8 6f 6c 35 aa fb e6 40 70 30 6b 0a 08 e9 c2 c7 64 c5 d8 90 40 49 0c 2c 0f 43 ad 35 82 d8 01 d9 f5 7b d8 fd 02 f4 3c c8 82 fe 3e 96 e1 3e 4c d9 65 7f 5e 1c 09 8e d3 a7 0f d3 d0 5b 49 54 ab e5 aa c1 43 f0 0c 04 a9 f3 60 29 ee 1d b4 d3 65 a9 ee 83 a5 86 ba d4 90 a5 86 0f 96 ca d7 0f 00 75 98 e5 75 e8 c1 4a f3 ef 23 0d 1c 01 16 c7 d7 83 65 b3 d9 9f 27 bf d8 89 41 50 4f 07 02 0f d6 98 74 bb b3 94 5b 0a 5d d2 61 d6 d1 a1 07 2b c9 81 42 05 1e a8 73 bf 8b 13 f5 c0 14 0f 27 c0 fa a9 99 1b 09 cb 04 49 a8 1a 84 5f cd 4e 3c 68 68 bc 78 4e 9c 18 7e c5 59 54 e1 d7 ce 39 90 b1 ea 76 b2

Source: global traffic	HTTP traffic detected: GET /y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /redirect.html?count=0.18622616967353411 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://6t.nz:8080/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/QTS.cgi?count=306919 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://6t.nz:8080/redirect.html?count=0.18622616967353411Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/login.html?1736244007 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://6t.nz:8080/redirect.html?count=0.18622616967353411Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3_menu/css/qts-font.css?_dc=1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/loginTheme/theme1/login.css?r=form&1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/monent/moment.min.js?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/language.cgi?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/js/qos-core-login.js?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/jc.cgi?_dc=1646256924&t=js&f=jquery-1.10.2.min.js HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/loginTheme/theme1/login.js?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/loginTheme/theme1/login.js?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/js/qos-core-login.js?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/monent/moment.min.js?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/loginTheme/theme1/login-max-height-768.css?r=wall&1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/language.cgi?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/jc.cgi?_dc=1646256924&t=js&f=jquery-1.10.2.min.js HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/language.cgi?undefined=1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://6t.nz:8080/cgi-bin/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/extjs-3.3.3/resources/images/default/s.gif?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/loginTheme/theme1/images/sprite.png?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/images/cmp/checkbox_radio/sprite.png?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/extjs-3.3.3/resources/images/default/s.gif?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3_menu/fonts/Roboto/Roboto-Regular.ttf HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveOrigin: http://6t.nz:8080User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://6t.nz:8080/v3_menu/css/qts-font.css?_dc=1646256924Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/images/cmp/checkbox_radio/sprite.png?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3_menu/fonts/Roboto/Roboto-Light.ttf HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveOrigin: http://6t.nz:8080User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://6t.nz:8080/v3_menu/css/qts-font.css?_dc=1646256924Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/loginTheme/theme1/images/sprite.png?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/language.cgi?undefined=1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/authLogin.cgi HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/mediaGet.cgi?f=standard_bg&r=31204317 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://6t.nz:8080/cgi-bin/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/mediaGet.cgi?f=standard_logo&r=31204317 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://6t.nz:8080/cgi-bin/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/images/mobile/logo_16.ico?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://6t.nz:8080/cgi-bin/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/images/mobile/logo_16.ico?1646256924 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/mediaGet.cgi?f=standard_logo&r=31204317 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/sysinfoReq.cgi?qpkg=1 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /RSS/images/PhotoStation.gif?5.4.14 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://6t.nz:8080/cgi-bin/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /RSS/images/PhotoStation.gif?5.4.14 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/mediaGet.cgi?f=standard_bg&r=31204317 HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cgi-bin/authLogin.cgi HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: 6t.nz
Source: global traffic	DNS traffic detected: DNS query: _8080._https.6t.nz
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: unknown

HTTP traffic detected: POST /cgi-bin/authLogin.cgi HTTP/1.1Host: 6t.nz:8080Connection: keep-aliveContent-Length: 20User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-type: application/x-www-form-urlencodedAccept: */*Origin: http://6t.nz:8080Referer: http://6t.nz:8080/cgi-bin/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Data Raw: 72 3d 30 2e 36 34 30 35 35 37 32 34 39 37 37 34 37 33 39 36 Data Ascii: r=0.6405572497747396

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 07 Jan 2025 10:03:58 GMTServer: nginxContent-Type: text/html; charset=utf-8Content-Length: 0Keep-Alive: timeout=15, max=100Connection: Keep-Alive

Source: chromecache_99.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_78.1.dr, chromecache_99.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0Font
Source: chromecache_78.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0RobotoLight

Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734

Source: classification engine

Classification label: mal52.win@19/65@8/5

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1980 --field-trial-handle=1908,i,11143923296459145557,6145508390765661560,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "HtTP://6t.NZ:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1980 --field-trial-handle=1908,i,11143923296459145557,6145508390765661560,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk			Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	5 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	6 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	4 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
HtTP://6t.NZ:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
http://6t.nz:8080/cgi-bin/QTS.cgi?count=306919	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/redirect.html?count=0.18622616967353411	0%	Avira URL Cloud	safe
http://6t.nz:8080/v3_menu/fonts/Roboto/Roboto-Light.ttf	0%	Avira URL Cloud	safe
http://6t.nz:8080/	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/language.cgi?undefined=1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/images/cmp/checkbox_radio/sprite.png?1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/js/qos-core-login.js?1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/jc.cgi?_dc=1646256924&t=js&f=jquery-1.10.2.min.js	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.js?1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/loginTheme/theme1/login-max-height-768.css?r=wall&1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/RSS/images/PhotoStation.gif?5.4.14	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/images/mobile/logo_16.ico?1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/libs/monent/moment.min.js?1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/mediaGet.cgi?f=standard_logo&r=31204317	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/language.cgi?1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/mediaGet.cgi?f=standard_bg&r=31204317	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/authLogin.cgi	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/login.html?1736244007	0%	Avira URL Cloud	safe
http://6t.nz:8080/libs/extjs-3.3.3/resources/images/default/s.gif?1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/loginTheme/theme1/images/sprite.png?1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/cgi-bin/sysinfoReq.cgi?qpkg=1	0%	Avira URL Cloud	safe
http://6t.nz:8080/v3_menu/css/qts-font.css?_dc=1646256924	0%	Avira URL Cloud	safe
http://6t.nz:8080/v3_menu/fonts/Roboto/Roboto-Regular.ttf	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
6t.nz	79.45.30.178	true	true		unknown
www.google.com	142.250.185.132	true	false		high
_8080._https.6t.nz	unknown	unknown	true		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://6t.nz:8080/	true	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/QTS.cgi?count=306919	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/images/cmp/checkbox_radio/sprite.png?1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/redirect.html?count=0.18622616967353411	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.js?1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/jc.cgi?_dc=1646256924&t=js&f=jquery-1.10.2.min.js	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/v3_menu/fonts/Roboto/Roboto-Light.ttf	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/language.cgi?undefined=1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/js/qos-core-login.js?1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/RSS/images/PhotoStation.gif?5.4.14	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/	false		unknown
http://6t.nz:8080/libs/monent/moment.min.js?1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/loginTheme/theme1/login-max-height-768.css?r=wall&1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/images/mobile/logo_16.ico?1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/login.html?1736244007	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI	false		unknown
http://6t.nz:8080/cgi-bin/authLogin.cgi	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/libs/extjs-3.3.3/resources/images/default/s.gif?1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/mediaGet.cgi?f=standard_logo&r=31204317	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/language.cgi?1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/mediaGet.cgi?f=standard_bg&r=31204317	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/loginTheme/theme1/images/sprite.png?1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/cgi-bin/sysinfoReq.cgi?qpkg=1	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/v3_menu/css/qts-font.css?_dc=1646256924	false	Avira URL Cloud: safe	unknown
http://6t.nz:8080/v3_menu/fonts/Roboto/Roboto-Regular.ttf	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://www.apache.org/licenses/LICENSE-2.0	chromecache_99.1.dr	false		high
http://www.apache.org/licenses/LICENSE-2.0Font	chromecache_78.1.dr, chromecache_99.1.dr	false		high
http://www.apache.org/licenses/LICENSE-2.0RobotoLight	chromecache_78.1.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved		unknown	unknown	false
142.250.186.164	unknown	United States		15169	GOOGLEUS	false
142.250.185.132	www.google.com	United States		15169	GOOGLEUS	false
79.45.30.178	6t.nz	Italy		3269	ASN-IBSNAZIT	true

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1585230
Start date and time:	2025-01-07 11:03:20 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 39s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	HtTP://6t.NZ:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal52.win@19/65@8/5

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.18.3, 216.58.212.142, 64.233.184.84, 172.217.16.206, 142.250.185.110, 142.250.184.238, 142.250.181.238, 142.250.74.206, 172.217.18.10, 172.217.18.106, 142.250.186.106, 142.250.185.202, 142.250.185.234, 142.250.185.170, 142.250.186.42, 142.250.186.170, 142.250.181.234, 142.250.185.138, 142.250.184.202, 142.250.74.202, 216.58.206.42, 172.217.16.202, 142.250.186.138, 172.217.16.138, 142.250.186.46, 142.250.185.206, 216.58.206.78, 142.250.186.163, 142.250.186.110, 142.250.186.78, 142.250.184.206, 172.217.16.142, 23.56.254.164, 4.175.87.197
Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, accounts.google.com, redirector.gvt1.com, content-autofill.googleapis.com, slscr.update.microsoft.com, update.googleapis.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: HtTP://6t.NZ:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: http://6t.NZ:8080 Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": true, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: http://6t.NZ:8080
URL: http://6t.nz:8080/... Model: Joe Sandbox AI	{ "risk_score": 7, "reasoning": "This script demonstrates high-risk behavior by redirecting the user to a dynamic URL with a random query parameter. The redirection to an unknown or potentially malicious domain poses a significant security risk." }
pr=(document.location.protocol == 'https:') ? 'https' : 'http'; pt=(location.port == '') ? '' : ':' + location.port; redirect_suffix = "/redirect.html?count="+Math.random(); if(location.hostname.indexOf(':') == -1) { location.href=pr+"://"+location.hostname+pt+redirect_suffix; } else //could be ipv6 addr { var url = ""; url=pr+"://["+ location.hostname.replace(/[\[\]]/g, '') +"]"+pt+redirect_suffix; location.href = url; }
URL: http://6t.nz:8080/redirect.html?count=0.1862261696... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The script demonstrates moderate-risk behaviors, including redirecting the user to a dynamic URL and setting a persistent cookie. While the intent may be legitimate, the lack of transparency and the use of a random redirect suffix raise some concerns that warrant further review." }
function goMainPage(pass){ try{ if (document.getElementById("remindValue").checked){ var expires = new Date(); expires.setTime(expires.getTime() + 365 * 24 * 60 * 60 * 1000); document.cookie="skip_IE_detect=1; expires="+expires.toGMTString(); } }catch(e){ } pr=(document.location.protocol == 'https:') ? 'https' : 'http'; pt=(location.port == '') ? '' : ':' + location.port; redirect_suffix = "/cgi-bin/QTS.cgi?count="+Math.floor(Math.random()*1000000); if(location.hostname.indexOf(':') == -1) { location.href=pr+"://"+location.hostname+pt+redirect_suffix; } else //could be ipv6 addr { var url = ""; url=pr+"://["+ location.hostname.replace(/[\[\]]/g, '') +"]"+pt+redirect_suffix; location.href = url; } } goMainPage();
URL: http://6t.nz:8080/cgi-bin/login.html?1736244007... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The script contains some moderate-risk indicators, such as the use of a random URL parameter and manipulation of the browser history. However, there are no clear signs of malicious intent or high-risk behaviors. Further investigation may be needed to determine the full context and purpose of the script." }
var QOS_DEFAUTLSETTING={}; var pageRandom=new Date().getTime(); var URL_RANDOM_NUM="1646256924"; var resetKey = "$RESET_KEY$"; var endtime = "$ENDTIME$"; var isValidResetPwd = "$IS_VALID_RESET_PWD$"; var isPreview = false; var checkName = "$CHECK_NAME$"; var _dc = new Date().getTime(); if (history.pushState){ history.pushState({},'','/cgi-bin/'); }
URL: http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The provided JavaScript snippet exhibits several behaviors that raise moderate security concerns. While it does not contain any high-risk indicators like dynamic code execution or data exfiltration, it has some moderate-risk behaviors, such as external data transmission and aggressive DOM manipulation. Additionally, the use of obfuscated URLs and the presence of fallback domains add to the overall risk. However, the script also appears to have some legitimate functionality, such as analytics and login-related tasks, which mitigates the risk to some extent. Overall, this script requires further review and analysis to determine the full extent of its potential impact." }
var os,ui;URL_RANDOM_NUM="1646256924";var pageRandom=new Date().getTime();var URL_RANDOM_NUM="1646256924";var isPreview=window.isPreview\|\|false;var _dc=new Date().getTime();var PARENT_WIN=window.opener\|\|window.parent;if(history.pushState){history.pushState({},"","./")}if(window.QNAPTool){QNAPTool.loadJs("/cgi-bin/language.cgi?"+QNAPTool.getCookie("nas_lang")+"="+URL_RANDOM_NUM)}function UI(){var y="error",L="info";var p=false;var g=/iPhone/i.test(navigator.userAgent),f=/iPod/i.test(navigator.userAgent),O=/iPad/i.test(navigator.userAgent),G=O\|\|g\|\|f;var Z;var U={STEP_1:"step_1",STEP_2:"step_2",STEP_3:"step_3",};var P;var ad={};if(G){var R=(navigator.appVersion).match(/OS (\d+)_(\d+)_?(\d+)?/);Z=[parseInt(R[1],10),parseInt(R[2],10),parseInt(R[3],10)]}function Y(){if(p){return}n();i();p=true;if(os.isReady()){D()}else{os.on("ready",D)}}function D(){e();q();N();ab();d();M();$("#username").focus()}function F(){$("#rememStatus").prop("checked",os.getRemeAccStatus());if(os.getCookie("nas_1_a")){$("#pwd").val(os.user.pwd);$("#username").val(os.user.account)}if(os.getRemeAccStatus()){$("#username").val(os.user.account);var af=os.getCookie("nas_1_a")\|\|"-x-x-x-";af=QNAPTool.ezDecode(QNAPTool.ezDecode(af));af=QNAPTool.utf8to16(af);if(os.getCookie("qtoken","")===""){$("#pwd").val("");$("#pwd").val(os.user.pwd)}else{var ag="";for(var v=0;v<5;v++){ag+=parseInt(Math.random()*10)}$("#pwd").val(ag)}}}function q(){var af=os.config.wellcome;document.title=os.config.hostname\|\|"QNAP Turbo NAS";F();$("#loginForm").offset($(".login-form-btn").offset());var ah=$("#secureStatus");ah.prop("checked",os.getSSLLinkStatus());if(os.config.stunnelEnabled===true){if(os.config.stunnelEnabled===true&&os.config.forceSSL==="1"){ah.parent().hide()}}else{ah.parent().hide()}var ai="url(/cgi-bin/mediaGet.cgi?f=standard_bg&r="+os.config.timestamp+")",ag="url(/cgi-bin/mediaGet.cgi?f=standard_logo&r="+os.config.timestamp+")";if(window.isPreview){af.stdBgStyle=QueryString.stdBgStyle;af.stdMsg=QueryString.stdMsg;af.stdColor=QueryString.stdMsgColor;af.stdSize=QueryString.stdMsgSize;af.showLink=QueryString.showLink;os.config.showVersion=QueryString.showVer;switch(QueryString.bgImg){case"noFile":ai='url("/cgi-bin/images/desktop/bg/bg5.jpg?1646256924")';af.stdBgStyle="FILL";break;case"tmpFile":ai=PARENT_WIN.tmpBg;break}switch(QueryString.logoImg){case"noFile":ag='url("'+QNAPTool.blank_img+'")';break;case"tmpFile":ag=PARENT_WIN.tmpLogo;break}}$(".backgroud-image").css({"background-image":ai});switch(af.stdBgStyle.toUpperCase()){case"CENTER":break;case"FILL":$(".backgroud-image").css({"background-size":" 100% 100%"});break;case"STRETCH":$(".backgroud-image").css({"background-size":" 100% auto"});break;case"FIT":$(".backgroud-image").css({"background-size":"auto 100%"});break;case"TILE":$(".backgroud-image").css({"background-size":"auto","background-repeat":"repeat"});break}$(".cums-logo").css({"background-image":ag,"background-size":"contain","background-position":"center","background-repeat":"no-repeat"});if(af.stdMsg.length>0){$(".cums-msg").text(af.stdMsg).addClass("show-msg").css({color:af.stdColor,"font-size":af.stdSize.replace(/\s/g,"")})}if(af.showLink==="1"\|\|window.showLink==1){$(".qnap-link").addClass("show")}document.title=os.config.hostname\|\|"QNAP Turbo NAS";$("#server-name").html(os.config.hostname);$("body").scrollTop(0);var v="&lang="+os.user.lang;$("#cloudLink").attr("href",$("#cloudLink").attr("href")+v);$("#appLink").attr("href",$("#appLink").attr("href")+v);$("#utilLink").attr("href",$("#utilLink").attr("href")+v)}function d(){$("#cloudLink").attr("title",_Q_STRINGS.MYQNAPCLOUD_WEBSITE);$("#appLink").attr("title",_Q_STRINGS.QNAP_MOBILE_APP);$("#utilLink").attr("title",_Q_STRINGS.QNAP_UTILITY);$("#contactLink").attr("title",_Q_STRINGS.FIRSTPAGE_SERVICE)}function k(){$("html").on("selectstart",function(v){if(v.target&&v.target.tagName.toUpperCase()==="INPUT"){return true}return false});$("#info-tab").on("click",function(v){$(this).parent().toggleClass("hide")}).on("mou
URL: http://6t.nz:8080/cgi-bin/jc.cgi?_dc=1646256924&t=... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "This appears to be the standard jQuery library v1.10.2, which is a widely used and trusted JavaScript library. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or suspicious redirects. It primarily consists of utility functions and initialization logic for the jQuery library, which is commonly used for web development purposes. While the code uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, this script is likely benign and does not demonstrate any suspicious or malicious behavior." }
/* jQuery v1.10.2 \| (c) 2005, 2013 jQuery Foundation, Inc. \| jquery.org/license / (function(e,t){var n,r,i=typeof t,o=e.location,a=e.document,s=a.documentElement,l=e.jQuery,u=e.$,c={},p=[],f="1.10.2",d=p.concat,h=p.push,g=p.slice,m=p.indexOf,y=c.toString,v=c.hasOwnProperty,b=f.trim,x=function(e,t){return new x.fn.init(e,t,r)},w=/[+-]?(?:\d\.\|)\d+(?:[eE][+-]?\d+\|)/.source,T=/\S+/g,C=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,N=/^(?:\s(<[\w\W]+>)[^>]\|#([\w-]))$/,k=/^<(\w+)\s\/?>(?:<\/\1>\|)$/,E=/^[\],:{}\s]$/,S=/(?:^\|:\|,)(?:\s\[)+/g,A=/\\(?:["\\\/bfnrt]\|u[\da-fA-F]{4})/g,j=/"[^"\\\r\n]*"\|true\|false\|null\|-?(?:\d+\.\|)\d+(?:[eE][+-]?\d+\|)/g,D=/^-ms-/,L=/-([\da-z])/gi,H=function(e,t){return t.toUpperCase()},q=function(e){(a.addEventListener\|\|"load"===e.type\|\|"complete"===a.readyState)&&(_(),x.ready())},_=function(){a.addEventListener?(a.removeEventListener("DOMContentLoaded",q,!1),e.removeEventListener("load",q,!1)):(a.detachEvent("onreadystatechange",q),e.detachEvent("onload",q))};x.fn=x.prototype={jquery:f,constructor:x,init:function(e,n,r){var i,o;if(!e){return this}if("string"==typeof e){if(i="<"===e.charAt(0)&&">"===e.charAt(e.length-1)&&e.length>=3?[null,e,null]:N.exec(e),!i\|\|!i[1]&&n){return !n\|\|n.jquery?(n\|\|r).find(e):this.constructor(n).find(e)}if(i[1]){if(n=n instanceof x?n[0]:n,x.merge(this,x.parseHTML(i[1],n&&n.nodeType?n.ownerDocument\|\|n:a,!0)),k.test(i[1])&&x.isPlainObject(n)){for(i in n){x.isFunction(this[i])?this[i](n[i]):this.attr(i,n[i])}}return this}if(o=a.getElementById(i[2]),o&&o.parentNode){if(o.id!==i[2]){return r.find(e)}this.length=1,this[0]=o}return this.context=a,this.selector=e,this}return e.nodeType?(this.context=this[0]=e,this.length=1,this):x.isFunction(e)?r.ready(e):(e.selector!==t&&(this.selector=e.selector,this.context=e.context),x.makeArray(e,this))},selector:"",length:0,toArray:function(){return g.call(this)},get:function(e){return null==e?this.toArray():0>e?this[this.length+e]:this[e]},pushStack:function(e){var t=x.merge(this.constructor(),e);return t.prevObject=this,t.context=this.context,t},each:function(e,t){return x.each(this,e,t)},ready:function(e){return x.ready.promise().done(e),this},slice:function(){return this.pushStack(g.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(e){var t=this.length,n=+e+(0>e?t:0);return this.pushStack(n>=0&&t>n?[this[n]]:[])},map:function(e){return this.pushStack(x.map(this,function(t,n){return e.call(t,n,t)}))},end:function(){return this.prevObject\|\|this.constructor(null)},push:h,sort:[].sort,splice:[].splice},x.fn.init.prototype=x.fn,x.extend=x.fn.extend=function(){var e,n,r,i,o,a,s=arguments[0]\|\|{},l=1,u=arguments.length,c=!1;for("boolean"==typeof s&&(c=s,s=arguments[1]\|\|{},l=2),"object"==typeof s\|\|x.isFunction(s)\|\|(s={}),u===l&&(s=this,--l);u>l;l++){if(null!=(o=arguments[l])){for(i in o){e=s[i],r=o[i],s!==r&&(c&&r&&(x.isPlainObject(r)\|\|(n=x.isArray(r)))?(n?(n=!1,a=e&&x.isArray(e)?e:[]):a=e&&x.isPlainObject(e)?e:{},s[i]=x.extend(c,a,r)):r!==t&&(s[i]=r))}}}return s},x.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),noConflict:function(t){return e.$===x&&(e.$=u),t&&e.jQuery===x&&(e.jQuery=l),x},isReady:!1,readyWait:1,holdReady:function(e){e?x.readyWait++:x.ready(!0)},ready:function(e){if(e===!0?!--x.readyWait:!x.isReady){if(!a.body){return setTimeout(x.ready)}x.isReady=!0,e!==!0&&--x.readyWait>0\|\|(n.resolveWith(a,[x]),x.fn.trigger&&x(a).trigger("ready").off("ready"))}},isFunction:function(e){return"function"===x.type(e)},isArray:Array.isArray\|\|function(e){return"array"===x.type(e)},isWindow:function(e){return null!=e&&e==e.window},isNumeric:function(e){return !isNaN(parseFloat(e))&&isFinite(e)},type:function(e){return null==e?e+"":"object"==typeof e\|\|"function"==typeof e?c[y.call(e)]\|\|"object":typeof e},isPlainObject:function(e){var n;if(!e\|\|"object"!==x.type(e)\|\|e.nodeType\|\|x.isWindow(e)){return !1}try{if(e.constructor&&!v.call(e,"constructor")&&!v.call(e.constructor.prototype,"isPrototypeOf
URL: http://6t.nz:8080/cgi-bin/js/qos-core-login.js?164... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The provided JavaScript snippet exhibits several behaviors that raise moderate security concerns. While it does not contain any clear indicators of malicious intent, it employs some practices that could potentially be used for malicious purposes if misused or implemented improperly. The key risk factors are: 1. External Data Transmission (+2 points): The script sends data to external domains, which could potentially include sensitive information if not properly handled. 2. Fallback Domains (+2 points): The script uses multiple fallback domains, some of which may be of unknown or dubious reputation. 3. Aggressive DOM Manipulation (+2 points): The script appears to repeatedly alter or clear the DOM, which could potentially be used for malicious purposes if not implemented carefully. While the script seems to have some legitimate functionality, such as language detection and dynamic script loading, the overall risk profile warrants further review and scrutiny to ensure it is not being used for any unintended or malicious purposes." }
var QNAPTool;QNAPTool=(function(){var w=false,c="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",h=new Array(-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-1,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1);var g=/^\s+\|\s+$/g;function k(B){var z,A,e,C;z="";e=B.length;for(A=0;A<e;A++){C=B.charCodeAt(A);if((C>=1)&&(C<=127)){z+=B.charAt(A)}else{if(C>2047){z+=String.fromCharCode(224\|((C>>12)&15));z+=String.fromCharCode(128\|((C>>6)&63));z+=String.fromCharCode(128\|((C>>0)&63))}else{z+=String.fromCharCode(192\|((C>>6)&31));z+=String.fromCharCode(128\|((C>>0)&63))}}}return z}function b(D){var z,B,e,E;var C,A;z="";e=D.length;B=0;while(B<e){E=D.charCodeAt(B++);switch(E>>4){case 0:case 1:case 2:case 3:case 4:case 5:case 6:case 7:z+=D.charAt(B-1);break;case 12:case 13:C=D.charCodeAt(B++);z+=String.fromCharCode(((E&31)<<6)\|(C&63));break;case 14:C=D.charCodeAt(B++);A=D.charCodeAt(B++);z+=String.fromCharCode(((E&15)<<12)\|((C&63)<<6)\|((A&63)<<0))}}return z}function p(F){var E,D,B,z;var C,e,A;e=F.length;C=0;A="";while(C<e){do{E=h[F.charCodeAt(C++)&255]}while(C<e&&E===-1);if(E===-1){break}do{D=h[F.charCodeAt(C++)&255]}while(C<e&&D===-1);if(D===-1){break}A+=String.fromCharCode((E<<2)\|((D&48)>>4));do{B=F.charCodeAt(C++)&255;if(B===61){return A}B=h[B]}while(C<e&&B===-1);if(B===-1){break}A+=String.fromCharCode(((D&15)<<4)\|((B&60)>>2));do{z=F.charCodeAt(C++)&255;if(z===61){return A}z=h[z]}while(C<e&&z===-1);if(z===-1){break}A+=String.fromCharCode(((B&3)<<6)\|z)}return A}function f(E){var A,C,e;var D,B,z;e=E.length;C=0;A="";while(C<e){D=E.charCodeAt(C++)&255;if(C===e){A+=c.charAt(D>>2);A+=c.charAt((D&3)<<4);A+="==";break}B=E.charCodeAt(C++);if(C===e){A+=c.charAt(D>>2);A+=c.charAt(((D&3)<<4)\|((B&240)>>4));A+=c.charAt((B&15)<<2);A+="=";break}z=E.charCodeAt(C++);A+=c.charAt(D>>2);A+=c.charAt(((D&3)<<4)\|((B&240)>>4));A+=c.charAt(((B&15)<<2)\|((z&192)>>6));A+=c.charAt(z&63)}return A}var x=(function(){var e="";var z="ENG";if(navigator.appName==="Microsoft Internet Explorer"){e=navigator.browserLanguage}else{e=navigator.language}e=e.toLowerCase();if(/^us/.test(e)){z="ENG"}else{if(/^zh-tw/.test(e)){z="TCH"}else{if(/^zh-cn/.test(e)){z="SCH"}else{if(/^cs/.test(e)){z="CZE"}else{if(/^da/.test(e)){z="DAN"}else{if(/^de/.test(e)){z="GER"}else{if(/^es/.test(e)){if(e==="es-mex"){z="ESM"}else{z="SPA"}}else{if(/^fr/.test(e)){z="FRE"}else{if(/^it/.test(e)){z="ITA"}else{if(/^ja/.test(e)){z="JPN"}else{if(/^ko/.test(e)){z="KOR"}else{if(/^(no\|nb-no)/.test(e)){z="NOR"}else{if(/^pl/.test(e)){z="POL"}else{if(/^ru/.test(e)){z="RUS"}else{if(/^fi/.test(e)){z="FIN"}else{if(/^sv/.test(e)){z="SWE"}else{if(/^nl/.test(e)){z="DUT"}else{if(/^tr/.test(e)){z="TUR"}else{z="ENG"}}}}}}}}}}}}}}}}}}return z})();var q=function(e){if(e==="auto"){e=x()}if(e===null){e="eng"}else{if(e==="TCH"){e="cht"}else{if(e==="SCH"){e="chs"}else{e=e.toLowerCase()}}}return e};function d(z,C,B){var e=document.createElement("script"),A=document.getElementsByTagName("head")[0];e.type="text/javascript";e.src=z;if(e.readyState){e.onreadystatechange=function(D){if(e.readyState==="loaded"\|\|e.readyState==="complete"){e.onreadystatechange=null;var E={};if(C&&E.toString.call(C)==="[object Function]"){C()}}};e.onerror=B\|\|function(){}}else{e.onload=C;e.onerror=B\|\|function(){}}A.appendChild(e)}function m(e){var z="";if(e.indexOf(":")===-1){z=e}else{z="["+e.replace(/[\[\]]/g,"")+"]"}return z}function y(z){var A=z.success;var e=z.fail;var B=z.callback;if(this.readyState===4){if(this.status===200){if(typeof(A)===typeof(Function)){A.call(this,this,z)}}else{if(typeof(e)===typeof(Function)){e.call(this,this,z)}}if(typeof(B)===typeof(Function)){B.call(this,this,z)}}}function l(){var e=false;if(window.XMLHttpRequest){e=new XMLHttpRequest()}else{e=new
URL: http://6t.nz:8080/cgi-bin/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Login", "text_input_field_labels": [ "Username", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: http://6t.nz:8080/cgi-bin/ Model: Joe Sandbox AI	{ "brands": [ "GuNas" ] }
	{ "brands": [ "GuNas" ] }
URL: http://6t.nz:8080/cgi-bin/ Model: Joe Sandbox AI	```json{ "legit_domain": "unknown", "classification": "unknown", "reasons": [ "The brand 'GuNas' is not recognized as a well-known or known brand.", "The URL '6t.nz' is very short and does not provide any clear association with the brand 'GuNas'.", "The domain '6t.nz' does not match any known legitimate domain associated with a recognized brand.", "The use of a short and non-descriptive domain name is often a tactic used in phishing to obscure the true nature of the site.", "The presence of input fields for 'Username' and 'Password' on a site with an unrecognized brand and suspicious URL increases the risk of phishing." ], "riskscore": 8}
URL: 6t.nz Brands: GuNas Input Fields: Username, Password

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 7 09:03:58 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9896177262321197
Encrypted:	false
SSDEEP:	48:8odbcT7AUhHGidAKZdA1FehwiZUklqehzxy+3:8vvu2xy
MD5:	164AB0800D52722CBE9D18BB03F794F6
SHA1:	7D8A5A5F4C1DD3C5BDAABD38750ADA6E36EAA577
SHA-256:	E6E8791FBF3587ABDDB5AD02B05C43377F7A95966FA599FD952389B4CCE36901
SHA-512:	DEC6723FA2EFC6B473C5377B3916D0B811130DB08345AE3B137D3EBCCD7B2578D8AB14751AD3F535782750BA1272157A36F6ADF7E26D1FFB48BFAF20CFEF6D33
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......w.`..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I'ZqP....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V'Z\|P....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V'Z\|P....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V'Z\|P..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V'Z}P...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........K.(O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 7 09:03:58 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.004531992719333
Encrypted:	false
SSDEEP:	48:8HdbcT7AUhHGidAKZdA1seh/iZUkAQkqehmxy+2:8CvI9Qhxy
MD5:	41AFC2FDEF521294ACD48137DFDE7763
SHA1:	BC15353E948507BD82D1977356C1D17EB870CBB9
SHA-256:	B69F0CA7C08524448CC95492BB8785D27208FF7237005DCF2292B3D69067ED76
SHA-512:	6BC5AB513113FF0822391EC305DAC927D9626A206E6B2026D43E05CC5C6C918C5837003E0BE796BB018A276CE97406634CDE8EFDCDBED2DAB8C8D93D47F80F14
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....!.w.`..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I'ZqP....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V'Z\|P....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V'Z\|P....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V'Z\|P..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V'Z}P...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........K.(O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.012179997807701
Encrypted:	false
SSDEEP:	48:8gdbcT7AUAHGidAKZdA14meh7sFiZUkmgqeh7sExy+BX:8XvnnKxy
MD5:	A67DB25AC3E4D423E20BBF548FD693BE
SHA1:	CBC65638C17DB8C2902C629501CE87EF184BD652
SHA-256:	055DF96C480EF2B325260D666B7F99083FA1D00F43F9CD4237C2B906DB5917A0
SHA-512:	FA70B517E0DB9CC4A023346EDF4B7E0FC20B0DCE6BDECF7AAEA188C3885961041E2B2DCF937938FB1A68C0CDD5630ED23437021450215DE1C28D91C1105A7129
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I'ZqP....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V'Z\|P....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V'Z\|P....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V'Z\|P..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........K.(O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 7 09:03:58 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	4.004422514688603
Encrypted:	false
SSDEEP:	48:8adbcT7AUhHGidAKZdA1TehDiZUkwqehixy+R:8Zvj8xy
MD5:	505A065EBBA669DB58F4FAB42D0D56AC
SHA1:	9EE148D17DD2597A66329BA4C0D10F305FD5AD00
SHA-256:	19D1481B58C71E2D6166E84D3674B46A3EED7A77E31851D8A06DA7E556E3C644
SHA-512:	412780E1C5337D997142652B7C6629B0B217D01B0F28823D1DAE40E9856AA0F19E847A6F351375F09BD0ECD768D30E849206B93BEB5EAF2DFED163082BDEBEFB
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,......w.`..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I'ZqP....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V'Z\|P....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V'Z\|P....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V'Z\|P..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V'Z}P...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........K.(O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 7 09:03:58 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.990389048346497
Encrypted:	false
SSDEEP:	48:8zdbcT7AUhHGidAKZdA1dehBiZUk1W1qehYxy+C:8+vT94xy
MD5:	B5C6320D8B0E8D4A5ED86030AF0B7F4D
SHA1:	EFB765706B7348BF3E1DE930AE2DBC95BAB55BE5
SHA-256:	F98B060F0B7FFDD75B3127E03E710AC3F97C4E7D1C646B53362E45D3EEA4B7E8
SHA-512:	00FDAF33B6DF5851B813C838EB400B6DF4E26A6EC8DDAF64E8B956ADD9F87C80C62B9993C75E556138337DAF7E45AF7500A7F9864CE4EA0EB599BF86656DBBBE
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....b.w.`..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I'ZqP....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V'Z\|P....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V'Z\|P....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V'Z\|P..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V'Z}P...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........K.(O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 7 09:03:57 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	4.004146996082203
Encrypted:	false
SSDEEP:	48:8RdbcT7AUhHGidAKZdA1duTeehOuTbbiZUk5OjqehOuTbKxy+yT+:8Ev3TfTbxWOvTbKxy7T
MD5:	2790EB002FA9BBE6212CE548234A5953
SHA1:	37171AA9F7C8E06B7E8929B83D0488330F53543F
SHA-256:	2BBD2C0D650385E793C66277BAD7DBDC695D1F683A1E8FF58AE0EA56960EA6D8
SHA-512:	3B1469BF6BCCB649D43EBC47387DCF0EF642C208DFF743DCF77C83AC2AB48A34FD10857243C07DF5C51349D96662B62E620B364E34AAA5247F4A67E257B304AC
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......w.`..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I'ZqP....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V'Z\|P....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V'Z\|P....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V'Z\|P..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V'Z}P...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........K.(O.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 100

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 118 x 108, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	15045
Entropy (8bit):	7.9352554430614
Encrypted:	false
SSDEEP:	192:w5w2P+MWzIn8DJJX5cgWctZrDr/kicgm40Keiv+fpfbQD6o6l9I3UzVda0PheWcu:ew2PO3D8IV/Fc9/M+b99WEZfPheWLjHN
MD5:	D809BC7F3105DDBF8E8EC6D2CACDFAD9
SHA1:	22AAFA26E8AC454E471942821AEB601CBF1FD351
SHA-256:	DD0065DE767EDFA8CBC70E12406511B26E10FE25C2A748D920FD46498DA3A4F7
SHA-512:	D95C90F0EFABC0E85B20E96FDE531B69C2850408D4D61B3A19F8EA752FDCA1E094BC726868F5EDC93F4E5BF5DB78CE9F651E312D4201F67C0FA1AF599DAADC32
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...v...l.......F...2.IDATx......u...........q........"a0..%...(.r.\&.(..G&6.R.6..%B.C.~....f.....KJb......-...5l6.`........`..f./.......Y.xq..{......^.o.V.c.....\|..R.-N.sUxx.E~.l6..X.."`.0Dp...)@....v`...!...HJ....t...!.M.=!......0`@..s'7h.`.F........;\QQqQ.!####...L........v.ZZZ.j\|\|\|.."6..6...@..`..dr.n..2...<..[...B8..I).....?...I.!.}.0.7...Gg...4>}......5........@.h'M..p...O...=.....\.^AAA..'..l....F.L2.L..J......>..p.x...(...C.I@(..H.B...H);.;.X.....}.7.0.i!D..G....&<0g..4.MpVVV....?.....b.........C....D....%K..;b.IB.r....h4.q.l6..@..h@.Y`..e2..r.6..'.>..\...L....._..M....B.R.9.X..k.....8.5~=......%.yOJ._.`...u.0.L.&iiiK.j.n.y#.....v.=).._.R..-[......I....cG.Pw.Q.....`...^..`........&l6[.`!..X.<.......V.l........l..."..^&.)..Qq.R...@...+.(....G...x^J.....L~j...q{4@..(......i.....@1......j...v....3..;..V.5o..u..8..Z.h.%K...R.......l.f..._........ ...^...M....6.m..f....{...B.....S.........p.S..8.u....K......./...W.W....

Chrome Cache Entry: 101

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 10466
Category:	dropped
Size (bytes):	4334
Entropy (8bit):	7.953715237657279
Encrypted:	false
SSDEEP:	96:os0BotePi0owmIMU4JDepI9teZYzwT3OLnURT8XjgxuldYiPPidA1qC5p:osCPPgDIyJDeOj0tyLnUqXZbPPcAf
MD5:	F3B519E88C3A13545138FB3EE052D6F9
SHA1:	C18E43A91D19AD7BCBD551BCF91A09F211223807
SHA-256:	CBE7D1784C79ACB3D602AD76AAAE56E0F5C17EABC11FC2CEC69E0EADAB68900F
SHA-512:	9308078C5008348644EF3D282CDA364D10AAAFE85B590BC49DE58C49F324A248F1C071D3B156101B718D42A2999BA2080475CB6F56052D87E2F7F09CD2868A02
Malicious:	false
Reputation:	low
Preview:	...........Wko.6..+.0`.`..]g`.d[I...Jr....Z.m".h.R3o.........K..Y.}......8......Y.GW._.I...+._..8.9..j.Ng.=..!.r?...h1U........?....&.9v....GR/y..`a.Z/e.RY}P.<<t...=.V.+..{>....Y.G\|.F./.uQ.x...)./...Gw....?.C"...Z........;v....z-.....9aS.j).J\|...=g....)....z.;].R...'/..@....s.\$g0.6.B..%s.v._.....I.g.r..<....>[H6U.J.V/D.....y.q..(..4j.S....R3#...1,.%...)v.N......kf..JW5...6<T1a..'......^.p.wrk.P..uo..B?.eV...[...5.y.....rbT}`.2....!.sp..Gk.q...?..8....@...)ar.f.=..s..e.B-.\....s..6rG\|.._:.~F..,U.mby..\|..9c#.R,A....m..=.j.tR.........D..r..6..............GN7.u......Jv.j...Z31..D..8,b..p.u....k......V+....A.. ...zG.:.......].7:).y.t:.....y.......!O...^...$..B\|......!,...-..J.l%JY0QN.,.E...x....^..v..;... .;Y.2..:..`...V...3l.OT..*.&.w.D...9aH.RJ.S.GoD.O........?C....i..D...e...K...T./s]U.\..3....ZS.p....m.:.=..W....)..E1...ME....r..dk...-v. J...i.\|L!.6.M2.zb.Px...X.H..}...S..9.g........8A.7.B.7i..dN>.:N..3^.....C....j.1.................2.

Chrome Cache Entry: 102

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	52
Entropy (8bit):	4.378727103656465
Encrypted:	false
SSDEEP:	3:OryoSEOtAjXHFY:OrFSF+j1Y
MD5:	78CB4B14DFEFE822EC1B2D3F0D321854
SHA1:	498015D792B52CBDC77DE15BE9C04DA0CB4040C9
SHA-256:	904A820C0319F11F64C178C9BC81F270A3E09A7E91981431021DB7B54B857437
SHA-512:	343B2A156B0A17BC9F373544CA84219896764852D91D032520FB45A22ACB078753B730A6AE685C69CDB3E317403BB78DEDA5D934264F06FFDD5DF319180BF361
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISJQmoRKhY-ua8phIFDeeNQA4SBQ0KeNCaEgUNri7hRxIFDb764Kk=?alt=proto
Preview:	CiQKBw3njUAOGgAKBw0KeNCaGgAKBw2uLuFHGgAKBw2++uCpGgA=

Chrome Cache Entry: 103

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 34828
Category:	downloaded
Size (bytes):	14006
Entropy (8bit):	7.984564322067922
Encrypted:	false
SSDEEP:	192:XhsFzBdcEb5JvQmOOOTAI67QKVHqP/ZT5BbV4VzfOohMMHSjmWw0Ku88:WnXbXvQ7Od7QoHS/R5BSzfvvHRP0Ku88
MD5:	EF16F17CD025FEB3F7F57F7E3433D3DB
SHA1:	BDC750E7B5DA7E265D95C628C39EB1A4A6D9285C
SHA-256:	606423F39BA1BAF481A2476EA11A0B6B5F3DBD3A11A2506769D76DB41E4A3019
SHA-512:	8F8E2BBC63EF366CCBFA0BDBB12B4D2A5EA9B61169CD4CC6505C15BD63BF9EEA73D075C4F3CF983D9492034A864E7729466153420CFE74CE958AAD857028049E
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/libs/monent/moment.min.js?1646256924
Preview:	...........}.W..._..b^.5B..m.B......9.8..x.$....0...........N..w.{..Z.j....O..z.M..4.{J.o..I..~..L..u.j...l.&...M..a.._uST.~..Y..$]{}]...Q..A?....h2J.sV....l......`%..Wo...j:..;...bx... ....`V.+J_.Q.6.Q....i.......N.3tU..../....3P.O...l...p......R%.d..<....p...9tF.c.s........z.s..L..j...w..t...k.~..W.......v.gA.Z.3..s.:..krVF..g......t:..c.~p \.i.`)..v...W.O..[]_..N.L%..; y..AO.....<X.t...}.5.M..L...N....s.o...M......{....\|.....Mk..\..fir2...Y.sf./..N....pr.....~8..M...Hl5..:].p.1..%G....hR^M..p.M.....C.l6....sgK..RQ..E..'.. ....Z}...u. (..l.....O..s../..Z6{....{..$........7....L....JB>~7[.WR......NR<.`........`\/M.Mt........,..JQ.{3...[/..g.z.'n^L..ol5...@p0k.....d..@I.,.C.5.....{....<..>..>L.e.^.......[IT...C.....`)....e.............u..u..J..#......e..'..APO....t...[.].a...+.B...s.......'........I..._.N<hh.xN..~.YT...9...v..{......_...a......IaX.H.q\.8.....BD...qh....6g.~u...{.../...2..>D..g..>......l....O\|C..UK...9R.5....l.

Chrome Cache Entry: 104

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 951
Category:	downloaded
Size (bytes):	253
Entropy (8bit):	7.068774282269437
Encrypted:	false
SSDEEP:	6:XtCvcaMTtFNxi2xe7nMtVJECgtIb4Av5hXD47NL7:XQvcaMTLiCezMfKCgtIscDO
MD5:	D81A6948973D9A7463EA14B41D388E43
SHA1:	6ACB0B8F012CE72BA3C968C1DDB2DF666992D78E
SHA-256:	EDA76335BD105BC197CA7F6AC723B733B549AAB660E3D28827337207FC45F4FA
SHA-512:	88E7E319BF970D550D8F6815A65F2CE8EAFF5B13CE646B468826D2C014B813DABB38E6F2451E25071C75F2232CDFD9EABBA29C82344DE7979978FA9C2FB00B3E
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/v3_menu/css/qts-font.css?_dc=1646256924
Preview:	...........M..0.@...`[Aa...{..z.....h`.@."..&mQ{+..$3o.o23gJ.A...&8].`..}-\H.W.D*-......d..x...'..A\|....2.%&.LY.....l8"....%..-.!x.~4.z>w MhPs.....@....{...M.i_.-.K...6.}m.X.R\|.......U.z...(b...6T...#d..3....#D.......q.......HU],....

Chrome Cache Entry: 105

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 118 x 108, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	15045
Entropy (8bit):	7.9352554430614
Encrypted:	false
SSDEEP:	192:w5w2P+MWzIn8DJJX5cgWctZrDr/kicgm40Keiv+fpfbQD6o6l9I3UzVda0PheWcu:ew2PO3D8IV/Fc9/M+b99WEZfPheWLjHN
MD5:	D809BC7F3105DDBF8E8EC6D2CACDFAD9
SHA1:	22AAFA26E8AC454E471942821AEB601CBF1FD351
SHA-256:	DD0065DE767EDFA8CBC70E12406511B26E10FE25C2A748D920FD46498DA3A4F7
SHA-512:	D95C90F0EFABC0E85B20E96FDE531B69C2850408D4D61B3A19F8EA752FDCA1E094BC726868F5EDC93F4E5BF5DB78CE9F651E312D4201F67C0FA1AF599DAADC32
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/loginTheme/theme1/images/sprite.png?1646256924
Preview:	.PNG........IHDR...v...l.......F...2.IDATx......u...........q........"a0..%...(.r.\&.(..G&6.R.6..%B.C.~....f.....KJb......-...5l6.`........`..f./.......Y.xq..{......^.o.V.c.....\|..R.-N.sUxx.E~.l6..X.."`.0Dp...)@....v`...!...HJ....t...!.M.=!......0`@..s'7h.`.F........;\QQqQ.!####...L........v.ZZZ.j\|\|\|.."6..6...@..`..dr.n..2...<..[...B8..I).....?...I.!.}.0.7...Gg...4>}......5........@.h'M..p...O...=.....\.^AAA..'..l....F.L2.L..J......>..p.x...(...C.I@(..H.B...H);.;.X.....}.7.0.i!D..G....&<0g..4.MpVVV....?.....b.........C....D....%K..;b.IB.r....h4.q.l6..@..h@.Y`..e2..r.6..'.>..\...L....._..M....B.R.9.X..k.....8.5~=......%.yOJ._.`...u.0.L.&iiiK.j.n.y#.....v.=).._.R..-[......I....cG.Pw.Q.....`...^..`........&l6[.`!..X.<.......V.l........l..."..^&.)..Qq.R...@...+.(....G...x^J.....L~j...q{4@..(......i.....@1......j...v....3..;..V.5o..u..8..Z.h.%K...R.......l.f..._........ ...^...M....6.m..f....{...B.....S.........p.S..8.u....K......./...W.W....

Chrome Cache Entry: 106

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 14090
Category:	downloaded
Size (bytes):	3745
Entropy (8bit):	7.9537826515987105
Encrypted:	false
SSDEEP:	96:x12U+opP8cditWH3kZohFM3Nt6ZgANM4S/z8Bys/RPfr:xZ1OtUa7dIdNHSL8ByI3r
MD5:	66625BCAF694492EBD261DF8D2786CB3
SHA1:	466D37486A1CBE2394F591000A63DCC684051213
SHA-256:	33CBFF7D929C6625D65ABEE81E7EBD3F5426F8271E38022F9AE77310F5F81D2B
SHA-512:	428D4B037ED748EB98196768D8D2E6408AE18692BF0704B672C7D36A331E302F00B337DCBB877385CDDE81902751440ABFD4C08C611F7C39CA55D85172FB8635
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924
Preview:	...........[mo.6..+F.b.,..9N66....~<..~;..J.m6..H.....~3CR"%....f#K.pf8.......,).....k^0^U.P.L...br].`....l;g.k.]....X.....T.U.`..$..O.x.1.e.h....K%....`..Y....1..0Y4.!..#kX.w.kv<.Y.j. .WYlX.O.bJ...Y..L.T.J.,.r.e.+s..Y..Z.<k@.uY.X...1..QdL.$.>x.dY0Eb.uY............L.U.H.9..7...2o..Dd0.f.B./K...GH..m..x.b..~`.^U{..}...P,r..w;^...4.W...3Y...Z.d.TY...F......b.WIY..p....5.X....R.[QK....N./.O....Wx.iu.(..#..M.Lx#rY.U.k.}#....{......-XM...H...<(...s....=......v$1...#.5...Y...d......l\|.....Bn.J..Ifj./_.......y..<<.JX.u^>-.2.D.".q.....,.;..G..07..:...2i&.Y..D.1\|&.i.NE3.a.$.k....o......xqs.__...U.H4.v&.Q-..."}.r...\|-.\|..J...kX.e".W.1.e..^~..r..yY/.M./..>......+..r.V_...65}.\....'...\..Ve....<.+..h.nE...........iZ.Z..Q"....s+vb......]5zrO3..b..A.;v....n&.......B)@..(..F.....'..J..Y...;A.Kx=!....w.}......e..{UG....(.Q..e!.'......M....#...8.Wa...&4.....H.[..@Z..(.k@.k...x._.$_.~..5.F..S..}G....O.{...-c.-.\|>.._.....O6v..y4....)$.o....`c.X..."..(..

Chrome Cache Entry: 107

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 262
Category:	downloaded
Size (bytes):	155
Entropy (8bit):	6.6419065825400665
Encrypted:	false
SSDEEP:	3:FttdFFxn0vt8g2y/kxYGlJoocbwZBs2rBahCYtsBM59qHtHNa6YDEbjE:Xtd/xG2yiRsocbKVahZyMLqHtHNEEbjE
MD5:	210CAFFB1736456E724F452EA8AA308F
SHA1:	01ED889146CB75535B3AA78D2F38CF5DDA6BA539
SHA-256:	EEA9C30AF9ABB1BAAAD8A11D9707B8C1D4A7C45E52FED5A340E8B3D803E94DBA
SHA-512:	AFA52C1FB9758A3DC24C0E0A68BD057DD2FA05136EE55A14D1229E74F4F8DD0FC503482D312B62BA5BF71976115AD2A1A8A48EDFD8C8F70B5DF4955A2EF01FF5
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/loginTheme/theme1/login-max-height-768.css?r=wall&1646256924
Preview:	..........}.A.. .E.b.Cj....0H...A.E..W..LL...{.j..7..b..A.^....PN`%..'F.V/......{...e;...bd.=9i...'..e.!....6.I......ma.'G$B.>wg..b.....?.>.~....

Chrome Cache Entry: 108

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 23393
Category:	downloaded
Size (bytes):	8506
Entropy (8bit):	7.977021000398894
Encrypted:	false
SSDEEP:	192:2UMxZh6w4lkxYHiQUa99izd7uJgIMGqXavzVTt54MJ5Rkf:8Zww4lquT9i0JgZXavzb54tf
MD5:	5D79C2F0A094F42EE1ADDB39771CF9F6
SHA1:	E9D40AE8701BB4B1B83075867B49942584F74118
SHA-256:	89047E848F16AA1BC796D2E97560CB6B55FA635AF22E96655D423822CA787FF2
SHA-512:	377AA4DB1B191196F429B7F0306B5A4CBBE2BE1D8DBBF3E7FE551936F3E6B1D9AA684B84F1248F04F725FB9568FA630B5A9AA2C3784FA1D8B55A8FE9033C67E1
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/js/qos-core-login.js?1646256924
Preview:	...........\.{.8..W..,,....nh.\|..t.su.!.f......mB....~%.'N...x....JR.T.%?.n..q...qF..A.....[../...1........N.........G.'._.Z......3.\|p7...Fc.\|u=..8{z~Y/W66....P\..P..,Ww].9.Zf....+....l...w.mm..m...m.g[...:.~..uVf....m.w.=...(,.r..7Xy...Xy....{V...6.V.`.MV..Ae.U..{V..6..F.m`.....6...6.x.6...ls.m..f.m..M...6...;...m~`[.l+.x.Fkz.....^....m...x.!.#.....g...i5..F.......z......ba.@.94...u?_/.A>..]/.VV.z..P......Yp0.....+..Du.w-..4p.qC...T6_.....Jy.P...X.........[.p...:.P.;.(.D......k.^.!e{.f@..PvW,C....7.....5.....0..q...5of..0.....ix<.^.?e.S.?..gS.l.m..I..";..B..r.&.Q=.7.....W>...:}..]x.7.:.;....s...>~.;....r.\|]>...Y...$.wY...E\|..s}/.\|....]..A..;X...^\|..X......".\Y..u....V.s1..zh.P.....z.go...........B...`B... K..`..ra......b;.i....z....],.&a.....L*....1yIc..L^.....D=~....../.`....u.<Pg....H^...8...7........)@...4{H...".6E....h..R..F?.g. ze..N..xG...G..~...;S......./+... ..B..i.:..OK...MHU8}v..5..m<Zw..%c296....,.u<g...l..6.s.O

Chrome Cache Entry: 109

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	4006
Entropy (8bit):	7.916940980344162
Encrypted:	false
SSDEEP:	96:bfqgroos07EEJrmqFytcs+DPx6/G6pGr8eN6X+:biRo54EJ/MmsiPQ//pGhX
MD5:	10F9F668AD12A5A34FE3F67115C0F89C
SHA1:	71DDD44E62C6D85235215B80A63BCC6BE406B283
SHA-256:	96E5F54C2C101953BABD7B14AFB8EE7F60BB4469D05B3D684D7CE73847E92061
SHA-512:	8BF7785DA1892B5BE1664091534AB5E5615F82625B1118FBF7C2FD0D44C4EC1740678DBFBD6B652519F0112C7FE6C9FC73C584651EA5731FD8AD5DD27AF45B13
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/RSS/images/PhotoStation.gif?5.4.14
Preview:	.PNG........IHDR...P...P...........mIDATx^...egu.....Vo...W.....:P...M....b...V0.V.HJST...PC.........6B.DP.HWH..b..W.+n......a....W......y.>..{gf....?\.wa....s.s.w...G?..M.......(J...(.....pr..J..X`.A&.,OCQ..Y..L.B....=.)~.........E.A'3....\|.~7....s...! ..#@w(..-h.1..:....`.3...`T.Xhg..o...]..Br...KM..c..cK..X.......~.B?..5.<#.-..C,.........\5.(.`.....\P..=;....7.@....X....E.{...}C.^.~?.....2...p.,....E.-p.M1.9.r.\|1d.....aY@.;.Pb.j$...=..v...9T........Z...{.....Y^..'@3c..Q..P..h,.#1.sO/d.\...cFn..DO.:.f@.W[..oP..a....Y7.E\|.f..e{...+...E.(....-.c...7...0.6,_.t/...3..,PT."@u. .8.$...j..v.V..d....qftB..b...a..xa.......0.....N.AdmP.=....&/....JU........U...O.(..+C2..,.0r.0.w0:.r.8........%.......1.l.J...ypSa.OP.S.+H...N.^!..if......6.)...at.r.....~y.Kk..R.....`(.....[...w..J.H.....k.k...C.5.k.\.. ...Ag>...:.{...>k.....b.......-.gY...OP.N:..]...8...d..O.L.....3..C..~..p.6c....cg0.\.f.w...:...QAK..X ..k0.yH..N..B....#.9t..8..6...W.^...0`.a.F

Chrome Cache Entry: 73

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 10466
Category:	downloaded
Size (bytes):	4334
Entropy (8bit):	7.953715237657279
Encrypted:	false
SSDEEP:	96:os0BotePi0owmIMU4JDepI9teZYzwT3OLnURT8XjgxuldYiPPidA1qC5p:osCPPgDIyJDeOj0tyLnUqXZbPPcAf
MD5:	F3B519E88C3A13545138FB3EE052D6F9
SHA1:	C18E43A91D19AD7BCBD551BCF91A09F211223807
SHA-256:	CBE7D1784C79ACB3D602AD76AAAE56E0F5C17EABC11FC2CEC69E0EADAB68900F
SHA-512:	9308078C5008348644EF3D282CDA364D10AAAFE85B590BC49DE58C49F324A248F1C071D3B156101B718D42A2999BA2080475CB6F56052D87E2F7F09CD2868A02
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/language.cgi?undefined=1646256924
Preview:	...........Wko.6..+.0`.`..]g`.d[I...Jr....Z.m".h.R3o.........K..Y.}......8......Y.GW._.I...+._..8.9..j.Ng.=..!.r?...h1U........?....&.9v....GR/y..`a.Z/e.RY}P.<<t...=.V.+..{>....Y.G\|.F./.uQ.x...)./...Gw....?.C"...Z........;v....z-.....9aS.j).J\|...=g....)....z.;].R...'/..@....s.\$g0.6.B..%s.v._.....I.g.r..<....>[H6U.J.V/D.....y.q..(..4j.S....R3#...1,.%...)v.N......kf..JW5...6<T1a..'......^.p.wrk.P..uo..B?.eV...[...5.y.....rbT}`.2....!.sp..Gk.q...?..8....@...)ar.f.=..s..e.B-.\....s..6rG\|.._:.~F..,U.mby..\|..9c#.R,A....m..=.j.tR.........D..r..6..............GN7.u......Jv.j...Z31..D..8,b..p.u....k......V+....A.. ...zG.:.......].7:).y.t:.....y.......!O...^...$..B\|......!,...-..J.l%JY0QN.,.E...x....^..v..;... .;Y.2..:..`...V...3l.OT..*.&.w.D...9aH.RJ.S.GoD.O........?C....i..D...e...K...T./s]U.\..3....ZS.p....m.:.=..W....)..E1...ME....r..dk...-v. J...i.\|L!.6.M2.zb.Px...X.H..}...S..9.g........8A.7.B.7i..dN>.:N..3^.....C....j.1.................2.

Chrome Cache Entry: 74

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 93596
Category:	downloaded
Size (bytes):	36818
Entropy (8bit):	7.995177197041612
Encrypted:	true
SSDEEP:	768:mM976qLFEmXr8Vm0Yi0UF8vwaedOWK1uljaCT8DowpXZ6UbhR63Cm+E+h1g:mADXr8o0YEFIwiW0u8Km7XHbC3j+q
MD5:	3BB661EA0BEC8F659A4669731C691F68
SHA1:	FFF87B9D064964C362A39D65C8EEDD0752EE731D
SHA-256:	550A55D0CEB8A5B8F8F292BA7533A5434BB0664FAEBFD38D964EF201C734AEBD
SHA-512:	4876266D5751AAABC2E817FCD7DF9A95C31B27AE36F0C50E2151C33E6C52A0B7B58B654E59B4C07C2C14C2CEC410AEB8DA14D7206A152C706FC3DDB4AAA15590
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/jc.cgi?_dc=1646256924&t=js&f=jquery-1.10.2.min.js
Preview:	...........[.....=..(>X.......2.G...xw....A...........W......9..c@.Wuuu.W.NO:_....m.z..N.gN..p.....i..m.(.q...t..o4....i..xZ.?.....o....9...:.;).Y..5....2..I6S..x...f.S..?..^&\.K.A..6........I....X..Y.bR.....X....D.[.[.F\|.a.n..+.K...].a...n.y..eW..E.m...\l......0..G.;{v.N..`l..it2uKg...0./....9u.l...O......`....i1.z...t{1..e.....G7..8..M.7._...3.\|......b..8.S............9.=..NG.%5.......Ep.7..).\|...9j...!..@.6`M...y....L.Q8._.^..?..t..Z...'....U.\|..y...L7IR..K...d.^......................@...Z......o.~....0.^^C\|...)...J.0.\|.2D....l.N...2ts.F..".........w....S/...N?.9_e..`U.z....,...-......a.xwI...x.3.".-.....h.-.t...j....3.T...Ld.k....7g.-..k&...2.f.!....,;..v.;;}..2..xea8....o6..u.[...Ac~!.!.i.......B,.#...s..xB2.8...{..-...a.,..d..ziEH7-..U...x..w.k....I..l.N.6.....~..+Lg....t2...g.....4...a^....#Y.2.4..'.t....D..b ..Yw.8.+x!.j.....I.......I.n..v..:....2....3._..B!0..7.}.X2....>..}.a.G..^/..@..t.........\|s..d.:)..

Chrome Cache Entry: 75

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 93596
Category:	dropped
Size (bytes):	36834
Entropy (8bit):	7.994386366888317
Encrypted:	true
SSDEEP:	768:wAtphIoYheMs7ZuVtotAuc43XW9qzFsfM:wAtHIoYhWuTotjcmXWkIM
MD5:	626A0186CA5E3E622C05AF83082C3827
SHA1:	19B0A57D536595DE049907D090ECFC21C0D38367
SHA-256:	D47B2BEDB703A1BAF15C81B596A0AF7DAFD17AB76A68A9A5F9B42CCB1F7C0BF1
SHA-512:	5895E23E07E52BA6A5C29FFAB75129DF0763112BE5825432EEE8D9E4F20D9687FFB7F39A0301BA423FD32E8F1EFCD54FF46597DEFF56C6604F863ABA429595B7
Malicious:	false
Reputation:	low
Preview:	..........\|W[o.8.~._ak.C.i...(..n.`.h..m.}...#.Z.t(:q......K.Y..E../.9.^u..k#.s.q..G..N..s.y=.........Vm.BI..]....?X.H..,r!+....p......5d..uGRM.f..B.;.&.R.^..a...JHC+....R.....F...+....Y..9......u.+..t....Z..>k.].3..4..,...lt!....%.>=.?.Z.m..=.Gx\.-;.D...#.Sg..%....H5..'6L..l.N.tv.F5Ig}..q....k2...0........}...J7.7.....(../.@v.2+....$.S.5.OH.m.]...q1..y5.?@.&L.....p:..t..'.}.q.2...i.]..3...[..x.iB.aoaaj...4...6Y.I......n.....d..0H.Y.......z..J.rS.......!Y...j...C....p.:..AzA.......g.\|.......:..y.g..G...2B.].A..,`.5d+...Z.Ka....\|...p#H.......w!..?....g.S..b....0x...;%a....b........;.=..!s&..Nf.(.l................m..m...(.5.......R!Y.Q:.R[..I..e}..T]..+.i..,.=.........A...o\|.a.~k....L...B..r0.[{.._........HlE..B.E]w.d..z.`HW...C...M.9....5..B.b(.o.v+.Y+.....2...d...._........J......I%..../..TF..%..A1..s...B.DFT.k...QQ.Q.B~...r...n.tX.....-xZ.I..i..J{.~qc.E..~."-........>.>.......S.....Lw..u.s.m~u.......Sg.(c.T....[.{.*Q.5.....Ic.8F.........

Chrome Cache Entry: 76

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2016:10:20 10:18:20], progressive, precision 8, 4096x2160, components 3
Category:	downloaded
Size (bytes):	296443
Entropy (8bit):	7.743056825234648
Encrypted:	false
SSDEEP:	6144:8KgF2mbBt3BPU0+4CzTW9qxuDoZ52SSRK:8KgTn3BPU0pSTW4xuUr2SSRK
MD5:	CF5C9E62CEF37527A1A37F91E3C76EDB
SHA1:	2A70851032C57E0A5C7A3C3445E13AFF2B2FBC32
SHA-256:	999915C358B8315E213EBA0B224FC478050E54DBC9C56FFBEBC7EED4399EC303
SHA-512:	BBB27ED58481E6226E51C3C0F4E49373FFD02CF9CA1A0300A024845CA54B2388F7175496D4D47605668D3BE3D67FF9B7A34D497B8AE6C16CFA81B4863F5604A6
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/mediaGet.cgi?f=standard_bg&r=31204317
Preview:	......Exif..MM..............................b...........j.(...........1....."...r.2...........i....................'.......'.Adobe Photoshop CC 2015 (Windows).2016:10:20 10:18:20......................................p..............................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................T...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?....8.V..Z-.......45.@R.BV.o..L.........\|ai.5D...j}...w..`....qM...-.......B..JB.....C.n.r..C.c.B...."Y.I....U.....ZP....H.T.e\t!...+L......o-.......

Chrome Cache Entry: 77

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.16293190511019
Encrypted:	false
SSDEEP:	3:CUmExltxlHh/:Jb/
MD5:	FC94FB0C3ED8A8F909DBC7630A0987FF
SHA1:	56D45F8A17F5078A20AF9962C992CA4678450765
SHA-256:	2DFE28CBDB83F01C940DE6A88AB86200154FD772D568035AC568664E52068363
SHA-512:	C87BF81FD70CF6434CA3A6C05AD6E9BD3F1D96F77DDDAD8D45EE043B126B2CB07A5CF23B4137B9D8462CD8A9ADF2B463AB6DE2B38C93DB72D2D511CA60E3B57E
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 78

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 17 tables, 1st "GPOS", 30 names, Macintosh, Font data copyright Google 2012Roboto LightRegularGoogle:Roboto Light:2013Version 1.100141; 2013
Category:	downloaded
Size (bytes):	140276
Entropy (8bit):	6.630330156695977
Encrypted:	false
SSDEEP:	3072:ae+oh3khKjCT8aeZYVvoPezvd7ORhbdZFro/sGlenNsz1GKPtbVR:R+Qoz8ad5zOjAenCxG+tbH
MD5:	E22062B3188C8199283EF2AA835D4653
SHA1:	191DDA7A5142990CD980727D43B27E4802F0B321
SHA-256:	B17667CE7E13581DB105777F986E141168231E88A8EF16D13E581C7C1525F14B
SHA-512:	C07CD18549A83E82F0D7AADE010FAE4C74DDC70780123CC311EE2F757EF4C9C5BFDBB62DD2086FEDAC08A186332B49352E9D9FC4CAF37757672BFA208099A032
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/v3_menu/fonts/Roboto/Roboto-Light.ttf
Preview:	............GPOS.v.......S.GSUB...t.......4LTSH.e.5...8....OS/2.s.".......`cmapy.z....L...@cvt ......!\|...0fpgm/.N.........gasp............glyf......)...w.head.j(........6hhea.......T...$hmtx.j\|A.......@locac.....!...."maxp.=.....x... name.&....X....post..E.......#.prep.TC3.. H...3........^.._.<....................).....,.b.................b.........].4............................._.........................,.......3.......3.....f..................P. [... ....Goog.......b.....b.+ ...O....:... . ...................L.....C.o.t...n...[.\.t.........e.....K...S.J.1.....-.......o...o.j.o.c.o.E.o...o...o.M.o.d.o.Y.......j...M.{...%.\|...N.N.g... .....!...@...........y..........g.M.....7...........b.\|.....c.\|.D....._...-.^..... .*.9...;...!..._.....'.0.....T.M.t...I.].M.g.t...%.a.t.o...\...B.u.o.t.......................t...t.[.t...t.o.......h...&.t.....,...A...2...#...Z...D.........z.......[.z...C...m...-.......g.....e.k.......{.].\|.j.f.j.j.....>.U.C.v.T.s.@.t.t.....R.......b...W............

Chrome Cache Entry: 79

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	downloaded
Size (bytes):	1150
Entropy (8bit):	4.6748855669456715
Encrypted:	false
SSDEEP:	24:LfnnTdGyq2sazn4g4g4g4gJw4gYvyAUWnPzu/:LfnnTd3q9Knbbbbab9APnPy/
MD5:	E43A78B241D5CB1DE88A307094F89AE3
SHA1:	A14EC2E458157860C7BDD61CCF316E05D7F18A29
SHA-256:	DCA1B69CDB391FFF0BC4AF16C10A132CCA6EBD6B652C2BED5337514CED9D86B3
SHA-512:	732E7213B3E3770FE016EAEFE1E54AAD6D4322EEB27C2D93D18CFD98225F1726243BE955DEC6C4DC281353E29F841E5FA804B7B597E1214A95F5DD6F34207377
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/images/mobile/logo_16.ico?1646256924
Preview:	............ .h.......(....... ..... ..............................U.p.U...U...U...U...U...U...U...U...U...U...U...U...U.p.....W.x.W...W...W...W...W...W...W...W...W...W...W...W...W...W...W.x.Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...[...[...[...[...[...[...[...[...[...[...[...[...[...[...[...[...^...^...^...........................`..........l..^...^...a...a...a.........................f..........e..a...a...a...d...d...d...........d...d...d...u!....q..}......d...d...d...g...g...g...........g...g...g...g...g...g...........g...g...g...j...j...j...........j...j...j...j...j...j...........j...j...j...n...n...n...........n...n...n...n...n...n...........n...n...n...q...q...q...........q...q...q...q...q...q...........q...q...q...t...t...t...........................................t...t...t...v...v...v.......................................v..v...v...v...y...y...y...y...y...y...y...y...y...y...y...y...y...y...y...y...z.x.z...z...z...z...z...z...z...z...z...z

Chrome Cache Entry: 80

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 889
Category:	downloaded
Size (bytes):	548
Entropy (8bit):	7.642294192937139
Encrypted:	false
SSDEEP:	12:X/1VYFpeZTMC50/7rA5goH6ZLPkHIzIGVjBiVn1if14xwlbk:X/1VYfeZTT0zM5yLPkHI9i1if+xj
MD5:	094D1F44BC1F82C0B94A57FE6EDC8A23
SHA1:	8FE00981F9DA021F40B66BA5408F89CA80A98DB7
SHA-256:	EA01D41D5EBCD6982139886E828A2042762738489E094C5B8D673CDBC9C84CD7
SHA-512:	0DF6AF01416D7E20C1E877914C4D901C7B6091BA30FC8EBF9EAE81D38D8CA13B97C4C6F4355475B08F8EC0AEF472CF66FE5AE7A114CD9599129764E5498F9DC9
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/redirect.html?count=0.18622616967353411
Preview:	..........mSMo.0.=.B..v...>rH...Z.=...`....*..[.d:KP...v...v.H.\|z..o...~.\....s0=l .y5...t....u.a..3i.....9.r...j...V..J7.....&a..Nio....n...6...k....h.Dm.[.+..XB.D.....c...)+..K...:...RE.C...!..x......e..g{.,g...s...`.M....!:.T..c....O..H.hxXN..!.?S..4.Yiw.yq..Ab~:94.yr(.......6..S.$..2..J^.\|~.ce..I..h..X....J3.cv..C6.Y.$p.G.4.O.{.8.k.BL...f+.i.BoH'...<h.}..d.I.vCO...iQY....([G.I..N.].)..A#jHi8..."".w...q..<.)=.....g.O..}z.0..e'.T...2.V)..L.....<....z..q>..:.....<..@oVB....w.E.\|.....o.W..5....x.4.i.{..W.?._.Csy...

Chrome Cache Entry: 81

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, ASCII text, with very long lines (997)
Category:	dropped
Size (bytes):	1592
Entropy (8bit):	5.189622521378851
Encrypted:	false
SSDEEP:	24:2dxINMZQyQPQpAa/Dw19oYbNWWLeN9yjs1yNPTyN86cHEOHodVVogq+mvF+f9GB:cGWNkQya/DwAYb4WiPP8VeSHymgFKB
MD5:	CE8447020A8C0B43875C9C96B255EFEC
SHA1:	2DD34AA759D5272775C5A700D9FE3834D1D67CCA
SHA-256:	A6625A915FAEDB6141593206229D25C927AF7D4CCF5159D6D441A4BE9A6E1D17
SHA-512:	DF2640234505A2DF3C112A130EAC536B179C48A679431F3E1953BE264DD8C2808D1C08FE2AAB207144810064CFC3A8B34528ABDE0353281333E55A4BA3F71DE2
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="UTF-8" ?>.<QDocRoot version="1.0">.<info>.<result><![CDATA[success </result><hdStationSupport><![CDATA[0 </hdStationSupport><hideHF><![CDATA[0 </hideHF><webServerPort><![CDATA[80 </webServerPort><webServerEnable><![CDATA[1 </webServerEnable><sslEnable><![CDATA[1 </sslEnable><sslPort><![CDATA[8081 </sslPort><isXMLAvailable><![CDATA[0 </isXMLAvailable><countryCode><code><![CDATA[0 </code><abbr><![CDATA[GLB </abbr><name><![CDATA[Global </name></countryCode>.</info>.<qItem>.<name><![CDATA[PhotoStation </name> <attr>.<displayName><![CDATA[Photo Station </displayName><QPKGFile><![CDATA[PhotoStation.qpkg </QPKGFile><date><![CDATA[2022-05-03 </date><version><![CDATA[5.4.14 </version><installPath><![CDATA[/share/HDA_DATA/.qpkg/PhotoStation </installPath><configPath><![CDATA[null </configPath><shell><![CDATA[/share/HDA_DATA/.qpkg/PhotoStation/qpkg_photos.sh </shell><enable><![CDATA[TRUE </enable><installed><![CDATA[1 </inst

Chrome Cache Entry: 82

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.16293190511019
Encrypted:	false
SSDEEP:	3:CUmExltxlHh/:Jb/
MD5:	FC94FB0C3ED8A8F909DBC7630A0987FF
SHA1:	56D45F8A17F5078A20AF9962C992CA4678450765
SHA-256:	2DFE28CBDB83F01C940DE6A88AB86200154FD772D568035AC568664E52068363
SHA-512:	C87BF81FD70CF6434CA3A6C05AD6E9BD3F1D96F77DDDAD8D45EE043B126B2CB07A5CF23B4137B9D8462CD8A9ADF2B463AB6DE2B38C93DB72D2D511CA60E3B57E
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/libs/extjs-3.3.3/resources/images/default/s.gif?1646256924
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 83

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 8197
Category:	downloaded
Size (bytes):	2605
Entropy (8bit):	7.932103955661649
Encrypted:	false
SSDEEP:	48:Xt0REGF59beM+6uft4Fgh1kLjes3eaKdMVoV3WGjJfaS87F7rXQjBjkb/HCLQRFO:0Dbef6uV4yjsesowMcS8h774jkiKs
MD5:	734CC0A9FC8565E6DEBE05DDE2B31A05
SHA1:	2BCFFD3562F02E81E6215750D1188984D17C7BD0
SHA-256:	F09E6AF287C4A95E274D985BF07F7062ADF53B4ABF7C7BB72A0A46262BEB0511
SHA-512:	D517FD15015A01D98C5B94443423D86A7377AB016AA86AF3185B0BBB8F656C6D90C9E03A0C3379097036FD63CEB6FF16907457D67A5CECE8F839811D19C4C992
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/login.html?1736244007
Preview:	............Ys.H..U..:..8...8.L..)..2..".yR5Rc..eu..d....Z7..M.T.-...9~r:.Y..M...w.w.....y.t.1C.......9u./.0........w.u..3I...tv...G.u.^.GTr...'.$....M.s........q.q.3....$gIc....:._..iu.'.....Y......O......h..\|1....G..j.4.t?^t.8.0....V...0.....K..y}..%..;..<..'2$...1..x..awz.N...{<.&1.....4"7.......}z..Y.lahm..s...h..{....y.+.;..^.....#......X..N"I...@.Q.1]....S.....u:G... ...ZQpY..N.6.=..H4..s..~.....1.m...ne...`h...Y..Z.F.}............yK..C.XK.........X.....w.......pb..mK....g>..._..[.......e.A.^^..fF..z.."I@..dU.WtE.U.......>5.3k05-.?.h\|..NmE`.....o.lMN.d.......o..d`O....=.].%.......s.!..~....>7..]KwY.J..6...0.-..P....?^..H.j.....v.h...<=....8...`)\|g..!..u.BP...vK$`>...._.gK.d.oZQ".S..x.mog.../.._...b...}.J.G. "v .x\|..&.....v.....D.UO..4._.....g..j!.g.^...Bw.....%?..Q4....4...qu..x.wZ...a&..Q..p["......~..........<.R.D.O.....>...q< ...w..5.....]k..............,.k...&.7...A\...V..L9... ...xf.?..*.8.....W9Qya.f..8...........Cj>

Chrome Cache Entry: 84

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 72 x 60, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3865
Entropy (8bit):	7.873026584587776
Encrypted:	false
SSDEEP:	96:nHaZYrJjjKFXxeOVx+dREXaL6mvBW9uX/G5bWvW:nBULVx4R+gZLX/QbB
MD5:	E91BCB0F4A1B662808D4567FF811E5A4
SHA1:	8BF3434A9D07271C600ED37B1B08D620EAD5A59C
SHA-256:	AF881D41BD993F8D6633F0FE72A193DA90E6F728CB2A82CBB4ED38D50135CC0B
SHA-512:	B6FC52A0DBF2CF95A4976EE787553AC029811F5B620C1A7C56AECB0ECC63E60179FEAD6DB6910F8E3C55EC88B0A903DABBA5033E4D121783EA39CDD22A40039A
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/images/cmp/checkbox_radio/sprite.png?1646256924
Preview:	.PNG........IHDR...H...<......^......IDATx...~.....IDAT..QLT...........w"aVa.j.).Z..bK4...".rSn.l..v.f.O.&4..$.a iZq'.`.oc...g.D.v.....N..#.(....:0....6.......).PH0....3jkk1....3**0C.4......^.^.J.3.t..\|>_.C&...R.u.....?.F...4Ma.TU..UUU,.c...HADv.e.;.N.<I...D.Q..=.,..o....N...fc......>.l..g_...n..w..C$.I.;GFF.........X.D".{...+.........;.;w......j.....;w.c..'.g....C\|...dff..c..x....Y...vrrr.....-[.8........9s...s.K.$"BYY.[.ly..o.)LLL..._.i.&.Ea....8...2.C.b1B..o..&...<P.p8....H..y......$-...x#...p80T[Happ..."V.^M:...."......(}.#",$"...PQQ..?.<.m6.....g......\|.]..l.6Y0...r..e....ajj...z.epXD...}@1......p..q.D"..q....B".. .D.d2.a...%.~.)W.\a.........&33.e...+".1......W....<....9r..'N0......QWW..+Y`.....e..,..(..1..a\|\|.....f......a.\......./~Aaa!.AQ...%.QD....'...c.N........8q..............h4.....&.v.....[.+.v.._..].F..:,<`..(++cxx.x<...d9)...T.....#...ICC.mmm...QWW.h.......ED..M.......l.........y...<6....2JJJ...a.).r....*.r..p:.444.o.>l6....\|...

Chrome Cache Entry: 85

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	dropped
Size (bytes):	1150
Entropy (8bit):	4.6748855669456715
Encrypted:	false
SSDEEP:	24:LfnnTdGyq2sazn4g4g4g4gJw4gYvyAUWnPzu/:LfnnTd3q9Knbbbbab9APnPy/
MD5:	E43A78B241D5CB1DE88A307094F89AE3
SHA1:	A14EC2E458157860C7BDD61CCF316E05D7F18A29
SHA-256:	DCA1B69CDB391FFF0BC4AF16C10A132CCA6EBD6B652C2BED5337514CED9D86B3
SHA-512:	732E7213B3E3770FE016EAEFE1E54AAD6D4322EEB27C2D93D18CFD98225F1726243BE955DEC6C4DC281353E29F841E5FA804B7B597E1214A95F5DD6F34207377
Malicious:	false
Reputation:	low
Preview:	............ .h.......(....... ..... ..............................U.p.U...U...U...U...U...U...U...U...U...U...U...U...U.p.....W.x.W...W...W...W...W...W...W...W...W...W...W...W...W...W...W.x.Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...Y...[...[...[...[...[...[...[...[...[...[...[...[...[...[...[...[...^...^...^...........................`..........l..^...^...a...a...a.........................f..........e..a...a...a...d...d...d...........d...d...d...u!....q..}......d...d...d...g...g...g...........g...g...g...g...g...g...........g...g...g...j...j...j...........j...j...j...j...j...j...........j...j...j...n...n...n...........n...n...n...n...n...n...........n...n...n...q...q...q...........q...q...q...q...q...q...........q...q...q...t...t...t...........................................t...t...t...v...v...v.......................................v..v...v...v...y...y...y...y...y...y...y...y...y...y...y...y...y...y...y...y...z.x.z...z...z...z...z...z...z...z...z...z

Chrome Cache Entry: 86

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 580
Category:	downloaded
Size (bytes):	360
Entropy (8bit):	7.390863843525637
Encrypted:	false
SSDEEP:	6:XtCDK4OmH2hZYYOG064PPh9tCzQJYzeriqYfPrJbOJDbAFzV1Ry4bE7yMdjl:X7mW4YpoBvcQJYeYfSDUPwJeMT
MD5:	3A1FFE6519AA5A88B9AEC5C28A1A43C0
SHA1:	D77FE28B1C0325806D4DD500EFDE8690C9BC1FED
SHA-256:	E33987E95E72F18DE53CD08904F9F098CE571090D93282016B53082DF1300931
SHA-512:	206229B8FC8BFD9F2E42AF83F50BEA8FF5DDA97267567057689B16EBA06AF1E498AA48B97ECAC84758ED6F16E6BAAC790C7909005773FFB6F7AD268C93712379
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/
Preview:	..........mR.N.0.}&_a..vk..H.}.....e....&.....2.....c;...:..(.Z..}k....Yc.glZ.2!4H.J"7...J.;Wy.8h...$.d.w.W....eD.#..X.f.y....&0..jE.mS.-Ymk...A....Oy..1.r.H.W..t....\.A.7..y4...../.j...8..a.s....$/.....&...b..U..Ukp.Z.Aj4...G.]$K..t>..<..O..Q..O.......\|......>.2..[..a9.y.Bvn..F....j.1...b.Z...aA._...o... 08.....M........s.V7c?..8D...

Chrome Cache Entry: 87

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 18748
Category:	downloaded
Size (bytes):	6404
Entropy (8bit):	7.965264881500095
Encrypted:	false
SSDEEP:	192:pEpVS8USsmDJHV4CTaluhItBXbkNyW83PpbiEI:Uw45V4CTalIWZbkNyW83FiEI
MD5:	440ADBC417C522CA9A8EA2C426E3132B
SHA1:	E56C3A5297D1DB0DA0B1D3D6A0912C126159355B
SHA-256:	DC9FA07156F2B72313D196DCDFA1B4B52BD17C87112DD753257EA1CC0A1DEEDD
SHA-512:	3276AB2EFC3F137398F0C40E81520BC3829AA952D40F59B99723EA08E7BE854CAEC217EED9093C10EE7FEBD8B50852AE2F99072F08964AEF84940DFF65BE007A
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.js?1646256924
Preview:	...........\.w...+T.I........%.qHB.W....t..!@...$p\.....3.FB.....E..3.g...K....\x.....'.//.....m......O.u..8^b.\L.k.....w.."q..k.&}o.o<.s0..*r..{g.y.tge..>.....e0r./qur...~.^.0....O..\Dn..{....0...x.K...j...Z..a...Xc........~c.~..P.~...3.C/..E0Y.)....{.@..4.o<.n."..0..g..^.=..x.8......zcEG...7...0.l.....cgb.{W.0p.=+q....7.8.....d..7.1..G;.\...{.k....n.o....U.....F...A.0..P=...#.\|d.k.x....^..~^.3_....\|....@J...../{...F{.......\|.q.o..\v.v..~.G.O.u.0....#n.3G...;v2o."7YD.:.%{...$Z...0..^.bt_o4V/..B].9..FD......b.8....\|...F....C....).3.hX..Y....+L.1.;sgD.....Q8....un.abqP.5..8......5..6N0.w#.Z...E....%._8N..=.kT/...U..>.%..9xs.>....q,.v.H._/]'.....1.q...d..$l=..g...Ix..`s.a.6......j...g.`..8........O../...+1.3.;...XX..?...E.b.z........EN....u........Hd..../.]m.4.."#..0T./.aX.8...">..N..U..p..x..I..ehn....0..> ..1.ir.:..Mi.XL...;;.2..c..".\.....}.+f....c.<..`...u..Z.=...yh.....:.++:.@.m,"....;..k7a.=...w%..`8y.AP.+'Pn.....a..... 8...H...q..

Chrome Cache Entry: 88

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 10466
Category:	downloaded
Size (bytes):	4284
Entropy (8bit):	7.950555717618732
Encrypted:	false
SSDEEP:	96:HLBCiYJ1PVEyRSo3m+INCr+30r0v/uxYF+/WhEQdwpsUJq:9C9f54930Iv/MPWeQUZJq
MD5:	07099863DA9FED2CFBEFFACDDB714A04
SHA1:	F14EF8475915CD8934DD4592B13F4E03C5354929
SHA-256:	7604C86729D094584A86D1AAF737E35EBB1B3897B1922A7272E053DD6928D452
SHA-512:	11C2ABA6E07DAC8174C80C9000658E1D5F037F83A850D472251B7873E0E749BAD85336CF53A495641C9874293EE37F550A5D1B92C7C2C15AE2E2C21E8D5880A1
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/language.cgi?1646256924
Preview:	...........Z.n...}.Y.@...Xvv7..-(....-"e7E...F6..G%.8..>H.r.$=gfx.do...#.B...\|.0\|....._....7.s....\|.m].l.i....3....aT.5T.N.NNN........_...-...C\|wv...B...j#3...c...A...m...q..^8v..7...8.;.;..(]....p.s.D.X.`...\.k......)."b..4.....}j..4.nk.K.x#Wq.......1M.......rV.8.."..S....?...._.....;H.'..Y.=.\z..j..&. .......}m..^.U.?.(..(...I.T.:..C.5...<^.\.X.-R%rY.p.\,.T,.ir...'b..(..hY.\|....k.a...e".sH.....Io....>d.L./....I.#v.I.>......r).\....<..+^..p...U..._.._`....W.`......+a...KN...z..<..t.:.Dw2.-...~7v...?...y..g....f....YN.v[.\fi.A.5_..0..V......00vF.....v.US....Ac..Z.a.A....`.!.\..8.e.-....IDwQ.B.R..1v.......7oC.n......^cc.!...R..x..........rnp2J.vPg..'..~.,.x.....p.....H...)...X.H......Y.kE....R..(]..r..b...-......s...W;q.}..;.....ujW .D.h.`...k.I.".c.f.........LH.2Y!z...lY....k.7.3@P......P.......r.x......2.X...}G`...4..xc/.D...sO..%.E~2..(..O.F....a.'......-..c...O....`.E4.....p..W......7_.Q.C.=...k....ty.?....@n.&.\...)-\|....

Chrome Cache Entry: 89

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, ASCII text, with very long lines (1725)
Category:	dropped
Size (bytes):	3195
Entropy (8bit):	5.325143332667771
Encrypted:	false
SSDEEP:	96:EjDx/UETK+CxQVQrN5ijC5KPj8DRWGhL6/QJz8IR:gDx42eIjb8DRWGhL6w
MD5:	A106BFC44686101FEF7C7FA845E05D0C
SHA1:	FFF8FC8EBAD6CF8B8C5D30CE4B6677E10D5B0F45
SHA-256:	EC8BC4B26C9983BEAA2D7E9114A341345050F9B90BE3B2305BF813185007B64D
SHA-512:	F27EB150B882AD1EE3CFBE1FD0FF85151DB25E42B15BCE8A073D0D4517B2DA7378869B244B577321340A4A08989794B6810CC3A922638A38BACA43B099B49B83
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="UTF-8" ?>.<QDocRoot version="1.0">.<doQuick><![CDATA[ </doQuick><is_booting><![CDATA[0 </is_booting><mediaReady><![CDATA[1 </mediaReady><SMBFW><![CDATA[0 </SMBFW><model><modelName><![CDATA[TS-112P </modelName><internalModelName><![CDATA[TS-119 </internalModelName><platform><![CDATA[TS-NASARM </platform><customModelName><![CDATA[ </customModelName><displayModelName><![CDATA[TS-112P </displayModelName><storage_v2>0</storage_v2>.</model>.<firmware><version><![CDATA[4.3.3 </version><number><![CDATA[1945 </number><build><![CDATA[20220303 </build><patch><![CDATA[0 </patch><buildTime><![CDATA[03/03/2022 </buildTime></firmware>.<rfs_bits><![CDATA[32 </rfs_bits><specVersion><![CDATA[1.0 </specVersion><hostname><![CDATA[GuNas </hostname><DemoSiteSuppurt><![CDATA[no </DemoSiteSuppurt><customLogo><customFrontLogo><![CDATA[ </customFrontLogo><customLoginLogo><![CDATA[ </customLoginLogo></customLogo>.<HTTPHost><![CDATA[6t.nz </H

Chrome Cache Entry: 90

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	3.16293190511019
Encrypted:	false
SSDEEP:	3:CUmExltxlHh/:Jb/
MD5:	FC94FB0C3ED8A8F909DBC7630A0987FF
SHA1:	56D45F8A17F5078A20AF9962C992CA4678450765
SHA-256:	2DFE28CBDB83F01C940DE6A88AB86200154FD772D568035AC568664E52068363
SHA-512:	C87BF81FD70CF6434CA3A6C05AD6E9BD3F1D96F77DDDAD8D45EE043B126B2CB07A5CF23B4137B9D8462CD8A9ADF2B463AB6DE2B38C93DB72D2D511CA60E3B57E
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/cgi-bin/mediaGet.cgi?f=standard_logo&r=31204317
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 91

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	43
Entropy (8bit):	3.16293190511019
Encrypted:	false
SSDEEP:	3:CUmExltxlHh/:Jb/
MD5:	FC94FB0C3ED8A8F909DBC7630A0987FF
SHA1:	56D45F8A17F5078A20AF9962C992CA4678450765
SHA-256:	2DFE28CBDB83F01C940DE6A88AB86200154FD772D568035AC568664E52068363
SHA-512:	C87BF81FD70CF6434CA3A6C05AD6E9BD3F1D96F77DDDAD8D45EE043B126B2CB07A5CF23B4137B9D8462CD8A9ADF2B463AB6DE2B38C93DB72D2D511CA60E3B57E
Malicious:	false
Reputation:	low
Preview:	GIF89a.............!.......,...........D..;

Chrome Cache Entry: 92

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	4006
Entropy (8bit):	7.916940980344162
Encrypted:	false
SSDEEP:	96:bfqgroos07EEJrmqFytcs+DPx6/G6pGr8eN6X+:biRo54EJ/MmsiPQ//pGhX
MD5:	10F9F668AD12A5A34FE3F67115C0F89C
SHA1:	71DDD44E62C6D85235215B80A63BCC6BE406B283
SHA-256:	96E5F54C2C101953BABD7B14AFB8EE7F60BB4469D05B3D684D7CE73847E92061
SHA-512:	8BF7785DA1892B5BE1664091534AB5E5615F82625B1118FBF7C2FD0D44C4EC1740678DBFBD6B652519F0112C7FE6C9FC73C584651EA5731FD8AD5DD27AF45B13
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...P...P...........mIDATx^...egu.....Vo...W.....:P...M....b...V0.V.HJST...PC.........6B.DP.HWH..b..W.+n......a....W......y.>..{gf....?\.wa....s.s.w...G?..M.......(J...(.....pr..J..X`.A&.,OCQ..Y..L.B....=.)~.........E.A'3....\|.~7....s...! ..#@w(..-h.1..:....`.3...`T.Xhg..o...]..Br...KM..c..cK..X.......~.B?..5.<#.-..C,.........\5.(.`.....\P..=;....7.@....X....E.{...}C.^.~?.....2...p.,....E.-p.M1.9.r.\|1d.....aY@.;.Pb.j$...=..v...9T........Z...{.....Y^..'@3c..Q..P..h,.#1.sO/d.\...cFn..DO.:.f@.W[..oP..a....Y7.E\|.f..e{...+...E.(....-.c...7...0.6,_.t/...3..,PT."@u. .8.$...j..v.V..d....qftB..b...a..xa.......0.....N.AdmP.=....&/....JU........U...O.(..+C2..,.0r.0.w0:.r.8........%.......1.l.J...ypSa.OP.S.+H...N.^!..if......6.)...at.r.....~y.Kk..R.....`(.....[...w..J.H.....k.k...C.5.k.\.. ...Ag>...:.{...>k.....b.......-.gY...OP.N:..]...8...d..O.L.....3..C..~..p.6c....cg0.\.f.w...:...QAK..X ..k0.yH..N..B....#.9t..8..6...W.^...0`.a.F

Chrome Cache Entry: 93

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2016:10:20 10:18:20], progressive, precision 8, 4096x2160, components 3
Category:	dropped
Size (bytes):	296443
Entropy (8bit):	7.743056825234648
Encrypted:	false
SSDEEP:	6144:8KgF2mbBt3BPU0+4CzTW9qxuDoZ52SSRK:8KgTn3BPU0pSTW4xuUr2SSRK
MD5:	CF5C9E62CEF37527A1A37F91E3C76EDB
SHA1:	2A70851032C57E0A5C7A3C3445E13AFF2B2FBC32
SHA-256:	999915C358B8315E213EBA0B224FC478050E54DBC9C56FFBEBC7EED4399EC303
SHA-512:	BBB27ED58481E6226E51C3C0F4E49373FFD02CF9CA1A0300A024845CA54B2388F7175496D4D47605668D3BE3D67FF9B7A34D497B8AE6C16CFA81B4863F5604A6
Malicious:	false
Reputation:	low
Preview:	......Exif..MM..............................b...........j.(...........1....."...r.2...........i....................'.......'.Adobe Photoshop CC 2015 (Windows).2016:10:20 10:18:20......................................p..............................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................T...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?....8.V..Z-.......45.@R.BV.o..L.........\|ai.5D...j}...w..`....qM...-.......B..JB.....C.n.r..C.c.B...."Y.I....U.....ZP....H.T.e\t!...+L......o-.......

Chrome Cache Entry: 94

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 34828
Category:	dropped
Size (bytes):	14006
Entropy (8bit):	7.984564322067922
Encrypted:	false
SSDEEP:	192:XhsFzBdcEb5JvQmOOOTAI67QKVHqP/ZT5BbV4VzfOohMMHSjmWw0Ku88:WnXbXvQ7Od7QoHS/R5BSzfvvHRP0Ku88
MD5:	EF16F17CD025FEB3F7F57F7E3433D3DB
SHA1:	BDC750E7B5DA7E265D95C628C39EB1A4A6D9285C
SHA-256:	606423F39BA1BAF481A2476EA11A0B6B5F3DBD3A11A2506769D76DB41E4A3019
SHA-512:	8F8E2BBC63EF366CCBFA0BDBB12B4D2A5EA9B61169CD4CC6505C15BD63BF9EEA73D075C4F3CF983D9492034A864E7729466153420CFE74CE958AAD857028049E
Malicious:	false
Reputation:	low
Preview:	...........}.W..._..b^.5B..m.B......9.8..x.$....0...........N..w.{..Z.j....O..z.M..4.{J.o..I..~..L..u.j...l.&...M..a.._uST.~..Y..$]{}]...Q..A?....h2J.sV....l......`%..Wo...j:..;...bx... ....`V.+J_.Q.6.Q....i.......N.3tU..../....3P.O...l...p......R%.d..<....p...9tF.c.s........z.s..L..j...w..t...k.~..W.......v.gA.Z.3..s.:..krVF..g......t:..c.~p \.i.`)..v...W.O..[]_..N.L%..; y..AO.....<X.t...}.5.M..L...N....s.o...M......{....\|.....Mk..\..fir2...Y.sf./..N....pr.....~8..M...Hl5..:].p.1..%G....hR^M..p.M.....C.l6....sgK..RQ..E..'.. ....Z}...u. (..l.....O..s../..Z6{....{..$........7....L....JB>~7[.WR......NR<.`........`\/M.Mt........,..JQ.{3...[/..g.z.'n^L..ol5...@p0k.....d..@I.,.C.5.....{....<..>..>L.e.^.......[IT...C.....`)....e.............u..u..J..#......e..'..APO....t...[.].a...+.B...s.......'........I..._.N<hh.xN..~.YT...9...v..{......_...a......IaX.H.q\.8.....BD...qh....6g.~u...{.../...2..>D..g..>......l....O\|C..UK...9R.5....l.

Chrome Cache Entry: 95

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 72 x 60, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3865
Entropy (8bit):	7.873026584587776
Encrypted:	false
SSDEEP:	96:nHaZYrJjjKFXxeOVx+dREXaL6mvBW9uX/G5bWvW:nBULVx4R+gZLX/QbB
MD5:	E91BCB0F4A1B662808D4567FF811E5A4
SHA1:	8BF3434A9D07271C600ED37B1B08D620EAD5A59C
SHA-256:	AF881D41BD993F8D6633F0FE72A193DA90E6F728CB2A82CBB4ED38D50135CC0B
SHA-512:	B6FC52A0DBF2CF95A4976EE787553AC029811F5B620C1A7C56AECB0ECC63E60179FEAD6DB6910F8E3C55EC88B0A903DABBA5033E4D121783EA39CDD22A40039A
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR...H...<......^......IDATx...~.....IDAT..QLT...........w"aVa.j.).Z..bK4...".rSn.l..v.f.O.&4..$.a iZq'.`.oc...g.D.v.....N..#.(....:0....6.......).PH0....3jkk1....3**0C.4......^.^.J.3.t..\|>_.C&...R.u.....?.F...4Ma.TU..UUU,.c...HADv.e.;.N.<I...D.Q..=.,..o....N...fc......>.l..g_...n..w..C$.I.;GFF.........X.D".{...+.........;.;w......j.....;w.c..'.g....C\|...dff..c..x....Y...vrrr.....-[.8........9s...s.K.$"BYY.[.ly..o.)LLL..._.i.&.Ea....8...2.C.b1B..o..&...<P.p8....H..y......$-...x#...p80T[Happ..."V.^M:...."......(}.#",$"...PQQ..?.<.m6.....g......\|.]..l.6Y0...r..e....ajj...z.epXD...}@1......p..q.D"..q....B".. .D.d2.a...%.~.)W.\a.........&33.e...+".1......W....<....9r..'N0......QWW..+Y`.....e..,..(..1..a\|\|.....f......a.\......./~Aaa!.AQ...%.QD....'...c.N........8q..............h4.....&.v.....[.+.v.._..].F..:,<`..(++cxx.x<...d9)...T.....#...ICC.mmm...QWW.h.......ED..M.......l.........y...<6....2JJJ...a.).r....*.r..p:.444.o.>l6....\|...

Chrome Cache Entry: 96

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 23393
Category:	dropped
Size (bytes):	8506
Entropy (8bit):	7.977021000398894
Encrypted:	false
SSDEEP:	192:2UMxZh6w4lkxYHiQUa99izd7uJgIMGqXavzVTt54MJ5Rkf:8Zww4lquT9i0JgZXavzb54tf
MD5:	5D79C2F0A094F42EE1ADDB39771CF9F6
SHA1:	E9D40AE8701BB4B1B83075867B49942584F74118
SHA-256:	89047E848F16AA1BC796D2E97560CB6B55FA635AF22E96655D423822CA787FF2
SHA-512:	377AA4DB1B191196F429B7F0306B5A4CBBE2BE1D8DBBF3E7FE551936F3E6B1D9AA684B84F1248F04F725FB9568FA630B5A9AA2C3784FA1D8B55A8FE9033C67E1
Malicious:	false
Reputation:	low
Preview:	...........\.{.8..W..,,....nh.\|..t.su.!.f......mB....~%.'N...x....JR.T.%?.n..q...qF..A.....[../...1........N.........G.'._.Z......3.\|p7...Fc.\|u=..8{z~Y/W66....P\..P..,Ww].9.Zf....+....l...w.mm..m...m.g[...:.~..uVf....m.w.=...(,.r..7Xy...Xy....{V...6.V.`.MV..Ae.U..{V..6..F.m`.....6...6.x.6...ls.m..f.m..M...6...;...m~`[.l+.x.Fkz.....^....m...x.!.#.....g...i5..F.......z......ba.@.94...u?_/.A>..]/.VV.z..P......Yp0.....+..Du.w-..4p.qC...T6_.....Jy.P...X.........[.p...:.P.;.(.D......k.^.!e{.f@..PvW,C....7.....5.....0..q...5of..0.....ix<.^.?e.S.?..gS.l.m..I..";..B..r.&.Q=.7.....W>...:}..]x.7.:.;....s...>~.;....r.\|]>...Y...$.wY...E\|..s}/.\|....]..A..;X...^\|..X......".\Y..u....V.s1..zh.P.....z.go...........B...`B... K..`..ra......b;.i....z....],.&a.....L*....1yIc..L^.....D=~....../.`....u.<Pg....H^...8...7........)@...4{H...".6E....h..R..F?.g. ze..N..xG...G..~...;S......./+... ..B..i.:..OK...MHU8}v..5..m<Zw..%c296....,.u<g...l..6.s.O

Chrome Cache Entry: 97

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 10466
Category:	dropped
Size (bytes):	4334
Entropy (8bit):	7.953715237657279
Encrypted:	false
SSDEEP:	96:os0BotePi0owmIMU4JDepI9teZYzwT3OLnURT8XjgxuldYiPPidA1qC5p:osCPPgDIyJDeOj0tyLnUqXZbPPcAf
MD5:	F3B519E88C3A13545138FB3EE052D6F9
SHA1:	C18E43A91D19AD7BCBD551BCF91A09F211223807
SHA-256:	CBE7D1784C79ACB3D602AD76AAAE56E0F5C17EABC11FC2CEC69E0EADAB68900F
SHA-512:	9308078C5008348644EF3D282CDA364D10AAAFE85B590BC49DE58C49F324A248F1C071D3B156101B718D42A2999BA2080475CB6F56052D87E2F7F09CD2868A02
Malicious:	false
Reputation:	low
Preview:	...........Wko.6..+.0`.`..]g`.d[I...Jr....Z.m".h.R3o.........K..Y.}......8......Y.GW._.I...+._..8.9..j.Ng.=..!.r?...h1U........?....&.9v....GR/y..`a.Z/e.RY}P.<<t...=.V.+..{>....Y.G\|.F./.uQ.x...)./...Gw....?.C"...Z........;v....z-.....9aS.j).J\|...=g....)....z.;].R...'/..@....s.\$g0.6.B..%s.v._.....I.g.r..<....>[H6U.J.V/D.....y.q..(..4j.S....R3#...1,.%...)v.N......kf..JW5...6<T1a..'......^.p.wrk.P..uo..B?.eV...[...5.y.....rbT}`.2....!.sp..Gk.q...?..8....@...)ar.f.=..s..e.B-.\....s..6rG\|.._:.~F..,U.mby..\|..9c#.R,A....m..=.j.tR.........D..r..6..............GN7.u......Jv.j...Z31..D..8,b..p.u....k......V+....A.. ...zG.:.......].7:).y.t:.....y.......!O...^...$..B\|......!,...-..J.l%JY0QN.,.E...x....^..v..;... .;Y.2..:..`...V...3l.OT..*.&.w.D...9aH.RJ.S.GoD.O........?C....i..D...e...K...T./s]U.\..3....ZS.p....m.:.=..W....)..E1...ME....r..dk...-v. J...i.\|L!.6.M2.zb.Px...X.H..}...S..9.g........8A.7.B.7i..dN>.:N..3^.....C....j.1.................2.

Chrome Cache Entry: 98

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 18748
Category:	dropped
Size (bytes):	6404
Entropy (8bit):	7.965264881500095
Encrypted:	false
SSDEEP:	192:pEpVS8USsmDJHV4CTaluhItBXbkNyW83PpbiEI:Uw45V4CTalIWZbkNyW83FiEI
MD5:	440ADBC417C522CA9A8EA2C426E3132B
SHA1:	E56C3A5297D1DB0DA0B1D3D6A0912C126159355B
SHA-256:	DC9FA07156F2B72313D196DCDFA1B4B52BD17C87112DD753257EA1CC0A1DEEDD
SHA-512:	3276AB2EFC3F137398F0C40E81520BC3829AA952D40F59B99723EA08E7BE854CAEC217EED9093C10EE7FEBD8B50852AE2F99072F08964AEF84940DFF65BE007A
Malicious:	false
Reputation:	low
Preview:	...........\.w...+T.I........%.qHB.W....t..!@...$p\.....3.FB.....E..3.g...K....\x.....'.//.....m......O.u..8^b.\L.k.....w.."q..k.&}o.o<.s0..*r..{g.y.tge..>.....e0r./qur...~.^.0....O..\Dn..{....0...x.K...j...Z..a...Xc........~c.~..P.~...3.C/..E0Y.)....{.@..4.o<.n."..0..g..^.=..x.8......zcEG...7...0.l.....cgb.{W.0p.=+q....7.8.....d..7.1..G;.\...{.k....n.o....U.....F...A.0..P=...#.\|d.k.x....^..~^.3_....\|....@J...../{...F{.......\|.q.o..\v.v..~.G.O.u.0....#n.3G...;v2o."7YD.:.%{...$Z...0..^.bt_o4V/..B].9..FD......b.8....\|...F....C....).3.hX..Y....+L.1.;sgD.....Q8....un.abqP.5..8......5..6N0.w#.Z...E....%._8N..=.kT/...U..>.%..9xs.>....q,.v.H._/]'.....1.q...d..$l=..g...Ix..`s.a.6......j...g.`..8........O../...+1.3.;...XX..?...E.b.z........EN....u........Hd..../.]m.4.."#..0T./.aX.8...">..N..U..p..x..I..ehn....0..> ..1.ir.:..Mi.XL...;;.2..c..".\.....}.+f....c.<..`...u..Z.=...yh.....:.++:.@.m,"....;..k7a.=...w%..`8y.AP.+'Pn.....a..... 8...H...q..

Chrome Cache Entry: 99

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	TrueType Font data, 17 tables, 1st "GPOS", 27 names, Macintosh, Font data copyright Google 2012RobotoRegularGoogle:Roboto Regular:2013Roboto RegularVersion 1.10
Category:	downloaded
Size (bytes):	145348
Entropy (8bit):	6.6505423518949565
Encrypted:	false
SSDEEP:	3072:ENAluNu8V5ZftwYlLzEeNgHS2pOpdO4WqLpMaSZFKVet:ENAH8XZuadpZuFw+
MD5:	54A91B0619CCF9373D525109268219DC
SHA1:	1D1D41FCADC571DECB6444211B7993B99CE926E2
SHA-256:	B2EFABCA5EA4BC56EEA829713706B5CD0788B82ACA153BD4ADDE9B1573933B4F
SHA-512:	7F79FF3B42A672371814F42814AA5646328B1A314691D30CE09FFDC7A322ADCB1AF66625274F7FAC024CA2F22A42B625001735711C430FAEF6E077E1F1D24887
Malicious:	false
Reputation:	low
URL:	http://6t.nz:8080/v3_menu/fonts/Roboto/Roboto-Regular.ttf
Preview:	............GPOS*.......S.GSUBn.U...2x...JLTSH.......$....OS/2...;.......`cmapR.7....4...Tcvt ...T.......0fpgm/.N.........gasp...........glyf.^2;..&(...Lhead..........6hhea...6...T...$hmtxz<u3.......,locaT...........maxp.8.....x... name.>.h...t....postB..4......#.prep...P...D.............[.._.<..........G.3.......1.,...\.w.................b.......,.?..............................._.................................3.......3.....f..................P. [... ....Goog.......b.....b.+ ...O....:... . .........................P...F...n...h...@.g.P.........t.....N...0.1.#.$...R.....q.......\..._...7...........M...f...S.......c...G.....0.....:.).`...........v.E...........t.x.....C...j.=.%...R...........t.q. ...t.q.M.....a...".j.........6...B.......a.(...N.'.(...X.=.......R.f.j.....?.a...b.;.c...8...d...............................a.......b...../.g..."...........-...........^...?.........o...........b.k...F...h...........Z.....D.X...x...b.q...1.#.D.X...{.....I.c.d.q.l.j...........?.......w.-._

Static File Info

⊘No static file info

Network Behavior

Suricata IDS Alerts

Timestamp	SID	Signature	Severity	Source IP	Source Port	Dest IP	Dest Port	Protocol
2025-01-07T11:03:57.276789+0100	2045463	ET MALWARE DNS Query to Raspberry Robin Domain (6t .nz)	1	192.168.2.16	56319	1.1.1.1	53	UDP
2025-01-07T11:04:31.728815+0100	2045463	ET MALWARE DNS Query to Raspberry Robin Domain (6t .nz)	1	192.168.2.16	60542	1.1.1.1	53	UDP

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 7, 2025 11:03:51.621989012 CET	49673	443	192.168.2.16	204.79.197.203
Jan 7, 2025 11:03:52.126336098 CET	49689	80	192.168.2.16	192.229.211.108
Jan 7, 2025 11:03:54.025593042 CET	49673	443	192.168.2.16	204.79.197.203
Jan 7, 2025 11:03:57.325229883 CET	49712	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:03:57.325768948 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:03:57.330092907 CET	8080	49712	79.45.30.178	192.168.2.16
Jan 7, 2025 11:03:57.330328941 CET	49712	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:03:57.330425024 CET	49712	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:03:57.330558062 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:03:57.330693960 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:03:57.335191011 CET	8080	49712	79.45.30.178	192.168.2.16
Jan 7, 2025 11:03:57.661139965 CET	49678	443	192.168.2.16	20.189.173.10
Jan 7, 2025 11:03:57.961294889 CET	49678	443	192.168.2.16	20.189.173.10
Jan 7, 2025 11:03:58.563592911 CET	49678	443	192.168.2.16	20.189.173.10
Jan 7, 2025 11:03:58.833590031 CET	49673	443	192.168.2.16	204.79.197.203
Jan 7, 2025 11:03:59.279540062 CET	8080	49712	79.45.30.178	192.168.2.16
Jan 7, 2025 11:03:59.329602957 CET	49712	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:03:59.776592970 CET	49678	443	192.168.2.16	20.189.173.10
Jan 7, 2025 11:04:01.186331987 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:01.186376095 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:01.186446905 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:01.186682940 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:01.186697960 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:01.816184998 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:01.816638947 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:01.816668034 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:01.817764997 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:01.817842007 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:01.818860054 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:01.818922043 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:01.872575045 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:01.872600079 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:01.920572996 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:02.127729893 CET	49680	80	192.168.2.16	192.229.211.108
Jan 7, 2025 11:04:02.191612959 CET	49678	443	192.168.2.16	20.189.173.10
Jan 7, 2025 11:04:02.431654930 CET	49680	80	192.168.2.16	192.229.211.108
Jan 7, 2025 11:04:03.036982059 CET	49680	80	192.168.2.16	192.229.211.108
Jan 7, 2025 11:04:04.243599892 CET	49680	80	192.168.2.16	192.229.211.108
Jan 7, 2025 11:04:06.650614023 CET	49680	80	192.168.2.16	192.229.211.108
Jan 7, 2025 11:04:06.998610973 CET	49678	443	192.168.2.16	20.189.173.10
Jan 7, 2025 11:04:08.445601940 CET	49673	443	192.168.2.16	204.79.197.203
Jan 7, 2025 11:04:11.461622000 CET	49680	80	192.168.2.16	192.229.211.108
Jan 7, 2025 11:04:11.718868017 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:11.718943119 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:11.719047070 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:12.678199053 CET	49714	443	192.168.2.16	142.250.185.132
Jan 7, 2025 11:04:12.678226948 CET	443	49714	142.250.185.132	192.168.2.16
Jan 7, 2025 11:04:14.308199883 CET	8080	49712	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:14.308290005 CET	49712	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:14.338397026 CET	49712	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:14.343214989 CET	8080	49712	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:16.605650902 CET	49678	443	192.168.2.16	20.189.173.10
Jan 7, 2025 11:04:21.065639973 CET	49680	80	192.168.2.16	192.229.211.108
Jan 7, 2025 11:04:30.069885969 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:30.071216106 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:30.074826002 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:30.074945927 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:30.076025963 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:30.289896965 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:30.329159975 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:30.333935976 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:30.563005924 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:30.580657005 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:30.585429907 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:30.865716934 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:30.868323088 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:30.873105049 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:30.912658930 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.021939039 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.069638014 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.139785051 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.139796019 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.139805079 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.139816046 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.139873981 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.139911890 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.151581049 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.152121067 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.152182102 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.152434111 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.152636051 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.152838945 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.156369925 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.156969070 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.156979084 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.157042980 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.157215118 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.157264948 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.157372952 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.157421112 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.157545090 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.157653093 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.157700062 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.157785892 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.157826900 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.157907963 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.162266970 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.162543058 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.162627935 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.162636995 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.440661907 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.441931009 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.446716070 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.487519026 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.487529039 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.487586975 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.488084078 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.488095045 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.488100052 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.488152027 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.723525047 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.723541021 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.723551989 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.723562002 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.723572016 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.723624945 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.723668098 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.723691940 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.723737955 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.785125017 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.789983988 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.790055990 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.790251970 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.794972897 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876723051 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876738071 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876746893 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876756907 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876792908 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.876825094 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876836061 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876843929 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876849890 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.876854897 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876861095 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.876868010 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.876900911 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.881382942 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.887449026 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:31.887552977 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.887698889 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:31.893744946 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.029882908 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.029896975 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.029912949 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.029923916 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.029938936 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.029980898 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.030018091 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.030280113 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.030288935 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.030293941 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.030335903 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.030340910 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.030352116 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.030385971 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.034883022 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.034893990 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.034904003 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.034913063 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.034955025 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.034996986 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.035187960 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.038882017 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.043668985 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.043751001 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.043890953 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.048640013 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.086651087 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.146820068 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.146830082 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.146903992 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.146919012 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.146929026 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.146967888 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.146971941 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.146982908 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.147022009 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.147212029 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.147274017 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.147284985 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.147294044 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.147317886 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.147337914 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.162303925 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.162314892 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.162323952 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.162368059 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.162684917 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.162734032 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.162756920 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.162770987 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.162781000 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.162808895 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.214673996 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.265539885 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.265552044 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.265561104 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.265571117 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.265640020 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.265666962 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.265912056 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.265935898 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.265980005 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.269316912 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.270438910 CET	49724	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.271806955 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.271816969 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.271871090 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.271945000 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.272011995 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.272022009 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.272058964 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.272301912 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.272315979 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.272356033 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.272497892 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.272507906 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.272542000 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.274231911 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.275331020 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.275403976 CET	49724	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.275542021 CET	49724	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.280378103 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.287473917 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.287483931 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.287488937 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.287497997 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.287507057 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.287556887 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.287591934 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.287832975 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.287841082 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.287887096 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.288037062 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.288049936 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.288058996 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.288094997 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.341715097 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.396848917 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.396858931 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.396917105 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.396933079 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.396943092 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.396976948 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.397300959 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.397310972 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.397319078 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.397351027 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.401130915 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.405939102 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.406013966 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.408153057 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.408560991 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.412935972 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.413352966 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.414597988 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.417815924 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.418061972 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.419429064 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.422626972 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.422852039 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.426920891 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.431720018 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.489602089 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.531662941 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.553234100 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.553246021 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.553256035 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.553266048 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.553306103 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.553348064 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.553630114 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.553642035 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.553682089 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.642165899 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642182112 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642214060 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642224073 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642234087 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642251968 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.642317057 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.642347097 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642395020 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.642395020 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642406940 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642416954 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642421961 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.642457008 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.669903040 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.670372963 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.670382023 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.670406103 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.670417070 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.670425892 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.670445919 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.670499086 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.670758009 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.670767069 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.670804024 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.671003103 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.671015978 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.671025038 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.671045065 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.671072960 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.679582119 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.679590940 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.679663897 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.679979086 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.679989100 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.679997921 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.680037975 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.680373907 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.682209015 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.684581995 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.685218096 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.686948061 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.689429045 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.711915970 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.711932898 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.712002039 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.715295076 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.715306997 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.715375900 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.721683025 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.758836985 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.758892059 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.758900881 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.758910894 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.758919954 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.758949995 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.758990049 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.759145021 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.759155035 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.759164095 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.759174109 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.759186029 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.759222031 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.759289026 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.759332895 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.763811111 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.763820887 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.763833046 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.763843060 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.763890982 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.763932943 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.789869070 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.789877892 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.789952993 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.790311098 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.790322065 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.790380955 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.792175055 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.792201042 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.792264938 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.792587996 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.792601109 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.792610884 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.792619944 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.792629004 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.792659998 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.795017004 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.795241117 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.799813986 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.800101042 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.800441027 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.804332018 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.809267998 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.809355974 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.809504986 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.814341068 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.848716021 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.876458883 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.903948069 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.905253887 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.907696962 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.907707930 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.907792091 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.908540964 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.908602953 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.908683062 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.908727884 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.909528017 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.909538984 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.909549952 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.909595966 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.909799099 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.909810066 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.909822941 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.909851074 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.909877062 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.910073042 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.910147905 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.910157919 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.910201073 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.910403013 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.910414934 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:32.910453081 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.928771973 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:32.960704088 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.010824919 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.010838985 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.010850906 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.010862112 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.010909081 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.010983944 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.011070013 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.011080980 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.011120081 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.011356115 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.011367083 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.011377096 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.011413097 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.011749029 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.011759996 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.011770964 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.011807919 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.011843920 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.014884949 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.014899969 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.014909029 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.014955044 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.015022993 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015033007 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015043974 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015053988 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015083075 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.015567064 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015580893 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015590906 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015656948 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.015969992 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015981913 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.015991926 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.016000986 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.016037941 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.016055107 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.023581028 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.023592949 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.023652077 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.023691893 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.023703098 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.023713112 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.023745060 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.024072886 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024084091 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024094105 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024139881 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.024167061 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.024437904 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024450064 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024460077 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024483919 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.024831057 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024842978 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024852037 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.024878025 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.024910927 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.097536087 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.097548008 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.097621918 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.101438046 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.132934093 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.132962942 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.132973909 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.132996082 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133007050 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133033037 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.133065939 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.133255005 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133297920 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.133420944 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133430004 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133476973 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.133625984 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133636951 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133646965 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133658886 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.133677006 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.133706093 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.134288073 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.134296894 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.134306908 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.134326935 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.134341002 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.134365082 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.138129950 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138139009 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138192892 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.138382912 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138397932 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138408899 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138418913 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138428926 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138451099 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.138914108 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138925076 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138935089 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.138976097 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.139005899 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.139339924 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.139350891 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.139359951 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.139369965 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.139396906 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.139431000 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.139805079 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.139813900 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.139822960 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.139858961 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.152643919 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.184640884 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.252506018 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.252515078 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.252609968 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.252620935 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.252628088 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.252681971 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.252748966 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.252759933 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.252769947 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.252813101 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.253120899 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253129005 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253168106 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.253242016 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253293037 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.253305912 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253315926 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253325939 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253350019 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.253848076 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253858089 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253868103 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253876925 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253886938 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253897905 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.253897905 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.253938913 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.254681110 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254705906 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254717112 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254725933 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254730940 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.254736900 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254750013 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254761934 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254770994 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254774094 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.254781008 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254817963 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.254901886 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254911900 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254921913 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.254941940 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.254955053 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.255201101 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.255215883 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.255261898 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.255436897 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.255446911 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.255458117 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.255467892 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.255489111 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.255511045 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.255995989 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.256005049 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.256016016 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.256026030 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.256035089 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.256045103 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.256051064 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.256062031 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.256074905 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.256084919 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.256817102 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.256872892 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.267631054 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.267641068 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.267720938 CET	49724	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.294215918 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.294224977 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.294234991 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.294245005 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.294255018 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.294264078 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.294274092 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.294281960 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.294291973 CET	49724	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.294338942 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.294651031 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.352056026 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.352072001 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.352168083 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.352554083 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.352579117 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.352638006 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.356323957 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.366488934 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.366501093 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.366509914 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.366560936 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.367013931 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367069006 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.367080927 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367090940 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367101908 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367124081 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.367192984 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367228985 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.367276907 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367285967 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367326021 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.367480993 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367491961 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367500067 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367522955 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.367701054 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367712021 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367721081 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367729902 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.367753029 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.367791891 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.368041039 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.368088961 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.368089914 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.368100882 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.368140936 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.368141890 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.368150949 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.368161917 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.368187904 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.368211031 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.368220091 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.368254900 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.376224995 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.376238108 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.376291037 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.376770020 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.376780033 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.376787901 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.376817942 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.376931906 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.376941919 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.376951933 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.376971006 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.376996040 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.377223969 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377233028 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377249002 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377260923 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377275944 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.377305031 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.377628088 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377641916 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377650023 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377669096 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377679110 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.377697945 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.377717972 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.378197908 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378207922 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378216982 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378242016 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.378269911 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.378272057 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378282070 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378292084 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378303051 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378310919 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378314018 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.378336906 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.378499985 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378509045 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.378554106 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.379034042 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.379043102 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.379080057 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.404655933 CET	49724	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.417165041 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.417179108 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.417190075 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.417200089 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.417257071 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.417299986 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.417464018 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.417474985 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.417514086 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.417618990 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.417629004 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.417690039 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.419538021 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.419548988 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.419560909 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.419570923 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.419600010 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.419636011 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.420007944 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.420020103 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.420030117 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.420059919 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.443034887 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.468688011 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.480539083 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480596066 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480607986 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480619907 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480631113 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480645895 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480649948 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.480680943 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.480686903 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.480879068 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480906010 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480926037 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480937958 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.480945110 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.480977058 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.481218100 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481229067 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481239080 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481276989 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.481574059 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481631041 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.481636047 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481646061 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481657028 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481667995 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481677055 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.481705904 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.481862068 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481875896 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481897116 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481908083 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.481916904 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.481936932 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.482170105 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.482181072 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.482194901 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.482255936 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.482269049 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.482280016 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.482315063 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.482573032 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.482620955 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.482642889 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.484040976 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.498338938 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498349905 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498399019 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.498465061 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498475075 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498507977 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.498542070 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498550892 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498583078 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.498622894 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498656988 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498697042 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.498749018 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498759031 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498802900 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.498886108 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498897076 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498912096 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.498930931 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.499217987 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499238968 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499249935 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499255896 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.499286890 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.499383926 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499394894 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499406099 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499417067 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499425888 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.499461889 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.499660969 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499830008 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499840975 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499850988 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.499871016 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.499888897 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.500073910 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500085115 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500097036 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500107050 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500118971 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.500122070 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500144958 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.500574112 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500585079 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500597000 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500607014 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500617981 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500632048 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.500636101 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500655890 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500657082 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.500667095 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500679016 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.500690937 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.500726938 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.501440048 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.501451015 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.501462936 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.501481056 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.501496077 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.501530886 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.503720045 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.503767967 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.543078899 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.543090105 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.543100119 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.543142080 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.543327093 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.543338060 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.543346882 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.543370008 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.543396950 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.543677092 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.543728113 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.543770075 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.544022083 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.544032097 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.544061899 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.544070959 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.544074059 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.544083118 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.544120073 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.544754982 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.544806957 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.544883966 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.547667027 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.594738960 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594750881 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594774961 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594789982 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594799995 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594810009 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594820023 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.594820976 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594831944 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594840050 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594850063 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.594901085 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.594901085 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.595104933 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595115900 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595124960 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595144987 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.595166922 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595182896 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595194101 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595204115 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595207930 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.595213890 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595222950 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595230103 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.595249891 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.595629930 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.595774889 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595796108 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.595815897 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621260881 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621273041 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621285915 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621303082 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621325970 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621368885 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621387959 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621398926 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621408939 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621434927 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621597052 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621635914 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621646881 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621656895 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621666908 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621675968 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621695995 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621711969 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621882915 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621892929 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621902943 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621912956 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.621927023 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621958017 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.621999979 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.622031927 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.622040033 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.622070074 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.637398958 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.638000011 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.641968966 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.642148018 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.642740011 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.646753073 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.655050039 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.659887075 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.894397974 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.894411087 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.894479990 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.899260044 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.904083967 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.968446970 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.971801996 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.971813917 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.971824884 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.971864939 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.971942902 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.972727060 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.972739935 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.972750902 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.972759962 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.972775936 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.972776890 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.972803116 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.972841024 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.973788023 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.973807096 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.973817110 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.973828077 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.973839045 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.973846912 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.973861933 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.974663019 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.974688053 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.974710941 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.976730108 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.998816967 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.998846054 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.998857021 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.998866081 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.998876095 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.998877048 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.998899937 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.998953104 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.999258995 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999277115 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999288082 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999298096 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999308109 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999330997 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.999330997 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.999372959 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999382019 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999412060 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.999455929 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999464035 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999490023 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.999598980 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999608040 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999617100 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999627113 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:33.999640942 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:33.999672890 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.004292011 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004306078 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004317045 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004339933 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.004359961 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.004390001 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004400969 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004411936 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004420996 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004456043 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.004576921 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004585981 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004599094 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004610062 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004627943 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.004647017 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.004733086 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004745960 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004755020 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.004805088 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.022644997 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.047827005 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.047858000 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.047907114 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.058561087 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.058573961 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.058634996 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.093759060 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.093776941 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.093791008 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.093825102 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.095762014 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.095773935 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.095784903 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.095818043 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.095844984 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.096292019 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096303940 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096313953 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096343040 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.096519947 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096534014 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096544027 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096564054 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.096580029 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.096719027 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096745014 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096756935 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096776009 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096781015 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.096813917 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.096841097 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096893072 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096916914 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096936941 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.096946955 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096957922 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.096982956 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.097197056 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.097212076 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.097223043 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.097235918 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.097258091 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.121042967 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121058941 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121124983 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.121464014 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121474981 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121480942 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121503115 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121512890 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121526957 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121527910 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.121537924 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121548891 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121565104 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.121588945 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.121617079 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121627092 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121638060 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121648073 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121670961 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.121684074 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.121851921 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121862888 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121872902 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121901989 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.121926069 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.121961117 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.122078896 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.122088909 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.122100115 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.122121096 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.122123957 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.122134924 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.122144938 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.122164965 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.122190952 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.134056091 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.136229038 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.139076948 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.141005039 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.143841028 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182249069 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182259083 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182302952 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182315111 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182313919 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.182326078 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182334900 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182364941 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.182379961 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.182482004 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182549953 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182559967 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182570934 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182611942 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.182629108 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.182722092 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182745934 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182759047 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182771921 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.182794094 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.182820082 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.182954073 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.183002949 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.183041096 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.183044910 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.183054924 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.183089018 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.183094025 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.183099031 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.183108091 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.183135986 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.183350086 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.183394909 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.183396101 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.218705893 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.218763113 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.218862057 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.218871117 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.218882084 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.218892097 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.218902111 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.218911886 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.218919039 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.218964100 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.219039917 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219082117 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219129086 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.219131947 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219141006 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219181061 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.219218016 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219229937 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219253063 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219261885 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.219264984 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219274998 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219284058 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.219320059 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243275881 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243285894 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243297100 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243334055 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243343115 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243347883 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243360996 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243371964 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243392944 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243460894 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243472099 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243482113 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243500948 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243649960 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243659019 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243669987 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243680000 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243705988 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243731022 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243844986 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243855000 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243877888 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243880033 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243889093 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243897915 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.243922949 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.243936062 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.269124031 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.269134998 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.269182920 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.291342974 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.291353941 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.291362047 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.291399956 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.291893005 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.291903973 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.291914940 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.291924953 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.291943073 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.291970968 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.291990042 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292006969 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292030096 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.292062998 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292073965 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292100906 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.292108059 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292119026 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292129040 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292150974 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.292169094 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.292179108 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292188883 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292243958 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.292532921 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292542934 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292552948 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292577982 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.292598009 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292608023 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292619944 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292634010 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292648077 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.292668104 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.292988062 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.292998075 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.293009043 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.293016911 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.293040991 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.293068886 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.300940037 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304291010 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304302931 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304313898 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304347038 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.304379940 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.304392099 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304404020 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304414988 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304425001 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304441929 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.304470062 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.304558039 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304626942 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304639101 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304668903 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.304686069 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304697990 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304724932 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.304841995 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304853916 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304863930 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.304882050 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.304903984 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.305463076 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.305500984 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.305535078 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.319488049 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.319510937 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.319561005 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.333086014 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.333100080 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.333142996 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.340786934 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.340804100 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.340816021 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.340826035 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.340837002 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.340854883 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.340893030 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.340929985 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.340950966 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.340972900 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.340980053 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.340984106 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341020107 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.341188908 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341198921 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341219902 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341233969 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.341234922 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341247082 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341259003 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.341298103 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.341440916 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341451883 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341461897 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341471910 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341481924 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.341487885 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.341510057 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.342677116 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365467072 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365519047 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365520954 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365535975 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365550041 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365561008 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365576982 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365601063 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365627050 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365674973 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365684032 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365695953 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365712881 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365720987 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365731955 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365736961 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365767002 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365787983 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365798950 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365808964 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365818977 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365850925 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365870953 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365875959 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365885019 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365895033 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365921021 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.365972042 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.365981102 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366045952 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.366086006 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366120100 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366128922 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366159916 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.366527081 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366537094 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366549015 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366559029 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366568089 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366574049 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.366579056 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366605043 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.366800070 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366813898 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366822958 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366846085 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.366851091 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366859913 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366869926 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.366871119 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366880894 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.366895914 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.366920948 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.367325068 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.367336035 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.367345095 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.367353916 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.367362976 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.367372036 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.367382050 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.367412090 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.367444038 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.369756937 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.374561071 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.378026962 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.378078938 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.419698954 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426328897 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426348925 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426367044 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426384926 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426398993 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426405907 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426409006 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426419973 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426429987 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426434040 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426470041 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426706076 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426716089 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426728964 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426753044 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426753044 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426764965 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426775932 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426785946 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426790953 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426819086 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426820040 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426830053 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426855087 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426898003 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426907063 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426918030 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426928043 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426930904 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426938057 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.426949978 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.426971912 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.427576065 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.427586079 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.427598000 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.427654028 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.427689075 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.427731037 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.430383921 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.435208082 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.463089943 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.463102102 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.463151932 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.549611092 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.589677095 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.589689016 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.589699030 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.589709997 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.589739084 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.589783907 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.598638058 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.672631979 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.672646999 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.672657967 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.672667980 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.672720909 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.672875881 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.672888041 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.672899008 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.672909021 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.672941923 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.673115969 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.673127890 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.673136950 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.673161030 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.673542976 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.673552036 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.673588037 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.673650026 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.673690081 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.673700094 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.725647926 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.788135052 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788152933 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788162947 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788212061 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.788258076 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788269043 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788279057 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788309097 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.788336039 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.788352013 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788363934 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788404942 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.788903952 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788914919 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788924932 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788983107 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.788985968 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.789022923 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.789555073 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.789570093 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.789580107 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.789589882 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.789598942 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.789639950 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.874907970 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.874922037 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.874979973 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.902946949 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.902962923 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.902975082 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.902985096 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.902996063 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903002977 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.903029919 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.903213024 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903224945 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903238058 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903249025 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903260946 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903263092 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.903297901 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.903321028 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.903798103 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903810024 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903826952 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903857946 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903865099 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.903870106 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903882980 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903894901 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.903906107 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.903933048 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.904761076 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.904779911 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.904792070 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.904802084 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.904817104 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.904818058 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.904829979 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:34.904839039 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.904865980 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:34.948684931 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.017278910 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017294884 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017373085 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.017488956 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017504930 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017515898 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017554998 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.017620087 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017663956 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.017684937 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017724037 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017736912 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017760992 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.017838955 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.017878056 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.017889977 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018016100 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018027067 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018037081 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018059969 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.018071890 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.018271923 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018299103 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018316984 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018326044 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018337011 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018347025 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.018366098 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.018786907 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018819094 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018830061 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018840075 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018850088 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.018862963 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.018897057 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.019262075 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019273043 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019279003 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019332886 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.019356012 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019367933 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019377947 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019388914 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019422054 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.019423008 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.019444942 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019454956 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.019490004 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.020116091 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.020138979 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.020185947 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.132102966 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132116079 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132126093 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132191896 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.132693052 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132703066 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132724047 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132749081 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132750988 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.132760048 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132772923 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132785082 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.132798910 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.132977009 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.132988930 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133001089 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133009911 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133028984 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.133058071 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.133146048 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133213997 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133224964 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133250952 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133264065 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133264065 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.133276939 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133305073 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133316994 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.133321047 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133333921 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133343935 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.133368015 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.133841991 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133869886 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133882046 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133918047 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.133929968 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133946896 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133966923 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133977890 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.133997917 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.134017944 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.134020090 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.134030104 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.134057045 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.134068966 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.134071112 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.134098053 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.134108067 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.134114027 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.134144068 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.187649965 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.246521950 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246560097 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246694088 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.246716022 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246728897 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246738911 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246766090 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.246808052 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246819973 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246829033 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246850014 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.246880054 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.246912003 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246921062 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.246951103 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.247000933 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247010946 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247040987 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.247091055 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247102022 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247112036 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247132063 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.247303963 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247322083 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247339010 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247344971 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.247351885 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247378111 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.247533083 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247545004 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247555017 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247565985 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247584105 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.247629881 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.247637033 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247649908 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.247673035 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.247950077 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248075962 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248085976 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248096943 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248107910 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248119116 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248130083 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248142004 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248142004 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.248167992 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.248178959 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.248509884 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248521090 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248532057 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248543024 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248553038 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248563051 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248564005 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.248578072 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248610973 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.248626947 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.248631001 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248644114 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248655081 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248663902 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.248697042 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.248717070 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.249159098 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.249171972 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.249182940 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.249227047 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.361563921 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.361576080 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.361630917 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.361640930 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.361650944 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.361691952 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.361732006 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362191916 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362202883 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362214088 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362245083 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362256050 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362261057 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362262964 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362272978 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362278938 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362298012 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362308979 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362309933 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362335920 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362354040 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362375975 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362387896 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362399101 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362410069 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362428904 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362459898 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362520933 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362571001 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362629890 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362639904 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362657070 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362679005 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362680912 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362690926 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362700939 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362701893 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362710953 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.362728119 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.362741947 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363001108 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363012075 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363022089 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363046885 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363054037 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363065958 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363068104 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363076925 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363095045 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363101006 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363110065 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363130093 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363142014 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363168001 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363518953 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363528967 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363555908 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363564968 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363569975 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363573074 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363579988 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363596916 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363607883 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363642931 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363779068 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363790035 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363804102 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363812923 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363816023 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363826990 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363837004 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363846064 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363857031 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.363869905 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363869905 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.363892078 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.476066113 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.476082087 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.476094007 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.476175070 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.477119923 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477133989 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477161884 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477171898 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477174044 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.477178097 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477229118 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477229118 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.477241039 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477251053 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477261066 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477289915 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.477463007 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477473974 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477483988 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477492094 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.477509975 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.477538109 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477639914 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477652073 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477659941 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477680922 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477690935 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477700949 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.477700949 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.477732897 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.477746964 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.478023052 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478044033 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478055000 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478065014 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478075027 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478085041 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478087902 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.478096008 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478097916 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.478106022 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478116035 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478125095 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478131056 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.478137016 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478147030 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.478163958 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.478526115 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478538036 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478548050 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478557110 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478565931 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478575945 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478585958 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.478589058 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.478638887 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.562638044 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.590626001 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.590641975 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.590652943 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.590662956 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.590672970 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.590692043 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.590718985 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:35.590944052 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.590960979 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:35.591017008 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:42.978992939 CET	49698	80	192.168.2.16	199.232.210.172
Jan 7, 2025 11:04:42.978992939 CET	49697	80	192.168.2.16	199.232.210.172
Jan 7, 2025 11:04:42.984589100 CET	80	49698	199.232.210.172	192.168.2.16
Jan 7, 2025 11:04:42.984797001 CET	49698	80	192.168.2.16	199.232.210.172
Jan 7, 2025 11:04:42.985034943 CET	80	49697	199.232.210.172	192.168.2.16
Jan 7, 2025 11:04:42.985111952 CET	49697	80	192.168.2.16	199.232.210.172
Jan 7, 2025 11:04:47.522447109 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:47.522659063 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:47.702275991 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:47.702492952 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:47.934354067 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:47.934439898 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.043459892 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.043591976 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.314582109 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.314660072 CET	49724	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.680277109 CET	49721	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.680324078 CET	49723	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.680350065 CET	49724	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.680372953 CET	49718	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.680402040 CET	49719	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.685421944 CET	8080	49721	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.685434103 CET	8080	49723	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.685442924 CET	8080	49724	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.685447931 CET	8080	49718	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.685458899 CET	8080	49719	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.925168991 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.925287962 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:48.997471094 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:48.997535944 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:49.252806902 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:49.252892017 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:49.401951075 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:49.402039051 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:49.503051043 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:49.503124952 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:49.624696970 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:49.624811888 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.396574974 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:50.396698952 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.676343918 CET	49725	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.676387072 CET	49722	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.676403999 CET	49727	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.676440001 CET	49720	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.676465988 CET	49713	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.676503897 CET	49717	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.676753044 CET	49716	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:04:50.681371927 CET	8080	49725	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:50.681385040 CET	8080	49727	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:50.681394100 CET	8080	49722	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:50.681401968 CET	8080	49720	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:50.681411982 CET	8080	49713	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:50.681421041 CET	8080	49717	79.45.30.178	192.168.2.16
Jan 7, 2025 11:04:50.681484938 CET	8080	49716	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:01.251697063 CET	49730	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:05:01.251740932 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:01.251817942 CET	49730	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:05:01.252074003 CET	49730	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:05:01.252084017 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:01.890422106 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:01.890763044 CET	49730	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:05:01.890789986 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:01.891130924 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:01.891428947 CET	49730	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:05:01.891494036 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:01.942691088 CET	49730	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:05:11.808247089 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:11.808319092 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:11.808376074 CET	49730	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:05:12.675364971 CET	49730	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:05:12.675400972 CET	443	49730	142.250.186.164	192.168.2.16
Jan 7, 2025 11:05:34.154961109 CET	49699	443	192.168.2.16	20.190.159.71
Jan 7, 2025 11:05:34.154963970 CET	49700	80	192.168.2.16	192.229.221.95
Jan 7, 2025 11:05:34.160214901 CET	443	49699	20.190.159.71	192.168.2.16
Jan 7, 2025 11:05:34.160283089 CET	49699	443	192.168.2.16	20.190.159.71
Jan 7, 2025 11:05:34.160557985 CET	80	49700	192.229.221.95	192.168.2.16
Jan 7, 2025 11:05:34.160609961 CET	49700	80	192.168.2.16	192.229.221.95
Jan 7, 2025 11:05:36.327292919 CET	49701	443	192.168.2.16	20.190.159.71
Jan 7, 2025 11:05:36.332672119 CET	443	49701	20.190.159.71	192.168.2.16
Jan 7, 2025 11:05:36.332868099 CET	49701	443	192.168.2.16	20.190.159.71
Jan 7, 2025 11:05:52.403266907 CET	49732	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:52.409265041 CET	8080	49732	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:52.409378052 CET	49732	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:52.409667015 CET	49732	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:52.416974068 CET	8080	49732	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:54.177465916 CET	8080	49732	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:54.232878923 CET	49732	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:54.306725025 CET	8080	49732	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:54.309855938 CET	49733	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:54.314822912 CET	8080	49733	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:54.314923048 CET	49733	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:54.315095901 CET	49733	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:54.319880009 CET	8080	49733	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:54.359853029 CET	49732	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:55.092781067 CET	8080	49733	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:55.092822075 CET	8080	49733	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:55.092983961 CET	49733	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:55.093178034 CET	8080	49733	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:55.093189955 CET	8080	49733	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:55.093233109 CET	49733	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:05:55.180493116 CET	8080	49733	79.45.30.178	192.168.2.16
Jan 7, 2025 11:05:55.235882044 CET	49733	8080	192.168.2.16	79.45.30.178
Jan 7, 2025 11:06:01.301080942 CET	49734	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:06:01.301135063 CET	443	49734	142.250.186.164	192.168.2.16
Jan 7, 2025 11:06:01.301238060 CET	49734	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:06:01.301537991 CET	49734	443	192.168.2.16	142.250.186.164
Jan 7, 2025 11:06:01.301554918 CET	443	49734	142.250.186.164	192.168.2.16
Jan 7, 2025 11:06:01.944055080 CET	443	49734	142.250.186.164	192.168.2.16
Jan 7, 2025 11:06:01.987842083 CET	49734	443	192.168.2.16	142.250.186.164

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 7, 2025 11:03:56.403351068 CET	53	61342	1.1.1.1	192.168.2.16
Jan 7, 2025 11:03:56.447597027 CET	53	50920	1.1.1.1	192.168.2.16
Jan 7, 2025 11:03:57.276788950 CET	56319	53	192.168.2.16	1.1.1.1
Jan 7, 2025 11:03:57.277000904 CET	49250	53	192.168.2.16	1.1.1.1
Jan 7, 2025 11:03:57.313752890 CET	53	56319	1.1.1.1	192.168.2.16
Jan 7, 2025 11:03:57.439472914 CET	53	63314	1.1.1.1	192.168.2.16
Jan 7, 2025 11:03:57.820533037 CET	53	49250	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:01.178659916 CET	62553	53	192.168.2.16	1.1.1.1
Jan 7, 2025 11:04:01.178833961 CET	60088	53	192.168.2.16	1.1.1.1
Jan 7, 2025 11:04:01.185362101 CET	53	60088	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:01.185446024 CET	53	62553	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:14.346029997 CET	53	58732	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:31.728815079 CET	60542	53	192.168.2.16	1.1.1.1
Jan 7, 2025 11:04:31.728977919 CET	65089	53	192.168.2.16	1.1.1.1
Jan 7, 2025 11:04:31.761640072 CET	53	60542	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:31.805902004 CET	53	65089	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:32.453255892 CET	53	55275	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:33.224617004 CET	53	61023	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:53.833129883 CET	138	138	192.168.2.16	192.168.2.255
Jan 7, 2025 11:04:55.837946892 CET	53	57099	1.1.1.1	192.168.2.16
Jan 7, 2025 11:04:56.334193945 CET	53	58525	1.1.1.1	192.168.2.16
Jan 7, 2025 11:05:01.243700981 CET	59063	53	192.168.2.16	1.1.1.1
Jan 7, 2025 11:05:01.243877888 CET	61068	53	192.168.2.16	1.1.1.1
Jan 7, 2025 11:05:01.250854015 CET	53	59063	1.1.1.1	192.168.2.16
Jan 7, 2025 11:05:01.250936031 CET	53	61068	1.1.1.1	192.168.2.16
Jan 7, 2025 11:05:25.592322111 CET	53	54981	1.1.1.1	192.168.2.16
Jan 7, 2025 11:05:42.305301905 CET	53	57494	1.1.1.1	192.168.2.16

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jan 7, 2025 11:03:57.820643902 CET	192.168.2.16	1.1.1.1	c230	(Port unreachable)	Destination Unreachable
Jan 7, 2025 11:04:31.805975914 CET	192.168.2.16	1.1.1.1	c230	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 7, 2025 11:03:57.276788950 CET	192.168.2.16	1.1.1.1	0xc753	Standard query (0)	6t.nz	A (IP address)	IN (0x0001)	false
Jan 7, 2025 11:03:57.277000904 CET	192.168.2.16	1.1.1.1	0x34c3	Standard query (0)	_8080._https.6t.nz	65	IN (0x0001)	false
Jan 7, 2025 11:04:01.178659916 CET	192.168.2.16	1.1.1.1	0x1823	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 11:04:01.178833961 CET	192.168.2.16	1.1.1.1	0x12d9	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 7, 2025 11:04:31.728815079 CET	192.168.2.16	1.1.1.1	0x2498	Standard query (0)	6t.nz	A (IP address)	IN (0x0001)	false
Jan 7, 2025 11:04:31.728977919 CET	192.168.2.16	1.1.1.1	0x1260	Standard query (0)	_8080._https.6t.nz	65	IN (0x0001)	false
Jan 7, 2025 11:05:01.243700981 CET	192.168.2.16	1.1.1.1	0x132	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 7, 2025 11:05:01.243877888 CET	192.168.2.16	1.1.1.1	0x1303	Standard query (0)	www.google.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 7, 2025 11:03:57.313752890 CET	1.1.1.1	192.168.2.16	0xc753	No error (0)	6t.nz		79.45.30.178	A (IP address)	IN (0x0001)	false
Jan 7, 2025 11:03:57.820533037 CET	1.1.1.1	192.168.2.16	0x34c3	Name error (3)	_8080._https.6t.nz	none	none	65	IN (0x0001)	false
Jan 7, 2025 11:04:01.185362101 CET	1.1.1.1	192.168.2.16	0x12d9	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 7, 2025 11:04:01.185446024 CET	1.1.1.1	192.168.2.16	0x1823	No error (0)	www.google.com		142.250.185.132	A (IP address)	IN (0x0001)	false
Jan 7, 2025 11:04:31.761640072 CET	1.1.1.1	192.168.2.16	0x2498	No error (0)	6t.nz		79.45.30.178	A (IP address)	IN (0x0001)	false
Jan 7, 2025 11:04:31.805902004 CET	1.1.1.1	192.168.2.16	0x1260	Name error (3)	_8080._https.6t.nz	none	none	65	IN (0x0001)	false
Jan 7, 2025 11:05:01.250854015 CET	1.1.1.1	192.168.2.16	0x132	No error (0)	www.google.com		142.250.186.164	A (IP address)	IN (0x0001)	false
Jan 7, 2025 11:05:01.250936031 CET	1.1.1.1	192.168.2.16	0x1303	No error (0)	www.google.com			65	IN (0x0001)	false

HTTP Request Dependency Graph

6t.nz:8080

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.16	49712	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:03:57.330425024 CET	484	OUT	GET /y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:03:59.279540062 CET	194	IN	HTTP/1.1 404 Not Found Date: Tue, 07 Jan 2025 10:03:58 GMT Server: nginx Content-Type: text/html; charset=utf-8 Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.16	49713	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:30.071216106 CET	425	OUT	GET / HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:30.289896965 CET	674	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:06 GMT Server: http server 1.0 Content-type: text/html; charset=UTF-8 Last-modified: Wed, 02 Mar 2022 21:37:57 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 360 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 6d 52 db 4e c3 30 0c 7d 26 5f 61 85 87 76 2a 6b c6 0b 48 ed b2 7d 01 e2 03 b6 09 65 89 bb 16 da 26 a4 ee b4 09 f1 ef a4 bb 32 c4 93 1d eb 1c 9f 63 3b d3 92 9a 1a 3a da d7 28 f9 5a e9 8f 8d b7 7d 6b b2 fb c9 e4 59 63 c1 67 6c 5a a2 32 21 34 48 0a 4a 22 37 c6 cf be da 4a 8e 3b 57 79 ec 38 68 db 12 b6 24 f9 64 80 77 da 57 8e 80 f6 0e 65 44 b8 23 f1 ae b6 ea 58 8d 66 cc 79 19 1b ab fb 26 30 d2 da 6a 45 95 6d 53 e7 2d 59 6d 6b 90 12 a2 41 a4 cb a2 11 cc 4f 79 04 d9 31 8b 72 e6 48 c6 57 9a f5 74 a0 1c c1 07 5c 16 41 02 37 88 9c 79 34 c1 aa a6 b7 ae 2f 8a 6a 07 12 b8 38 d7 d2 61 03 73 1d a6 0e 13 24 2f 8a ca d4 ab d6 d8 26 1e e5 ac 2a ae 62 a5 ed a8 55 0d a6 55 6b 70 f7 5a c4 41 6a 34 a8 8f 1f 47 ec 8b 5d 24 4b 8f 85 74 3e e1 99 10 3c b9 96 4f f4 c4 51 f2 c7 4f ce be 19 d6 1d de 09 11 7c d4 06 d6 08 95 db 3e 81 32 c6 87 d6 5b e5 a1 f7 61 39 c0 79 ce 42 76 6e bf e0 bf 46 bd f8 f3 e8 6a a5 31 16 8b e5 62 b9 5a 89 cd c3 61 41 09 5f f1 7f c5 6f 9c 07 91 20 30 38 9a 8a e3 d1 c2 4d [TRUNCATED] Data Ascii: mRN0}&_avkH}e&2c;:(Z}kYcglZ2!4HJ"7J;Wy8h$dwWeD#Xfy&0jEmS-YmkAOy1rHWt\A7y4/j8as$/&bUUkpZAj4G]$Kt><OQO\|>2[a9yBvnFj1bZaA_o 08MsV7c?8D
Jan 7, 2025 11:04:30.329159975 CET	493	OUT	GET /redirect.html?count=0.18622616967353411 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Referer: http://6t.nz:8080/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:30.563005924 CET	861	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:06 GMT Server: http server 1.0 Content-type: text/html; charset=UTF-8 Last-modified: Wed, 02 Mar 2022 21:35:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 548 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 6d 53 4d 6f db 30 0c 3d cf bf 42 d3 c5 76 bd d8 e9 3e 72 48 e2 15 d8 5a 0c 3d 14 ed d0 60 c0 90 06 85 2a d1 b1 16 5b d2 64 3a 4b 50 f4 bf 8f 76 92 a6 1d 76 91 48 ea 91 7c 7a 94 a6 6f cf af bf ce 7e de 5c b0 12 eb ea 73 30 3d 6c 20 14 79 35 a0 a0 13 74 03 f8 dd ea 75 ce 61 e3 b4 87 86 33 69 0d 82 c1 9c 0f 39 e1 b2 72 87 7f b0 6a cb 1a dc 56 90 87 4a 37 ae 12 db b1 b1 06 26 61 07 ea 4e 69 6f a4 d7 0e 19 6e 1d a1 10 36 98 fd 12 6b b1 8b 12 ae 68 8d 44 6d 0d 5b da 2b a1 cd 8d 58 42 e4 44 d3 c4 8f 01 fa ed 63 a0 0b 16 29 2b db 9a da a7 4b c0 8b 0a 3a f3 cb f6 52 45 dc 43 ad 8d fa 21 aa 16 78 9c ca 12 e4 0a 14 65 ae 85 67 7b ee 2c 67 06 fe b0 73 81 10 c5 93 60 1f 4d 1b c0 99 ae 21 3a f8 54 b9 f7 63 96 b0 0f a3 4f ec 84 bd ff 48 cb 68 78 58 4e 87 c3 21 e5 3f 53 91 d6 ae 34 e4 bc 59 69 77 7f 79 71 af 00 41 62 7e 3a 39 34 ce 79 72 28 8e f6 db d5 ec 16 bd 36 cb 8e c3 53 f0 24 05 ca 32 02 a2 4a 5e e0 7c 7e bc 63 65 e9 90 04 49 9d b7 68 a5 ad 58 9e b3 b0 9b 4a 33 0e 63 76 b6 b7 43 [TRUNCATED] Data Ascii: mSMo0=Bv>rHZ=`*[d:KPvvH\|zo~\s0=l y5tua3i9rjVJ7&aNion6khDm[+XBDc)+K:REC!xeg{,gs`M!:TcOHhxXN!?S4YiwyqAb~:94yr(6S$2J^\|~ceIhXJ3cvC6Y$pG4O{8kBLf+iBoH'<h}dIvCOiQY([GIN])A#jHi8.""wq<)=gO}z0e'T2V)L<zq>:<@oVBwE\|oW5x4i{W?_Csy
Jan 7, 2025 11:04:30.580657005 CET	521	OUT	GET /cgi-bin/QTS.cgi?count=306919 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Referer: http://6t.nz:8080/redirect.html?count=0.18622616967353411 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:30.865716934 CET	201	IN	HTTP/1.1 302 Found Date: Tue, 07 Jan 2025 10:00:07 GMT Server: Apache Location: /cgi-bin/login.html?1736244007 Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Transfer-Encoding: chunked
Jan 7, 2025 11:04:31.152182102 CET	389	OUT	GET /cgi-bin/loginTheme/theme1/login.css?r=form&1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/css,/;q=0.1 Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:31.487519026 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:07 GMT Server: http server 1.0 Content-type: text/css Last-modified: Wed, 02 Mar 2022 21:37:56 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 3745 Keep-Alive: timeout=15, max=97 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 5b 6d 6f e3 36 12 fe 2b 46 83 62 13 2c e5 17 39 4e 36 36 ae 87 a2 c0 7e 3c f4 d0 7e 3b 1c 02 4a a2 6d 36 b2 a4 48 b4 93 ac 91 ff 7e 33 43 52 22 25 da c9 ee a5 f0 66 23 4b e2 70 66 38 f3 cc 0b 99 ad da e5 2c 29 b3 17 96 c9 03 6b 2a 5e 30 5e 55 b9 50 ac 4c fe 12 a9 62 72 5d f3 9d 60 db 19 db c6 6c 3b 67 db 6b b6 5d b0 ed 0d ab 58 92 97 e9 c3 e3 be 54 82 55 b5 60 9c f1 24 a9 19 4f eb b2 78 d9 31 9e 65 b5 68 1a 96 c8 0d 4b 25 bc 93 96 99 60 99 c8 59 b6 2e 98 d8 31 b9 db 30 59 34 ec 21 c9 d8 23 6b 58 c3 77 15 6b 76 3c cf 59 a3 6a f9 20 f0 57 59 6c 58 b3 4f e0 a7 62 4a b1 03 af 59 c2 f6 4c b2 54 14 4a d4 2c 03 72 8a 65 19 2b 73 b6 cf 59 2e d9 5a 8a 3c 6b 40 80 75 59 ef 58 ce 13 98 31 17 1b 51 64 4c f1 24 07 3e 78 a5 64 59 30 45 62 ab 75 59 2a a6 b6 82 c3 f3 1a 2e 98 ca 18 af 95 4c e1 55 de 48 e0 39 e5 c5 81 37 c0 ba e2 32 6f 80 f5 44 64 30 cd 66 0f 42 c3 2f 4b 0f 09 01 47 48 09 7f 6d ea 12 78 de 89 62 cf 0a 7e 60 e5 5e 55 7b c5 ea 7d f2 c2 1a 50 2c 72 d0 ec 77 3b 5e 03 0f [TRUNCATED] Data Ascii: [mo6+Fb,9N66~<~;Jm6H~3CR"%f#Kpf8,)k^0^UPLbr]`l;gk]XTU`$Ox1ehK%`Y.10Y4!#kXwkv<Yj WYlXObJYLTJ,re+sY.Z<k@uYX1QdL$>xdY0EbuY.LUH972oDd0fB/KGHmxb~`^U{}P,rw;^4W3YZdTYFbWIYp.5XR[QKN/OWxiu(#MLx#rYUk}#{-XMH<(s=v$1#5Ydl\|BnJIfj/_y<<JXu^>-2D"q,;G07:2i&YD1\|&iNE3a$koxqs__UH4v&Q-"}r\|-\|JkXe"W1e^~ryY/M/>+rV_65}\'\Ve.<+hnEiZZQ"s+vb]5zrO3bA;vn&B)@(F'JY;AKx=!w}e{UG(Qe!'M#8Wa&4H[@Z(k@kx_$_~5FS}G
Jan 7, 2025 11:04:32.426920891 CET	461	OUT	GET /cgi-bin/images/cmp/checkbox_radio/sprite.png?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.679582119 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: http server 1.0 Content-type: image/png Last-modified: Wed, 02 Mar 2022 16:00:00 GMT Accept-Ranges: bytes Content-length: 3865 Keep-Alive: timeout=15, max=96 Connection: Keep-Alive Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 48 00 00 00 3c 08 06 00 00 00 c5 5e fc 90 00 00 00 02 49 44 41 54 78 01 ec 1a 7e d2 00 00 0e d2 49 44 41 54 d5 c1 51 4c 54 07 be c0 e1 df 19 18 04 85 04 b3 77 22 61 56 61 d7 6a db 29 db 8e 5a ac f8 62 4b 34 87 b1 93 22 f3 72 53 6e 1f 6c 83 97 76 91 66 c7 b8 4f 9d 26 34 99 a4 24 bb 61 20 69 5a 71 27 f8 60 03 6f 63 b4 b3 8c 67 ad 44 ee 76 b9 01 09 88 d2 4e aa d5 8b 23 e2 28 dd d5 0a d2 3a 30 e7 7f 0f c1 36 94 d2 91 b3 db 0e ee f7 29 a1 50 48 30 a1 b5 b5 15 33 6a 6b 6b 31 a3 aa aa 0a 33 2a 2a 2a 30 43 d3 34 05 83 df ef cf 02 5e 07 5e 06 4a 98 33 0c 74 00 87 7c 3e 5f 02 43 26 86 aa aa 2a 52 b9 75 eb 16 ff f8 c7 3f 88 46 a3 cc d2 34 4d 61 09 54 55 15 0c 55 55 55 2c c5 b1 63 c7 98 a5 18 48 41 44 76 01 65 c0 3b 18 4e 9e 3c 49 2a 03 03 03 44 a3 51 8e 1e 3d ca 2c bf df 6f 07 c2 a5 a5 a5 4e 87 c3 81 cd 66 63 d6 f8 f8 f8 b6 cf 3e fb 6c db d9 b3 67 5f f5 fb fd 6e 9f cf 77 dd c2 43 24 93 49 ce 9d 3b 47 46 46 06 8f 02 11 c9 06 de 07 a6 58 82 44 22 c1 7b ef [TRUNCATED] Data Ascii: PNGIHDRH<^IDATx~IDATQLTw"aVaj)ZbK4"rSnlvfO&4$a iZq'`ocgDvN#(:06)PH03jkk13**0C4^^J3t\|>_C&Ru?F4MaTUUUU,cHADve;N<IDQ=,oNfc>lg_nwC$I;GFFXD"{+;;wj;wc'gC\|dffcxYvrrr-[8.9ssK$"BYY[lyo)LLL_i&Ea82Cb1Bo&<Pp8.Hy$-x#p80T[Happ"V^M:"(}#",$"PQQ?<m6g\|]l6Y0reajjzepXD}@1pqD"qB" Dd2a%~)W\a&33e+"1W.<9r'N0QWW+Y`e,(1a\|\|fa\/~Aaa!AQ.%QD'cN8qh4&v[+v_]F:,<`(++cxxx<d9)T#ICCmmmQWWhEDMly<62JJJa)r*rp:4
Jan 7, 2025 11:04:32.682209015 CET	397	OUT	GET /v3_menu/fonts/Roboto/Roboto-Regular.ttf HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Origin: http://6t.nz:8080 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://6t.nz:8080/v3_menu/css/qts-font.css?_dc=1646256924 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.909528017 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: Apache Last-Modified: Wed, 02 Mar 2022 16:00:00 GMT ETag: "237c4-5d93e5fae2000" Accept-Ranges: bytes Content-Length: 145348 Keep-Alive: timeout=15, max=95 Connection: Keep-Alive Content-Type: font/ttf Data Raw: 00 01 00 00 00 11 01 00 00 04 00 10 47 50 4f 53 2a cb e6 87 00 01 de bc 00 00 53 ba 47 53 55 42 6e 02 55 a6 00 02 32 78 00 00 05 4a 4c 54 53 48 a6 14 a2 1d 00 00 12 24 00 00 04 0f 4f 53 2f 32 b9 c7 01 3b 00 00 01 98 00 00 00 60 63 6d 61 70 52 7f 37 d3 00 00 16 34 00 00 04 54 63 76 74 20 1e e0 02 54 00 00 1d e0 00 00 00 30 66 70 67 6d 2f e6 4e ab 00 00 1a 88 00 00 01 bc 67 61 73 70 00 08 00 13 00 01 de b0 00 00 00 0c 67 6c 79 66 cd 5e 32 3b 00 00 26 28 00 01 90 4c 68 65 61 64 ff 11 cf ae 00 00 01 1c 00 00 00 36 68 68 65 61 0d 13 0a 36 00 00 01 54 00 00 00 24 68 6d 74 78 7a 3c 75 33 00 00 01 f8 00 00 10 2c 6c 6f 63 61 54 05 b7 aa 00 00 1e 10 00 00 08 18 6d 61 78 70 06 38 03 93 00 00 01 78 00 00 00 20 6e 61 6d 65 96 3e a7 68 00 01 b6 74 00 00 04 83 70 6f 73 74 42 05 ec 34 00 01 ba f8 00 00 23 b6 70 72 65 70 b1 01 b3 50 00 00 1c 44 00 00 01 9c 00 01 00 00 00 01 00 00 86 5b c8 05 5f 0f 3c f5 00 19 08 00 00 00 00 00 cc 47 b8 33 00 00 00 00 ce 14 cc 31 fc 2c fd d5 09 5c 08 77 00 00 00 09 00 02 00 00 00 00 [TRUNCATED] Data Ascii: GPOS*SGSUBnU2xJLTSH$OS/2;`cmapR74Tcvt T0fpgm/Ngaspglyf^2;&(Lhead6hhea6T$hmtxz<u3,locaTmaxp8x name>htpostB4#prepPD[_<G31,\wb,?_33fP [ Googbb+ O: PFnh@gPtN01#$Rq\_7MfScG0:)`.vEtxCj=%Rtq tqMa"j6Ba(N'(X=Rfj?ab;c8dab/g".-.^?obkFhZDXxbq1#DX{
Jan 7, 2025 11:04:33.638000011 CET	408	OUT	GET /cgi-bin/mediaGet.cgi?f=standard_logo&r=31204317 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://6t.nz:8080/cgi-bin/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:33.968446970 CET	457	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:10 GMT Content-type: image/jpeg Content-Disposition: inline; filename="standard_logo.jpg" Etag: "1646236800" Last-Modified: Wed, 02 Mar 2022 16:00:00 GMT Content-Length: 43 Keep-Alive: timeout=15, max=94 Connection: Keep-Alive Data Raw: 47 49 46 38 39 61 01 00 01 00 80 ff 00 c0 c0 c0 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b Data Ascii: GIF89a!,D;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.16	49716	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:30.868323088 CET	522	OUT	GET /cgi-bin/login.html?1736244007 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Referer: http://6t.nz:8080/redirect.html?count=0.18622616967353411 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:31.139785051 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:07 GMT Server: http server 1.0 Content-type: text/html; charset=UTF-8 Last-modified: Wed, 11 Dec 2024 09:12:11 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2605 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 19 59 73 da 48 fa dd 55 fb 1f 3a 9a a9 38 a9 8a c0 38 de 4c 0e cb 29 82 e5 84 32 06 02 22 d9 79 52 35 52 63 da d6 65 75 0b cc 64 f2 df f7 fb 5a 37 c8 8e 9d 4d d5 54 ed 83 2d a9 8f ef be 39 7e 72 3a ea 59 7f 8e 4d b2 94 be 77 b2 77 8c 0f 92 04 82 79 cc 91 74 ee 31 43 0b 03 8d 08 b9 c1 d7 39 75 ae 2f e3 30 09 dc b7 bf 1d 1c fc e1 b0 85 86 77 18 75 e1 e1 33 49 01 8c 8c 74 76 93 f0 95 a1 fd 47 9f 75 f5 5e e8 47 54 72 80 a4 11 27 0c 24 0b a4 a1 f5 4d a3 73 f0 8e c0 e3 8d fa ff fa 05 71 96 71 e8 33 a3 83 00 15 24 67 49 63 c1 e0 f0 cc 3a d3 5f e3 f2 85 69 75 c9 27 cb 1a eb e6 e7 59 ff 8b a1 f5 ba bd 4f a6 de 1b 0d ad c9 68 a0 11 7c 31 87 96 a1 0d 47 ba da 6a bc 34 9e 74 3f 5e 74 ef 38 ad 30 07 14 08 d1 56 9c ad a3 30 96 15 b2 d7 dc 95 4b a3 d3 79 7d 80 90 25 97 1e 3b f9 ca 3c 07 08 27 32 24 9f 87 dd 31 b1 92 78 1e 92 61 77 7a dc 4e 0f ec 1d 7b 3c b8 26 31 f3 0c 8d 83 04 34 22 37 11 c0 c7 f7 f6 ad ce 7d 7a 09 a2 59 c6 6c 61 68 6d e7 92 eb 73 1e b4 d5 aa 68 fb e1 9c 7b ac ed [TRUNCATED] Data Ascii: YsHU:88L)2"yR5RceudZ7MT-9~r:YMwwyt1C9u/0wu3ItvGu^GTr'$Msqq3$gIc:_iu'YOh\|1Gj4t?^t80V0Ky}%;<'2$1xawzN{<&14"7}zYlahmsh{y+;^#XN"I@Q1]Su:G ZQpYN6=H4s~1mne`hYZF}yKCXKXw.pbmKg>_.[eA^^fFz"I@dUWtEU>53k05-?h\|NmE`olMNd.od`O=]%s!~>7]KwYJ60-.P?^Hjvh<=8`)\|g!uBPvK$`>_gK.doZQ"Sxmog/_b}JG "v x\|&vDUO4_.gj!g^Bw%?Q44quxwZa&Qp["~<RDO>q< w5]k
Jan 7, 2025 11:04:31.151581049 CET	375	OUT	GET /v3_menu/css/qts-font.css?_dc=1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/css,/;q=0.1 Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:31.440661907 CET	588	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:07 GMT Server: Apache Last-Modified: Wed, 02 Mar 2022 21:38:20 GMT ETag: "3b7-5d94319a78b00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 253 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Content-Type: text/css; charset=utf-8 Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 93 4d 8b c2 30 10 40 ff ca de aa 60 5b 41 61 b1 bd b8 7b 10 0f 7a f0 83 bd ca b4 9d 68 60 92 40 92 2a 22 fd ef 26 6d 51 7b 2b c8 82 a7 24 33 6f 0e 6f 32 33 67 4a da 90 41 8e b7 f6 26 38 5d 93 60 b3 df 7d 2d 5c 2a 48 eb b0 b1 57 c2 44 2a 2d 80 9a c8 05 f9 f1 64 93 c9 78 9c 1a 9d 27 a5 a6 41 7c 9e 1c 04 ca 32 f6 25 26 de aa 4c 59 d5 1e e1 ca e3 91 b5 6c 38 22 95 03 0d 82 25 d2 19 2d cf 21 78 84 7e 34 07 7a 3e 77 20 4d 68 50 73 f6 8c fd a1 2e 40 be d4 ec e1 a4 84 7b a7 d5 fc 4d 97 69 5f 97 2d 1e 4b 02 fd d9 36 df 7d 6d d6 58 f0 52 7c b6 cc ac af cc af a2 e2 7f 55 a2 7a ca c8 8f f3 28 62 d4 ac cd cb 36 54 0d d0 ec 8a 23 64 87 f0 33 d6 12 a2 ee bb 23 44 87 f0 ff d6 12 99 93 71 f9 ac 93 f7 ad a8 ee 48 55 5d 2c b7 03 00 00 Data Ascii: M0@`[Aa{zh`@"&mQ{+$3oo23gJA&8]`}-\HWD*-dx'A\|2%&LYl8"%-!x~4z>w MhPs.@{Mi_-K6}mXR\|Uz(b6T#d3#DqHU],
Jan 7, 2025 11:04:31.441931009 CET	366	OUT	GET /cgi-bin/loginTheme/theme1/login.js?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:31.723525047 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:07 GMT Server: http server 1.0 Content-type: application/x-javascript Last-modified: Wed, 02 Mar 2022 21:37:56 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6404 Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c 0b 77 da c6 b6 fe 2b 54 ed 49 a0 16 b2 b1 93 f4 1c 1c 25 cb 71 48 42 e3 57 0c e9 e3 f4 74 b1 06 21 40 b1 90 b0 24 70 5c c2 7f bf df de 33 92 46 42 90 c7 e9 bd eb b6 c5 45 f3 d8 33 b3 67 bf f7 16 4b 11 d5 c2 d8 5c 78 c7 ef af cf 06 d7 27 17 2f 2f cf 07 17 ef cf 6d a3 f5 e4 d1 93 c3 c7 4f fe 75 f8 c8 38 5e 62 d4 5c 4c dc 6b 11 8c c2 99 1d b8 77 b5 97 22 71 eb 0d 6b e2 26 7d 6f 86 6f 3c e6 73 30 bc f8 2a 72 97 9e 7b 67 df 79 80 74 67 65 0d 9f 3e 8d 85 1f bb 0c 65 30 72 b6 2f 71 75 72 dd b9 e8 0f 7e ed 5e a4 30 c2 b9 1b b8 d1 a7 4f 0a e4 5c 44 6e 90 1c 7b e3 fa d4 8b 93 30 ba b7 e6 8b 78 da 4b b0 df c6 6a a3 a9 be 5a 9b 86 61 1a d6 be d1 58 63 8e 02 f2 ee e2 e4 aa 1f 86 7e 63 95 7e b3 fc 50 8c 7e 8e eb c6 be 33 f1 9a 43 2f d8 f7 45 30 59 00 29 16 1a 9e 1b 7b d9 40 a0 e4 34 0c 6f 3c b7 6e 04 22 1e d0 30 a3 b1 67 d8 c6 5e 11 3d 8d f5 78 11 38 89 17 06 b5 f7 dd 7a 63 45 47 bf b7 0d 37 8a c2 c8 30 cf 6c c3 0b c6 a1 c2 bd 9d 63 67 62 ef 7b 57 d3 30 70 f7 3d 2b 71 e3 a4 1e [TRUNCATED] Data Ascii: \w+TI%qHBWt!@$p\3FBE3gK\x'//mOu8^b\Lkw"qk&}oo<s0*r{gytge>e0r/qur~^0O\Dn{0xKjZaXc~c~P~3C/E0Y){@4o<n"0g^=x8zcEG70lcgb{W0p=+q78d71G;\{knoUFA0P=#\|dkx^~^3_\|@J/{F{\|qo\vv~GOu0#n3G;v2o"7YD:%{$Z0^bt_o4V/B]9FDb8\|FC)3hXY+L1;sgDQ8unabqP5856N0w#ZE%_8N=kT/U>%9xs>q,vH_/]'1qd$l=gIx`sa6jg`8O/+13;XX?EbzENuHd/]m4"#0T/aX8">NUpxIehn0> 1ir:MiXL;;2c"\}+fc<`uZ
Jan 7, 2025 11:04:32.418061972 CET	460	OUT	GET /cgi-bin/loginTheme/theme1/images/sprite.png?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.670372963 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: http server 1.0 Content-type: image/png Last-modified: Wed, 02 Mar 2022 16:00:00 GMT Accept-Ranges: bytes Content-length: 15045 Keep-Alive: timeout=15, max=97 Connection: Keep-Alive Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 76 00 00 00 6c 08 06 00 00 00 bf ea 46 ec 00 00 32 f1 49 44 41 54 78 01 ec c1 0b 9c cd 75 c2 f8 f1 cf f7 dc e7 cc fd 86 99 71 17 8a 93 88 d6 b0 a4 b2 8c 22 61 30 98 da 96 25 1c 97 b0 28 9a 72 8e 5c 26 a3 28 f9 8d 47 2a 26 36 14 52 a8 36 a2 c7 25 42 d3 8c 43 eb 7e 19 ce dc 8d 19 66 e6 dc bf ff f3 bc 8e ff 4b 4a 62 b4 bb ed f3 ec fb 2d f8 8f ff 35 6c 36 db 60 e0 8f c0 10 c1 7f fc af 60 b3 d9 66 02 2f 12 f0 99 86 ff f8 ff 04 a0 59 bc 78 71 9d de bd 7b 0f 89 8c 8c fc 83 5e af 6f a1 56 ab 63 01 97 d7 eb b5 fb 7c be 93 52 ca 2d 4e a7 73 55 78 78 f8 45 7e 03 6c 36 9b 1e 58 0e 0c 22 60 1b 30 44 70 1b a4 94 29 40 2a 90 08 c4 02 76 60 17 a0 08 21 be e2 1f 48 4a d9 11 98 06 74 02 0c c0 21 e0 4d e0 3d 21 84 a4 e6 04 a0 19 30 60 40 f4 dc b9 73 27 37 68 d0 60 a4 46 a3 09 a9 aa aa 2a ca cb cb 3b 5c 51 51 71 51 08 21 23 23 23 23 12 12 12 4c 06 83 a1 8e 94 b2 dc ed 76 bf 5a 5a 5a fa 6a 7c 7c 7c 15 ff 22 36 9b ad 36 b0 01 e8 40 c0 12 60 82 c9 64 72 0a 6e 81 94 [TRUNCATED] Data Ascii: PNGIHDRvlF2IDATxuq"a0%(r\&(G&6R6%BC~fKJb-5l6``f/Yxq{^oVc\|R-NsUxxE~l6X"`0Dp)@v`!HJt!M=!0`@s'7h`F;\QQqQ!####LvZZZj\|\|\|"66@`drn2<[B8I)?I!}07Gg4>}5@h'MpO=\^AAA'lFL2LJ>px(CI@(HBH);;X}70i!DG&<0g4MpVVV?bCD%K;bIBrh4ql6@h@Y`e2r6'>\L_MBR9Xk85~=%yOJ_`u0L&iiiKjny#v=)_R-[IcGPwQ`^`&l6[`!X<Vll"^&)QqR@+(Gx^JL~jq{4@(i@1jv3;V5ou8Zh%KRlf_ ^M6mf{BSpS8uK
Jan 7, 2025 11:04:32.795017004 CET	395	OUT	GET /v3_menu/fonts/Roboto/Roboto-Light.ttf HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Origin: http://6t.nz:8080 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://6t.nz:8080/v3_menu/css/qts-font.css?_dc=1646256924 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:33.010824919 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: Apache Last-Modified: Wed, 02 Mar 2022 16:00:00 GMT ETag: "223f4-5d93e5fae2000" Accept-Ranges: bytes Content-Length: 140276 Keep-Alive: timeout=15, max=96 Connection: Keep-Alive Content-Type: font/ttf Data Raw: 00 01 00 00 00 11 01 00 00 04 00 10 47 50 4f 53 df b1 76 fe 00 01 c9 d4 00 00 53 ea 47 53 55 42 df 19 e4 74 00 02 1d c0 00 00 06 34 4c 54 53 48 ce 65 fb 35 00 00 12 38 00 00 04 14 4f 53 2f 32 b9 73 01 22 00 00 01 98 00 00 00 60 63 6d 61 70 79 ab 7a a0 00 00 16 4c 00 00 08 40 63 76 74 20 18 1e 02 be 00 00 21 7c 00 00 00 30 66 70 67 6d 2f e6 4e ab 00 00 1e 8c 00 00 01 bc 67 61 73 70 00 08 00 13 00 01 c9 c8 00 00 00 0c 67 6c 79 66 ed 0f 83 e4 00 00 29 d0 00 01 77 88 68 65 61 64 f5 6a 28 8c 00 00 01 1c 00 00 00 36 68 68 65 61 0a a5 08 e9 00 00 01 54 00 00 00 24 68 6d 74 78 11 6a 7c 41 00 00 01 f8 00 00 10 40 6c 6f 63 61 63 bd 02 c6 00 00 21 ac 00 00 08 22 6d 61 78 70 06 3d 02 f4 00 00 01 78 00 00 00 20 6e 61 6d 65 a1 26 df b2 00 01 a1 58 00 00 04 99 70 6f 73 74 9d f9 45 96 00 01 a5 f4 00 00 23 d2 70 72 65 70 b5 54 43 33 00 00 20 48 00 00 01 33 00 01 00 00 00 01 00 00 5e 2a 81 cd 5f 0f 3c f5 00 19 08 00 00 00 00 00 c4 f0 11 2e 00 00 00 00 ce 14 cc 29 fa 0c fd d5 09 2c 08 62 00 00 00 09 00 02 00 00 00 00 [TRUNCATED] Data Ascii: GPOSvSGSUBt4LTSHe58OS/2s"`cmapyzL@cvt !\|0fpgm/Ngaspglyf)wheadj(6hheaT$hmtxj\|A@locac!"maxp=x name&XpostE#prepTC3 H3^_<.),bb]4_,33fP [ Googbb+ O: LCotn[\teKSJ1-oojocoEoooModoYjM{%\|NNg !@ygM7b\|c\|D_-^ *9;!_'0TMtI]Mgt%ato\Buottt[ttoh&t,A2#ZDz[zCm-gek{]\|jfjj>UCvT
Jan 7, 2025 11:04:33.637398958 CET	406	OUT	GET /cgi-bin/mediaGet.cgi?f=standard_bg&r=31204317 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://6t.nz:8080/cgi-bin/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:33.971801996 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:10 GMT Content-type: image/jpeg Content-Disposition: inline; filename="standard_bg.jpg" Etag: "1646236800" Last-Modified: Wed, 02 Mar 2022 16:00:00 GMT Content-Length: 296443 Keep-Alive: timeout=15, max=95 Connection: Keep-Alive Data Raw: ff d8 ff e1 06 e3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 22 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 94 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 43 20 32 30 31 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 31 36 3a 31 30 3a 32 30 20 31 30 3a 31 38 3a 32 30 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 10 00 a0 03 00 04 00 00 00 01 00 00 08 70 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 00 00 01 00 00 01 2a 01 28 00 03 00 00 00 01 00 02 00 00 02 01 00 04 00 00 00 01 00 00 01 32 02 02 00 04 00 00 00 01 00 00 05 a9 00 00 00 00 00 00 00 48 00 00 00 01 00 00 00 48 00 00 00 01 ff d8 ff ed 00 0c 41 64 6f 62 65 5f 43 4d 00 02 ff ee 00 0e [TRUNCATED] Data Ascii: ExifMMbj(1"r2i''Adobe Photoshop CC 2015 (Windows)2016:10:20 10:18:20p"(2HHAdobe_CMAdobedT"?3!1AQa"q2B#$Rb34rC%Scs5&DTdEt6UeuF'Vfv7GWgw5!1AQaq"2B#R3$brCScs4%&5DTdEU6teuFVfv'

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.16	49717	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:31.157545090 CET	357	OUT	GET /libs/monent/moment.min.js?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.029882908 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: http server 1.0 Content-type: application/x-javascript Last-modified: Wed, 02 Mar 2022 21:37:57 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 14006 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 7d 09 57 1b c7 b6 ee 5f 11 bd 62 5e 0b 35 42 02 8c 6d e1 42 cb 09 1e 92 18 db 39 90 38 b6 e0 78 f5 24 a9 d1 04 92 30 c6 88 fb db df f7 ed aa ea ae 96 c0 b9 e7 ac b7 1e 4e a4 1a 77 cd 7b ae d2 5a f7 6a 1c cf b3 c9 d8 4f 82 b8 7a eb 4d a2 f3 34 9e 7b 4a cd 6f 2e d2 49 b7 92 7e bb 98 4c e7 b3 f5 75 ef 6a 9c a4 dd 6c 9c 26 de 9a cd 1c 4d 92 ab 61 da d6 5f 75 53 54 c5 7e b5 e5 59 b0 05 24 5d 7b 7d 5d 7f d7 c3 51 d2 d6 41 3f ae b6 92 fa 68 32 4a c7 73 56 be f3 e7 fd 6c 16 e4 1d ab de da 60 25 f9 e6 57 6f a7 e9 fc 6a 3a ae 84 3b f5 f0 e2 62 78 e3 8f af 86 c3 20 9c f6 ae 08 60 56 bd 2b 4a 5f fb 51 f5 36 dc 51 91 93 f6 95 69 1a 84 d7 d1 a3 ad bc 98 4e c3 9b 33 74 55 bd 97 e1 d7 2f a6 93 f9 84 33 50 9f 4f 8e e7 d3 6c dc ab c7 e1 70 88 aa 0e a4 ab 02 52 25 aa 64 e3 d9 3c 1c c7 9c b3 c3 70 9e 2e 16 39 74 46 ff 63 e0 73 bf 1b a4 d5 db af e1 b4 d2 0f 7a aa 73 b6 df 9d 4c fd be 6a ec f7 9f 77 eb c3 74 dc 9b f7 f7 6b b5 7e f5 b6 57 bf b8 9a f5 fd d4 ef 76 fa 67 41 bf 5a bd 33 13 d4 [TRUNCATED] Data Ascii: }W_b^5BmB98x$0Nw{ZjOzM4{Jo.I~Lujl&Ma_uST~Y$]{}]QA?h2JsVl`%Woj:;bx `V+J_Q6QiN3tU/3POlpR%d<p.9tFcszsLjwtk~WvgAZ3s:krVFgt:c~p \i`)vWO[]_NL%; yAO<Xt}5MLNsoM{\|Mk\fir2Ysf/Npr~8MHl5:]p1%GhR^Mp.MCl6sgKRQE' Z}u (lOs/Z6{{$7LJB>~7[WRNR<``\/MMt,JQ{3[/gz'n^Lol5@p0kd@I,C5{<>>Le^[ITC`)euuJ#e'APOt[]a+Bs'I_N<hhxN~YT9v{_aIaXHq\
Jan 7, 2025 11:04:32.414597988 CET	438	OUT	POST /cgi-bin/authLogin.cgi HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Content-Length: 20 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-type: application/x-www-form-urlencoded Accept: / Origin: http://6t.nz:8080 Referer: http://6t.nz:8080/cgi-bin/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Data Raw: 72 3d 30 2e 36 34 30 35 35 37 32 34 39 37 37 34 37 33 39 36 Data Ascii: r=0.6405572497747396
Jan 7, 2025 11:04:32.789869070 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: Apache Content-type: text/xml Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 63 37 62 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 20 3f 3e 0a 3c 51 44 6f 63 52 6f 6f 74 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 0a 3c 64 6f 51 75 69 63 6b 3e 3c 21 5b 43 44 41 54 41 5b 5d 5d 3e 3c 2f 64 6f 51 75 69 63 6b 3e 3c 69 73 5f 62 6f 6f 74 69 6e 67 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 69 73 5f 62 6f 6f 74 69 6e 67 3e 3c 6d 65 64 69 61 52 65 61 64 79 3e 3c 21 5b 43 44 41 54 41 5b 31 5d 5d 3e 3c 2f 6d 65 64 69 61 52 65 61 64 79 3e 3c 53 4d 42 46 57 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 53 4d 42 46 57 3e 3c 6d 6f 64 65 6c 3e 3c 6d 6f 64 65 6c 4e 61 6d 65 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 31 31 32 50 5d 5d 3e 3c 2f 6d 6f 64 65 6c 4e 61 6d 65 3e 3c 69 6e 74 65 72 6e 61 6c 4d 6f 64 65 6c 4e 61 6d 65 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 31 31 39 5d 5d 3e 3c 2f 69 6e 74 65 72 6e 61 6c 4d 6f 64 65 6c 4e 61 6d 65 3e 3c 70 6c 61 74 66 6f 72 6d 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 4e 41 53 41 52 [TRUNCATED] Data Ascii: c7b<?xml version="1.0" encoding="UTF-8" ?><QDocRoot version="1.0"><doQuick><![CDATA[...</doQuick><is_booting><![CDATA[0...</is_booting><mediaReady><![CDATA[1...</mediaReady><SMBFW><![CDATA[0...</SMBFW><model><modelName><![CDATA[TS-112P...</modelName><internalModelName><![CDATA[TS-119...</internalModelName><platform><![CDATA[TS-NASARM...</platform><customModelName><![CDATA[...</customModelName><displayModelName><![CDATA[TS-112P...</displayModelName><storage_v2>0</storage_v2></model><firmware><version><![CDATA[4.3.3...</version><number><![CDATA[1945...</number><build><![CDATA[20220303...</build><patch><![CDATA[0...</patch><buildTime><![CDATA[03/03/2022...</buildTime></firmware><rfs_bits><![CDATA[32...</rfs_bits><specVersion><![CDATA[1.0...</specVersion><hostname><![CDATA[GuNas...</hostname><DemoSiteSuppurt><![CDATA[no...</DemoSiteSuppurt><customLogo><customFrontLogo><![CDATA[...</customFrontLogo><customLoginLogo><![CDATA[...</customLoginLogo></customLogo><HTTPHost><![CDATA[6t.nz...</HTTPHost [TRUNCATED]
Jan 7, 2025 11:04:33.641968966 CET	445	OUT	POST /cgi-bin/sysinfoReq.cgi?qpkg=1 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Content-Length: 19 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-type: application/x-www-form-urlencoded Accept: / Origin: http://6t.nz:8080 Referer: http://6t.nz:8080/cgi-bin/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Data Raw: 72 3d 30 2e 33 39 35 32 32 31 31 37 35 36 39 35 38 37 33 Data Ascii: r=0.395221175695873
Jan 7, 2025 11:04:34.047827005 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Content-type: text/xml Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 36 33 38 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 20 3f 3e 0a 3c 51 44 6f 63 52 6f 6f 74 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 0a 3c 69 6e 66 6f 3e 0a 3c 72 65 73 75 6c 74 3e 3c 21 5b 43 44 41 54 41 5b 73 75 63 63 65 73 73 5d 5d 3e 3c 2f 72 65 73 75 6c 74 3e 3c 68 64 53 74 61 74 69 6f 6e 53 75 70 70 6f 72 74 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 68 64 53 74 61 74 69 6f 6e 53 75 70 70 6f 72 74 3e 3c 68 69 64 65 48 46 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 68 69 64 65 48 46 3e 3c 77 65 62 53 65 72 76 65 72 50 6f 72 74 3e 3c 21 5b 43 44 41 54 41 5b 38 30 5d 5d 3e 3c 2f 77 65 62 53 65 72 76 65 72 50 6f 72 74 3e 3c 77 65 62 53 65 72 76 65 72 45 6e 61 62 6c 65 3e 3c 21 5b 43 44 41 54 41 5b 31 5d 5d 3e 3c 2f 77 65 62 53 65 72 76 65 72 45 6e 61 62 6c 65 3e 3c 73 73 6c 45 6e 61 62 6c 65 3e 3c 21 5b 43 44 41 54 41 5b 31 5d 5d 3e 3c 2f 73 73 6c 45 6e 61 62 6c 65 3e 3c 73 73 6c 50 6f 72 74 3e 3c 21 5b 43 44 41 54 [TRUNCATED] Data Ascii: 638<?xml version="1.0" encoding="UTF-8" ?><QDocRoot version="1.0"><info><result><![CDATA[success...</result><hdStationSupport><![CDATA[0...</hdStationSupport><hideHF><![CDATA[0...</hideHF><webServerPort><![CDATA[80...</webServerPort><webServerEnable><![CDATA[1...</webServerEnable><sslEnable><![CDATA[1...</sslEnable><sslPort><![CDATA[8081...</sslPort><isXMLAvailable><![CDATA[0...</isXMLAvailable><countryCode><code><![CDATA[0...</code><abbr><![CDATA[GLB...</abbr><name><![CDATA[Global...</name></countryCode></info><qItem><name><![CDATA[PhotoStation...</name> <attr><displayName><![CDATA[Photo Station...</displayName><QPKGFile><![CDATA[PhotoStation.qpkg...</QPKGFile><date><![CDATA[2022-05-03...</date><version><![CDATA[5.4.14...</version><installPath><![CDATA[/share/HDA_DATA/.qpkg/PhotoStation...</installPath><configPath><![CDATA[null...</configPath><shell><![CDATA[/share/HDA_DATA/.qpkg/PhotoStation/qpkg_photos.sh...</shell><enable><![CDATA[TRUE...</enable><installed><![CDATA[1...</installed>< [TRUNCATED]
Jan 7, 2025 11:04:34.139076948 CET	395	OUT	GET /RSS/images/PhotoStation.gif?5.4.14 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://6t.nz:8080/cgi-bin/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:34.365972042 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Last-Modified: Wed, 24 Aug 2016 03:18:02 GMT ETag: "fa6-53ac8ba98ce80" Accept-Ranges: bytes Content-Length: 4006 Keep-Alive: timeout=15, max=97 Connection: Keep-Alive Content-Type: image/gif Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 50 00 00 00 50 08 06 00 00 00 8e 11 f2 ad 00 00 0f 6d 49 44 41 54 78 5e ed 9d 01 88 65 67 75 c7 7f 8e e7 b3 ef 56 6f f5 8d 9d 57 fa 90 19 ba d3 3a 50 17 92 d6 4d d9 05 97 ba 62 02 dd b6 81 56 30 e0 56 13 48 4a 53 54 c8 d6 d8 92 50 43 d5 12 c1 96 06 ba b6 06 95 36 42 b4 44 50 da 48 57 48 ac 16 62 cd 16 57 ba 2b 6e db 09 cc d2 19 f0 61 df d0 f7 b0 57 f9 2e 9c bf b1 9b 79 17 3e de dc b9 7b 67 66 df d2 d9 c4 3f 5c ee 77 61 cf bb ef fb dd 73 be 73 ce 77 df ee be ec 47 3f fa 11 4d 8a 0e 12 c4 e8 14 85 28 4a 18 17 a2 28 9c 81 f1 d3 97 f2 70 72 84 fd 4a 01 bf 58 60 c7 41 26 d1 2c 4f 43 51 17 a2 59 aa 7f 4c fd 42 bb f9 ac ef 81 3d 97 29 7e c7 9c 7f cb a4 7f e9 0d c7 e7 fa 45 fc 41 27 33 ba dd c0 fc 7c 87 7e 37 b0 d0 cb c9 73 a3 bf 90 21 20 0b d4 b4 23 40 77 28 13 b8 2d 68 a3 31 0c e4 af 3a d7 0d ef 1a 60 bf 33 16 c7 cc 8c 60 54 0a 58 68 67 82 d3 2a 6f 04 d0 0e 5d ed f7 42 72 10 e0 c2 4b 4d e0 b8 ff 63 a7 d4 63 4b eb 83 7f 58 00 ef cd 1b 0b dd 8c a5 7e [TRUNCATED] Data Ascii: PNGIHDRPPmIDATx^eguVoW:PMbV0VHJSTPC6BDPHWHbW+naW.y>{gf?\wasswG?M(J(prJX`A&,OCQYLB=)~EA'3\|~7s! #@w(-h1:`3`TXhgo]BrKMccKX~B?5<#-C,\5(`\P=;7@XE{}C^~?2p,E-pM19r\|1daY@;Pbj$=v9TZ{Y^'@3cQPh,#1sO/d\cFnDO:f@W[oPaY7E\|fe{+E(-c706,_t/3,PT"@u 8$jvVdqftBbaxa0NAdmP=&/JUUO(+C2,0r0w0:r8%1lJypSaOPS+HN^!if6)atr~yKkR`([wJHkkC5k\ Ag>:{>kb.-gYOPN:]8d.OL3C~p6ccg0\fw:QAKX k0yH

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.16	49718	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:31.157785892 CET	352	OUT	GET /cgi-bin/language.cgi?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.265539885 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:08 GMT Etag: "1646256652-gzip" Last-Modified: Wed, 02 Mar 2022 21:30:52 GMT Content-type: application/x-javascript; charset=UTF-8 Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 4284 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 d5 5a eb 6e db c8 19 7d 95 59 a1 40 b3 80 ea 58 76 76 37 ab a2 2d 28 89 b6 b9 d6 2d 22 65 37 45 00 82 92 46 36 d7 14 47 25 a9 38 de b6 c0 3e 48 fb 72 fb 24 3d 67 66 78 91 64 6f da a0 7f fa 23 89 42 ce ed bb 9d ef 7c df 30 7c 17 fa c1 cc 1b 5f fa 7f f8 db 85 37 f3 83 a9 73 e9 86 17 93 d9 7c d4 6d 5d a8 6c b7 69 b5 eb e7 c3 89 33 c0 d8 d0 1b 61 54 b7 35 54 d1 2a 4e ef 4e 4e 4e 9a 83 de cd bd fe f5 d0 1b 5f fb dd 96 fe 2d f4 7f 9a 43 7c 77 76 e3 f5 b1 42 7f 97 17 6a 23 33 e1 cb ec 63 bc 94 cd 41 b7 de b5 d7 6d dd c6 0f 71 ab ed b9 5e 38 76 fc b0 37 0f 82 c9 38 ec 3b e3 be 3b c4 f4 28 5d ca e4 f8 f5 70 e2 73 f1 44 e5 58 f1 60 ee e4 ba db 9a 5c d7 8f 6b e9 a0 88 d3 0e a4 8e 13 29 fc 22 2a 62 95 be 34 ec 1c 07 93 0b 7d 6a 99 bd 34 e8 9b 6e 6b b4 4b 8a 78 23 57 71 f4 b9 15 bf eb b6 06 ea 31 4d a0 d2 cf 0d fd be db 72 56 9b 38 8d f3 22 fb b5 53 9e e1 00 be 3f 14 89 ba 8b 5f 92 e4 0c 8b f9 3b 48 11 27 09 95 59 ef 3d 9c 5c 7a e3 f0 6a e0 cc 26 93 20 bc 98 0f 87 e1 c8 f5 7d 6d f8 [TRUNCATED] Data Ascii: Zn}Y@Xvv7-(-"e7EF6G%8>Hr$=gfxdo#B\|0\|_7s\|m]li3aT5TNNNN_-C\|wvBj#3cAmq^8v78;;(]psDX`\k)"b4}j4nkKx#Wq1MrV8"S?_;H'Y=\zj& }m^U?((IT:C5<^\X-R%rYp\,T,ir'b(hY\|kae"sHIo>dL/*I#vI>r)\<.+^pU__`W`+aKNz<t:Dw2-~7v?ygfYNv[\fiA5_0V00vFvUSAcZaA`!\8e-IDwQBR1v7oCn^cc!Rxrnp2JvPg'~,xpH)XHYkER(]rb-sW;q};ujW Dh
Jan 7, 2025 11:04:32.269316912 CET	404	OUT	GET /cgi-bin/loginTheme/theme1/login-max-height-768.css?r=wall&1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/css,/;q=0.1 Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.489602089 CET	452	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: http server 1.0 Content-type: text/css Last-modified: Wed, 02 Mar 2022 21:37:56 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 155 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 7d 8e 41 0e 83 20 10 45 af 62 e2 b6 43 6a b5 2e e8 be d7 30 48 08 10 81 41 99 45 13 d3 bb 57 89 0b 4c 4c b7 f3 ff 7b 7f 6a 87 da 86 37 2e be 62 06 13 41 10 5e dd ea e2 ea 50 4e 60 25 06 00 27 46 e5 56 2f 96 0d 01 c2 c8 db 7b fc bc be 65 3b 91 8a c3 a3 62 64 c9 9d 3d 39 69 8f e4 bf c4 27 bd 1a 65 b5 21 fe ec f6 05 36 c7 49 83 a4 12 eb 9a cb ed 6d 61 c7 8f 27 47 24 42 cf 9b 3e 77 67 95 c8 62 18 0a 7f 9f fd 3f 81 3e a1 7e 06 01 00 00 Data Ascii: }A EbCj.0HAEWLL{j7.bA^PN`%'FV/{e;bd=9i'e!6Ima'G$B>wgb?>~

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.16	49719	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:31.157826900 CET	360	OUT	GET /cgi-bin/js/qos-core-login.js?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:31.876723051 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: http server 1.0 Content-type: application/x-javascript Last-modified: Wed, 02 Mar 2022 21:37:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 8506 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c 89 7b e2 38 b2 ff 57 18 cf bc 2c 2c 0a 09 e4 e8 6e 68 cf 7c 04 92 74 a6 73 75 08 21 c7 66 f9 8c 11 c1 09 d8 b4 6d 42 12 c2 ff fe 7e 25 c9 27 4e 1f f3 f6 78 bd b3 c1 96 4a 52 a9 54 2a d5 25 3f 1a 6e ee cb 71 fd f4 dc 71 46 b5 e0 41 cf 0f a6 b6 e9 5b 8e 9d 2f cc 1f 01 31 d3 07 c6 c8 e3 cc d4 b5 fa 4e a3 b9 bb b7 ff e9 e0 cf cf 87 47 c7 27 a7 5f ce 5a e7 ed 8b ce e5 d5 b5 d1 33 fb 7c 70 37 b4 ee 1f 46 63 db 99 7c 75 3d 7f fa 38 7b 7a 7e 59 2f 57 36 36 b7 b6 df bd ff 50 5c d3 d8 50 b7 f9 2c 57 77 5d e3 39 bf 5a 66 ff dd ff b6 2b 11 02 db 1b 6c ab c2 b6 f0 77 93 6d 6d b1 ad 6d b6 f5 8e 6d bd 67 5b 1f d8 f6 3a db 7e 03 d5 75 56 66 15 b6 c1 d0 86 6d b3 77 ec 3d fb c0 ca 28 2c b3 72 85 95 37 58 79 93 95 b7 58 79 9b 95 df b1 f2 7b 56 fe c0 2a eb ac 82 36 15 56 d9 60 95 4d 56 d9 ca a0 41 65 9b 55 de b1 ca 7b 56 f9 c0 36 d6 d9 46 99 6d 60 90 0d b6 b1 c9 36 b6 d8 c6 36 db 78 c7 36 de b3 8d 0f 6c 73 9d 6d 96 d9 66 85 6d 02 87 4d b6 b9 c5 36 b7 d9 e6 3b b6 f9 9e 6d 7e 60 5b eb [TRUNCATED] Data Ascii: \{8W,,nh\|tsu!fmB~%'NxJRT%?nqqFA[/1NG'_Z3\|p7Fc\|u=8{z~Y/W66P\P,Ww]9Zf+lwmmmmg[:~uVfmw=(,r7XyXy{V6V`MVAeU{V6Fm`66x6lsmfmM6;m~`[l+xFkz^mx!#gi5Fzba@94u?_/A>]/VVzPYp0+Duw-4pqCT6_JyPX[p:P;(Dk^!e{f@PvW,C750q5of0ix<^?eS?gSlmI";Br&Q=7W>:}]x7:;s>~;r\|]>Y$wYE\|s}/\|]A;X^\|X"\YuVs1zhPzgoB`B K`rab;iz],&aL*1yIcL^D=~/`u<PgH^87)@4{H"6EhRF?g zeNxGG~
Jan 7, 2025 11:04:32.417815924 CET	464	OUT	GET /libs/extjs-3.3.3/resources/images/default/s.gif?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://6t.nz:8080/cgi-bin/loginTheme/theme1/login.css?r=form&1646256924 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.669903040 CET	293	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: http server 1.0 Content-type: image/gif Last-modified: Wed, 02 Mar 2022 16:00:00 GMT Accept-Ranges: bytes Content-length: 43 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Data Raw: 47 49 46 38 39 61 01 00 01 00 80 ff 00 c0 c0 c0 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b Data Ascii: GIF89a!,D;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.16	49720	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:31.157907963 CET	378	OUT	GET /cgi-bin/jc.cgi?_dc=1646256924&t=js&f=jquery-1.10.2.min.js HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://6t.nz:8080/cgi-bin/login.html?1736244007 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.146820068 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:08 GMT Content-type: application/x-javascript Etag: "1646257085-gzip" Last-Modified: Wed, 02 Mar 2022 21:38:05 GMT Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 31 61 36 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ac 5b fb 97 da c8 b1 fe 3d 7f 05 28 3e 58 1a 1a 0d d8 b1 cf 8d c6 1a 32 eb 47 ec c4 af ec 78 77 93 80 9c a3 41 0d c8 16 12 96 9a 19 c6 88 fd db ef 57 fd 90 84 86 d9 cd 39 f7 ee 63 40 ea 57 75 75 75 d5 57 0f 4e 4f 3a 5f fe b1 e1 f9 6d e7 7a e4 8e 86 ee a3 4e d9 b1 67 4e e7 d1 70 f8 84 e1 ef e8 b1 69 7f 95 6d d2 28 14 71 96 b2 ce 9b 74 e6 a2 e3 97 6f 34 d2 cd f2 c5 69 12 cf 78 5a f0 3f 9c 9c fe c1 9e 6f d2 19 f5 b3 39 13 ce ee 3a cc 3b 29 cb 59 ec 8b db 35 cf e6 1d c1 32 9f bb 49 36 53 93 85 78 88 b2 d9 66 c5 53 c1 0a 3f ac 1e 5e 26 5c be 4b d0 41 d1 c8 36 f8 fa 80 cd fc dd 9e ad fd 49 c0 e6 be a5 a8 b6 58 e4 af dd 59 96 62 52 b6 c4 d7 f5 a6 58 b2 05 be 14 44 19 5b e1 5b 9c 46 7c fb 61 ce 6e fd 99 2b b2 4b 91 c7 e9 82 5d e3 61 19 16 1f 6e d2 8f 79 b6 e6 b9 b8 65 57 fe dc 45 e3 8a 6d fd c3 9d e4 5c 6c f2 b4 93 f2 9b ce d6 9d a7 98 30 16 b4 47 96 3b 7b 76 e3 9f 4e fa 83 60 6c 8f bd 69 74 32 75 4b 67 1a f5 f1 30 e1 2f 03 d9 80 c7 d2 39 75 8b 6c 93 83 a0 4f [TRUNCATED] Data Ascii: 1a67[=(>X2GxwAW9c@WuuuWNO:_mzNgNpim(qto4ixZ?o9:;)Y52I6SxfS?^&\KA6IXYbRXD[[F\|an+K]anyeWEm\l0G;{vN`lit2uKg0/9ulO`i1zt{1eG78M7_3\|b8S9=NG%5Ep7)\|.9j!.@6`MyLQ8_^?tZ'U\|yL7IRKd^@Zo~0^^C\|)J0\|2DlN2tsF"wS/N?9_e`Uz,-axwIx3"-h-tj3TLdk.7g-k&2f!,;v;;}2.xea8o6u[Ac~!!iB,#sxB28{-a,dziEH
Jan 7, 2025 11:04:32.408560991 CET	341	OUT	GET /cgi-bin/language.cgi?undefined=1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Referer: http://6t.nz:8080/cgi-bin/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.711915970 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:09 GMT Etag: "1646256652-gzip" Last-Modified: Wed, 02 Mar 2022 21:30:52 GMT Content-type: application/x-javascript; charset=UTF-8 Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 36 39 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d4 57 6b 6f db 36 14 fd 2b 9c 30 60 1b 60 a4 ce a3 5d 67 60 18 64 5b 49 d4 e8 e1 4a 72 b3 0c 05 08 5a a6 6d 22 b2 68 88 52 33 6f fb d0 1f b2 fd b9 fe 92 9d 4b cb af a4 59 b1 7d db 97 84 11 c9 cb fb 38 e7 dc 1b fe 96 a7 59 e2 47 57 e9 8f bf 5f fa 49 9a 8d dc 2b 8f 5f c6 c9 38 ec 39 97 ba 6a 96 4e 67 ff 3d 88 dd 21 ce 72 3f c4 a9 9e 13 68 31 55 e5 fc e4 e4 e4 f0 d0 db b1 3f b8 09 fc e8 26 ed 39 76 cd ec 1f 87 47 52 2f 79 e7 0f 60 61 d0 98 5a 2f 65 c5 52 59 7d 50 b9 3c 3c 74 eb df f8 3d e7 56 dd 2b a7 e3 7b 3e 8f dc 94 f7 c7 59 16 47 7c e0 46 03 2f c0 75 51 e6 b2 78 ba 1d c4 29 19 2f b4 81 c5 47 77 e3 9b 9e 13 df ec 3f ef a3 43 22 ba a7 88 5a 15 92 a5 b5 a8 95 2e 9f 3b 76 0e c7 e4 c4 7a 2d ab e7 0e bd ec 39 61 53 d4 6a 29 a7 4a 7c c9 e2 f7 3d 67 a8 1f ca 02 29 fd d2 d1 1f 7a 8e 3b 5d aa 52 99 ba fa 27 2f cf e0 40 9a 06 ac d0 73 f5 5c 24 67 30 96 36 88 42 15 05 25 73 ff 76 10 5f f9 11 bf 1e ba 49 1c 67 fc 72 1c 04 3c f4 d2 d4 16 3e 5b 48 36 55 e6 9e 89 4a 0a [TRUNCATED] Data Ascii: 692Wko6+0``]g`d[IJrZm"hR3oKY}8YGW_I+_89jNg=!r?h1U?&9vGR/y`aZ/eRY}P<<t=V+{>YG\|F/uQx)/Gw?C"Z.;vz-9aSj)J\|=g)z;]R'/@s\$g06B%sv_Igr<>[H6UJV/Dyq(4jSR3#1,%)vNkfJW56<T1a'^pwrkPuoB?eV[5y.rbT}`2!spGkq?8@)arf=seB-\s6rG\|_:~F,Umby\|9c#R,Am=jtRD.r6GN7uJvjZ31D8,bpukV+A zG:.]7:)yt:y!O^$B\|!,-Jl%JY0QN,Ex^v; ;Y2:`V3lOT*&wD
Jan 7, 2025 11:04:33.655050039 CET	405	OUT	GET /cgi-bin/images/mobile/logo_16.ico?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Referer: http://6t.nz:8080/cgi-bin/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:33.894397974 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: http server 1.0 Content-type: image/x-icon Last-modified: Wed, 02 Mar 2022 16:00:00 GMT Accept-Ranges: bytes Content-length: 1150 Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Data Raw: 00 00 01 00 01 00 10 10 00 00 01 00 20 00 68 04 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cd 55 05 70 cd 55 05 d6 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 d6 cd 55 05 70 00 00 00 00 ce 57 05 78 ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 78 ce 59 05 d6 ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 d6 cf 5b 05 ee cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 f0 d1 5e 05 ee d1 5e 05 ff d1 5e 05 ff ea b6 8e ff fd f7 f2 ff [TRUNCATED] Data Ascii: h( UpUUUUUUUUUUUUUpWxWWWWWWWWWWWWWWWxYYYYYYYYYYYYYYYY[[[[[[[[[[[[[[[[^^^`l^^aaafeaaaddddddu!q}.dddggggggggggggjjjjjjjjjjjjnnnnnnnnnnnnqqqqqqqqqqqqttttttvvvvvvvyyyyyyyyyyyyyyyyzxzzzzz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.16	49721	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:31.790251970 CET	308	OUT	GET /cgi-bin/loginTheme/theme1/login.js?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.553234100 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: http server 1.0 Content-type: application/x-javascript Last-modified: Wed, 02 Mar 2022 21:37:56 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 6404 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c 0b 77 da c6 b6 fe 2b 54 ed 49 a0 16 b2 b1 93 f4 1c 1c 25 cb 71 48 42 e3 57 0c e9 e3 f4 74 b1 06 21 40 b1 90 b0 24 70 5c c2 7f bf df de 33 92 46 42 90 c7 e9 bd eb b6 c5 45 f3 d8 33 b3 67 bf f7 16 4b 11 d5 c2 d8 5c 78 c7 ef af cf 06 d7 27 17 2f 2f cf 07 17 ef cf 6d a3 f5 e4 d1 93 c3 c7 4f fe 75 f8 c8 38 5e 62 d4 5c 4c dc 6b 11 8c c2 99 1d b8 77 b5 97 22 71 eb 0d 6b e2 26 7d 6f 86 6f 3c e6 73 30 bc f8 2a 72 97 9e 7b 67 df 79 80 74 67 65 0d 9f 3e 8d 85 1f bb 0c 65 30 72 b6 2f 71 75 72 dd b9 e8 0f 7e ed 5e a4 30 c2 b9 1b b8 d1 a7 4f 0a e4 5c 44 6e 90 1c 7b e3 fa d4 8b 93 30 ba b7 e6 8b 78 da 4b b0 df c6 6a a3 a9 be 5a 9b 86 61 1a d6 be d1 58 63 8e 02 f2 ee e2 e4 aa 1f 86 7e 63 95 7e b3 fc 50 8c 7e 8e eb c6 be 33 f1 9a 43 2f d8 f7 45 30 59 00 29 16 1a 9e 1b 7b d9 40 a0 e4 34 0c 6f 3c b7 6e 04 22 1e d0 30 a3 b1 67 d8 c6 5e 11 3d 8d f5 78 11 38 89 17 06 b5 f7 dd 7a 63 45 47 bf b7 0d 37 8a c2 c8 30 cf 6c c3 0b c6 a1 c2 bd 9d 63 67 62 ef 7b 57 d3 30 70 f7 3d 2b 71 e3 a4 1e [TRUNCATED] Data Ascii: \w+TI%qHBWt!@$p\3FBE3gK\x'//mOu8^b\Lkw"qk&}oo<s0*r{gytge>e0r/qur~^0O\Dn{0xKjZaXc~c~P~3C/E0Y){@4o<n"0g^=x8zcEG70lcgb{W0p=+q78d71G;\{knoUFA0P=#\|dkx^~^3_\|@J/{F{\|qo\vv~GOu0#n3G;v2o"7YD:%{$Z0^bt_o4V/B]9FDb8\|FC)3hXY+L1;sgDQ8unabqP5856N0w#ZE%_8N=kT/U>%9xs>q,vH_/]'1qd$l=gIx`sa6jg`8O/+13;XX?EbzENuHd/]m4"#0T/aX8">NUpxIehn0> 1ir:MiXL;;2c"\}+fc<`u
Jan 7, 2025 11:04:32.684581995 CET	318	OUT	GET /cgi-bin/images/cmp/checkbox_radio/sprite.png?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.907696962 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: http server 1.0 Content-type: image/png Last-modified: Wed, 02 Mar 2022 16:00:00 GMT Accept-Ranges: bytes Content-length: 3865 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 48 00 00 00 3c 08 06 00 00 00 c5 5e fc 90 00 00 00 02 49 44 41 54 78 01 ec 1a 7e d2 00 00 0e d2 49 44 41 54 d5 c1 51 4c 54 07 be c0 e1 df 19 18 04 85 04 b3 77 22 61 56 61 d7 6a db 29 db 8e 5a ac f8 62 4b 34 87 b1 93 22 f3 72 53 6e 1f 6c 83 97 76 91 66 c7 b8 4f 9d 26 34 99 a4 24 bb 61 20 69 5a 71 27 f8 60 03 6f 63 b4 b3 8c 67 ad 44 ee 76 b9 01 09 88 d2 4e aa d5 8b 23 e2 28 dd d5 0a d2 3a 30 e7 7f 0f c1 36 94 d2 91 b3 db 0e ee f7 29 a1 50 48 30 a1 b5 b5 15 33 6a 6b 6b 31 a3 aa aa 0a 33 2a 2a 2a 30 43 d3 34 05 83 df ef cf 02 5e 07 5e 06 4a 98 33 0c 74 00 87 7c 3e 5f 02 43 26 86 aa aa 2a 52 b9 75 eb 16 ff f8 c7 3f 88 46 a3 cc d2 34 4d 61 09 54 55 15 0c 55 55 55 2c c5 b1 63 c7 98 a5 18 48 41 44 76 01 65 c0 3b 18 4e 9e 3c 49 2a 03 03 03 44 a3 51 8e 1e 3d ca 2c bf df 6f 07 c2 a5 a5 a5 4e 87 c3 81 cd 66 63 d6 f8 f8 f8 b6 cf 3e fb 6c db d9 b3 67 5f f5 fb fd 6e 9f cf 77 dd c2 43 24 93 49 ce 9d 3b 47 46 46 06 8f 02 11 c9 06 de 07 a6 58 82 44 22 c1 7b ef [TRUNCATED] Data Ascii: PNGIHDRH<^IDATx~IDATQLTw"aVaj)ZbK4"rSnlvfO&4$a iZq'`ocgDvN#(:06)PH03jkk13**0C4^^J3t\|>_C&Ru?F4MaTUUUU,cHADve;N<IDQ=,oNfc>lg_nwC$I;GFFXD"{+;;wj;wc'gC\|dffcxYvrrr-[8.9ssK$"BYY[lyo)LLL_i&Ea82Cb1Bo&<Pp8.Hy$-x#p80T[Happ"V^M:"(}#",$"PQQ?<m6g\|]l6Y0reajjzepXD}@1pqD"qB" Dd2a%~)W\a&33e+"1W.<9r'N0QWW+Y`e,(1a\|\|fa\/~Aaa!AQ.%QD'cN8qh4&v[+v_]F:,<`(++cxxx<d9)T#ICCmmmQWWhEDMly<62JJJa)r*rp:4

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.16	49722	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:31.887698889 CET	302	OUT	GET /cgi-bin/js/qos-core-login.js?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.642165899 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:08 GMT Server: http server 1.0 Content-type: application/x-javascript Last-modified: Wed, 02 Mar 2022 21:37:36 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 8506 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c 89 7b e2 38 b2 ff 57 18 cf bc 2c 2c 0a 09 e4 e8 6e 68 cf 7c 04 92 74 a6 73 75 08 21 c7 66 f9 8c 11 c1 09 d8 b4 6d 42 12 c2 ff fe 7e 25 c9 27 4e 1f f3 f6 78 bd b3 c1 96 4a 52 a9 54 2a d5 25 3f 1a 6e ee cb 71 fd f4 dc 71 46 b5 e0 41 cf 0f a6 b6 e9 5b 8e 9d 2f cc 1f 01 31 d3 07 c6 c8 e3 cc d4 b5 fa 4e a3 b9 bb b7 ff e9 e0 cf cf 87 47 c7 27 a7 5f ce 5a e7 ed 8b ce e5 d5 b5 d1 33 fb 7c 70 37 b4 ee 1f 46 63 db 99 7c 75 3d 7f fa 38 7b 7a 7e 59 2f 57 36 36 b7 b6 df bd ff 50 5c d3 d8 50 b7 f9 2c 57 77 5d e3 39 bf 5a 66 ff dd ff b6 2b 11 02 db 1b 6c ab c2 b6 f0 77 93 6d 6d b1 ad 6d b6 f5 8e 6d bd 67 5b 1f d8 f6 3a db 7e 03 d5 75 56 66 15 b6 c1 d0 86 6d b3 77 ec 3d fb c0 ca 28 2c b3 72 85 95 37 58 79 93 95 b7 58 79 9b 95 df b1 f2 7b 56 fe c0 2a eb ac 82 36 15 56 d9 60 95 4d 56 d9 ca a0 41 65 9b 55 de b1 ca 7b 56 f9 c0 36 d6 d9 46 99 6d 60 90 0d b6 b1 c9 36 b6 d8 c6 36 db 78 c7 36 de b3 8d 0f 6c 73 9d 6d 96 d9 66 85 6d 02 87 4d b6 b9 c5 36 b7 d9 e6 3b b6 f9 9e 6d 7e 60 5b eb [TRUNCATED] Data Ascii: \{8W,,nh\|tsu!fmB~%'NxJRT%?nqqFA[/1NG'_Z3\|p7Fc\|u=8{z~Y/W66P\P,Ww]9Zf+lwmmmmg[:~uVfmw=(,r7XyXy{V6V`MVAeU{V6Fm`66x6lsmfmM6;m~`[l+xFkz^mx!#gi5Fzba@94u?_/A>]/VVzPYp0+Duw-4pqCT6_JyPX[p:P;(Dk^!e{f@PvW,C750q5of0ix<^?eS?gSlmI";Br&Q=7W>:}]x7:;s>~;r\|]>Y$wYE\|s}/\|]A;X^\|X"\YuVs1zhPzgoB`B K`rab;iz],&aL*1yIcL^D=~/`u<PgH^87)@4{H"6EhRF?g zeNxGG~
Jan 7, 2025 11:04:32.680373907 CET	321	OUT	GET /libs/extjs-3.3.3/resources/images/default/s.gif?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.903948069 CET	293	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: http server 1.0 Content-type: image/gif Last-modified: Wed, 02 Mar 2022 16:00:00 GMT Accept-Ranges: bytes Content-length: 43 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Data Raw: 47 49 46 38 39 61 01 00 01 00 80 ff 00 c0 c0 c0 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b Data Ascii: GIF89a!,D;
Jan 7, 2025 11:04:32.905253887 CET	284	OUT	GET /cgi-bin/authLogin.cgi HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:33.352056026 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: Apache Content-type: text/xml Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 63 37 62 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 20 3f 3e 0a 3c 51 44 6f 63 52 6f 6f 74 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 0a 3c 64 6f 51 75 69 63 6b 3e 3c 21 5b 43 44 41 54 41 5b 5d 5d 3e 3c 2f 64 6f 51 75 69 63 6b 3e 3c 69 73 5f 62 6f 6f 74 69 6e 67 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 69 73 5f 62 6f 6f 74 69 6e 67 3e 3c 6d 65 64 69 61 52 65 61 64 79 3e 3c 21 5b 43 44 41 54 41 5b 31 5d 5d 3e 3c 2f 6d 65 64 69 61 52 65 61 64 79 3e 3c 53 4d 42 46 57 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 53 4d 42 46 57 3e 3c 6d 6f 64 65 6c 3e 3c 6d 6f 64 65 6c 4e 61 6d 65 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 31 31 32 50 5d 5d 3e 3c 2f 6d 6f 64 65 6c 4e 61 6d 65 3e 3c 69 6e 74 65 72 6e 61 6c 4d 6f 64 65 6c 4e 61 6d 65 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 31 31 39 5d 5d 3e 3c 2f 69 6e 74 65 72 6e 61 6c 4d 6f 64 65 6c 4e 61 6d 65 3e 3c 70 6c 61 74 66 6f 72 6d 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 4e 41 53 41 52 [TRUNCATED] Data Ascii: c7b<?xml version="1.0" encoding="UTF-8" ?><QDocRoot version="1.0"><doQuick><![CDATA[...</doQuick><is_booting><![CDATA[0...</is_booting><mediaReady><![CDATA[1...</mediaReady><SMBFW><![CDATA[0...</SMBFW><model><modelName><![CDATA[TS-112P...</modelName><internalModelName><![CDATA[TS-119...</internalModelName><platform><![CDATA[TS-NASARM...</platform><customModelName><![CDATA[...</customModelName><displayModelName><![CDATA[TS-112P...</displayModelName><storage_v2>0</storage_v2></model><firmware><version><![CDATA[4.3.3...</version><number><![CDATA[1945...</number><build><![CDATA[20220303...</build><patch><![CDATA[0...</patch><buildTime><![CDATA[03/03/2022...</buildTime></firmware><rfs_bits><![CDATA[32...</rfs_bits><specVersion><![CDATA[1.0...</specVersion><hostname><![CDATA[GuNas...</hostname><DemoSiteSuppurt><![CDATA[no...</DemoSiteSuppurt><customLogo><customFrontLogo><![CDATA[...</customFrontLogo><customLoginLogo><![CDATA[...</customLoginLogo></customLogo><HTTPHost><![CDATA[6t.nz...</HTTPHost [TRUNCATED]
Jan 7, 2025 11:04:33.971942902 CET	310	OUT	GET /cgi-bin/mediaGet.cgi?f=standard_logo&r=31204317 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:34.300940037 CET	457	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:10 GMT Content-type: image/jpeg Content-Disposition: inline; filename="standard_logo.jpg" Etag: "1646236800" Last-Modified: Wed, 02 Mar 2022 16:00:00 GMT Content-Length: 43 Keep-Alive: timeout=15, max=97 Connection: Keep-Alive Data Raw: 47 49 46 38 39 61 01 00 01 00 80 ff 00 c0 c0 c0 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b Data Ascii: GIF89a!,D;
Jan 7, 2025 11:04:34.369756937 CET	297	OUT	GET /RSS/images/PhotoStation.gif?5.4.14 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:34.589677095 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Last-Modified: Wed, 24 Aug 2016 03:18:02 GMT ETag: "fa6-53ac8ba98ce80" Accept-Ranges: bytes Content-Length: 4006 Keep-Alive: timeout=15, max=96 Connection: Keep-Alive Content-Type: image/gif Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 50 00 00 00 50 08 06 00 00 00 8e 11 f2 ad 00 00 0f 6d 49 44 41 54 78 5e ed 9d 01 88 65 67 75 c7 7f 8e e7 b3 ef 56 6f f5 8d 9d 57 fa 90 19 ba d3 3a 50 17 92 d6 4d d9 05 97 ba 62 02 dd b6 81 56 30 e0 56 13 48 4a 53 54 c8 d6 d8 92 50 43 d5 12 c1 96 06 ba b6 06 95 36 42 b4 44 50 da 48 57 48 ac 16 62 cd 16 57 ba 2b 6e db 09 cc d2 19 f0 61 df d0 f7 b0 57 f9 2e 9c bf b1 9b 79 17 3e de dc b9 7b 67 66 df d2 d9 c4 3f 5c ee 77 61 cf bb ef fb dd 73 be 73 ce 77 df ee be ec 47 3f fa 11 4d 8a 0e 12 c4 e8 14 85 28 4a 18 17 a2 28 9c 81 f1 d3 97 f2 70 72 84 fd 4a 01 bf 58 60 c7 41 26 d1 2c 4f 43 51 17 a2 59 aa 7f 4c fd 42 bb f9 ac ef 81 3d 97 29 7e c7 9c 7f cb a4 7f e9 0d c7 e7 fa 45 fc 41 27 33 ba dd c0 fc 7c 87 7e 37 b0 d0 cb c9 73 a3 bf 90 21 20 0b d4 b4 23 40 77 28 13 b8 2d 68 a3 31 0c e4 af 3a d7 0d ef 1a 60 bf 33 16 c7 cc 8c 60 54 0a 58 68 67 82 d3 2a 6f 04 d0 0e 5d ed f7 42 72 10 e0 c2 4b 4d e0 b8 ff 63 a7 d4 63 4b eb 83 7f 58 00 ef cd 1b 0b dd 8c a5 7e [TRUNCATED] Data Ascii: PNGIHDRPPmIDATx^eguVoW:PMbV0VHJSTPC6BDPHWHbW+naW.y>{gf?\wasswG?M(J(prJX`A&,OCQYLB=)~EA'3\|~7s! #@w(-h1:`3`TXhgo]BrKMccKX~B?5<#-C,\5(`\P=;7@XE{}C^~?2p,E-pM19r\|1daY@;Pbj$=v9TZ{Y^'@3cQPh,#1sO/d\cFnDO:f@W[oPaY7E\|fe{+E(-c706,_t/3,PT"@u 8$jvVdqftBbaxa0NAdmP=&/JUUO(+C2,0r0w0:r8%1lJypSaOPS+HN^!if6)atr~yKkR`([wJHkkC5k\ Ag>:{>kb.-gYOPN:]8d.OL3C~p6ccg0\fw:QAKX k0yH

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.16	49723	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:32.043890953 CET	299	OUT	GET /libs/monent/moment.min.js?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:32.758836985 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: http server 1.0 Content-type: application/x-javascript Last-modified: Wed, 02 Mar 2022 21:37:57 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 14006 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 7d 09 57 1b c7 b6 ee 5f 11 bd 62 5e 0b 35 42 02 8c 6d e1 42 cb 09 1e 92 18 db 39 90 38 b6 e0 78 f5 24 a9 d1 04 92 30 c6 88 fb db df f7 ed aa ea ae 96 c0 b9 e7 ac b7 1e 4e a4 1a 77 cd 7b ae d2 5a f7 6a 1c cf b3 c9 d8 4f 82 b8 7a eb 4d a2 f3 34 9e 7b 4a cd 6f 2e d2 49 b7 92 7e bb 98 4c e7 b3 f5 75 ef 6a 9c a4 dd 6c 9c 26 de 9a cd 1c 4d 92 ab 61 da d6 5f 75 53 54 c5 7e b5 e5 59 b0 05 24 5d 7b 7d 5d 7f d7 c3 51 d2 d6 41 3f ae b6 92 fa 68 32 4a c7 73 56 be f3 e7 fd 6c 16 e4 1d ab de da 60 25 f9 e6 57 6f a7 e9 fc 6a 3a ae 84 3b f5 f0 e2 62 78 e3 8f af 86 c3 20 9c f6 ae 08 60 56 bd 2b 4a 5f fb 51 f5 36 dc 51 91 93 f6 95 69 1a 84 d7 d1 a3 ad bc 98 4e c3 9b 33 74 55 bd 97 e1 d7 2f a6 93 f9 84 33 50 9f 4f 8e e7 d3 6c dc ab c7 e1 70 88 aa 0e a4 ab 02 52 25 aa 64 e3 d9 3c 1c c7 9c b3 c3 70 9e 2e 16 39 74 46 ff 63 e0 73 bf 1b a4 d5 db af e1 b4 d2 0f 7a aa 73 b6 df 9d 4c fd be 6a ec f7 9f 77 eb c3 74 dc 9b f7 f7 6b b5 7e f5 b6 57 bf b8 9a f5 fd d4 ef 76 fa 67 41 bf 5a bd 33 13 d4 [TRUNCATED] Data Ascii: }W_b^5BmB98x$0Nw{ZjOzM4{Jo.I~Lujl&Ma_uST~Y$]{}]QA?h2JsVl`%Woj:;bx `V+J_Q6QiN3tU/3POlpR%d<p.9tFcszsLjwtk~WvgAZ3s:krVFgt:c~p \i`)vWO[]_NL%; yAO<Xt}5MLNsoM{\|Mk\fir2Ysf/Npr~8MHl5:]p1%GhR^Mp.MCl6sgKRQE' Z}u (lOs/Z6{{$7LJB>~7[WRNR<``\/MMt,JQ{3[/gz'n^Lol5@p0kd@I,C5{<>>Le^[ITC`)euuJ#e'APOt[]a+Bs'I_N<hhxN~YT9v{_aIaXHq\
Jan 7, 2025 11:04:32.795241117 CET	317	OUT	GET /cgi-bin/loginTheme/theme1/images/sprite.png?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:33.014884949 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: http server 1.0 Content-type: image/png Last-modified: Wed, 02 Mar 2022 16:00:00 GMT Accept-Ranges: bytes Content-length: 15045 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 76 00 00 00 6c 08 06 00 00 00 bf ea 46 ec 00 00 32 f1 49 44 41 54 78 01 ec c1 0b 9c cd 75 c2 f8 f1 cf f7 dc e7 cc fd 86 99 71 17 8a 93 88 d6 b0 a4 b2 8c 22 61 30 98 da 96 25 1c 97 b0 28 9a 72 8e 5c 26 a3 28 f9 8d 47 2a 26 36 14 52 a8 36 a2 c7 25 42 d3 8c 43 eb 7e 19 ce dc 8d 19 66 e6 dc bf ff f3 bc 8e ff 4b 4a 62 b4 bb ed f3 ec fb 2d f8 8f ff 35 6c 36 db 60 e0 8f c0 10 c1 7f fc af 60 b3 d9 66 02 2f 12 f0 99 86 ff f8 ff 04 a0 59 bc 78 71 9d de bd 7b 0f 89 8c 8c fc 83 5e af 6f a1 56 ab 63 01 97 d7 eb b5 fb 7c be 93 52 ca 2d 4e a7 73 55 78 78 f8 45 7e 03 6c 36 9b 1e 58 0e 0c 22 60 1b 30 44 70 1b a4 94 29 40 2a 90 08 c4 02 76 60 17 a0 08 21 be e2 1f 48 4a d9 11 98 06 74 02 0c c0 21 e0 4d e0 3d 21 84 a4 e6 04 a0 19 30 60 40 f4 dc b9 73 27 37 68 d0 60 a4 46 a3 09 a9 aa aa 2a ca cb cb 3b 5c 51 51 71 51 08 21 23 23 23 23 12 12 12 4c 06 83 a1 8e 94 b2 dc ed 76 bf 5a 5a 5a fa 6a 7c 7c 7c 15 ff 22 36 9b ad 36 b0 01 e8 40 c0 12 60 82 c9 64 72 0a 6e 81 94 [TRUNCATED] Data Ascii: PNGIHDRvlF2IDATxuq"a0%(r\&(G&6R6%BC~fKJb-5l6``f/Yxq{^oVc\|R-NsUxxE~l6X"`0Dp)@v`!HJt!M=!0`@s'7h`F;\QQqQ!####LvZZZj\|\|\|"66@`drn2<[B8I)?I!}07Gg4>}5@h'MpO=\^AAA'lFL2LJ>px(CI@(HBH);;X}70i!DG&<0g4MpVVV?bCD%K;bIBrh4ql6@h@Y`e2r6'>\L_MBR9Xk85~=%yOJ_`u0L&iiiKjny#v=)_R-[IcGPwQ`^`&l6[`!X<Vll"^&)QqR@+(Gx^JL~jq{4@(i@1jv3;V5ou8Zh%KRlf_ ^M6mf{BSpS8uK

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.16	49724	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:32.275542021 CET	294	OUT	GET /cgi-bin/language.cgi?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:33.267631054 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:09 GMT Etag: "1646256652-gzip" Last-Modified: Wed, 02 Mar 2022 21:30:52 GMT Content-type: application/x-javascript; charset=UTF-8 Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 36 39 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d4 57 6b 6f db 36 14 fd 2b 9c 30 60 1b 60 a4 ce a3 5d 67 60 18 64 5b 49 d4 e8 e1 4a 72 b3 0c 05 08 5a a6 6d 22 b2 68 88 52 33 6f fb d0 1f b2 fd b9 fe 92 9d 4b cb af a4 59 b1 7d db 97 84 11 c9 cb fb 38 e7 dc 1b fe 96 a7 59 e2 47 57 e9 8f bf 5f fa 49 9a 8d dc 2b 8f 5f c6 c9 38 ec 39 97 ba 6a 96 4e 67 ff 3d 88 dd 21 ce 72 3f c4 a9 9e 13 68 31 55 e5 fc e4 e4 e4 f0 d0 db b1 3f b8 09 fc e8 26 ed 39 76 cd ec 1f 87 47 52 2f 79 e7 0f 60 61 d0 98 5a 2f 65 c5 52 59 7d 50 b9 3c 3c 74 eb df f8 3d e7 56 dd 2b a7 e3 7b 3e 8f dc 94 f7 c7 59 16 47 7c e0 46 03 2f c0 75 51 e6 b2 78 ba 1d c4 29 19 2f b4 81 c5 47 77 e3 9b 9e 13 df ec 3f ef a3 43 22 ba a7 88 5a 15 92 a5 b5 a8 95 2e 9f 3b 76 0e c7 e4 c4 7a 2d ab e7 0e bd ec 39 61 53 d4 6a 29 a7 4a 7c c9 e2 f7 3d 67 a8 1f ca 02 29 fd d2 d1 1f 7a 8e 3b 5d aa 52 99 ba fa 27 2f cf e0 40 9a 06 ac d0 73 f5 5c 24 67 30 96 36 88 42 15 05 25 73 ff 76 10 5f f9 11 bf 1e ba 49 1c 67 fc 72 1c 04 3c f4 d2 d4 16 3e 5b 48 36 55 e6 9e 89 4a 0a [TRUNCATED] Data Ascii: 692Wko6+0``]g`d[IJrZm"hR3oKY}8YGW_I+_89jNg=!r?h1U?&9vGR/y`aZ/eRY}P<<t=V+{>YG\|F/uQx)/Gw?C"Z.;vz-9aSj)J\|=g)z;]R'/@s\$g06B%sv_Igr<>[H6UJV/Dyq(4jSR3#1,%)vNkfJW56<T1a'^pwrkPuoB?eV[5y.rbT}`2!spGkq?8@)arf=seB-\s6rG\|_:~F,Umby\|9c#R,Am=jtRD.r6GN7uJvjZ31D8,bpukV+A zG:.]7:)yt:y!O^$B\|!,-Jl%JY0QN,Ex^v; ;Y2:`V3lOT*&wD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.16	49725	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:32.408153057 CET	320	OUT	GET /cgi-bin/jc.cgi?_dc=1646256924&t=js&f=jquery-1.10.2.min.js HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:33.294234991 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:09 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:09 GMT Content-type: application/x-javascript Etag: "1646257085-gzip" Last-Modified: Wed, 02 Mar 2022 21:38:05 GMT Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 37 34 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 7c 57 5b 6f db 38 16 7e 9f 5f 61 6b 0b 43 8c 69 d9 ee ec be 28 a5 8d 6e 9b 60 06 68 d3 d9 6d 17 7d 90 d4 01 23 d3 b6 5a 99 74 28 3a 71 d6 f2 7f df 8f a4 e4 4b ea 59 a0 88 45 f2 dc 2f df 39 1d 5e 75 be ff 6b 23 f4 73 e7 71 1c 8d 47 d1 eb 4e dd 09 73 d2 79 3d 1a fd 83 e2 ef f8 d7 f6 fd 56 6d e4 8c 9b 42 49 da f9 5d e6 11 08 bf 3f 58 ce 48 e9 c5 b0 2c 72 21 2b f1 cb d5 f0 97 70 be 91 b9 a5 0b 05 35 64 f7 c8 75 47 52 4d 0b 66 9e d7 42 cd 3b 86 2a 26 a2 52 e5 5e 18 c7 61 a6 f2 cd 4a 48 43 2b c6 0f 87 9b 52 b8 bb 12 04 de 46 ba c1 e7 2b 9a b3 dd 9e ae 59 92 d1 39 0b bc d5 01 9d b1 75 94 2b 09 a1 74 89 cf f5 a6 5a d2 05 3e 2a 6b 19 5d e1 ab 90 33 b1 fd 34 a7 cf 2c 8f 8c fa 6c 74 21 17 f4 11 87 25 af 3e 3d c9 3f b4 5a 0b 6d 9e e9 3d 9b 47 78 5c d1 2d 3b f7 44 0b b3 d1 b2 23 c5 53 67 1b cd 25 04 16 c6 fa 48 35 d9 d3 27 36 4c fa 83 6c 1a 4e e3 74 76 95 46 35 49 67 7d 1c 12 71 93 b9 07 1c 6b 32 8c 2a b5 d1 30 e8 0b 1b a6 9f fb c3 05 7d c7 86 df 92 b4 4a 37 b7 37 b7 [TRUNCATED] Data Ascii: 745\|W[o8~_akCi(n`hm}#Zt(:qKYE/9^uk#sqGNsy=VmBI]?XH,r!+p5duGRMfB;&R^aJHC+RF+Y9u+tZ>k]34,lt!%>=?Zm=Gx\-;D#Sg%H5'6LlNtvF5Ig}qk20}J77(/@v2+$S5OHm]q1y5?@&Lp:t'}q2i]3[xiBaoaaj46YInd0HYzJrS!YjCp:AzAg\|:ygG2B]A,`5d+ZKa\|p#Hw!?gSb0x;%ab.;=!s&Nf(lmm(5R!YQ:R[Ie}T]+i,=Ao\|a~kLB.r0[{_HlEBE]wdz`HWCM95Bb(ov+Y+
Jan 7, 2025 11:04:33.899260044 CET	307	OUT	GET /cgi-bin/images/mobile/logo_16.ico?1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:34.121042967 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: http server 1.0 Content-type: image/x-icon Last-modified: Wed, 02 Mar 2022 16:00:00 GMT Accept-Ranges: bytes Content-length: 1150 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Data Raw: 00 00 01 00 01 00 10 10 00 00 01 00 20 00 68 04 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cd 55 05 70 cd 55 05 d6 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 f0 cd 55 05 d6 cd 55 05 70 00 00 00 00 ce 57 05 78 ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 ff ce 57 05 78 ce 59 05 d6 ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 ff ce 59 05 d6 cf 5b 05 ee cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 ff cf 5b 05 f0 d1 5e 05 ee d1 5e 05 ff d1 5e 05 ff ea b6 8e ff fd f7 f2 ff [TRUNCATED] Data Ascii: h( UpUUUUUUUUUUUUUpWxWWWWWWWWWWWWWWWxYYYYYYYYYYYYYYYY[[[[[[[[[[[[[[[[^^^`l^^aaafeaaaddddddu!q}.dddggggggggggggjjjjjjjjjjjjnnnnnnnnnnnnqqqqqqqqqqqqttttttvvvvvvvyyyyyyyyyyyyyyyyzxzzzzz
Jan 7, 2025 11:04:34.136229038 CET	292	OUT	GET /cgi-bin/sysinfoReq.cgi?qpkg=1 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:34.463089943 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Content-type: text/xml Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 36 33 38 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 20 3f 3e 0a 3c 51 44 6f 63 52 6f 6f 74 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 0a 3c 69 6e 66 6f 3e 0a 3c 72 65 73 75 6c 74 3e 3c 21 5b 43 44 41 54 41 5b 73 75 63 63 65 73 73 5d 5d 3e 3c 2f 72 65 73 75 6c 74 3e 3c 68 64 53 74 61 74 69 6f 6e 53 75 70 70 6f 72 74 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 68 64 53 74 61 74 69 6f 6e 53 75 70 70 6f 72 74 3e 3c 68 69 64 65 48 46 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 68 69 64 65 48 46 3e 3c 77 65 62 53 65 72 76 65 72 50 6f 72 74 3e 3c 21 5b 43 44 41 54 41 5b 38 30 5d 5d 3e 3c 2f 77 65 62 53 65 72 76 65 72 50 6f 72 74 3e 3c 77 65 62 53 65 72 76 65 72 45 6e 61 62 6c 65 3e 3c 21 5b 43 44 41 54 41 5b 31 5d 5d 3e 3c 2f 77 65 62 53 65 72 76 65 72 45 6e 61 62 6c 65 3e 3c 73 73 6c 45 6e 61 62 6c 65 3e 3c 21 5b 43 44 41 54 41 5b 31 5d 5d 3e 3c 2f 73 73 6c 45 6e 61 62 6c 65 3e 3c 73 73 6c 50 6f 72 74 3e 3c 21 5b 43 44 41 54 [TRUNCATED] Data Ascii: 638<?xml version="1.0" encoding="UTF-8" ?><QDocRoot version="1.0"><info><result><![CDATA[success...</result><hdStationSupport><![CDATA[0...</hdStationSupport><hideHF><![CDATA[0...</hideHF><webServerPort><![CDATA[80...</webServerPort><webServerEnable><![CDATA[1...</webServerEnable><sslEnable><![CDATA[1...</sslEnable><sslPort><![CDATA[8081...</sslPort><isXMLAvailable><![CDATA[0...</isXMLAvailable><countryCode><code><![CDATA[0...</code><abbr><![CDATA[GLB...</abbr><name><![CDATA[Global...</name></countryCode></info><qItem><name><![CDATA[PhotoStation...</name> <attr><displayName><![CDATA[Photo Station...</displayName><QPKGFile><![CDATA[PhotoStation.qpkg...</QPKGFile><date><![CDATA[2022-05-03...</date><version><![CDATA[5.4.14...</version><installPath><![CDATA[/share/HDA_DATA/.qpkg/PhotoStation...</installPath><configPath><![CDATA[null...</configPath><shell><![CDATA[/share/HDA_DATA/.qpkg/PhotoStation/qpkg_photos.sh...</shell><enable><![CDATA[TRUE...</enable><installed><![CDATA[1...</installed>< [TRUNCATED]

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.16	49727	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:04:32.809504986 CET	304	OUT	GET /cgi-bin/language.cgi?undefined=1646256924 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:34.319488049 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:10 GMT Etag: "1646256652-gzip" Last-Modified: Wed, 02 Mar 2022 21:30:52 GMT Content-type: application/x-javascript; charset=UTF-8 Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 36 39 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d4 57 6b 6f db 36 14 fd 2b 9c 30 60 1b 60 a4 ce a3 5d 67 60 18 64 5b 49 d4 e8 e1 4a 72 b3 0c 05 08 5a a6 6d 22 b2 68 88 52 33 6f fb d0 1f b2 fd b9 fe 92 9d 4b cb af a4 59 b1 7d db 97 84 11 c9 cb fb 38 e7 dc 1b fe 96 a7 59 e2 47 57 e9 8f bf 5f fa 49 9a 8d dc 2b 8f 5f c6 c9 38 ec 39 97 ba 6a 96 4e 67 ff 3d 88 dd 21 ce 72 3f c4 a9 9e 13 68 31 55 e5 fc e4 e4 e4 f0 d0 db b1 3f b8 09 fc e8 26 ed 39 76 cd ec 1f 87 47 52 2f 79 e7 0f 60 61 d0 98 5a 2f 65 c5 52 59 7d 50 b9 3c 3c 74 eb df f8 3d e7 56 dd 2b a7 e3 7b 3e 8f dc 94 f7 c7 59 16 47 7c e0 46 03 2f c0 75 51 e6 b2 78 ba 1d c4 29 19 2f b4 81 c5 47 77 e3 9b 9e 13 df ec 3f ef a3 43 22 ba a7 88 5a 15 92 a5 b5 a8 95 2e 9f 3b 76 0e c7 e4 c4 7a 2d ab e7 0e bd ec 39 61 53 d4 6a 29 a7 4a 7c c9 e2 f7 3d 67 a8 1f ca 02 29 fd d2 d1 1f 7a 8e 3b 5d aa 52 99 ba fa 27 2f cf e0 40 9a 06 ac d0 73 f5 5c 24 67 30 96 36 88 42 15 05 25 73 ff 76 10 5f f9 11 bf 1e ba 49 1c 67 fc 72 1c 04 3c f4 d2 d4 16 3e 5b 48 36 55 e6 9e 89 4a 0a [TRUNCATED] Data Ascii: 692Wko6+0``]g`d[IJrZm"hR3oKY}8YGW_I+_89jNg=!r?h1U?&9vGR/y`aZ/eRY}P<<t=V+{>YG\|F/uQx)/Gw?C"Z.;vz-9aSj)J\|=g)z;]R'/@s\$g06B%sv_Igr<>[H6UJV/Dyq(4jSR3#1,%)vNkfJW56<T1a'^pwrkPuoB?eV[5y.rbT}`2!spGkq?8@)arf=seB-\s6rG\|_:~F,Umby\|9c#R,Am=jtRD.r6GN7uJvjZ31D8,bpukV+A zG:.]7:)yt:y!O^$B\|!,-Jl%JY0QN,Ex^v; ;Y2:`V3lOT*&wD
Jan 7, 2025 11:04:34.430383921 CET	308	OUT	GET /cgi-bin/mediaGet.cgi?f=standard_bg&r=31204317 HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:04:34.672631979 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:00:10 GMT Server: Apache Cache-Control: private, max-age=604800, pre-check=604800 Pragma: private Expires: Tue, 14 Jan 2025 10:00:10 GMT Content-type: image/jpeg Content-Disposition: inline; filename="standard_bg.jpg" Etag: "1646236800" Last-Modified: Wed, 02 Mar 2022 16:00:00 GMT Content-Length: 296443 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Data Raw: ff d8 ff e1 06 e3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 22 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 94 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 43 43 20 32 30 31 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 31 36 3a 31 30 3a 32 30 20 31 30 3a 31 38 3a 32 30 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 10 00 a0 03 00 04 00 00 00 01 00 00 08 70 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 00 00 01 00 00 01 2a 01 28 00 03 00 00 00 01 00 02 00 00 02 01 00 04 00 00 00 01 00 00 01 32 02 02 00 04 00 00 00 01 00 00 05 a9 00 00 00 00 00 00 00 48 00 00 00 01 00 00 00 48 00 00 00 01 ff d8 ff ed 00 0c 41 64 6f 62 65 5f 43 4d 00 02 ff ee 00 0e [TRUNCATED] Data Ascii: ExifMMbj(1"r2i''Adobe Photoshop CC 2015 (Windows)2016:10:20 10:18:20p"(2HHAdobe_CMAdobedT"?3!1AQa"q2B#$Rb34rC%Scs5&DTdEt6UeuF'Vfv7GWgw5!1AQaq"2B#R3$brCScs4%&5DTdEU6teuFVfv'

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.16	49732	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:05:52.409667015 CET	477	OUT	POST /cgi-bin/authLogin.cgi HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive Content-Length: 59 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-type: application/x-www-form-urlencoded Accept: / Origin: http://6t.nz:8080 Referer: http://6t.nz:8080/cgi-bin/ Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Data Raw: 75 73 65 72 3d 66 61 6c 73 6f 26 73 65 72 76 69 63 65 4b 65 79 3d 31 26 70 77 64 3d 5a 6d 46 73 63 32 38 25 33 44 26 72 3d 30 2e 33 37 38 36 30 31 35 30 39 32 35 33 34 35 39 36 Data Ascii: user=falso&serviceKey=1&pwd=ZmFsc28%3D&r=0.3786015092534596
Jan 7, 2025 11:05:54.177465916 CET	997	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:01:29 GMT Server: Apache Content-type: text/xml Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 33 32 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 20 3f 3e 0a 3c 51 44 6f 63 52 6f 6f 74 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 0a 3c 64 6f 51 75 69 63 6b 3e 3c 21 5b 43 44 41 54 41 5b 5d 5d 3e 3c 2f 64 6f 51 75 69 63 6b 3e 3c 69 73 5f 62 6f 6f 74 69 6e 67 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 69 73 5f 62 6f 6f 74 69 6e 67 3e 3c 6d 65 64 69 61 52 65 61 64 79 3e 3c 21 5b 43 44 41 54 41 5b 31 5d 5d 3e 3c 2f 6d 65 64 69 61 52 65 61 64 79 3e 3c 53 4d 42 46 57 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 53 4d 42 46 57 3e 3c 61 75 74 68 50 61 73 73 65 64 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 61 75 74 68 50 61 73 73 65 64 3e 3c 65 72 72 6f 72 56 61 6c 75 65 3e 3c 21 5b 43 44 41 54 41 5b 2d 31 5d 5d 3e 3c 2f 65 72 72 6f 72 56 61 6c 75 65 3e 3c 75 73 65 72 6e 61 6d 65 3e 3c 21 5b 43 44 41 54 41 5b 5d 5d 3e 3c 2f 75 73 65 72 6e 61 6d 65 3e 3c 74 73 3e 3c 21 5b 43 44 41 54 41 5b 33 31 32 30 34 33 31 37 5d 5d [TRUNCATED] Data Ascii: 329<?xml version="1.0" encoding="UTF-8" ?><QDocRoot version="1.0"><doQuick><![CDATA[...</doQuick><is_booting><![CDATA[0...</is_booting><mediaReady><![CDATA[1...</mediaReady><SMBFW><![CDATA[0...</SMBFW><authPassed><![CDATA[0...</authPassed><errorValue><![CDATA[-1...</errorValue><username><![CDATA[...</username><ts><![CDATA[31204317...</ts><fwNotice><![CDATA[0...</fwNotice><title><![CDATA[...</title><content><![CDATA[...</content><psType><![CDATA[1...</psType><standard_massage><![CDATA[...</standard_massage><standard_color><![CDATA[#ffffff...</standard_color><standard_size><![CDATA[12px...</standard_size><standard_bg_style><![CDATA[fill...</standard_bg_style><showVersion><![CDATA[1...</showVersion><show_link><![CDATA[1...</show_link><cuid><![CDATA[76104119e5380ff139594808ac604328...</cuid></QDocRoot>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.16	49733	79.45.30.178	8080	3976	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
Jan 7, 2025 11:05:54.315095901 CET	284	OUT	GET /cgi-bin/authLogin.cgi HTTP/1.1 Host: 6t.nz:8080 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jan 7, 2025 11:05:55.092781067 CET	1236	IN	HTTP/1.1 200 OK Date: Tue, 07 Jan 2025 10:01:31 GMT Server: Apache Content-type: text/xml Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Data Raw: 63 37 62 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 20 3f 3e 0a 3c 51 44 6f 63 52 6f 6f 74 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 0a 3c 64 6f 51 75 69 63 6b 3e 3c 21 5b 43 44 41 54 41 5b 5d 5d 3e 3c 2f 64 6f 51 75 69 63 6b 3e 3c 69 73 5f 62 6f 6f 74 69 6e 67 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 69 73 5f 62 6f 6f 74 69 6e 67 3e 3c 6d 65 64 69 61 52 65 61 64 79 3e 3c 21 5b 43 44 41 54 41 5b 31 5d 5d 3e 3c 2f 6d 65 64 69 61 52 65 61 64 79 3e 3c 53 4d 42 46 57 3e 3c 21 5b 43 44 41 54 41 5b 30 5d 5d 3e 3c 2f 53 4d 42 46 57 3e 3c 6d 6f 64 65 6c 3e 3c 6d 6f 64 65 6c 4e 61 6d 65 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 31 31 32 50 5d 5d 3e 3c 2f 6d 6f 64 65 6c 4e 61 6d 65 3e 3c 69 6e 74 65 72 6e 61 6c 4d 6f 64 65 6c 4e 61 6d 65 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 31 31 39 5d 5d 3e 3c 2f 69 6e 74 65 72 6e 61 6c 4d 6f 64 65 6c 4e 61 6d 65 3e 3c 70 6c 61 74 66 6f 72 6d 3e 3c 21 5b 43 44 41 54 41 5b 54 53 2d 4e 41 53 41 52 [TRUNCATED] Data Ascii: c7b<?xml version="1.0" encoding="UTF-8" ?><QDocRoot version="1.0"><doQuick><![CDATA[...</doQuick><is_booting><![CDATA[0...</is_booting><mediaReady><![CDATA[1...</mediaReady><SMBFW><![CDATA[0...</SMBFW><model><modelName><![CDATA[TS-112P...</modelName><internalModelName><![CDATA[TS-119...</internalModelName><platform><![CDATA[TS-NASARM...</platform><customModelName><![CDATA[...</customModelName><displayModelName><![CDATA[TS-112P...</displayModelName><storage_v2>0</storage_v2></model><firmware><version><![CDATA[4.3.3...</version><number><![CDATA[1945...</number><build><![CDATA[20220303...</build><patch><![CDATA[0...</patch><buildTime><![CDATA[03/03/2022...</buildTime></firmware><rfs_bits><![CDATA[32...</rfs_bits><specVersion><![CDATA[1.0...</specVersion><hostname><![CDATA[GuNas...</hostname><DemoSiteSuppurt><![CDATA[no...</DemoSiteSuppurt><customLogo><customFrontLogo><![CDATA[...</customFrontLogo><customLoginLogo><![CDATA[...</customLoginLogo></customLogo><HTTPHost><![CDATA[6t.nz...</HTTPHost [TRUNCATED]

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 6376, Parent PID: 5992

General

Target ID:	0
Start time:	05:03:54
Start date:	07/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 3976, Parent PID: 6376

General

Target ID:	1
Start time:	05:03:55
Start date:	07/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1980 --field-trial-handle=1908,i,11143923296459145557,6145508390765661560,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4692, Parent PID: 5992

General

Target ID:	2
Start time:	05:03:56
Start date:	07/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "HtTP://6t.NZ:8080/y6yI7arXqwIyN8RPzQgp/WFeSsM/5CG043B2PX?JEV004%20NSXCajsE=jI"
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly