Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://whatsapp.dianjin-inc.com

Overview

General Information

Sample URL:https://whatsapp.dianjin-inc.com
Analysis ID:1595855
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Creates files inside the system directory
Deletes files inside the Windows folder
Detected non-DNS traffic on DNS port
HTML body contains low number of good links
HTML body contains password input but no form action
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w11x64_office
  • chrome.exe (PID: 6600 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 290DF23002E9B52249B5549F0C668A86)
    • chrome.exe (PID: 6960 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=2064,i,5309624313560462972,16884665051517831401,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20241208-180523.718000 --mojo-platform-channel-handle=2060 /prefetch:11 MD5: 290DF23002E9B52249B5549F0C668A86)
  • chrome.exe (PID: 7248 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://whatsapp.dianjin-inc.com" MD5: 290DF23002E9B52249B5549F0C668A86)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginJoe Sandbox AI: Score: 9 Reasons: The brand 'WhatsApp' is a well-known brand associated with the domain 'whatsapp.com'., The URL 'whatsapp.dianjin-inc.com' does not match the legitimate domain 'whatsapp.com'., The presence of 'dianjin-inc.com' as the main domain is suspicious and not associated with WhatsApp., The use of a subdomain 'whatsapp' in 'whatsapp.dianjin-inc.com' is a common tactic in phishing to mislead users., The input fields for 'Email' and 'Password' are typical targets for phishing attacks. DOM: 1.0.pages.csv
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginJoe Sandbox AI: Score: 9 Reasons: The brand 'WhatsApp' is well-known and is associated with the domain 'whatsapp.com'., The URL 'whatsapp.dianjin-inc.com' does not match the legitimate domain 'whatsapp.com'., The presence of 'dianjin-inc' in the domain suggests a third-party association, which is suspicious., The use of a subdomain 'whatsapp' in 'dianjin-inc.com' is a common tactic in phishing to mimic legitimate sites., The input fields 'Email' and 'Password' are typical targets for phishing attacks. DOM: 1.1.pages.csv
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginJoe Sandbox AI: Score: 9 Reasons: The brand 'WhatsApp' is a well-known brand associated with the domain 'whatsapp.com'., The URL 'whatsapp.dianjin-inc.com' does not match the legitimate domain 'whatsapp.com'., The presence of 'dianjin-inc.com' suggests a third-party domain, which is suspicious., The use of a subdomain 'whatsapp' in 'whatsapp.dianjin-inc.com' is a common phishing tactic to mimic legitimate sites., The input fields 'Email' and 'Password' are typical targets for phishing attacks. DOM: 1.2.pages.csv
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginJoe Sandbox AI: Score: 9 Reasons: The brand 'WhatsApp' is a well-known brand associated with the domain 'whatsapp.com'., The URL 'whatsapp.dianjin-inc.com' does not match the legitimate domain 'whatsapp.com'., The presence of 'dianjin-inc.com' suggests a third-party domain, which is suspicious., The use of a subdomain 'whatsapp' in 'dianjin-inc.com' is a common tactic in phishing to mimic legitimate brands., The input fields 'Email' and 'Password' are typical targets for phishing attacks. DOM: 1.3.pages.csv
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: Number of links: 0
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: Title: Login Page does not match URL
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: <input type="password" .../> found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="author".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="author".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="author".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="author".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="author".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="author".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="author".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="author".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="copyright".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="copyright".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="copyright".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="copyright".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="copyright".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="copyright".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="copyright".. found
Source: https://whatsapp.dianjin-inc.com/widget/dianjin/loginHTTP Parser: No <meta name="copyright".. found
Source: global trafficTCP traffic: 192.168.2.24:57667 -> 1.1.1.1:53
Source: unknownTCP traffic detected without corresponding DNS query: 108.141.15.7
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.141.15.7
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.206.67
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 104.76.101.49
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 104.76.101.49
Source: unknownTCP traffic detected without corresponding DNS query: 104.76.101.49
Source: unknownTCP traffic detected without corresponding DNS query: 104.76.101.49
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /widget/dianjin/style.css HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e7a18edc.png HTTP/1.1Host: tochatbe.s3.eu-west-3.amazonaws.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://whatsapp.dianjin-inc.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e7a18edc.png HTTP/1.1Host: tochatbe.s3.eu-west-3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /uploads/favicon/c236dade1721ab266be6aeac24ac4624980252198d850df8d1.png HTTP/1.1Host: tochatbe.s3.eu-west-3.amazonaws.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://whatsapp.dianjin-inc.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /uploads/favicon/c236dade1721ab266be6aeac24ac4624980252198d850df8d1.png HTTP/1.1Host: tochatbe.s3.eu-west-3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/style.css HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/style.css HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/style.css HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/style.css HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/style.css HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/style.css HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /widget/dianjin/style.css HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: GET /r/r1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Cache-Control: max-age = 3600Connection: Keep-AliveAccept: */*If-Modified-Since: Mon, 12 Feb 2024 22:07:27 GMTIf-None-Match: "65ca969f-2cd"User-Agent: Microsoft-CryptoAPI/10.0Host: x1.c.lencr.org
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: whatsapp.dianjin-inc.com
Source: global trafficDNS traffic detected: DNS query: tochatbe.s3.eu-west-3.amazonaws.com
Source: unknownHTTP traffic detected: POST /widget/dianjin/login HTTP/1.1Host: whatsapp.dianjin-inc.comConnection: keep-aliveContent-Length: 181Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Origin: https://whatsapp.dianjin-inc.comContent-Type: application/x-www-form-urlencodedUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://whatsapp.dianjin-inc.com/widget/dianjin/loginAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: AcceptCache-Control: max-age=0, must-revalidate, privateDate: Tue, 21 Jan 2025 10:16:18 GMTLink: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"Expires: Tue, 21 Jan 2025 10:16:18 GMT
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: AcceptCache-Control: max-age=0, must-revalidate, privateDate: Tue, 21 Jan 2025 10:16:29 GMTLink: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"Expires: Tue, 21 Jan 2025 10:16:29 GMT
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: AcceptCache-Control: max-age=0, must-revalidate, privateDate: Tue, 21 Jan 2025 10:16:41 GMTLink: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"Expires: Tue, 21 Jan 2025 10:16:41 GMT
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: AcceptCache-Control: max-age=0, must-revalidate, privateDate: Tue, 21 Jan 2025 10:16:50 GMTLink: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"Expires: Tue, 21 Jan 2025 10:16:50 GMT
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: AcceptCache-Control: max-age=0, must-revalidate, privateDate: Tue, 21 Jan 2025 10:16:59 GMTLink: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"Expires: Tue, 21 Jan 2025 10:16:59 GMT
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: AcceptCache-Control: max-age=0, must-revalidate, privateDate: Tue, 21 Jan 2025 10:17:07 GMTLink: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"Expires: Tue, 21 Jan 2025 10:17:07 GMT
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: AcceptCache-Control: max-age=0, must-revalidate, privateDate: Tue, 21 Jan 2025 10:17:17 GMTLink: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"Expires: Tue, 21 Jan 2025 10:17:17 GMT
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: AcceptCache-Control: max-age=0, must-revalidate, privateDate: Tue, 21 Jan 2025 10:17:26 GMTLink: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"Expires: Tue, 21 Jan 2025 10:17:26 GMT
Source: chromecache_51.1.dr, chromecache_49.1.drString found in binary or memory: http://ns.attribution.com/ads/1.0/
Source: chromecache_50.1.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Roboto:wght
Source: chromecache_50.1.drString found in binary or memory: https://fonts.gstatic.com
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3-UBGEe.woff2)
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2)
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2)
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2)
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2)
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2)
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2)
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2)
Source: chromecache_54.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2)
Source: chromecache_50.1.drString found in binary or memory: https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/favicon/c236dade1721ab266be6aeac24ac462498025219
Source: chromecache_50.1.drString found in binary or memory: https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e
Source: unknownNetwork traffic detected: HTTP traffic on port 61629 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61606 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61631 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57687
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57688
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57689
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61622
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61624
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61625
Source: unknownNetwork traffic detected: HTTP traffic on port 61615 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61629
Source: unknownNetwork traffic detected: HTTP traffic on port 61621 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61625 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61620
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61621
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61630 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57681 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61607 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 61614 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57688 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61620 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61624 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61630
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61631
Source: unknownNetwork traffic detected: HTTP traffic on port 57670 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61632
Source: unknownNetwork traffic detected: HTTP traffic on port 57682 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61608 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61608
Source: unknownNetwork traffic detected: HTTP traffic on port 57686 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61609
Source: unknownNetwork traffic detected: HTTP traffic on port 61617 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57675
Source: unknownNetwork traffic detected: HTTP traffic on port 57689 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61605
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61606
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57670
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61607
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57671
Source: unknownNetwork traffic detected: HTTP traffic on port 61605 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61632 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57687 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57676
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57677
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57678
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61612
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61614
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57686
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61615
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57680
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61617
Source: unknownNetwork traffic detected: HTTP traffic on port 61622 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57681
Source: unknownNetwork traffic detected: HTTP traffic on port 61612 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57682
Source: unknownNetwork traffic detected: HTTP traffic on port 61609 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57676 -> 443
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6600_483279881Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6600_483279881Jump to behavior
Source: classification engineClassification label: mal48.phis.win@16/12@10/6
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=2064,i,5309624313560462972,16884665051517831401,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20241208-180523.718000 --mojo-platform-channel-handle=2060 /prefetch:11
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://whatsapp.dianjin-inc.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=2064,i,5309624313560462972,16884665051517831401,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20241208-180523.718000 --mojo-platform-channel-handle=2060 /prefetch:11Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1595855 URL: https://whatsapp.dianjin-inc.com Startdate: 21/01/2025 Architecture: WINDOWS Score: 48 24 AI detected phishing page 2->24 6 chrome.exe 2 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 14 192.168.2.24, 443, 49200, 49772 unknown unknown 6->14 16 192.168.2.4 unknown unknown 6->16 11 chrome.exe 6->11         started        process5 dnsIp6 18 whatsapp.dianjin-inc.com 11->18 20 services.tochat.be 116.203.143.50, 443, 57670, 57671 HETZNER-ASDE Germany 11->20 22 4 other IPs or domains 11->22

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://whatsapp.dianjin-inc.com0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/favicon/c236dade1721ab266be6aeac24ac4624980252198d850df8d1.png0%Avira URL Cloudsafe
https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e0%Avira URL Cloudsafe
https://whatsapp.dianjin-inc.com/login0%Avira URL Cloudsafe
https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e7a18edc.png0%Avira URL Cloudsafe
https://whatsapp.dianjin-inc.com/0%Avira URL Cloudsafe
https://whatsapp.dianjin-inc.com/widget/dianjin/style.css0%Avira URL Cloudsafe
https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/favicon/c236dade1721ab266be6aeac24ac4624980252190%Avira URL Cloudsafe

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
services.tochat.be
116.203.143.50
truefalse
    		high
    s3-r-w.eu-west-3.amazonaws.com
    		16.12.18.34
    		truefalse
      		high
      www.google.com
      		142.250.181.228
      		truefalse
        		high
        tochatbe.s3.eu-west-3.amazonaws.com
        		unknown
        		unknownfalse
          		unknown
          whatsapp.dianjin-inc.com
          		unknown
          		unknowntrue
            		unknown

            Contacted URLs

            NameMaliciousAntivirus DetectionReputation
            https://whatsapp.dianjin-inc.com/widget/dianjin/logintrue
              		unknown
              https://whatsapp.dianjin-inc.com/loginfalse
              • Avira URL Cloud: safe
              		unknown
              https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e7a18edc.pngfalse
              • Avira URL Cloud: safe
              		unknown
              https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/favicon/c236dade1721ab266be6aeac24ac4624980252198d850df8d1.pngfalse
              • Avira URL Cloud: safe
              		unknown
              https://whatsapp.dianjin-inc.com/widget/dianjin/style.cssfalse
              • Avira URL Cloud: safe
              		unknown
              https://whatsapp.dianjin-inc.com/false
              • Avira URL Cloud: safe
              		unknown
              NameSourceMaliciousAntivirus DetectionReputation
              http://ns.attribution.com/ads/1.0/chromecache_51.1.dr, chromecache_49.1.drfalse
                		high
                https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774echromecache_50.1.drfalse
                • Avira URL Cloud: safe
                		unknown
                https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/favicon/c236dade1721ab266be6aeac24ac462498025219chromecache_50.1.drfalse
                • Avira URL Cloud: safe
                		unknown

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                52.95.156.86
                		unknownUnited States
                		16509AMAZON-02USfalse
                16.12.18.34
                		s3-r-w.eu-west-3.amazonaws.comUnited States
                		unknownunknownfalse
                142.250.181.228
                		www.google.comUnited States
                		15169GOOGLEUSfalse
                116.203.143.50
                		services.tochat.beGermany
                		24940HETZNER-ASDEfalse

                Private

                IP
                192.168.2.4
                192.168.2.24

                General Information

                Joe Sandbox version:42.0.0 Malachite
                Analysis ID:1595855
                Start date and time:2025-01-21 11:15:10 +01:00
                Joe Sandbox product:CloudBasic
                Overall analysis duration:0h 3m 24s
                Hypervisor based Inspection enabled:false
                Report type:full
                Cookbook file name:browseurl.jbs
                Sample URL:https://whatsapp.dianjin-inc.com
                Analysis system description:Windows 11 23H2 with Office Professional Plus 2021, Chrome 131, Firefox 133, Adobe Reader DC 24, Java 8 Update 431, 7zip 24.09
                Number of analysed new started processes analysed:10
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • EGA enabled
                • AMSI enabled
                Analysis Mode:default
                Analysis stop reason:Timeout
                Detection:MAL
                Classification:mal48.phis.win@16/12@10/6
                • Exclude process from analysis (whitelisted): SIHClient.exe, appidcertstorecheck.exe, conhost.exe, svchost.exe
                • Excluded IPs from analysis (whitelisted): 172.217.23.99, 142.251.168.84, 216.58.206.46, 172.217.18.14, 142.250.186.142, 216.58.206.78, 216.58.206.42, 142.250.186.99, 172.217.18.10, 142.250.185.170, 142.250.185.106, 142.250.185.234, 172.217.23.106, 142.250.185.202, 142.250.186.170, 172.217.16.202, 142.250.186.42, 142.250.185.74, 142.250.186.138, 142.250.184.202, 216.58.212.170, 142.250.186.106, 142.250.181.234, 142.250.184.206, 142.250.186.74, 216.58.206.74, 142.250.184.234, 142.250.185.138, 142.250.184.238, 199.232.214.172, 142.250.186.35, 142.250.185.142, 142.250.185.78, 172.202.163.200
                • Excluded domains from analysis (whitelisted): fonts.googleapis.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, www.googleapis.com, x1.c.lencr.org, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, c.pki.goog
                • Not all processes where analyzed, report is missing behavior information
                • Report size getting too big, too many NtOpenFile calls found.
                • VT rate limit hit for: https://whatsapp.dianjin-inc.com

                Simulations

                Behavior and APIs

                No simulations

                Joe Sandbox View / Context

                IPs

                No context

                Domains

                No context

                ASNs

                No context

                JA3 Fingerprints

                No context

                Dropped Files

                No context

                Created / dropped Files

                Chrome Cache Entry: 48

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 3566 x 830, 8-bit colormap, non-interlaced
                Category:dropped
                Size (bytes):29465
                Entropy (8bit):7.8573324538118525
                Encrypted:false
                SSDEEP:768:zFbH40yJdmqn29y+ta9KLmPAtdl2JwnhSwyS6RV8KSSOeq:BH4vdnn2vLqAvUUSwy5RVFTq
                MD5:6BD7AAD7D4B0DC00D4ADFDF6F0CBF399
                SHA1:3445447C81CE085CBF3165822DA472156A1949ED
                SHA-256:0DBCD72A5BCFD55A91EAFA6C362C67E1D434016FC85308E17F99AF100565BE0B
                SHA-512:8DB874A322B65BA06D7BE3B41BF469CBCE7FBE496666D077E6FE02DEA079C2EA4C9A653EAA7CA48F5BF360BE1F1ED4B80AD8FCF94697D497BB59B6F710E7B28C
                Malicious:false
                Reputation:low
                Preview:.PNG........IHDR.......>......r.....3PLTEGpL%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.foS.+....tRNS... ..`.@.0.pP.X..Z..r.IDATx^..Y..7..P..$.#...v.O.B..V....9...."N.._[.p._8..e.......r.k.}.#...#...n........T_....~........-....>...R..Z.w.k."....0....^u.../...@..z..w.S.>....=...X.4......y:j;.zLC.;.......U.5.)~....y.v=K.w......\.v]......%.v.5......Q..)......0o...g.[......ni...{<......v..6.s.......?.x....4.c{...........gZ......0l}.^......'.....z....@.~.z.{\.......0v%.....tc.5.c.+......~..zg|...Sm..K-u.....z..%.......85u..............s....0..9.3.u.....}...~..........Y.....>Tg.....]..9.....N...!.......5..#..@?.......LK.Z.|.........@.......=...........a.......XJ|....}iw.-...@..s.....P.....B...C..#.....<..`.)^...`........P.v7J:............. .vV........>.......v... ..=........8.....8............P.v-,{.......s..u..@E.......`..C.....6..#.....F{.?.d.....v..........|....=.....W{}..b.w9.....Rk.9o./s.V..s>j.w...........R...R..k].....`....R.....o......t....<.._

                Chrome Cache Entry: 49

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
                Category:dropped
                Size (bytes):52951
                Entropy (8bit):7.980912496342525
                Encrypted:false
                SSDEEP:768:6PCuxS9EdLl55qm2U4wXx0XK0tUKN+jmZaJUwc4tuT1Ex6qPsOnjyjXUekvxd5x8:6qO5qR5z3P8m+U+zZjnjkUTpd5DEHT
                MD5:297041ABA1BF91B8DC705143425CC5DE
                SHA1:50F071ED2A627E84FD4CEF82413625FB275F79A7
                SHA-256:086ADF68572FA4C1BEC8C384EDE8D0D20080F6FE8D0DB19D9A8C3C3AE97CA74C
                SHA-512:0AF6895511BACCC227DEB8F12B48807FE639757EE67C4954CC4EEA399A9D32812FBBD1D37AAFA4DA6BAF430EE6835997D88606667397D4738D938DF8FB8CDD09
                Malicious:false
                Reputation:low
                Preview:.PNG........IHDR....................pHYs..........+.....;tEXtComment.xr:d:DAF5xCKJoro:6,j:4051403633177878265,t:24011711.Vh.....iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x='adobe:ns:meta/'>. <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:dc='http://purl.org/dc/elements/1.1/'>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang='x-default'>Untitled design - 1</rdf:li>. </rdf:Alt>. </dc:title>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:Attrib='http://ns.attribution.com/ads/1.0/'>. <Attrib:Ads>. <rdf:Seq>. <rdf:li rdf:parseType='Resource'>. <Attrib:Created>2024-01-17</Attrib:Created>. <Attrib:ExtId>8a43d6bd-a9af-41f7-a8aa-c94ae7c1e9e6</Attrib:ExtId>. <Attrib:FbId>525265914179580</Attrib:FbId>. <Attrib:TouchType>2</Attrib:TouchType>. </rdf:li>. </rdf:Seq>. </Attrib:Ads>. </r

                Chrome Cache Entry: 50

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, ASCII text
                Category:downloaded
                Size (bytes):14301
                Entropy (8bit):4.257260271444295
                Encrypted:false
                SSDEEP:192:IBHYnVOUGLh7xq5YDFRb2PV2HHUvlFS7KpR9iohp/9TvBrUrKcaKrDFki09eD/:iFEFkEcFwm/
                MD5:2792A8D6AD47C561ED3108DB3C8DDA7E
                SHA1:C40716BE3AB0A4F00AE66C615838BAEE9E520CE4
                SHA-256:8CE5896746650F5012DA678DDEC7736AFA642B92C6E837CF3FFBE024E5715633
                SHA-512:0FC706D9574C130C3451762F139BF6F6092A5C118429719FC665F631099FB80A88BD2F95A75C040B00B43C8D66E85F42F1BF9826D639FA26D04A4B85C22F0487
                Malicious:false
                Reputation:low
                URL:https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Preview:<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <link rel="icon" type="image/x-icon" href="https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/favicon/c236dade1721ab266be6aeac24ac4624980252198d850df8d1.png">. .. <link rel="preconnect" href="https://fonts.gstatic.com">. <link href="https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap" rel="stylesheet">.. <script type="text/javascript">. if (window.self !== window.top) {. window.top.location.href = window.location.href;. }. </script>.. <link rel="stylesheet" href="style.css">. <title>Login Page</title>.. <style>. :root {. --left-bg-color: rgba(87, 84, 236, 0.7);. --right-bg-color: rgba(43, 43, 43, 0.8);. --left-btn-hover-color: rgba(87, 84, 236, 1);. --right

                Chrome Cache Entry: 51

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
                Category:downloaded
                Size (bytes):52951
                Entropy (8bit):7.980912496342525
                Encrypted:false
                SSDEEP:768:6PCuxS9EdLl55qm2U4wXx0XK0tUKN+jmZaJUwc4tuT1Ex6qPsOnjyjXUekvxd5x8:6qO5qR5z3P8m+U+zZjnjkUTpd5DEHT
                MD5:297041ABA1BF91B8DC705143425CC5DE
                SHA1:50F071ED2A627E84FD4CEF82413625FB275F79A7
                SHA-256:086ADF68572FA4C1BEC8C384EDE8D0D20080F6FE8D0DB19D9A8C3C3AE97CA74C
                SHA-512:0AF6895511BACCC227DEB8F12B48807FE639757EE67C4954CC4EEA399A9D32812FBBD1D37AAFA4DA6BAF430EE6835997D88606667397D4738D938DF8FB8CDD09
                Malicious:false
                Reputation:low
                URL:https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/favicon/c236dade1721ab266be6aeac24ac4624980252198d850df8d1.png
                Preview:.PNG........IHDR....................pHYs..........+.....;tEXtComment.xr:d:DAF5xCKJoro:6,j:4051403633177878265,t:24011711.Vh.....iTXtXML:com.adobe.xmp.....<x:xmpmeta xmlns:x='adobe:ns:meta/'>. <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'>.. <rdf:Description rdf:about=''. xmlns:dc='http://purl.org/dc/elements/1.1/'>. <dc:title>. <rdf:Alt>. <rdf:li xml:lang='x-default'>Untitled design - 1</rdf:li>. </rdf:Alt>. </dc:title>. </rdf:Description>.. <rdf:Description rdf:about=''. xmlns:Attrib='http://ns.attribution.com/ads/1.0/'>. <Attrib:Ads>. <rdf:Seq>. <rdf:li rdf:parseType='Resource'>. <Attrib:Created>2024-01-17</Attrib:Created>. <Attrib:ExtId>8a43d6bd-a9af-41f7-a8aa-c94ae7c1e9e6</Attrib:ExtId>. <Attrib:FbId>525265914179580</Attrib:FbId>. <Attrib:TouchType>2</Attrib:TouchType>. </rdf:li>. </rdf:Seq>. </Attrib:Ads>. </r

                Chrome Cache Entry: 52

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:PNG image data, 3566 x 830, 8-bit colormap, non-interlaced
                Category:downloaded
                Size (bytes):29465
                Entropy (8bit):7.8573324538118525
                Encrypted:false
                SSDEEP:768:zFbH40yJdmqn29y+ta9KLmPAtdl2JwnhSwyS6RV8KSSOeq:BH4vdnn2vLqAvUUSwy5RVFTq
                MD5:6BD7AAD7D4B0DC00D4ADFDF6F0CBF399
                SHA1:3445447C81CE085CBF3165822DA472156A1949ED
                SHA-256:0DBCD72A5BCFD55A91EAFA6C362C67E1D434016FC85308E17F99AF100565BE0B
                SHA-512:8DB874A322B65BA06D7BE3B41BF469CBCE7FBE496666D077E6FE02DEA079C2EA4C9A653EAA7CA48F5BF360BE1F1ED4B80AD8FCF94697D497BB59B6F710E7B28C
                Malicious:false
                Reputation:low
                URL:https://tochatbe.s3.eu-west-3.amazonaws.com/uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e7a18edc.png
                Preview:.PNG........IHDR.......>......r.....3PLTEGpL%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.f%.foS.+....tRNS... ..`.@.0.pP.X..Z..r.IDATx^..Y..7..P..$.#...v.O.B..V....9...."N.._[.p._8..e.......r.k.}.#...#...n........T_....~........-....>...R..Z.w.k."....0....^u.../...@..z..w.S.>....=...X.4......y:j;.zLC.;.......U.5.)~....y.v=K.w......\.v]......%.v.5......Q..)......0o...g.[......ni...{<......v..6.s.......?.x....4.c{...........gZ......0l}.^......'.....z....@.~.z.{\.......0v%.....tc.5.c.+......~..zg|...Sm..K-u.....z..%.......85u..............s....0..9.3.u.....}...~..........Y.....>Tg.....]..9.....N...!.......5..#..@?.......LK.Z.|.........@.......=...........a.......XJ|....}iw.-...@..s.....P.....B...C..#.....<..`.)^...`........P.v7J:............. .vV........>.......v... ..=........8.....8............P.v-,{.......s..u..@E.......`..C.....6..#.....F{.?.d.....v..........|....=.....W{}..b.w9.....Rk.9o./s.V..s>j.w...........R...R..k].....`....R.....o......t....<.._

                Chrome Cache Entry: 53

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with no line terminators
                Category:downloaded
                Size (bytes):28
                Entropy (8bit):4.378783493486175
                Encrypted:false
                SSDEEP:3:qinPt:qyPt
                MD5:4C42AB4890733A2B01B1B3269C4855E7
                SHA1:5B68BFE664DCBC629042EA45C23954EEF1A9F698
                SHA-256:F69E8FC1414A82F108CFA0725E5211AF1865A9CEA342A5F01E6B2B5ABE47E010
                SHA-512:0631C6EFD555699CB2273107FE5AF565FEC2234344E2D412C23E4EE43C6D721CB2B058764622E44FD544D840FF64D7C866565E280127C701CAAB0A48C35D4F5C
                Malicious:false
                Reputation:low
                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTMxLjAuNjc3OC4xMDkSIAmXMSciOiBttxIFDYOoWz0SBQ3OQUx6IXLOS_GTxC1I?alt=proto
                Preview:ChIKBw2DqFs9GgAKBw3OQUx6GgA=

                Chrome Cache Entry: 54

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (1572)
                Category:downloaded
                Size (bytes):11170
                Entropy (8bit):5.27601930271989
                Encrypted:false
                SSDEEP:192:2NMtfmNMtfNMt4NMtfkNMt/qbNMtDbqGIwV4BNMtnNMtuwNMtiNMtfXNMtuNMtNo:8CfMC1CWC6CyhC/qY4XCNCtC4CfdCkCW
                MD5:B7A6169D3E32B4CDED47137314AFD3EB
                SHA1:BA9679F0B7334C2E52A124FE491E6420832C9E37
                SHA-256:1D563B69D0BFC84B7AB554235CF8C7D2463187FCC7F25E6A2A1B2D2805C3B63D
                SHA-512:940C477F8610F2DB00A542F59660AD9EC7B6E58B417079647AA127D75818E910A7C33E4F2AF92A7F16D5EA8A03F6E55FACA3F97430C54256A25157ED154E6B80
                Malicious:false
                Reputation:low
                URL:https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
                Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-fam

                Static File Info

                No static file info

                Network Behavior

                Download Network PCAP: filteredfull

                Network Port Distribution

                • Total Packets: 386
                • 443 (HTTPS)
                • 80 (HTTP)
                • 53 (DNS)
                TimestampSource PortDest PortSource IPDest IP
                Jan 21, 2025 11:16:13.096637011 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:13.096679926 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:13.096735001 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:13.097018003 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:13.097033024 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:13.928162098 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:13.928670883 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:13.928702116 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:13.929869890 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:13.929939032 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:13.931231976 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:13.931349039 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:13.978169918 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:13.978195906 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:14.025180101 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:14.831048012 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:14.831104040 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:14.831160069 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:14.832032919 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:14.832077026 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:14.832134962 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:14.832716942 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:14.832731009 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:14.833154917 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:14.833169937 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.787249088 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.787564993 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.787574053 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.787600040 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.787837029 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.787853956 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.788496017 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.788590908 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.789625883 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.789625883 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.789690018 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.791515112 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.791624069 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.792560101 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.792819023 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.831259966 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.831291914 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.839401960 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.839428902 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:15.870876074 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:15.886025906 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.100882053 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:16.100975990 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:16.101295948 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.101389885 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.101391077 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.101433992 CET44361607116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:16.103499889 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.103693008 CET61607443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.147340059 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:16.326354027 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:16.326598883 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:16.328639030 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.328638077 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.328670979 CET44361606116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:16.328674078 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:16.328730106 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.328763008 CET61606443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.328766108 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.329075098 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:16.329092026 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.260598898 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.261177063 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.261194944 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.261545897 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.262837887 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.262902975 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.263382912 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.307323933 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.600138903 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.600163937 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.600224972 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.600239038 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.600291014 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.600301981 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.600680113 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.600718975 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.602711916 CET61608443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.602732897 CET44361608116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.640094042 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.640131950 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.640191078 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.644171953 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:17.644185066 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:17.659089088 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:17.659138918 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:17.659190893 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:17.659590960 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:17.659610033 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.583785057 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:18.584122896 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:18.584152937 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:18.584906101 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:18.585319996 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:18.585381031 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:18.585459948 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:18.589407921 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.589674950 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.589730024 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.590790987 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.590867043 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.591918945 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.591996908 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.592163086 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.592181921 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.627337933 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:18.636745930 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.885159016 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.887209892 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.887233973 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.887276888 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.887278080 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.887305975 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.887339115 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.887362003 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.887383938 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.887435913 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.887470961 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.887885094 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.887897015 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.932686090 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.975697041 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.975712061 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.975774050 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.975795031 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.976422071 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.976476908 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.976481915 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.976502895 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.976546049 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.976777077 CET61612443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:18.976789951 CET4436161216.12.18.34192.168.2.24
                Jan 21, 2025 11:16:18.992697001 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:18.992731094 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:18.992799044 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:18.993124962 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:18.993136883 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:19.025141954 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:19.025167942 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:19.025183916 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:19.025454998 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:19.025475979 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:19.025746107 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:19.026236057 CET61609443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:19.026252031 CET44361609116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:19.070868969 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:19.070936918 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:19.071029902 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:19.071759939 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:19.071790934 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:19.898158073 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:19.898426056 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:19.898449898 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:19.899960041 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:19.900022984 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:19.900456905 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:19.900552988 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:19.900628090 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:19.900638103 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:19.947021961 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:19.962687016 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:19.963351011 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:19.963383913 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:19.963763952 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:19.964329958 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:19.964401007 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:19.964498043 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.007374048 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.172159910 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.174202919 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.174215078 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.174228907 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.174263954 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.174292088 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.174312115 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.174348116 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.174370050 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.174375057 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.174412966 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.258263111 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.260027885 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.260050058 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.260106087 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.260183096 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.260221004 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.260246992 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.261168003 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.261233091 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.261251926 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.261271000 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.261296034 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.261300087 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.261337996 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.261634111 CET61614443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.261647940 CET4436161452.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.345370054 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.345392942 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.345422029 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.345484972 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.345562935 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.345601082 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.346508980 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.346553087 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.346580982 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.346597910 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.346646070 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.347419024 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.347472906 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.347481012 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.347501040 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.347543955 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.347815990 CET61615443192.168.2.2416.12.18.34
                Jan 21, 2025 11:16:20.347831011 CET4436161516.12.18.34192.168.2.24
                Jan 21, 2025 11:16:20.352737904 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.352766037 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:20.352816105 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.353951931 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:20.353960991 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.272411108 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.272732019 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.272742987 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.273119926 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.273698092 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.273698092 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.273771048 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.321413040 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.543262959 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.544485092 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.544496059 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.544512987 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.544601917 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.544672966 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.544673920 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.544684887 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.545674086 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.634191990 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.634215117 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.634262085 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.634357929 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.634357929 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.634370089 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.635731936 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.635759115 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.636152029 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.636162043 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.636470079 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.636634111 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.636729956 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:21.636785984 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.637039900 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.637039900 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.948843002 CET61617443192.168.2.2452.95.156.86
                Jan 21, 2025 11:16:21.948864937 CET4436161752.95.156.86192.168.2.24
                Jan 21, 2025 11:16:23.837058067 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:23.837146997 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:23.837193012 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:25.683933020 CET61605443192.168.2.24142.250.181.228
                Jan 21, 2025 11:16:25.683968067 CET44361605142.250.181.228192.168.2.24
                Jan 21, 2025 11:16:26.296303034 CET61620443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:26.296354055 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:26.296451092 CET61620443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:26.296832085 CET61620443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:26.296847105 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:26.300592899 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:26.300652027 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:26.300780058 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:26.301060915 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:26.301074028 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.272974968 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.272995949 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.273291111 CET61620443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.273319960 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.273448944 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.273516893 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.273686886 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.273879051 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.274869919 CET61620443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.274944067 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.275373936 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.275448084 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.276745081 CET61620443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.320025921 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.323333979 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.586122990 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.586211920 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.586272001 CET61620443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.587197065 CET61620443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.587213993 CET44361620116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.589369059 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.631333113 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.820419073 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.820461988 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.820470095 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.820487976 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.820513010 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.820547104 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.820544958 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.820602894 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.820602894 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.822743893 CET61621443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.822772980 CET44361621116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.849020958 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.849096060 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:27.849183083 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.850306034 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:27.850342989 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:28.813827991 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:28.814311028 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:28.814369917 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:28.814867973 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:28.820130110 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:28.820245981 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:28.820691109 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:28.863339901 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:29.258836985 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:29.258871078 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:29.258891106 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:29.258999109 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:29.259072065 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:29.259155989 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:29.445569992 CET61622443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:29.445630074 CET44361622116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:38.451239109 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:38.451296091 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:38.451400995 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:38.451528072 CET61625443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:38.451574087 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:38.451623917 CET61625443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:38.506439924 CET61625443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:38.506458044 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:38.506795883 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:38.506808996 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.458544970 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.459238052 CET61625443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.459264040 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.459590912 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.459860086 CET61625443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.459923029 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.460020065 CET61625443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.471837044 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.472349882 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.472368002 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.472791910 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.473156929 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.473229885 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.503334999 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.528649092 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.816174030 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.816281080 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.816437006 CET61625443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.816836119 CET61625443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.816854000 CET44361625116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:39.818532944 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:39.859334946 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.055870056 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.055898905 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.055906057 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.055922031 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.055927992 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.055936098 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.056006908 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.056025982 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:40.056078911 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:40.057426929 CET61624443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:40.057449102 CET44361624116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.074542046 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:40.074573994 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:40.074723959 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:40.074954987 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:40.074965954 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.008469105 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.046928883 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:41.046960115 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.047401905 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.047970057 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:41.048036098 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.048141003 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:41.095333099 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.485245943 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.485269070 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.485311985 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.485352039 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:41.485383034 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.485408068 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:41.485409975 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:41.485466003 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:41.488739967 CET61629443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:41.488758087 CET44361629116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:47.419961929 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:47.419997931 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:47.420087099 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:47.420886993 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:47.420959949 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:47.421045065 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:47.421612024 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:47.421638966 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:47.421859026 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:47.421890974 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.359071970 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.359586000 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.359658003 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.359992981 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.360306978 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.360378981 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.360479116 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.371648073 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.371896982 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.371922970 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.372253895 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.372648001 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.372709990 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.407327890 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.419500113 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.677866936 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.678014994 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.678100109 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.678677082 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.678677082 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.678749084 CET44361630116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.678828955 CET61630443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.680854082 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.723325968 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913604975 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913672924 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913695097 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913733006 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913757086 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.913775921 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913783073 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913804054 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.913861990 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.913870096 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913906097 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.913912058 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.913959980 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.914891005 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.914905071 CET44361631116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.914916039 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.914956093 CET61631443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.927263975 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.927287102 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:48.927364111 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.927720070 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:48.927731991 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:49.873689890 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:49.874006033 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:49.874037027 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:49.874337912 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:49.874731064 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:49.874785900 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:49.874893904 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:49.915332079 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.335201979 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.335263968 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.335309982 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.335336924 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:50.335365057 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.335410118 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.335422993 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:50.335423946 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:50.335432053 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.335484028 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:50.335493088 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.335535049 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:50.576073885 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:50.576073885 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:50.576097965 CET44361632116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:50.576178074 CET61632443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:52.904001951 CET49772443192.168.2.24108.141.15.7
                Jan 21, 2025 11:16:52.904026031 CET4977780192.168.2.24204.79.197.203
                Jan 21, 2025 11:16:52.904036045 CET4977680192.168.2.242.23.77.188
                Jan 21, 2025 11:16:52.909764051 CET44349772108.141.15.7192.168.2.24
                Jan 21, 2025 11:16:52.909789085 CET8049777204.79.197.203192.168.2.24
                Jan 21, 2025 11:16:52.909811974 CET49772443192.168.2.24108.141.15.7
                Jan 21, 2025 11:16:52.909960032 CET4977780192.168.2.24204.79.197.203
                Jan 21, 2025 11:16:52.910151005 CET80497762.23.77.188192.168.2.24
                Jan 21, 2025 11:16:52.910206079 CET4977680192.168.2.242.23.77.188
                Jan 21, 2025 11:16:53.596781015 CET6163380192.168.2.24216.58.206.67
                Jan 21, 2025 11:16:53.601794958 CET8061633216.58.206.67192.168.2.24
                Jan 21, 2025 11:16:53.601860046 CET6163380192.168.2.24216.58.206.67
                Jan 21, 2025 11:16:53.601953030 CET6163380192.168.2.24216.58.206.67
                Jan 21, 2025 11:16:53.606750011 CET8061633216.58.206.67192.168.2.24
                Jan 21, 2025 11:16:54.234271049 CET8061633216.58.206.67192.168.2.24
                Jan 21, 2025 11:16:54.250567913 CET5766753192.168.2.241.1.1.1
                Jan 21, 2025 11:16:54.255511045 CET53576671.1.1.1192.168.2.24
                Jan 21, 2025 11:16:54.255589008 CET5766753192.168.2.241.1.1.1
                Jan 21, 2025 11:16:54.260484934 CET53576671.1.1.1192.168.2.24
                Jan 21, 2025 11:16:54.290307045 CET6163380192.168.2.24216.58.206.67
                Jan 21, 2025 11:16:54.708899021 CET5766753192.168.2.241.1.1.1
                Jan 21, 2025 11:16:54.709281921 CET5766880192.168.2.24104.76.101.49
                Jan 21, 2025 11:16:54.714010954 CET53576671.1.1.1192.168.2.24
                Jan 21, 2025 11:16:54.714106083 CET8057668104.76.101.49192.168.2.24
                Jan 21, 2025 11:16:54.714116096 CET5766753192.168.2.241.1.1.1
                Jan 21, 2025 11:16:54.714205027 CET5766880192.168.2.24104.76.101.49
                Jan 21, 2025 11:16:54.714337111 CET5766880192.168.2.24104.76.101.49
                Jan 21, 2025 11:16:54.719108105 CET8057668104.76.101.49192.168.2.24
                Jan 21, 2025 11:16:55.169553041 CET8057668104.76.101.49192.168.2.24
                Jan 21, 2025 11:16:55.213279963 CET5766880192.168.2.24104.76.101.49
                Jan 21, 2025 11:16:56.263968945 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:56.264025927 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:56.264138937 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:56.264400959 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:56.264422894 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:56.267368078 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:56.267416000 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:56.267494917 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:56.268106937 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:56.268124104 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.204240084 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.204531908 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.204569101 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.205070019 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.205585957 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.205646992 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.205806017 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.238399982 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.238724947 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.238754034 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.239240885 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.239645004 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.239727974 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.251343966 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.287655115 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.520029068 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.520266056 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.520378113 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.520622969 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.520646095 CET44357670116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.520662069 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.520699978 CET57670443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.522986889 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.563343048 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.758944035 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.759007931 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.759030104 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.759068966 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.759085894 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.759119987 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.759157896 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.759197950 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.759198904 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.759310007 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.759397984 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.879632950 CET57671443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.879661083 CET44357671116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.946948051 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.946985006 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:57.947099924 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.947415113 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:57.947441101 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:58.923063993 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:58.923382998 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:58.923415899 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:58.924562931 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:58.924983978 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:58.925148010 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:58.925159931 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:58.975136042 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.377840996 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.377907991 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.377929926 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.377970934 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.377970934 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.378005981 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.378005981 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.378026009 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.378035069 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.378042936 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.378068924 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.378158092 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.378201962 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.378211021 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.378328085 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:16:59.378375053 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.379125118 CET57675443192.168.2.24116.203.143.50
                Jan 21, 2025 11:16:59.379137039 CET44357675116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:05.064605951 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:05.064651012 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:05.064740896 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:05.065442085 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:05.065460920 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:05.068753958 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:05.068797112 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:05.068880081 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:05.069451094 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:05.069464922 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.022135019 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.022496939 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.022519112 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.023674011 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.024080038 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.024229050 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.024256945 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.038290024 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.038695097 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.038717031 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.039208889 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.039751053 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.039832115 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.076508999 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.091921091 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.349948883 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.350116968 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.350183964 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.350610971 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.350635052 CET44357676116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.350650072 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.350698948 CET57676443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.352652073 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.395366907 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588104963 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588143110 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588151932 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588170052 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588180065 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588187933 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588212013 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.588229895 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588262081 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.588284969 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.588326931 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.608841896 CET57677443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.608867884 CET44357677116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.621759892 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.621804953 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:06.621892929 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.622186899 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:06.622206926 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:07.554963112 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:07.555346012 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:07.555362940 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:07.555845022 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:07.556685925 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:07.556767941 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:07.556838036 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:07.599335909 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:08.023726940 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:08.023761988 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:08.023782015 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:08.023830891 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:08.023849010 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:08.023875952 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:08.023897886 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:08.023905039 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:08.023941994 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:08.023983002 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:08.025418997 CET57678443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:08.025433064 CET44357678116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:13.167707920 CET57680443192.168.2.24142.250.181.228
                Jan 21, 2025 11:17:13.167746067 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:13.167814016 CET57680443192.168.2.24142.250.181.228
                Jan 21, 2025 11:17:13.168520927 CET57680443192.168.2.24142.250.181.228
                Jan 21, 2025 11:17:13.168536901 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:13.987659931 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:13.987703085 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:13.987796068 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:13.988106966 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:13.988123894 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:13.991621971 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:13.991698027 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:13.991795063 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:13.992464066 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:13.992499113 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:13.993685007 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:13.993881941 CET57680443192.168.2.24142.250.181.228
                Jan 21, 2025 11:17:13.993904114 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:13.994385958 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:13.994685888 CET57680443192.168.2.24142.250.181.228
                Jan 21, 2025 11:17:13.994769096 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:14.044167995 CET57680443192.168.2.24142.250.181.228
                Jan 21, 2025 11:17:14.927876949 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.928307056 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:14.928379059 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.928889990 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.929188013 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:14.929285049 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.929318905 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:14.959395885 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.959662914 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:14.959700108 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.960063934 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.960388899 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:14.960460901 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.971330881 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:14.982697010 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.010121107 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.247911930 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.248032093 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.248230934 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.248507023 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.248507023 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.248554945 CET44357681116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.248608112 CET57681443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.250344038 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.291321993 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.690319061 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.690351963 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.690359116 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.690387011 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.690419912 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.690442085 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.690485001 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.690510035 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:15.690514088 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.690558910 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.693505049 CET57682443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:15.693537951 CET44357682116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:16.144658089 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:16.144697905 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:16.144773960 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:16.145066023 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:16.145077944 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.080441952 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.080734968 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:17.080746889 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.081260920 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.081553936 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:17.081655979 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.081712008 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:17.123368025 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.536637068 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.536708117 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.536783934 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.536839008 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:17.536839008 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:17.536850929 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.536997080 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:17.537002087 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:17.537218094 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:17.542089939 CET57686443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:17.542104959 CET44357686116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:22.970846891 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:22.970889091 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:22.970984936 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:22.971765995 CET57688443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:22.971818924 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:22.971894026 CET57688443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:22.972156048 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:22.972178936 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:22.972369909 CET57688443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:22.972414017 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:23.897542953 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:23.897592068 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:23.897643089 CET57680443192.168.2.24142.250.181.228
                Jan 21, 2025 11:17:24.519388914 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.526195049 CET57688443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.526262045 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.526631117 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.531166077 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.535342932 CET57688443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.535434008 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.535548925 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.535571098 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.535749912 CET57688443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.535976887 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.536989927 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.537061930 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.579346895 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.588706017 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.836781979 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.836862087 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.836919069 CET57688443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.837822914 CET57688443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.837838888 CET44357688116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:24.839917898 CET57680443192.168.2.24142.250.181.228
                Jan 21, 2025 11:17:24.839947939 CET44357680142.250.181.228192.168.2.24
                Jan 21, 2025 11:17:24.840115070 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:24.887324095 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.095472097 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.095494032 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.095499992 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.095536947 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.095551014 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.095560074 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.095578909 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.095581055 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:25.095627069 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:25.096904039 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:25.096904039 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:25.111354113 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:25.111391068 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.111468077 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:25.111774921 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:25.111787081 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:25.400007963 CET57687443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:25.400026083 CET44357687116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.053888083 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.054172993 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:26.054210901 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.054553986 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.055033922 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:26.055098057 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.055198908 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:26.099330902 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.503736973 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.503762960 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.503777981 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.503920078 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:26.503947973 CET44357689116.203.143.50192.168.2.24
                Jan 21, 2025 11:17:26.503968000 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:26.504019022 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:26.507191896 CET57689443192.168.2.24116.203.143.50
                Jan 21, 2025 11:17:26.507213116 CET44357689116.203.143.50192.168.2.24
                TimestampSource PortDest PortSource IPDest IP
                Jan 21, 2025 11:16:08.757409096 CET53613731.1.1.1192.168.2.24
                Jan 21, 2025 11:16:08.803777933 CET53522941.1.1.1192.168.2.24
                Jan 21, 2025 11:16:10.230314016 CET53548951.1.1.1192.168.2.24
                Jan 21, 2025 11:16:13.088574886 CET5103953192.168.2.241.1.1.1
                Jan 21, 2025 11:16:13.088888884 CET6167753192.168.2.241.1.1.1
                Jan 21, 2025 11:16:13.095720053 CET53616771.1.1.1192.168.2.24
                Jan 21, 2025 11:16:13.095932007 CET53510391.1.1.1192.168.2.24
                Jan 21, 2025 11:16:14.757432938 CET5627653192.168.2.241.1.1.1
                Jan 21, 2025 11:16:14.798682928 CET6492053192.168.2.241.1.1.1
                Jan 21, 2025 11:16:14.804161072 CET53562761.1.1.1192.168.2.24
                Jan 21, 2025 11:16:14.988476038 CET53649201.1.1.1192.168.2.24
                Jan 21, 2025 11:16:17.640947104 CET5327853192.168.2.241.1.1.1
                Jan 21, 2025 11:16:17.641289949 CET5285553192.168.2.241.1.1.1
                Jan 21, 2025 11:16:17.644515038 CET53530251.1.1.1192.168.2.24
                Jan 21, 2025 11:16:17.654416084 CET53532781.1.1.1192.168.2.24
                Jan 21, 2025 11:16:17.657041073 CET53528551.1.1.1192.168.2.24
                Jan 21, 2025 11:16:18.981575966 CET6163553192.168.2.241.1.1.1
                Jan 21, 2025 11:16:18.981734037 CET5165253192.168.2.241.1.1.1
                Jan 21, 2025 11:16:18.991925955 CET53616351.1.1.1192.168.2.24
                Jan 21, 2025 11:16:18.992150068 CET53516521.1.1.1192.168.2.24
                Jan 21, 2025 11:16:19.070535898 CET53641861.1.1.1192.168.2.24
                Jan 21, 2025 11:16:27.283881903 CET53492001.1.1.1192.168.2.24
                Jan 21, 2025 11:16:38.089519024 CET53527891.1.1.1192.168.2.24
                Jan 21, 2025 11:16:46.440608025 CET53633841.1.1.1192.168.2.24
                Jan 21, 2025 11:16:54.247802973 CET53619021.1.1.1192.168.2.24
                Jan 21, 2025 11:17:08.426094055 CET53630161.1.1.1192.168.2.24
                Jan 21, 2025 11:17:09.237629890 CET53511931.1.1.1192.168.2.24
                Jan 21, 2025 11:17:15.711021900 CET6265753192.168.2.241.1.1.1
                Jan 21, 2025 11:17:15.711023092 CET5747653192.168.2.241.1.1.1
                Jan 21, 2025 11:17:15.987426996 CET53574761.1.1.1192.168.2.24
                Jan 21, 2025 11:17:16.143621922 CET53626571.1.1.1192.168.2.24
                Jan 21, 2025 11:17:23.775023937 CET53631531.1.1.1192.168.2.24
                TimestampSource IPDest IPChecksumCodeType
                Jan 21, 2025 11:16:14.988547087 CET192.168.2.241.1.1.1c265(Port unreachable)Destination Unreachable

                DNS Queries

                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                Jan 21, 2025 11:16:13.088574886 CET192.168.2.241.1.1.10x9aa9Standard query (0)www.google.comA (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:13.088888884 CET192.168.2.241.1.1.10x36bbStandard query (0)www.google.com65IN (0x0001)false
                Jan 21, 2025 11:16:14.757432938 CET192.168.2.241.1.1.10xcd04Standard query (0)whatsapp.dianjin-inc.comA (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:14.798682928 CET192.168.2.241.1.1.10xb60aStandard query (0)whatsapp.dianjin-inc.com65IN (0x0001)false
                Jan 21, 2025 11:16:17.640947104 CET192.168.2.241.1.1.10x33ffStandard query (0)tochatbe.s3.eu-west-3.amazonaws.comA (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:17.641289949 CET192.168.2.241.1.1.10x39d3Standard query (0)tochatbe.s3.eu-west-3.amazonaws.com65IN (0x0001)false
                Jan 21, 2025 11:16:18.981575966 CET192.168.2.241.1.1.10x934aStandard query (0)tochatbe.s3.eu-west-3.amazonaws.comA (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:18.981734037 CET192.168.2.241.1.1.10xb013Standard query (0)tochatbe.s3.eu-west-3.amazonaws.com65IN (0x0001)false
                Jan 21, 2025 11:17:15.711021900 CET192.168.2.241.1.1.10xd6f4Standard query (0)whatsapp.dianjin-inc.comA (IP address)IN (0x0001)false
                Jan 21, 2025 11:17:15.711023092 CET192.168.2.241.1.1.10x6030Standard query (0)whatsapp.dianjin-inc.com65IN (0x0001)false

                DNS Answers

                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                Jan 21, 2025 11:16:13.095720053 CET1.1.1.1192.168.2.240x36bbNo error (0)www.google.com65IN (0x0001)false
                Jan 21, 2025 11:16:13.095932007 CET1.1.1.1192.168.2.240x9aa9No error (0)www.google.com142.250.181.228A (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:14.804161072 CET1.1.1.1192.168.2.240xcd04No error (0)whatsapp.dianjin-inc.comservices.tochat.beCNAME (Canonical name)IN (0x0001)false
                Jan 21, 2025 11:16:14.804161072 CET1.1.1.1192.168.2.240xcd04No error (0)services.tochat.be116.203.143.50A (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:14.988476038 CET1.1.1.1192.168.2.240xb60aNo error (0)whatsapp.dianjin-inc.comservices.tochat.beCNAME (Canonical name)IN (0x0001)false
                Jan 21, 2025 11:16:17.654416084 CET1.1.1.1192.168.2.240x33ffNo error (0)tochatbe.s3.eu-west-3.amazonaws.coms3-r-w.eu-west-3.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                Jan 21, 2025 11:16:17.654416084 CET1.1.1.1192.168.2.240x33ffNo error (0)s3-r-w.eu-west-3.amazonaws.com16.12.18.34A (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:17.654416084 CET1.1.1.1192.168.2.240x33ffNo error (0)s3-r-w.eu-west-3.amazonaws.com52.95.155.90A (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:17.657041073 CET1.1.1.1192.168.2.240x39d3No error (0)tochatbe.s3.eu-west-3.amazonaws.coms3-r-w.eu-west-3.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                Jan 21, 2025 11:16:18.991925955 CET1.1.1.1192.168.2.240x934aNo error (0)tochatbe.s3.eu-west-3.amazonaws.coms3-r-w.eu-west-3.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                Jan 21, 2025 11:16:18.991925955 CET1.1.1.1192.168.2.240x934aNo error (0)s3-r-w.eu-west-3.amazonaws.com52.95.156.86A (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:18.991925955 CET1.1.1.1192.168.2.240x934aNo error (0)s3-r-w.eu-west-3.amazonaws.com16.12.20.10A (IP address)IN (0x0001)false
                Jan 21, 2025 11:16:18.992150068 CET1.1.1.1192.168.2.240xb013No error (0)tochatbe.s3.eu-west-3.amazonaws.coms3-r-w.eu-west-3.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                Jan 21, 2025 11:17:15.987426996 CET1.1.1.1192.168.2.240x6030No error (0)whatsapp.dianjin-inc.comservices.tochat.beCNAME (Canonical name)IN (0x0001)false
                Jan 21, 2025 11:17:16.143621922 CET1.1.1.1192.168.2.240xd6f4No error (0)whatsapp.dianjin-inc.comservices.tochat.beCNAME (Canonical name)IN (0x0001)false
                Jan 21, 2025 11:17:16.143621922 CET1.1.1.1192.168.2.240xd6f4No error (0)services.tochat.be116.203.143.50A (IP address)IN (0x0001)false

                HTTP Request Dependency Graph

                • whatsapp.dianjin-inc.com
                • https:
                  • tochatbe.s3.eu-west-3.amazonaws.com
                • c.pki.goog
                • x1.c.lencr.org

                HTTP Packets

                Session IDSource IPSource PortDestination IPDestination Port
                0192.168.2.2461633216.58.206.6780
                TimestampBytes transferredDirectionData
                Jan 21, 2025 11:16:53.601953030 CET200OUTGET /r/r1.crl HTTP/1.1
                Cache-Control: max-age = 3000
                Connection: Keep-Alive
                Accept: */*
                If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
                User-Agent: Microsoft-CryptoAPI/10.0
                Host: c.pki.goog
                Jan 21, 2025 11:16:54.234271049 CET223INHTTP/1.1 304 Not Modified
                Date: Tue, 21 Jan 2025 09:35:38 GMT
                Expires: Tue, 21 Jan 2025 10:25:38 GMT
                Age: 2476
                Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
                Cache-Control: public, max-age=3000
                Vary: Accept-Encoding


                Session IDSource IPSource PortDestination IPDestination Port
                1192.168.2.2457668104.76.101.4980
                TimestampBytes transferredDirectionData
                Jan 21, 2025 11:16:54.714337111 CET227OUTGET / HTTP/1.1
                Cache-Control: max-age = 3600
                Connection: Keep-Alive
                Accept: */*
                If-Modified-Since: Mon, 12 Feb 2024 22:07:27 GMT
                If-None-Match: "65ca969f-2cd"
                User-Agent: Microsoft-CryptoAPI/10.0
                Host: x1.c.lencr.org
                Jan 21, 2025 11:16:55.169553041 CET1023INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: application/pkix-crl
                Last-Modified: Fri, 13 Dec 2024 18:01:23 GMT
                ETag: "675c7673-2de"
                Cache-Control: max-age=3600
                Expires: Tue, 21 Jan 2025 11:16:55 GMT
                Date: Tue, 21 Jan 2025 10:16:55 GMT
                Content-Length: 734
                Connection: keep-alive
                Data Raw: 30 82 02 da 30 81 c3 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 4f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 29 30 27 06 03 55 04 0a 13 20 49 6e 74 65 72 6e 65 74 20 53 65 63 75 72 69 74 79 20 52 65 73 65 61 72 63 68 20 47 72 6f 75 70 31 15 30 13 06 03 55 04 03 13 0c 49 53 52 47 20 52 6f 6f 74 20 58 31 17 0d 32 34 31 32 31 31 30 30 30 30 30 30 5a 17 0d 32 35 31 31 31 30 32 33 35 39 35 39 5a a0 40 30 3e 30 1f 06 03 55 1d 23 04 18 30 16 80 14 79 b4 59 e6 7b b6 e5 e4 01 73 80 08 88 c8 1a 58 f6 e9 9b 6e 30 0a 06 03 55 1d 14 04 03 02 01 69 30 0f 06 03 55 1d 1c 01 01 ff 04 05 30 03 82 01 ff 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 02 01 00 25 d9 d5 af d1 d6 2f 91 05 35 50 65 d7 ad 13 d8 3b 73 d1 3f 5e 09 69 7f d7 82 29 12 c5 82 d0 96 fe 5f 07 a4 fe f5 92 dc e4 e2 8a 1a 2a 29 c5 eb 97 c8 85 a5 44 9b 9d ba 7b 05 2b 3f e3 3c 18 1c de 8d 37 f6 27 b5 e7 9b ef 45 e7 57 0e c1 f9 07 a5 95 44 fe e1 de 7f 9d e1 31 8c f8 1b 4f 18 5d f8 3d d7 5b e6 e2 03 a6 cb 71 0d ef 7a fe e0 8e f4 5d 1c c5 [TRUNCATED]
                Data Ascii: 000*H0O10UUS1)0'U Internet Security Research Group10UISRG Root X1241211000000Z251110235959Z@0>0U#0yY{sXn0Ui0U00*H%/5Pe;s?^i)_*)D{+?<7'EWD1O]=[qz]"2t@^+(zULdQpK?W)pqxW[6[V7?36_s$BwT+xw_]df_nu}yIqC`sVuP,@`|T+`/Pm w[!:O%'w9enSkbv}gGL")V 2kzr/xx}8i]oA,^i=pt>#6&7$_?k/( kAslBQDhXh~N T/BF?QCG*wsS:


                HTTPS Proxied Packets

                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                0192.168.2.2461607116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:15 UTC674OUTGET / HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                2025-01-21 10:16:16 UTC385INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:16 GMT
                Location: /login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:16 GMT
                2025-01-21 10:16:16 UTC282INData Raw: 31 30 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 6c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 2f 6c 6f 67 69 6e 22 3e 2f 6c 6f 67 69 6e 3c 2f 61 3e 2e
                Data Ascii: 10e<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/login'" /> <title>Redirecting to /login</title> </head> <body> Redirecting to <a href="/login">/login</a>.


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                1192.168.2.2461606116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:16 UTC679OUTGET /login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                2025-01-21 10:16:16 UTC432INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:16 GMT
                Location: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:16 GMT
                2025-01-21 10:16:16 UTC470INData Raw: 31 63 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 77 68 61 74 73 61 70 70 2e 64 69 61 6e 6a 69 6e 2d 69 6e 63 2e 63 6f 6d 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 77 68 61 74 73 61 70 70 2e 64 69 61 6e 6a 69 6e 2d 69 6e 63 2e 63 6f 6d 2f 77 69 64 67 65 74 2f 64 69
                Data Ascii: 1ca<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://whatsapp.dianjin-inc.com/widget/dianjin/login'" /> <title>Redirecting to https://whatsapp.dianjin-inc.com/widget/di


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                2192.168.2.2461608116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:17 UTC694OUTGET /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                2025-01-21 10:16:17 UTC649INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:17 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:17 GMT
                Set-Cookie: login_slug=dianjin; path=/; secure; httponly; samesite=lax
                Set-Cookie: login_type=deleted; expires=Mon, 22-Jan-2024 10:16:16 GMT; Max-Age=0; path=/; httponly
                Set-Cookie: PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3; path=/; secure; httponly; samesite=lax
                2025-01-21 10:16:17 UTC14175INData Raw: 33 37 35 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20
                Data Ascii: 3752<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" type="image/x-icon"


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                3192.168.2.2461609116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:18 UTC664OUTGET /widget/dianjin/style.css HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:19 UTC408INHTTP/1.1 404 Not Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Vary: Accept
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:18 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:18 GMT
                2025-01-21 10:16:19 UTC15976INData Raw: 34 34 36 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 74 69 2d 66 6c 69 63 6b 65 72 20 73 6e 69 70 70 65 74 20 28 72 65 63 6f 6d 6d 65 6e 64 65 64 29 20 20 2d 2d 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 2e 61 73 79 6e 63 2d 68 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 0a 20 20 20 20 20 20 20 20 7d 20 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b 77 5b 6c 5d 2e 70 75 73 68 28 7b 27 67 74 6d 2e 73 74 61 72 74 27 3a 0a
                Data Ascii: 446f<!DOCTYPE html><html lang="en"><head> ... anti-flicker snippet (recommended) --> <style>.async-hide { opacity: 0 !important } </style> <script> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
                2025-01-21 10:16:19 UTC1556INData Raw: 20 22 72 65 6d 6f 76 65 54 61 67 22 2c 20 22 74 61 67 56 61 6c 75 65 22 3a 20 76 61 6c 75 65 2c 20 65 6c 65 6d 65 6e 74 3a 20 65 20 7d 3b 0a 20 20 20 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 43 72 65 61 74 65 45 76 65 6e 74 28 65 76 65 6e 74 4e 61 6d 65 2c 20 6f 70 74 69 6f 6e 73 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 41 64 64 54 61 67 20 28 65 29 20 7b 0a 20 20 20 20 2f 2a 0a 20 20 20 20 2a 20 54 61 6b 65 73 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 20 6c 69 73 74 20 65 6c 65 6d 65 6e 74 20 61 73 20 61 72 67 75 6d 65 6e 74 0a 20 20 20 20 2a 20 46 69 72 65 73 20 65 76 65 6e 74 20 74 6f 20 63 6f 6d 6d 75 6e 69 63 61 74 65 20 77 69 74 68 20 74 68 65 20 70 6c 75 67 69 6e 2c 0a 20 20 20 20 2a 20
                Data Ascii: "removeTag", "tagValue": value, element: e }; simpleTagsInputCreateEvent(eventName, options);}function simpleTagsInputAddTag (e) { /* * Takes simpleTagsInput list element as argument * Fires event to communicate with the plugin, *


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                4192.168.2.246161216.12.18.344436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:18 UTC677OUTGET /uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e7a18edc.png HTTP/1.1
                Host: tochatbe.s3.eu-west-3.amazonaws.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: cross-site
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://whatsapp.dianjin-inc.com/
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                2025-01-21 10:16:18 UTC504INHTTP/1.1 200 OK
                x-amz-id-2: pjZ0bDZGrdmHwCSuusvSf0f0y9Km+eAnk3utFVgLN63I5KVl/ZmcsZPZyProFMW2D9wqvUFJFp4=
                x-amz-request-id: VG56B00QWX71SW97
                Date: Tue, 21 Jan 2025 10:16:19 GMT
                x-amz-replication-status: COMPLETED
                Last-Modified: Sat, 13 Jan 2024 12:49:23 GMT
                ETag: "6bd7aad7d4b0dc00d4adfdf6f0cbf399"
                x-amz-server-side-encryption: AES256
                x-amz-version-id: U5m63Jr16hiV0QRqxdAc8EyrPxjJ0MLH
                Accept-Ranges: bytes
                Content-Type: image/png
                Content-Length: 29465
                Server: AmazonS3
                Connection: close
                2025-01-21 10:16:18 UTC16384INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 0d ee 00 00 03 3e 08 03 00 00 00 e1 72 80 a5 00 00 00 33 50 4c 54 45 47 70 4c 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 6f 53 01 2b 00 00 00 10 74 52 4e 53 00 a0 d0 20 f0 10 60 80 40 c0 30 e0 b0 70 50 90 58 bd c5 5a 00 00 72 85 49 44 41 54 78 5e ec dd 59 92 1d 37 0e 05 50 e4 c0 24 99 23 f7 bf da 76 d7 4f 87 42 b2 ec 56 bd aa 97 c3 39 bb b8 01 e0 22 4e 80 f2 5f 5b fe 70 d4 5f 38 f2 87 ad fc 65 8e 13 03 00 00 10 f0 72 ce 6b ad 7d fb 23 b5 d6 ee 23 fe 0d f1 6e 00 00 00 94 b2 e5 a3 d6 b1 bd 54 5f d7 9c f7 ef 0e 7e 00 00 00 a4 b2 e7 a3 f6 ed ab 2d b5 cb d3 97 c7 3e 00 00 00 52 99 f2 5a db 77 eb 6b de be 22
                Data Ascii: PNGIHDR>r3PLTEGpL%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%foS+tRNS `@0pPXZrIDATx^Y7P$#vOBV9"N_[p_8erk}##nT_~->RZwk"
                2025-01-21 10:16:18 UTC520INData Raw: df a6 46 73 4b 08 22 74 ef 1f 08 b2 74 0f ba 57 09 9a e9 2a 62 a4 b5 9f 2a f6 ac 3f 8b 33 c9 89 06 b4 7b 23 f7 f7 8e e3 7a 93 51 77 b4 d1 45 b2 0e dd 83 ee c5 be 74 01 dd c3 1f ba 92 dc 9a 82 13 ba f7 0f 74 59 ba 87 b5 2b 78 f7 a0 6f 3d e5 65 b9 8f 7d e1 bb 31 76 6f 6f 08 a3 ef 48 b7 39 27 2e bc d7 09 b6 2f e8 de ab a0 88 0d ba f7 3b 5c 09 05 9d bf 73 4f 0c 82 0e dd 83 ee 61 ed da 7a 89 01 33 d0 d1 a0 f3 5a 0f 5f 11 be be d9 d3 31 64 72 83 6d 74 e7 c4 85 f7 08 4c 0a ba f7 2e a8 e3 84 ee fd 16 d9 8e dc 87 41 90 80 07 43 96 ee dd d0 bd 1f 40 f7 de fd 0a 17 a8 01 c1 ef 30 41 b9 aa 45 e1 4b 9b 4f 1d b8 d5 68 04 d1 3d fe f0 de d8 b0 68 c2 75 0f ba 77 2f 7e a0 7b 94 44 bf 8c 90 c6 fe 04 00 b8 65 e9 5e 85 ee fd 03 78 19 e5 d8 24 d0 ae 65 a5 e6 58 c8 61 3d 7c 45
                Data Ascii: FsK"ttW*b*?3{#zQwEttY+xo=e}1vooH9'./;\sOaz3Z_1drmtL.AC@0AEKOh=huw/~{De^x$eXa=|E
                2025-01-21 10:16:18 UTC565INData Raw: ba 07 65 81 ee ed 38 6d 34 f4 6a 61 bc d6 3d a5 37 a1 09 16 2c 5e 77 87 63 1d 56 e0 df 8e f3 0b ba 8e 1e 5b 4a fb bc 68 dd 83 ee 8d a4 64 b6 1a 74 6f 27 25 2c f5 b4 bd 25 32 20 a8 d0 3d e8 1e d6 8e be 7e 19 ed 5a 1e 7c 96 1e d7 ea ea 85 af ed 97 73 bc 60 4f 82 e8 1e d7 01 e5 dc 52 ce 54 28 74 0f ba 67 da f6 e6 e5 1c 74 6f 33 f1 4e 98 c7 90 d7 7f 01 0c 0d ba 07 dd c3 da cd 2d 17 1c 50 04 71 13 f8 fc 7a f8 94 f0 9d db 2e 49 b1 2a 0f 91 20 ba c7 1b de 8b 24 79 0f e8 de bb 18 6e c9 99 6a 76 d0 3d 0a 2e af db f8 52 26 4f 42 63 f4 1e 74 2f 49 d3 3d e8 5e 47 af 16 d6 9f b7 54 e4 ff 87 7a b3 d6 a9 05 9f f0 b1 a3 19 f5 4d d0 db 9a 2d bc 77 11 d5 ff f0 eb 1e 74 6f 28 91 3d e8 de af 00 e3 0b e4 f9 77 8c de 83 ee 2d 69 ba 07 dd ab 78 fb 60 ae 55 f7 59 fe 73 e5 11 d1
                Data Ascii: e8m4ja=7,^wcV[Jhdto'%,%2 =~Z|s`ORT(tgto3N-Pqz.I* $ynjv=.R&OBct/I=^GTzM-wto(=w-ix`UYs
                2025-01-21 10:16:18 UTC9000INData Raw: 59 a3 2c 42 ee cc f1 be 65 5f f8 26 c9 c1 11 cd 88 ba 8b 04 7b 27 5f 78 af af 37 19 42 75 0f ba 77 2e 71 84 a3 b6 ec 1e a0 7b 32 b8 ee b0 14 31 84 0e dd c3 e8 bd 26 64 6f 81 ee 35 eb 6b 57 65 e4 6d e0 7b 61 a8 90 d6 59 9c 26 22 8a 95 89 2a 74 5c 21 88 ee f1 85 f7 88 1a 77 43 f7 de 45 77 0f c2 d4 ef d2 dc 03 74 4f 18 59 91 f2 f5 8d 79 08 70 13 88 91 2e 65 b9 e4 e9 1e 74 af a1 73 a1 94 c2 9e 4a 5e 92 6a 5f f8 2e b4 22 22 ba b3 1d 9e 20 ba c7 16 de 6b 44 8d dc a0 7b ef a2 b5 4d 4b 3f ea 23 7a d0 bd 17 80 f2 15 ba e8 3f 46 ef 41 f7 aa 42 dd 2b d6 55 39 8a 89 39 c2 f7 c2 d0 d1 70 66 36 a7 85 1b 83 46 88 76 f1 90 08 a2 7b 6c e1 bd 4a b4 ab 40 f7 de 45 59 4a 29 f5 a3 d6 d6 dc 0f a0 7b c2 95 af f6 25 9d 94 f7 0d dd 03 97 14 dd ab 46 75 af 11 e8 5e 35 af ca 09 bd
                Data Ascii: Y,Be_&{'_x7Buw.q{21&do5kWem{aY&"*t\!wCEwtOYyp.etsJ^j_."" kD{MK?#z?FAB+U99pf6Fv{lJ@EYJ){%Fu^5
                2025-01-21 10:16:18 UTC2996INData Raw: 6a 81 a6 1c a5 8d 0f 00 00 c8 3d b9 47 95 af e9 60 2b 87 99 e3 30 00 00 72 4f ee 19 e6 ec e3 77 60 28 75 3f e5 04 00 90 7b 72 8f fc b5 97 11 51 7b 6d 1c 08 00 40 ee c9 3d c3 9c 5b 54 80 89 aa da 9f 72 02 00 c8 3d b9 67 3f 63 88 9d e0 7a 75 8b 4b 00 80 dc 93 7b 72 cf 30 27 6a 6f 8a 43 01 00 c8 3d b9 27 a1 e3 0c a8 bd be 8b 0f 01 00 c8 3d b9 47 77 f0 5a 06 74 7d 39 ce 3d 0e 05 00 20 f7 e4 9e e7 b1 89 8f 41 6a cb 71 6e f1 0b 00 00 72 4f ee 31 2a e7 af 4b ed f5 29 8e 05 00 20 f7 e4 9e 61 ce 1c d5 a1 f6 ca 1a 07 03 00 90 7b 72 cf 30 67 8a ea 50 7b 5b 1c 0c 00 40 ee c9 3d 05 dd 47 75 a8 bd 36 c5 c1 00 00 e4 9e dc 33 cc 39 45 6d a8 bd 32 c7 d1 00 00 e4 9e dc f3 38 8e 51 1b 6a ef 1e 87 03 00 90 7b 72 cf 30 e7 10 95 a1 f6 6e 71 3c 00 00 b9 27 f7 0c 73 ce 51 17 6a
                Data Ascii: j=G`+0rOw`(u?{rQ{m@=[Tr=g?czuK{r0'joC='=GwZt}9= AjqnrO1*K) a{r0gP{[@=Gu639Em28Qj{r0nq<'sQj


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                5192.168.2.246161452.95.156.864436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:19 UTC432OUTGET /uploads/logo/458ee0b62ff47b30f887c89ece7eead4fea3237774e7a18edc.png HTTP/1.1
                Host: tochatbe.s3.eu-west-3.amazonaws.com
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: */*
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: cors
                Sec-Fetch-Dest: empty
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                2025-01-21 10:16:20 UTC504INHTTP/1.1 200 OK
                x-amz-id-2: 7lYTTl8DN3tQkrjVVPHmE/UE/yRq93bFI8KfPsDwZUqkZORiYxzw60qtE2+wnyGUaSKKFHLkyxE=
                x-amz-request-id: YS73MX1372T3CQ67
                Date: Tue, 21 Jan 2025 10:16:21 GMT
                x-amz-replication-status: COMPLETED
                Last-Modified: Sat, 13 Jan 2024 12:49:23 GMT
                ETag: "6bd7aad7d4b0dc00d4adfdf6f0cbf399"
                x-amz-server-side-encryption: AES256
                x-amz-version-id: U5m63Jr16hiV0QRqxdAc8EyrPxjJ0MLH
                Accept-Ranges: bytes
                Content-Type: image/png
                Content-Length: 29465
                Server: AmazonS3
                Connection: close
                2025-01-21 10:16:20 UTC16384INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 0d ee 00 00 03 3e 08 03 00 00 00 e1 72 80 a5 00 00 00 33 50 4c 54 45 47 70 4c 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 25 d3 66 6f 53 01 2b 00 00 00 10 74 52 4e 53 00 a0 d0 20 f0 10 60 80 40 c0 30 e0 b0 70 50 90 58 bd c5 5a 00 00 72 85 49 44 41 54 78 5e ec dd 59 92 1d 37 0e 05 50 e4 c0 24 99 23 f7 bf da 76 d7 4f 87 42 b2 ec 56 bd aa 97 c3 39 bb b8 01 e0 22 4e 80 f2 5f 5b fe 70 d4 5f 38 f2 87 ad fc 65 8e 13 03 00 00 10 f0 72 ce 6b ad 7d fb 23 b5 d6 ee 23 fe 0d f1 6e 00 00 00 94 b2 e5 a3 d6 b1 bd 54 5f d7 9c f7 ef 0e 7e 00 00 00 a4 b2 e7 a3 f6 ed ab 2d b5 cb d3 97 c7 3e 00 00 00 52 99 f2 5a db 77 eb 6b de be 22
                Data Ascii: PNGIHDR>r3PLTEGpL%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%foS+tRNS `@0pPXZrIDATx^Y7P$#vOBV9"N_[p_8erk}##nT_~->RZwk"
                2025-01-21 10:16:20 UTC520INData Raw: df a6 46 73 4b 08 22 74 ef 1f 08 b2 74 0f ba 57 09 9a e9 2a 62 a4 b5 9f 2a f6 ac 3f 8b 33 c9 89 06 b4 7b 23 f7 f7 8e e3 7a 93 51 77 b4 d1 45 b2 0e dd 83 ee c5 be 74 01 dd c3 1f ba 92 dc 9a 82 13 ba f7 0f 74 59 ba 87 b5 2b 78 f7 a0 6f 3d e5 65 b9 8f 7d e1 bb 31 76 6f 6f 08 a3 ef 48 b7 39 27 2e bc d7 09 b6 2f e8 de ab a0 88 0d ba f7 3b 5c 09 05 9d bf 73 4f 0c 82 0e dd 83 ee 61 ed da 7a 89 01 33 d0 d1 a0 f3 5a 0f 5f 11 be be d9 d3 31 64 72 83 6d 74 e7 c4 85 f7 08 4c 0a ba f7 2e a8 e3 84 ee fd 16 d9 8e dc 87 41 90 80 07 43 96 ee dd d0 bd 1f 40 f7 de fd 0a 17 a8 01 c1 ef 30 41 b9 aa 45 e1 4b 9b 4f 1d b8 d5 68 04 d1 3d fe f0 de d8 b0 68 c2 75 0f ba 77 2f 7e a0 7b 94 44 bf 8c 90 c6 fe 04 00 b8 65 e9 5e 85 ee fd 03 78 19 e5 d8 24 d0 ae 65 a5 e6 58 c8 61 3d 7c 45
                Data Ascii: FsK"ttW*b*?3{#zQwEttY+xo=e}1vooH9'./;\sOaz3Z_1drmtL.AC@0AEKOh=huw/~{De^x$eXa=|E
                2025-01-21 10:16:20 UTC565INData Raw: ba 07 65 81 ee ed 38 6d 34 f4 6a 61 bc d6 3d a5 37 a1 09 16 2c 5e 77 87 63 1d 56 e0 df 8e f3 0b ba 8e 1e 5b 4a fb bc 68 dd 83 ee 8d a4 64 b6 1a 74 6f 27 25 2c f5 b4 bd 25 32 20 a8 d0 3d e8 1e d6 8e be 7e 19 ed 5a 1e 7c 96 1e d7 ea ea 85 af ed 97 73 bc 60 4f 82 e8 1e d7 01 e5 dc 52 ce 54 28 74 0f ba 67 da f6 e6 e5 1c 74 6f 33 f1 4e 98 c7 90 d7 7f 01 0c 0d ba 07 dd c3 da cd 2d 17 1c 50 04 71 13 f8 fc 7a f8 94 f0 9d db 2e 49 b1 2a 0f 91 20 ba c7 1b de 8b 24 79 0f e8 de bb 18 6e c9 99 6a 76 d0 3d 0a 2e af db f8 52 26 4f 42 63 f4 1e 74 2f 49 d3 3d e8 5e 47 af 16 d6 9f b7 54 e4 ff 87 7a b3 d6 a9 05 9f f0 b1 a3 19 f5 4d d0 db 9a 2d bc 77 11 d5 ff f0 eb 1e 74 6f 28 91 3d e8 de af 00 e3 0b e4 f9 77 8c de 83 ee 2d 69 ba 07 dd ab 78 fb 60 ae 55 f7 59 fe 73 e5 11 d1
                Data Ascii: e8m4ja=7,^wcV[Jhdto'%,%2 =~Z|s`ORT(tgto3N-Pqz.I* $ynjv=.R&OBct/I=^GTzM-wto(=w-ix`UYs
                2025-01-21 10:16:20 UTC11996INData Raw: 59 a3 2c 42 ee cc f1 be 65 5f f8 26 c9 c1 11 cd 88 ba 8b 04 7b 27 5f 78 af af 37 19 42 75 0f ba 77 2e 71 84 a3 b6 ec 1e a0 7b 32 b8 ee b0 14 31 84 0e dd c3 e8 bd 26 64 6f 81 ee 35 eb 6b 57 65 e4 6d e0 7b 61 a8 90 d6 59 9c 26 22 8a 95 89 2a 74 5c 21 88 ee f1 85 f7 88 1a 77 43 f7 de 45 77 0f c2 d4 ef d2 dc 03 74 4f 18 59 91 f2 f5 8d 79 08 70 13 88 91 2e 65 b9 e4 e9 1e 74 af a1 73 a1 94 c2 9e 4a 5e 92 6a 5f f8 2e b4 22 22 ba b3 1d 9e 20 ba c7 16 de 6b 44 8d dc a0 7b ef a2 b5 4d 4b 3f ea 23 7a d0 bd 17 80 f2 15 ba e8 3f 46 ef 41 f7 aa 42 dd 2b d6 55 39 8a 89 39 c2 f7 c2 d0 d1 70 66 36 a7 85 1b 83 46 88 76 f1 90 08 a2 7b 6c e1 bd 4a b4 ab 40 f7 de 45 59 4a 29 f5 a3 d6 d6 dc 0f a0 7b c2 95 af f6 25 9d 94 f7 0d dd 03 97 14 dd ab 46 75 af 11 e8 5e 35 af ca 09 bd
                Data Ascii: Y,Be_&{'_x7Buw.q{21&do5kWem{aY&"*t\!wCEwtOYyp.etsJ^j_."" kD{MK?#z?FAB+U99pf6Fv{lJ@EYJ){%Fu^5


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                6192.168.2.246161516.12.18.344436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:19 UTC680OUTGET /uploads/favicon/c236dade1721ab266be6aeac24ac4624980252198d850df8d1.png HTTP/1.1
                Host: tochatbe.s3.eu-west-3.amazonaws.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: cross-site
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://whatsapp.dianjin-inc.com/
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                2025-01-21 10:16:20 UTC504INHTTP/1.1 200 OK
                x-amz-id-2: kx+Kitqw2jGmN1Ula6JkMQspkVxd9EO0UQxvfdqg2FXTlLB2l07dQFdAyvOY+OI4OsojoZGx5mA=
                x-amz-request-id: YS742TBHE9VQ8ZSC
                Date: Tue, 21 Jan 2025 10:16:21 GMT
                x-amz-replication-status: COMPLETED
                Last-Modified: Wed, 17 Jan 2024 11:22:55 GMT
                ETag: "297041aba1bf91b8dc705143425cc5de"
                x-amz-server-side-encryption: AES256
                x-amz-version-id: BiIY1HHuAxyjFNZZ.BSCqLrLyr5tL8mC
                Accept-Ranges: bytes
                Content-Type: image/png
                Content-Length: 52951
                Server: AmazonS3
                Connection: close
                2025-01-21 10:16:20 UTC16384INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 f4 00 00 01 f4 08 06 00 00 00 cb d6 df 8a 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 3b 74 45 58 74 43 6f 6d 6d 65 6e 74 00 78 72 3a 64 3a 44 41 46 35 78 43 4b 4a 6f 72 6f 3a 36 2c 6a 3a 34 30 35 31 34 30 33 36 33 33 31 37 37 38 37 38 32 36 35 2c 74 3a 32 34 30 31 31 37 31 31 e5 56 68 ac 00 00 04 e5 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 27 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 27 3e 0a 20 20 20 20 20 20 20 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79
                Data Ascii: PNGIHDRpHYs+;tEXtCommentxr:d:DAF5xCKJoro:6,j:4051403633177878265,t:24011711VhiTXtXML:com.adobe.xmp<x:xmpmeta xmlns:x='adobe:ns:meta/'> <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-sy
                2025-01-21 10:16:20 UTC520INData Raw: cd 7d 76 bd e7 fb fc 4c b0 54 c1 a9 f4 a8 cc d9 74 b6 d4 12 e0 e3 47 35 5c 56 32 eb 85 0b 7b dd 0e dc 6b 3e 74 29 36 0f 98 02 78 91 b9 c4 01 02 b6 02 77 73 f6 43 70 f6 43 85 a5 cc 85 4d 8c 8d 33 c4 7b 04 67 86 a7 3c f3 d1 6f fe f2 98 f9 a0 6a cf f7 4e 9e 59 3e 36 3a 39 13 1c 8e 42 c3 20 96 2a 91 5f b4 7f 93 89 7a 83 6e a2 b3 4b 4f cb 53 49 aa 21 e6 9f 38 68 df 28 9d f2 c4 bf f7 aa 9c 3d 3c 01 a6 04 90 60 da 53 f3 07 01 9f 55 74 56 4b 69 44 10 bd f7 98 99 3d 49 f4 82 2d 7a 85 01 63 4a 47 9a 71 b9 41 11 c1 82 ac 50 ae 82 85 05 97 87 02 a7 33 a8 38 66 7e c2 29 75 87 23 47 79 ea c4 85 5a 3b ab 22 29 d3 6f 11 5b b1 9e da 12 91 40 48 66 36 d8 a4 79 45 5d 83 ed 89 53 ca 7a b5 ed bd 21 bc 2c 56 ac f3 80 31 66 11 4a 22 13 0c 02 1f d8 83 71 c7 aa 8e 7f b6 15 5c 20
                Data Ascii: }vLTtG5\V2{k>t)6xwsCpCM3{g<ojNY>6:9B *_znKOSI!8h(=<`SUtVKiD=I-zcJGqAP38f~)u#GyZ;")o[@Hf6yE]Sz!,V1fJ"q\
                2025-01-21 10:16:20 UTC16384INData Raw: a6 8d cd ff d0 a0 bd 68 de ff 67 ef 7c 5e a2 8a a2 38 fe 39 77 c6 d1 b1 9f 8a a4 15 94 8a 96 5a ba 2a a8 50 8a 0a 23 db 54 32 b4 e8 c7 22 db f7 07 04 31 8b fe 83 36 6d 0a b7 cd 50 90 91 e0 2e 0a 5a 54 62 0e 45 48 12 08 22 0c c1 24 11 95 8c f3 4e 8b f7 46 db b4 68 7e e0 dc de fd c0 6c de e2 71 e6 3b 97 73 e6 9e 7b ce b9 29 7b 96 44 05 78 de b8 c8 62 cb 52 1c e4 26 68 2c 28 86 0b 95 06 01 c1 74 77 11 44 ae b6 bf 1b 6b b6 68 15 3b 1c e1 24 91 d6 03 7b eb 51 cf 3c 16 65 56 64 6d 32 69 ad fb 30 df 46 df ca 13 a2 b4 c3 ad 8a 59 5d 72 40 6f cd f6 83 d1 98 0a a7 f0 4b f1 ab 36 fd a6 e2 f8 77 62 67 15 ee 33 32 09 23 93 b5 be 08 2a cf b6 06 31 9e 1c 02 06 41 0a c1 56 35 9c a1 6c fd 9b b7 d6 45 23 97 49 25 aa 7a 23 92 c3 e1 28 13 81 1f 8d 39 31 d1 42 16 74 12 7f b4
                Data Ascii: hg|^89wZ*P#T2"16mP.ZTbEH"$NFh~lq;s{){DxbR&h,(twDkh;${Q<eVdm2i0FY]r@oK6wbg32#*1AV5lE#I%z#(91Bt
                2025-01-21 10:16:20 UTC1024INData Raw: 93 04 42 1f 40 20 db b1 a3 fd 3e cc bd 0d f8 03 40 9f 28 d6 e0 55 b2 9e 0b 49 58 13 41 5a 2f e7 76 36 2c 6e 4c 56 ba f2 f9 44 50 5e 5e e8 cc 05 37 23 ea 49 4a b9 66 eb 99 f0 bf 88 58 4e cf 26 c4 b3 e3 cc 0c fa dc 85 9a b8 6b 04 06 cf 02 cd 84 5e 48 fc 95 55 78 cb c2 9e b8 c6 6c bf 27 dd 73 de b1 f9 3a 74 b8 5b fb 47 56 3c 8e d9 1d 86 7d 09 a3 43 49 51 2c 9e 04 12 56 ed 34 b3 d5 98 eb 5e 7e 70 cb 60 35 e7 dc f0 f8 ff 4e 8d 1e 5f 5a 0c bc 1a 63 28 f1 ef aa 76 34 b2 67 4c b6 93 73 b4 a7 67 bc 86 fe e7 97 7c 26 c8 10 ac 45 bc 40 52 6e 58 6e de 2a 2a 4d bc 93 67 ee 0c b7 37 78 3c e7 93 37 ff 5c 7b 86 7f 25 58 37 f3 bb cd d5 07 ab 3e 6e e2 af 0c b6 44 9f fa 5a f0 9e f3 8a b0 00 38 2c f4 67 ba bb 32 7b de 70 cf e0 1c 57 fb aa ec f1 19 df cb 4a 1a 06 dc 4a 98 53
                Data Ascii: B@ >@(UIXAZ/v6,nLVDP^^7#IJfXN&k^HUxl's:t[GV<}CIQ,V4^~p`5N_Zc(v4gLsg|&E@RnXn**Mg7x<7\{%X7>nDZ8,g2{pWJJS
                2025-01-21 10:16:20 UTC10157INData Raw: f8 48 dd f2 e9 ff 06 0c 8a 32 c8 2a ac 92 55 1b 9b e2 87 73 6d 9c c1 cf 81 2b 4c 4a d9 95 99 3e 6f c2 ce e7 d8 3e 60 4d 7d f9 ad 75 83 15 d0 78 ea 0a f8 da 75 ce 72 a7 21 c7 ff 01 4d d1 99 4e 36 58 19 d1 4d 97 80 1b f6 4c da 3d f6 68 21 c1 a8 ae 81 ec 19 5e fa 27 af 70 41 a5 a1 0a c3 fe 40 7f 3d f8 6c 88 d0 f5 a4 0d 19 58 93 49 bf 4d 3d 90 56 71 d2 83 36 ae 9a 9e 40 ba 00 e9 65 a9 56 65 64 cf b5 90 e0 21 c1 fe c1 7c d1 d3 b2 a8 73 7a ff 6c ce b4 15 d8 64 46 76 9d 47 87 99 8a 67 cb c5 de 72 b4 70 3f e5 55 be c6 bb 67 18 89 d2 db d4 98 d7 db 50 d3 76 5f 00 6f 33 b3 0f 03 db c2 27 98 c3 e7 ad 7b 9e 1f 03 3d 14 4f 04 7b d6 6c 20 40 95 a3 6b 7c 18 c0 bd 94 55 ef 2e 34 f8 28 30 be df 38 cf 0a 0c 38 86 e9 8f 09 ac 63 30 d3 0d 4f 4b a1 6f dd 1c 77 f5 db 0e 1e 42
                Data Ascii: H2*Usm+LJ>o>`M}uxur!MN6XML=h!^'pA@=lXIM=Vq6@eVed!|szldFvGgrp?UgPv_o3'{=O{l @k|U.4(088c0OKowB
                2025-01-21 10:16:20 UTC8482INData Raw: 2f 73 17 8c 49 cc 8f bf cc 70 2f cb 25 b9 c2 e0 6c d0 78 41 91 61 05 42 66 1a b0 79 0a 27 4f ca 2d 38 24 bd ee 07 11 0d f8 37 75 15 4a 31 ae 46 5c 19 40 43 37 c1 da 33 b6 bd f3 b6 1a da f6 03 fd f1 f9 de 25 ef 19 2a 8e 3f f2 b1 09 cd ed 17 bb 40 ef 04 fe 2a 1c 9f 96 03 3a be 44 ab b7 ca 4f 24 e5 66 4f 02 31 c4 03 c0 df 59 7e 77 e3 8e 85 cf d8 0e 5e eb e7 ef 10 71 fa 03 31 d5 32 b5 fa bd f9 38 f7 7b e0 42 52 b9 96 99 85 45 df 0f 81 2e af 5b 3e 36 ac 64 a6 af 0d cf e0 0a 77 fc 2c 9f 3e 51 9b a7 de 0b 4f 9f a5 35 c5 2b d5 3c b5 c5 ac a7 27 e6 02 15 9a dc 78 73 4c 0a 88 5d 8c dc 2b 40 65 c0 14 c2 1c d6 d4 cb 24 d4 ef 3e cf b4 6b 7c ba a4 ee 45 ea 68 24 c0 d8 8b f8 25 d2 cf e4 ac ee 58 6e ee 91 dd fb 8f 18 53 1f 72 17 b4 5c a5 47 2e f8 9a 8d b8 ab e0 19 3e ac
                Data Ascii: /sIp/%lxAaBfy'O-8$7uJ1F\@C73%*?@*:DO$fO1Y~w^q128{BRE.[>6dw,>QO5+<'xsL]+@e$>k|Eh$%XnSr\G.>


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                7192.168.2.246161752.95.156.864436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:21 UTC435OUTGET /uploads/favicon/c236dade1721ab266be6aeac24ac4624980252198d850df8d1.png HTTP/1.1
                Host: tochatbe.s3.eu-west-3.amazonaws.com
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: */*
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: cors
                Sec-Fetch-Dest: empty
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                2025-01-21 10:16:21 UTC504INHTTP/1.1 200 OK
                x-amz-id-2: EUh5ieMvudb8EoHoYvSoBtTjRDx0PAsu6q1LgZm/EHKOZXSY3s/Qid1NB1+B/W+DVcNcemUuROw=
                x-amz-request-id: 6FW3RDZTC1DSV9Z4
                Date: Tue, 21 Jan 2025 10:16:22 GMT
                x-amz-replication-status: COMPLETED
                Last-Modified: Wed, 17 Jan 2024 11:22:55 GMT
                ETag: "297041aba1bf91b8dc705143425cc5de"
                x-amz-server-side-encryption: AES256
                x-amz-version-id: BiIY1HHuAxyjFNZZ.BSCqLrLyr5tL8mC
                Accept-Ranges: bytes
                Content-Type: image/png
                Content-Length: 52951
                Server: AmazonS3
                Connection: close
                2025-01-21 10:16:21 UTC16384INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 f4 00 00 01 f4 08 06 00 00 00 cb d6 df 8a 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 3b 74 45 58 74 43 6f 6d 6d 65 6e 74 00 78 72 3a 64 3a 44 41 46 35 78 43 4b 4a 6f 72 6f 3a 36 2c 6a 3a 34 30 35 31 34 30 33 36 33 33 31 37 37 38 37 38 32 36 35 2c 74 3a 32 34 30 31 31 37 31 31 e5 56 68 ac 00 00 04 e5 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 27 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 27 3e 0a 20 20 20 20 20 20 20 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 30 32 2f 32 32 2d 72 64 66 2d 73 79
                Data Ascii: PNGIHDRpHYs+;tEXtCommentxr:d:DAF5xCKJoro:6,j:4051403633177878265,t:24011711VhiTXtXML:com.adobe.xmp<x:xmpmeta xmlns:x='adobe:ns:meta/'> <rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-sy
                2025-01-21 10:16:21 UTC520INData Raw: cd 7d 76 bd e7 fb fc 4c b0 54 c1 a9 f4 a8 cc d9 74 b6 d4 12 e0 e3 47 35 5c 56 32 eb 85 0b 7b dd 0e dc 6b 3e 74 29 36 0f 98 02 78 91 b9 c4 01 02 b6 02 77 73 f6 43 70 f6 43 85 a5 cc 85 4d 8c 8d 33 c4 7b 04 67 86 a7 3c f3 d1 6f fe f2 98 f9 a0 6a cf f7 4e 9e 59 3e 36 3a 39 13 1c 8e 42 c3 20 96 2a 91 5f b4 7f 93 89 7a 83 6e a2 b3 4b 4f cb 53 49 aa 21 e6 9f 38 68 df 28 9d f2 c4 bf f7 aa 9c 3d 3c 01 a6 04 90 60 da 53 f3 07 01 9f 55 74 56 4b 69 44 10 bd f7 98 99 3d 49 f4 82 2d 7a 85 01 63 4a 47 9a 71 b9 41 11 c1 82 ac 50 ae 82 85 05 97 87 02 a7 33 a8 38 66 7e c2 29 75 87 23 47 79 ea c4 85 5a 3b ab 22 29 d3 6f 11 5b b1 9e da 12 91 40 48 66 36 d8 a4 79 45 5d 83 ed 89 53 ca 7a b5 ed bd 21 bc 2c 56 ac f3 80 31 66 11 4a 22 13 0c 02 1f d8 83 71 c7 aa 8e 7f b6 15 5c 20
                Data Ascii: }vLTtG5\V2{k>t)6xwsCpCM3{g<ojNY>6:9B *_znKOSI!8h(=<`SUtVKiD=I-zcJGqAP38f~)u#GyZ;")o[@Hf6yE]Sz!,V1fJ"q\
                2025-01-21 10:16:21 UTC16384INData Raw: a6 8d cd ff d0 a0 bd 68 de ff 67 ef 7c 5e a2 8a a2 38 fe 39 77 c6 d1 b1 9f 8a a4 15 94 8a 96 5a ba 2a a8 50 8a 0a 23 db 54 32 b4 e8 c7 22 db f7 07 04 31 8b fe 83 36 6d 0a b7 cd 50 90 91 e0 2e 0a 5a 54 62 0e 45 48 12 08 22 0c c1 24 11 95 8c f3 4e 8b f7 46 db b4 68 7e e0 dc de fd c0 6c de e2 71 e6 3b 97 73 e6 9e 7b ce b9 29 7b 96 44 05 78 de b8 c8 62 cb 52 1c e4 26 68 2c 28 86 0b 95 06 01 c1 74 77 11 44 ae b6 bf 1b 6b b6 68 15 3b 1c e1 24 91 d6 03 7b eb 51 cf 3c 16 65 56 64 6d 32 69 ad fb 30 df 46 df ca 13 a2 b4 c3 ad 8a 59 5d 72 40 6f cd f6 83 d1 98 0a a7 f0 4b f1 ab 36 fd a6 e2 f8 77 62 67 15 ee 33 32 09 23 93 b5 be 08 2a cf b6 06 31 9e 1c 02 06 41 0a c1 56 35 9c a1 6c fd 9b b7 d6 45 23 97 49 25 aa 7a 23 92 c3 e1 28 13 81 1f 8d 39 31 d1 42 16 74 12 7f b4
                Data Ascii: hg|^89wZ*P#T2"16mP.ZTbEH"$NFh~lq;s{){DxbR&h,(twDkh;${Q<eVdm2i0FY]r@oK6wbg32#*1AV5lE#I%z#(91Bt
                2025-01-21 10:16:21 UTC1024INData Raw: 93 04 42 1f 40 20 db b1 a3 fd 3e cc bd 0d f8 03 40 9f 28 d6 e0 55 b2 9e 0b 49 58 13 41 5a 2f e7 76 36 2c 6e 4c 56 ba f2 f9 44 50 5e 5e e8 cc 05 37 23 ea 49 4a b9 66 eb 99 f0 bf 88 58 4e cf 26 c4 b3 e3 cc 0c fa dc 85 9a b8 6b 04 06 cf 02 cd 84 5e 48 fc 95 55 78 cb c2 9e b8 c6 6c bf 27 dd 73 de b1 f9 3a 74 b8 5b fb 47 56 3c 8e d9 1d 86 7d 09 a3 43 49 51 2c 9e 04 12 56 ed 34 b3 d5 98 eb 5e 7e 70 cb 60 35 e7 dc f0 f8 ff 4e 8d 1e 5f 5a 0c bc 1a 63 28 f1 ef aa 76 34 b2 67 4c b6 93 73 b4 a7 67 bc 86 fe e7 97 7c 26 c8 10 ac 45 bc 40 52 6e 58 6e de 2a 2a 4d bc 93 67 ee 0c b7 37 78 3c e7 93 37 ff 5c 7b 86 7f 25 58 37 f3 bb cd d5 07 ab 3e 6e e2 af 0c b6 44 9f fa 5a f0 9e f3 8a b0 00 38 2c f4 67 ba bb 32 7b de 70 cf e0 1c 57 fb aa ec f1 19 df cb 4a 1a 06 dc 4a 98 53
                Data Ascii: B@ >@(UIXAZ/v6,nLVDP^^7#IJfXN&k^HUxl's:t[GV<}CIQ,V4^~p`5N_Zc(v4gLsg|&E@RnXn**Mg7x<7\{%X7>nDZ8,g2{pWJJS
                2025-01-21 10:16:21 UTC10157INData Raw: f8 48 dd f2 e9 ff 06 0c 8a 32 c8 2a ac 92 55 1b 9b e2 87 73 6d 9c c1 cf 81 2b 4c 4a d9 95 99 3e 6f c2 ce e7 d8 3e 60 4d 7d f9 ad 75 83 15 d0 78 ea 0a f8 da 75 ce 72 a7 21 c7 ff 01 4d d1 99 4e 36 58 19 d1 4d 97 80 1b f6 4c da 3d f6 68 21 c1 a8 ae 81 ec 19 5e fa 27 af 70 41 a5 a1 0a c3 fe 40 7f 3d f8 6c 88 d0 f5 a4 0d 19 58 93 49 bf 4d 3d 90 56 71 d2 83 36 ae 9a 9e 40 ba 00 e9 65 a9 56 65 64 cf b5 90 e0 21 c1 fe c1 7c d1 d3 b2 a8 73 7a ff 6c ce b4 15 d8 64 46 76 9d 47 87 99 8a 67 cb c5 de 72 b4 70 3f e5 55 be c6 bb 67 18 89 d2 db d4 98 d7 db 50 d3 76 5f 00 6f 33 b3 0f 03 db c2 27 98 c3 e7 ad 7b 9e 1f 03 3d 14 4f 04 7b d6 6c 20 40 95 a3 6b 7c 18 c0 bd 94 55 ef 2e 34 f8 28 30 be df 38 cf 0a 0c 38 86 e9 8f 09 ac 63 30 d3 0d 4f 4b a1 6f dd 1c 77 f5 db 0e 1e 42
                Data Ascii: H2*Usm+LJ>o>`M}uxur!MN6XML=h!^'pA@=lXIM=Vq6@eVed!|szldFvGgrp?UgPv_o3'{=O{l @k|U.4(088c0OKowB
                2025-01-21 10:16:21 UTC8482INData Raw: 2f 73 17 8c 49 cc 8f bf cc 70 2f cb 25 b9 c2 e0 6c d0 78 41 91 61 05 42 66 1a b0 79 0a 27 4f ca 2d 38 24 bd ee 07 11 0d f8 37 75 15 4a 31 ae 46 5c 19 40 43 37 c1 da 33 b6 bd f3 b6 1a da f6 03 fd f1 f9 de 25 ef 19 2a 8e 3f f2 b1 09 cd ed 17 bb 40 ef 04 fe 2a 1c 9f 96 03 3a be 44 ab b7 ca 4f 24 e5 66 4f 02 31 c4 03 c0 df 59 7e 77 e3 8e 85 cf d8 0e 5e eb e7 ef 10 71 fa 03 31 d5 32 b5 fa bd f9 38 f7 7b e0 42 52 b9 96 99 85 45 df 0f 81 2e af 5b 3e 36 ac 64 a6 af 0d cf e0 0a 77 fc 2c 9f 3e 51 9b a7 de 0b 4f 9f a5 35 c5 2b d5 3c b5 c5 ac a7 27 e6 02 15 9a dc 78 73 4c 0a 88 5d 8c dc 2b 40 65 c0 14 c2 1c d6 d4 cb 24 d4 ef 3e cf b4 6b 7c ba a4 ee 45 ea 68 24 c0 d8 8b f8 25 d2 cf e4 ac ee 58 6e ee 91 dd fb 8f 18 53 1f 72 17 b4 5c a5 47 2e f8 9a 8d b8 ab e0 19 3e ac
                Data Ascii: /sIp/%lxAaBfy'O-8$7uJ1F\@C73%*?@*:DO$fO1Y~w^q128{BRE.[>6dw,>QO5+<'xsL]+@e$>k|Eh$%XnSr\G.>


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                8192.168.2.2461620116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:27 UTC970OUTPOST /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Content-Length: 181
                Cache-Control: max-age=0
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Origin: https://whatsapp.dianjin-inc.com
                Content-Type: application/x-www-form-urlencoded
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:27 UTC181OUTData Raw: 65 6d 61 69 6c 3d 71 32 30 6a 30 72 25 34 30 68 76 73 79 67 2e 63 6f 6d 26 70 61 73 73 77 6f 72 64 3d 79 6c 5a 72 38 25 33 42 25 33 42 2a 51 76 6c 53 56 6c 26 5f 63 73 72 66 5f 74 6f 6b 65 6e 3d 36 61 37 39 32 63 32 30 38 30 30 63 37 2e 44 4f 30 5a 76 4e 4c 65 74 52 44 59 37 52 6e 6b 4a 74 59 51 45 66 6d 4a 68 4e 46 78 53 43 4c 65 46 7a 69 5a 2d 32 71 5f 33 49 67 2e 4e 4e 74 31 6b 65 75 5a 31 6d 71 30 69 33 4b 4c 62 35 56 63 51 72 33 39 5f 4c 41 6f 44 57 36 36 49 6d 76 6f 6d 6a 4f 4a 6c 63 55 37 6c 48 4c 47 6e 62 62 43 56 61 32 43 4b 51
                Data Ascii: email=q20j0r%40hvsyg.com&password=ylZr8%3B%3B*QvlSVl&_csrf_token=6a792c20800c7.DO0ZvNLetRDY7RnkJtYQEfmJhNFxSCLeFziZ-2q_3Ig.NNt1keuZ1mq0i3KLb5VcQr39_LAoDW66ImvomjOJlcU7lHLGnbbCVa2CKQ
                2025-01-21 10:16:27 UTC400INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:27 GMT
                Location: /widget/dianjin/login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:27 GMT
                2025-01-21 10:16:27 UTC342INData Raw: 31 34 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 52 65 64 69 72 65 63 74 69 6e 67 20 74
                Data Ascii: 14a<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/widget/dianjin/login'" /> <title>Redirecting to /widget/dianjin/login</title> </head> <body> Redirecting t


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                9192.168.2.2461621116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:27 UTC857OUTGET /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Cache-Control: max-age=0
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:27 UTC559INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:27 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:27 GMT
                Set-Cookie: login_slug=dianjin; path=/; secure; httponly; samesite=lax
                Set-Cookie: login_type=deleted; expires=Mon, 22-Jan-2024 10:16:26 GMT; Max-Age=0; path=/; httponly
                2025-01-21 10:16:27 UTC14329INData Raw: 33 37 65 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20
                Data Ascii: 37ec<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" type="image/x-icon"


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                10192.168.2.2461622116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:28 UTC664OUTGET /widget/dianjin/style.css HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:29 UTC408INHTTP/1.1 404 Not Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Vary: Accept
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:29 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:29 GMT
                2025-01-21 10:16:29 UTC15976INData Raw: 34 34 36 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 74 69 2d 66 6c 69 63 6b 65 72 20 73 6e 69 70 70 65 74 20 28 72 65 63 6f 6d 6d 65 6e 64 65 64 29 20 20 2d 2d 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 2e 61 73 79 6e 63 2d 68 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 0a 20 20 20 20 20 20 20 20 7d 20 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b 77 5b 6c 5d 2e 70 75 73 68 28 7b 27 67 74 6d 2e 73 74 61 72 74 27 3a 0a
                Data Ascii: 446f<!DOCTYPE html><html lang="en"><head> ... anti-flicker snippet (recommended) --> <style>.async-hide { opacity: 0 !important } </style> <script> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
                2025-01-21 10:16:29 UTC1556INData Raw: 20 22 72 65 6d 6f 76 65 54 61 67 22 2c 20 22 74 61 67 56 61 6c 75 65 22 3a 20 76 61 6c 75 65 2c 20 65 6c 65 6d 65 6e 74 3a 20 65 20 7d 3b 0a 20 20 20 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 43 72 65 61 74 65 45 76 65 6e 74 28 65 76 65 6e 74 4e 61 6d 65 2c 20 6f 70 74 69 6f 6e 73 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 41 64 64 54 61 67 20 28 65 29 20 7b 0a 20 20 20 20 2f 2a 0a 20 20 20 20 2a 20 54 61 6b 65 73 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 20 6c 69 73 74 20 65 6c 65 6d 65 6e 74 20 61 73 20 61 72 67 75 6d 65 6e 74 0a 20 20 20 20 2a 20 46 69 72 65 73 20 65 76 65 6e 74 20 74 6f 20 63 6f 6d 6d 75 6e 69 63 61 74 65 20 77 69 74 68 20 74 68 65 20 70 6c 75 67 69 6e 2c 0a 20 20 20 20 2a 20
                Data Ascii: "removeTag", "tagValue": value, element: e }; simpleTagsInputCreateEvent(eventName, options);}function simpleTagsInputAddTag (e) { /* * Takes simpleTagsInput list element as argument * Fires event to communicate with the plugin, *


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                11192.168.2.2461625116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:39 UTC970OUTPOST /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Content-Length: 181
                Cache-Control: max-age=0
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Origin: https://whatsapp.dianjin-inc.com
                Content-Type: application/x-www-form-urlencoded
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:39 UTC181OUTData Raw: 65 6d 61 69 6c 3d 72 30 75 34 70 6c 25 34 30 61 6c 63 2e 6f 72 67 26 70 61 73 73 77 6f 72 64 3d 74 25 35 45 5f 2a 73 53 79 49 57 68 70 26 5f 63 73 72 66 5f 74 6f 6b 65 6e 3d 31 30 66 33 65 36 31 64 39 37 39 33 38 35 62 36 61 34 62 66 2e 63 35 61 71 6f 38 53 56 4d 4f 67 56 50 35 59 58 70 51 36 42 41 6b 34 48 62 67 59 2d 61 61 64 6b 65 70 65 30 6c 47 6a 34 52 32 34 2e 53 36 44 47 6a 76 33 53 55 35 4a 35 57 66 31 34 37 45 33 4e 55 51 70 7a 46 6d 64 6e 4c 4f 73 41 54 38 54 46 39 54 48 4f 44 69 4e 45 37 38 48 5a 69 5f 31 48 72 57 42 51 70 67
                Data Ascii: email=r0u4pl%40alc.org&password=t%5E_*sSyIWhp&_csrf_token=10f3e61d979385b6a4bf.c5aqo8SVMOgVP5YXpQ6BAk4HbgY-aadkepe0lGj4R24.S6DGjv3SU5J5Wf147E3NUQpzFmdnLOsAT8TF9THODiNE78HZi_1HrWBQpg
                2025-01-21 10:16:39 UTC400INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:39 GMT
                Location: /widget/dianjin/login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:39 GMT
                2025-01-21 10:16:39 UTC342INData Raw: 31 34 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 52 65 64 69 72 65 63 74 69 6e 67 20 74
                Data Ascii: 14a<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/widget/dianjin/login'" /> <title>Redirecting to /widget/dianjin/login</title> </head> <body> Redirecting t


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                12192.168.2.2461624116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:39 UTC857OUTGET /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Cache-Control: max-age=0
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:40 UTC559INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:39 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:39 GMT
                Set-Cookie: login_slug=dianjin; path=/; secure; httponly; samesite=lax
                Set-Cookie: login_type=deleted; expires=Mon, 22-Jan-2024 10:16:38 GMT; Max-Age=0; path=/; httponly
                2025-01-21 10:16:40 UTC14322INData Raw: 33 37 65 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20
                Data Ascii: 37e5<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" type="image/x-icon"


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                13192.168.2.2461629116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:41 UTC664OUTGET /widget/dianjin/style.css HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:41 UTC408INHTTP/1.1 404 Not Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Vary: Accept
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:41 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:41 GMT
                2025-01-21 10:16:41 UTC15976INData Raw: 34 34 36 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 74 69 2d 66 6c 69 63 6b 65 72 20 73 6e 69 70 70 65 74 20 28 72 65 63 6f 6d 6d 65 6e 64 65 64 29 20 20 2d 2d 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 2e 61 73 79 6e 63 2d 68 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 0a 20 20 20 20 20 20 20 20 7d 20 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b 77 5b 6c 5d 2e 70 75 73 68 28 7b 27 67 74 6d 2e 73 74 61 72 74 27 3a 0a
                Data Ascii: 446f<!DOCTYPE html><html lang="en"><head> ... anti-flicker snippet (recommended) --> <style>.async-hide { opacity: 0 !important } </style> <script> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
                2025-01-21 10:16:41 UTC1556INData Raw: 20 22 72 65 6d 6f 76 65 54 61 67 22 2c 20 22 74 61 67 56 61 6c 75 65 22 3a 20 76 61 6c 75 65 2c 20 65 6c 65 6d 65 6e 74 3a 20 65 20 7d 3b 0a 20 20 20 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 43 72 65 61 74 65 45 76 65 6e 74 28 65 76 65 6e 74 4e 61 6d 65 2c 20 6f 70 74 69 6f 6e 73 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 41 64 64 54 61 67 20 28 65 29 20 7b 0a 20 20 20 20 2f 2a 0a 20 20 20 20 2a 20 54 61 6b 65 73 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 20 6c 69 73 74 20 65 6c 65 6d 65 6e 74 20 61 73 20 61 72 67 75 6d 65 6e 74 0a 20 20 20 20 2a 20 46 69 72 65 73 20 65 76 65 6e 74 20 74 6f 20 63 6f 6d 6d 75 6e 69 63 61 74 65 20 77 69 74 68 20 74 68 65 20 70 6c 75 67 69 6e 2c 0a 20 20 20 20 2a 20
                Data Ascii: "removeTag", "tagValue": value, element: e }; simpleTagsInputCreateEvent(eventName, options);}function simpleTagsInputAddTag (e) { /* * Takes simpleTagsInput list element as argument * Fires event to communicate with the plugin, *


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                14192.168.2.2461630116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:48 UTC970OUTPOST /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Content-Length: 177
                Cache-Control: max-age=0
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Origin: https://whatsapp.dianjin-inc.com
                Content-Type: application/x-www-form-urlencoded
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:48 UTC177OUTData Raw: 65 6d 61 69 6c 3d 76 65 6f 79 39 71 25 34 30 64 73 6a 2e 63 6f 26 70 61 73 73 77 6f 72 64 3d 72 6b 58 66 25 33 46 25 35 44 4e 39 37 4c 36 39 45 26 5f 63 73 72 66 5f 74 6f 6b 65 6e 3d 30 38 38 35 31 65 61 33 38 30 63 64 62 2e 4c 43 48 6d 69 31 70 56 67 78 62 38 44 67 4a 45 66 51 6f 36 68 65 4a 57 64 37 42 4e 49 30 77 74 45 6e 7a 70 75 58 4f 50 79 4a 67 2e 46 42 65 4b 70 6d 4d 53 34 47 79 51 61 47 6b 72 4e 45 6c 32 31 71 59 69 44 39 45 55 5a 67 42 4a 4a 79 2d 59 32 43 71 35 67 64 55 62 57 49 33 78 46 54 33 30 55 34 6c 68 4d 67
                Data Ascii: email=veoy9q%40dsj.co&password=rkXf%3F%5DN97L69E&_csrf_token=08851ea380cdb.LCHmi1pVgxb8DgJEfQo6heJWd7BNI0wtEnzpuXOPyJg.FBeKpmMS4GyQaGkrNEl21qYiD9EUZgBJJy-Y2Cq5gdUbWI3xFT30U4lhMg
                2025-01-21 10:16:48 UTC400INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:48 GMT
                Location: /widget/dianjin/login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:48 GMT
                2025-01-21 10:16:48 UTC342INData Raw: 31 34 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 52 65 64 69 72 65 63 74 69 6e 67 20 74
                Data Ascii: 14a<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/widget/dianjin/login'" /> <title>Redirecting to /widget/dianjin/login</title> </head> <body> Redirecting t


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                15192.168.2.2461631116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:48 UTC857OUTGET /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Cache-Control: max-age=0
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:48 UTC559INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:48 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:48 GMT
                Set-Cookie: login_slug=dianjin; path=/; secure; httponly; samesite=lax
                Set-Cookie: login_type=deleted; expires=Mon, 22-Jan-2024 10:16:47 GMT; Max-Age=0; path=/; httponly
                2025-01-21 10:16:48 UTC14316INData Raw: 33 37 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20
                Data Ascii: 37df<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" type="image/x-icon"


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                16192.168.2.2461632116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:49 UTC664OUTGET /widget/dianjin/style.css HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:50 UTC408INHTTP/1.1 404 Not Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Vary: Accept
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:50 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:50 GMT
                2025-01-21 10:16:50 UTC15976INData Raw: 34 34 36 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 74 69 2d 66 6c 69 63 6b 65 72 20 73 6e 69 70 70 65 74 20 28 72 65 63 6f 6d 6d 65 6e 64 65 64 29 20 20 2d 2d 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 2e 61 73 79 6e 63 2d 68 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 0a 20 20 20 20 20 20 20 20 7d 20 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b 77 5b 6c 5d 2e 70 75 73 68 28 7b 27 67 74 6d 2e 73 74 61 72 74 27 3a 0a
                Data Ascii: 446f<!DOCTYPE html><html lang="en"><head> ... anti-flicker snippet (recommended) --> <style>.async-hide { opacity: 0 !important } </style> <script> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
                2025-01-21 10:16:50 UTC1556INData Raw: 20 22 72 65 6d 6f 76 65 54 61 67 22 2c 20 22 74 61 67 56 61 6c 75 65 22 3a 20 76 61 6c 75 65 2c 20 65 6c 65 6d 65 6e 74 3a 20 65 20 7d 3b 0a 20 20 20 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 43 72 65 61 74 65 45 76 65 6e 74 28 65 76 65 6e 74 4e 61 6d 65 2c 20 6f 70 74 69 6f 6e 73 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 41 64 64 54 61 67 20 28 65 29 20 7b 0a 20 20 20 20 2f 2a 0a 20 20 20 20 2a 20 54 61 6b 65 73 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 20 6c 69 73 74 20 65 6c 65 6d 65 6e 74 20 61 73 20 61 72 67 75 6d 65 6e 74 0a 20 20 20 20 2a 20 46 69 72 65 73 20 65 76 65 6e 74 20 74 6f 20 63 6f 6d 6d 75 6e 69 63 61 74 65 20 77 69 74 68 20 74 68 65 20 70 6c 75 67 69 6e 2c 0a 20 20 20 20 2a 20
                Data Ascii: "removeTag", "tagValue": value, element: e }; simpleTagsInputCreateEvent(eventName, options);}function simpleTagsInputAddTag (e) { /* * Takes simpleTagsInput list element as argument * Fires event to communicate with the plugin, *


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                17192.168.2.2457670116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:57 UTC970OUTPOST /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Content-Length: 168
                Cache-Control: max-age=0
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Origin: https://whatsapp.dianjin-inc.com
                Content-Type: application/x-www-form-urlencoded
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:57 UTC168OUTData Raw: 65 6d 61 69 6c 3d 33 6b 68 72 70 6b 25 34 30 71 6e 70 79 2e 6e 65 74 26 70 61 73 73 77 6f 72 64 3d 25 35 44 53 2a 66 37 61 71 63 4f 6a 26 5f 63 73 72 66 5f 74 6f 6b 65 6e 3d 33 62 34 66 36 38 31 2e 35 74 4e 4a 76 75 72 50 47 58 73 52 76 5f 7a 35 69 79 33 79 69 6a 58 61 2d 36 30 49 78 71 77 73 30 41 57 48 72 2d 70 52 4b 56 6f 2e 33 75 55 6c 6b 39 4f 49 65 67 46 39 32 5a 65 57 77 6d 36 2d 32 58 47 75 67 38 78 52 67 2d 42 49 35 56 62 32 7a 72 4e 6e 59 42 66 52 71 69 4c 45 70 61 64 75 50 6d 54 51 7a 41
                Data Ascii: email=3khrpk%40qnpy.net&password=%5DS*f7aqcOj&_csrf_token=3b4f681.5tNJvurPGXsRv_z5iy3yijXa-60Ixqws0AWHr-pRKVo.3uUlk9OIegF92ZeWwm6-2XGug8xRg-BI5Vb2zrNnYBfRqiLEpaduPmTQzA
                2025-01-21 10:16:57 UTC400INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:57 GMT
                Location: /widget/dianjin/login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:57 GMT
                2025-01-21 10:16:57 UTC342INData Raw: 31 34 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 52 65 64 69 72 65 63 74 69 6e 67 20 74
                Data Ascii: 14a<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/widget/dianjin/login'" /> <title>Redirecting to /widget/dianjin/login</title> </head> <body> Redirecting t


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                18192.168.2.2457671116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:57 UTC857OUTGET /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Cache-Control: max-age=0
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:57 UTC559INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:57 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:57 GMT
                Set-Cookie: login_slug=dianjin; path=/; secure; httponly; samesite=lax
                Set-Cookie: login_type=deleted; expires=Mon, 22-Jan-2024 10:16:56 GMT; Max-Age=0; path=/; httponly
                2025-01-21 10:16:57 UTC14320INData Raw: 33 37 65 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20
                Data Ascii: 37e3<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" type="image/x-icon"


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                19192.168.2.2457675116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:16:58 UTC664OUTGET /widget/dianjin/style.css HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:16:59 UTC408INHTTP/1.1 404 Not Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Vary: Accept
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:16:59 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:16:59 GMT
                2025-01-21 10:16:59 UTC15976INData Raw: 34 34 36 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 74 69 2d 66 6c 69 63 6b 65 72 20 73 6e 69 70 70 65 74 20 28 72 65 63 6f 6d 6d 65 6e 64 65 64 29 20 20 2d 2d 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 2e 61 73 79 6e 63 2d 68 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 0a 20 20 20 20 20 20 20 20 7d 20 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b 77 5b 6c 5d 2e 70 75 73 68 28 7b 27 67 74 6d 2e 73 74 61 72 74 27 3a 0a
                Data Ascii: 446f<!DOCTYPE html><html lang="en"><head> ... anti-flicker snippet (recommended) --> <style>.async-hide { opacity: 0 !important } </style> <script> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
                2025-01-21 10:16:59 UTC1556INData Raw: 20 22 72 65 6d 6f 76 65 54 61 67 22 2c 20 22 74 61 67 56 61 6c 75 65 22 3a 20 76 61 6c 75 65 2c 20 65 6c 65 6d 65 6e 74 3a 20 65 20 7d 3b 0a 20 20 20 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 43 72 65 61 74 65 45 76 65 6e 74 28 65 76 65 6e 74 4e 61 6d 65 2c 20 6f 70 74 69 6f 6e 73 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 41 64 64 54 61 67 20 28 65 29 20 7b 0a 20 20 20 20 2f 2a 0a 20 20 20 20 2a 20 54 61 6b 65 73 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 20 6c 69 73 74 20 65 6c 65 6d 65 6e 74 20 61 73 20 61 72 67 75 6d 65 6e 74 0a 20 20 20 20 2a 20 46 69 72 65 73 20 65 76 65 6e 74 20 74 6f 20 63 6f 6d 6d 75 6e 69 63 61 74 65 20 77 69 74 68 20 74 68 65 20 70 6c 75 67 69 6e 2c 0a 20 20 20 20 2a 20
                Data Ascii: "removeTag", "tagValue": value, element: e }; simpleTagsInputCreateEvent(eventName, options);}function simpleTagsInputAddTag (e) { /* * Takes simpleTagsInput list element as argument * Fires event to communicate with the plugin, *


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                20192.168.2.2457676116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:06 UTC970OUTPOST /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Content-Length: 182
                Cache-Control: max-age=0
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Origin: https://whatsapp.dianjin-inc.com
                Content-Type: application/x-www-form-urlencoded
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:06 UTC182OUTData Raw: 65 6d 61 69 6c 3d 62 67 65 6e 39 61 25 34 30 63 63 66 75 6e 2e 63 6f 6d 26 70 61 73 73 77 6f 72 64 3d 32 2a 6d 6c 4b 2a 4e 25 35 44 25 34 30 25 32 38 59 62 56 71 63 26 5f 63 73 72 66 5f 74 6f 6b 65 6e 3d 35 62 61 34 30 35 37 30 39 33 65 2e 36 75 78 4e 68 73 5f 45 7a 53 6f 59 73 70 59 32 64 34 73 72 6f 43 6c 64 38 47 66 76 75 34 57 7a 35 55 59 7a 74 68 4f 72 71 5a 38 2e 30 74 6f 68 71 5f 61 44 72 6c 42 30 31 50 31 5a 50 73 68 6e 38 32 30 70 69 41 61 32 5f 73 6e 58 30 42 56 43 31 30 71 64 34 4e 4c 64 6c 53 62 38 67 4b 79 36 62 32 33 64 70 67
                Data Ascii: email=bgen9a%40ccfun.com&password=2*mlK*N%5D%40%28YbVqc&_csrf_token=5ba4057093e.6uxNhs_EzSoYspY2d4sroCld8Gfvu4Wz5UYzthOrqZ8.0tohq_aDrlB01P1ZPshn820piAa2_snX0BVC10qd4NLdlSb8gKy6b23dpg
                2025-01-21 10:17:06 UTC400INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:06 GMT
                Location: /widget/dianjin/login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:06 GMT
                2025-01-21 10:17:06 UTC342INData Raw: 31 34 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 52 65 64 69 72 65 63 74 69 6e 67 20 74
                Data Ascii: 14a<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/widget/dianjin/login'" /> <title>Redirecting to /widget/dianjin/login</title> </head> <body> Redirecting t


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                21192.168.2.2457677116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:06 UTC857OUTGET /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Cache-Control: max-age=0
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:06 UTC559INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:06 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:06 GMT
                Set-Cookie: login_slug=dianjin; path=/; secure; httponly; samesite=lax
                Set-Cookie: login_type=deleted; expires=Mon, 22-Jan-2024 10:17:05 GMT; Max-Age=0; path=/; httponly
                2025-01-21 10:17:06 UTC14321INData Raw: 33 37 65 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20
                Data Ascii: 37e4<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" type="image/x-icon"


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                22192.168.2.2457678116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:07 UTC664OUTGET /widget/dianjin/style.css HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:08 UTC408INHTTP/1.1 404 Not Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Vary: Accept
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:07 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:07 GMT
                2025-01-21 10:17:08 UTC15976INData Raw: 34 34 36 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 74 69 2d 66 6c 69 63 6b 65 72 20 73 6e 69 70 70 65 74 20 28 72 65 63 6f 6d 6d 65 6e 64 65 64 29 20 20 2d 2d 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 2e 61 73 79 6e 63 2d 68 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 0a 20 20 20 20 20 20 20 20 7d 20 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b 77 5b 6c 5d 2e 70 75 73 68 28 7b 27 67 74 6d 2e 73 74 61 72 74 27 3a 0a
                Data Ascii: 446f<!DOCTYPE html><html lang="en"><head> ... anti-flicker snippet (recommended) --> <style>.async-hide { opacity: 0 !important } </style> <script> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
                2025-01-21 10:17:08 UTC1556INData Raw: 20 22 72 65 6d 6f 76 65 54 61 67 22 2c 20 22 74 61 67 56 61 6c 75 65 22 3a 20 76 61 6c 75 65 2c 20 65 6c 65 6d 65 6e 74 3a 20 65 20 7d 3b 0a 20 20 20 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 43 72 65 61 74 65 45 76 65 6e 74 28 65 76 65 6e 74 4e 61 6d 65 2c 20 6f 70 74 69 6f 6e 73 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 41 64 64 54 61 67 20 28 65 29 20 7b 0a 20 20 20 20 2f 2a 0a 20 20 20 20 2a 20 54 61 6b 65 73 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 20 6c 69 73 74 20 65 6c 65 6d 65 6e 74 20 61 73 20 61 72 67 75 6d 65 6e 74 0a 20 20 20 20 2a 20 46 69 72 65 73 20 65 76 65 6e 74 20 74 6f 20 63 6f 6d 6d 75 6e 69 63 61 74 65 20 77 69 74 68 20 74 68 65 20 70 6c 75 67 69 6e 2c 0a 20 20 20 20 2a 20
                Data Ascii: "removeTag", "tagValue": value, element: e }; simpleTagsInputCreateEvent(eventName, options);}function simpleTagsInputAddTag (e) { /* * Takes simpleTagsInput list element as argument * Fires event to communicate with the plugin, *


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                23192.168.2.2457681116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:14 UTC970OUTPOST /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Content-Length: 177
                Cache-Control: max-age=0
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Origin: https://whatsapp.dianjin-inc.com
                Content-Type: application/x-www-form-urlencoded
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:14 UTC177OUTData Raw: 65 6d 61 69 6c 3d 37 67 32 35 38 7a 25 34 30 70 6a 6f 76 74 66 2e 6e 65 74 26 70 61 73 73 77 6f 72 64 3d 54 6a 70 38 58 25 32 42 33 25 35 45 43 72 26 5f 63 73 72 66 5f 74 6f 6b 65 6e 3d 38 31 38 39 61 34 30 32 30 62 32 36 2e 69 7a 2d 74 7a 54 6d 4d 76 64 33 38 66 69 72 50 32 34 32 47 48 59 53 36 49 56 58 51 6b 6c 4c 76 51 77 6e 54 32 45 6d 30 52 32 49 2e 73 77 6e 42 34 41 44 4c 33 71 65 51 47 45 47 67 6b 73 37 4b 54 73 44 4f 57 54 53 4a 31 78 36 4c 64 6c 71 69 75 52 43 43 44 69 2d 38 52 73 61 33 64 75 54 4b 6d 49 6b 52 47 67
                Data Ascii: email=7g258z%40pjovtf.net&password=Tjp8X%2B3%5ECr&_csrf_token=8189a4020b26.iz-tzTmMvd38firP242GHYS6IVXQklLvQwnT2Em0R2I.swnB4ADL3qeQGEGgks7KTsDOWTSJ1x6LdlqiuRCCDi-8Rsa3duTKmIkRGg
                2025-01-21 10:17:15 UTC400INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:15 GMT
                Location: /widget/dianjin/login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:15 GMT
                2025-01-21 10:17:15 UTC342INData Raw: 31 34 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 52 65 64 69 72 65 63 74 69 6e 67 20 74
                Data Ascii: 14a<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/widget/dianjin/login'" /> <title>Redirecting to /widget/dianjin/login</title> </head> <body> Redirecting t


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                24192.168.2.2457682116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:15 UTC857OUTGET /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Cache-Control: max-age=0
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:15 UTC559INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:15 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:15 GMT
                Set-Cookie: login_slug=dianjin; path=/; secure; httponly; samesite=lax
                Set-Cookie: login_type=deleted; expires=Mon, 22-Jan-2024 10:17:14 GMT; Max-Age=0; path=/; httponly
                2025-01-21 10:17:15 UTC14332INData Raw: 33 37 65 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20
                Data Ascii: 37ef<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" type="image/x-icon"


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                25192.168.2.2457686116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:17 UTC664OUTGET /widget/dianjin/style.css HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:17 UTC408INHTTP/1.1 404 Not Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Vary: Accept
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:17 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:17 GMT
                2025-01-21 10:17:17 UTC15976INData Raw: 31 65 61 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 74 69 2d 66 6c 69 63 6b 65 72 20 73 6e 69 70 70 65 74 20 28 72 65 63 6f 6d 6d 65 6e 64 65 64 29 20 20 2d 2d 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 2e 61 73 79 6e 63 2d 68 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 0a 20 20 20 20 20 20 20 20 7d 20 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b 77 5b 6c 5d 2e 70 75 73 68 28 7b 27 67 74 6d 2e 73 74 61 72 74 27 3a 0a
                Data Ascii: 1ea8<!DOCTYPE html><html lang="en"><head> ... anti-flicker snippet (recommended) --> <style>.async-hide { opacity: 0 !important } </style> <script> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
                2025-01-21 10:17:17 UTC1571INData Raw: 20 22 74 79 70 65 22 3a 20 22 72 65 6d 6f 76 65 54 61 67 22 2c 20 22 74 61 67 56 61 6c 75 65 22 3a 20 76 61 6c 75 65 2c 20 65 6c 65 6d 65 6e 74 3a 20 65 20 7d 3b 0a 20 20 20 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 43 72 65 61 0d 0a 35 63 37 0d 0a 74 65 45 76 65 6e 74 28 65 76 65 6e 74 4e 61 6d 65 2c 20 6f 70 74 69 6f 6e 73 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 41 64 64 54 61 67 20 28 65 29 20 7b 0a 20 20 20 20 2f 2a 0a 20 20 20 20 2a 20 54 61 6b 65 73 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 20 6c 69 73 74 20 65 6c 65 6d 65 6e 74 20 61 73 20 61 72 67 75 6d 65 6e 74 0a 20 20 20 20 2a 20 46 69 72 65 73 20 65 76 65 6e 74 20 74 6f 20 63 6f 6d 6d 75 6e 69 63 61 74 65 20 77 69 74 68 20 74 68 65
                Data Ascii: "type": "removeTag", "tagValue": value, element: e }; simpleTagsInputCrea5c7teEvent(eventName, options);}function simpleTagsInputAddTag (e) { /* * Takes simpleTagsInput list element as argument * Fires event to communicate with the


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                26192.168.2.2457688116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:24 UTC970OUTPOST /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Content-Length: 192
                Cache-Control: max-age=0
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Origin: https://whatsapp.dianjin-inc.com
                Content-Type: application/x-www-form-urlencoded
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:24 UTC192OUTData Raw: 65 6d 61 69 6c 3d 79 37 6c 31 72 68 25 34 30 73 65 6a 2e 6e 65 74 26 70 61 73 73 77 6f 72 64 3d 25 35 45 70 78 38 25 33 41 25 33 45 25 32 34 74 35 25 32 38 6d 26 5f 63 73 72 66 5f 74 6f 6b 65 6e 3d 62 65 62 35 30 39 62 33 33 61 65 33 62 30 36 61 63 32 39 66 64 39 62 2e 56 68 62 51 76 57 4b 54 74 7a 56 6c 63 31 5a 6e 39 38 4d 4d 66 48 5a 4c 56 43 32 59 70 6a 6a 53 4a 50 59 67 5a 43 66 43 78 66 73 2e 62 69 43 38 6b 46 76 55 31 45 38 4a 46 54 30 49 76 6f 42 41 4c 7a 49 5f 4c 45 7a 42 34 33 53 32 45 61 56 52 42 58 37 30 6a 4c 5a 68 62 37 76 48 4c 66 76 41 63 42 41 63 5a 67
                Data Ascii: email=y7l1rh%40sej.net&password=%5Epx8%3A%3E%24t5%28m&_csrf_token=beb509b33ae3b06ac29fd9b.VhbQvWKTtzVlc1Zn98MMfHZLVC2YpjjSJPYgZCfCxfs.biC8kFvU1E8JFT0IvoBALzI_LEzB43S2EaVRBX70jLZhb7vHLfvAcBAcZg
                2025-01-21 10:17:24 UTC400INHTTP/1.1 302 Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:24 GMT
                Location: /widget/dianjin/login
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:24 GMT
                2025-01-21 10:17:24 UTC342INData Raw: 31 34 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 2f 77 69 64 67 65 74 2f 64 69 61 6e 6a 69 6e 2f 6c 6f 67 69 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 52 65 64 69 72 65 63 74 69 6e 67 20 74
                Data Ascii: 14a<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='/widget/dianjin/login'" /> <title>Redirecting to /widget/dianjin/login</title> </head> <body> Redirecting t


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                27192.168.2.2457687116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:24 UTC857OUTGET /widget/dianjin/login HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                Cache-Control: max-age=0
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:25 UTC559INHTTP/1.1 200 OK
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:24 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:24 GMT
                Set-Cookie: login_slug=dianjin; path=/; secure; httponly; samesite=lax
                Set-Cookie: login_type=deleted; expires=Mon, 22-Jan-2024 10:17:23 GMT; Max-Age=0; path=/; httponly
                2025-01-21 10:17:25 UTC14314INData Raw: 33 37 64 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20
                Data Ascii: 37dd<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" type="image/x-icon"


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                28192.168.2.2457689116.203.143.504436960C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2025-01-21 10:17:26 UTC664OUTGET /widget/dianjin/style.css HTTP/1.1
                Host: whatsapp.dianjin-inc.com
                Connection: keep-alive
                sec-ch-ua-platform: "Windows"
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
                sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
                sec-ch-ua-mobile: ?0
                Accept: text/css,*/*;q=0.1
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: style
                Referer: https://whatsapp.dianjin-inc.com/widget/dianjin/login
                Accept-Encoding: gzip, deflate, br, zstd
                Accept-Language: en-US,en;q=0.9
                Cookie: login_slug=dianjin; PHPSESSID=nd0eb1feedvh64q2dpi5mefbb3
                2025-01-21 10:17:26 UTC408INHTTP/1.1 404 Not Found
                Server: nginx
                Content-Type: text/html; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                Vary: Accept
                Cache-Control: max-age=0, must-revalidate, private
                Date: Tue, 21 Jan 2025 10:17:26 GMT
                Link: <https://whatsapp.dianjin-inc.com/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
                Expires: Tue, 21 Jan 2025 10:17:26 GMT
                2025-01-21 10:17:26 UTC15976INData Raw: 34 34 36 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 74 69 2d 66 6c 69 63 6b 65 72 20 73 6e 69 70 70 65 74 20 28 72 65 63 6f 6d 6d 65 6e 64 65 64 29 20 20 2d 2d 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 2e 61 73 79 6e 63 2d 68 69 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6f 70 61 63 69 74 79 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 0a 20 20 20 20 20 20 20 20 7d 20 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b 77 5b 6c 5d 2e 70 75 73 68 28 7b 27 67 74 6d 2e 73 74 61 72 74 27 3a 0a
                Data Ascii: 446f<!DOCTYPE html><html lang="en"><head> ... anti-flicker snippet (recommended) --> <style>.async-hide { opacity: 0 !important } </style> <script> (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
                2025-01-21 10:17:26 UTC1556INData Raw: 20 22 72 65 6d 6f 76 65 54 61 67 22 2c 20 22 74 61 67 56 61 6c 75 65 22 3a 20 76 61 6c 75 65 2c 20 65 6c 65 6d 65 6e 74 3a 20 65 20 7d 3b 0a 20 20 20 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 43 72 65 61 74 65 45 76 65 6e 74 28 65 76 65 6e 74 4e 61 6d 65 2c 20 6f 70 74 69 6f 6e 73 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 41 64 64 54 61 67 20 28 65 29 20 7b 0a 20 20 20 20 2f 2a 0a 20 20 20 20 2a 20 54 61 6b 65 73 20 73 69 6d 70 6c 65 54 61 67 73 49 6e 70 75 74 20 6c 69 73 74 20 65 6c 65 6d 65 6e 74 20 61 73 20 61 72 67 75 6d 65 6e 74 0a 20 20 20 20 2a 20 46 69 72 65 73 20 65 76 65 6e 74 20 74 6f 20 63 6f 6d 6d 75 6e 69 63 61 74 65 20 77 69 74 68 20 74 68 65 20 70 6c 75 67 69 6e 2c 0a 20 20 20 20 2a 20
                Data Ascii: "removeTag", "tagValue": value, element: e }; simpleTagsInputCreateEvent(eventName, options);}function simpleTagsInputAddTag (e) { /* * Takes simpleTagsInput list element as argument * Fires event to communicate with the plugin, *


                Statistics

                CPU Usage

                020406080s020406080100

                Click to jump to process

                Memory Usage

                020406080s0.0050100MB

                Click to jump to process

                Behavior

                Click to jump to process

                System Behavior

                General

                Target ID:0
                Start time:05:16:06
                Start date:21/01/2025
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                Imagebase:0x7ff64c530000
                File size:3'001'952 bytes
                MD5 hash:290DF23002E9B52249B5549F0C668A86
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:false
                Show Windows behavior

                File Activities

                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                Show Windows behavior

                Process Activities

                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                Show Windows behavior

                Memory Activities

                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                Show Windows behavior

                Process Token Activities


                General

                Target ID:1
                Start time:05:16:07
                Start date:21/01/2025
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=2064,i,5309624313560462972,16884665051517831401,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20241208-180523.718000 --mojo-platform-channel-handle=2060 /prefetch:11
                Imagebase:0x7ff64c530000
                File size:3'001'952 bytes
                MD5 hash:290DF23002E9B52249B5549F0C668A86
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:false
                Show Windows behavior

                File Activities

                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                Show Windows behavior

                Memory Activities

                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                General

                Target ID:4
                Start time:05:16:13
                Start date:21/01/2025
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://whatsapp.dianjin-inc.com"
                Imagebase:0x7ff64c530000
                File size:3'001'952 bytes
                MD5 hash:290DF23002E9B52249B5549F0C668A86
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:true
                There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                Show Windows behavior

                Process Activities


                Disassembly

                No disassembly