Edit tour

Windows Analysis Report
http://www.bit-chasers.com/

Overview

General Information

Sample URL:	http://www.bit-chasers.com/
Analysis ID:	848801
Infos:

Detection

Score:	76
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Multi AV Scanner detection for submitted file

Snort IDS alert for network traffic

Antivirus detection for URL or domain

Performs DNS queries to domains with low reputation

HTML page is missing a favicon

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5852 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 0FEC2748F363150DC54C1CAFFB1A9408)

chrome.exe (PID: 4688 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1760 --field-trial-handle=1868,i,12527483200715402593,2630764211986370831,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 MD5: 0FEC2748F363150DC54C1CAFFB1A9408)

chrome.exe (PID: 6280 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.bit-chasers.com/ MD5: 0FEC2748F363150DC54C1CAFFB1A9408)

cleanup

Snort Signatures

ET DNS Query to a *.top domain - Likely Hostile - Source IP: 192.168.2.4 - Destination IP: 8.8.8.8

Timestamp:	192.168.2.48.8.8.860686532023883 04/18/23-13:25:02.614893
SID:	2023883
Source Port:	60686
Destination Port:	53
Protocol:	UDP
Classtype:	Potentially Bad Traffic

ET DNS Query for .cc TLD - Source IP: 192.168.2.4 - Destination IP: 8.8.8.8

Timestamp:	192.168.2.48.8.8.865133532027758 04/18/23-13:25:19.588087
SID:	2027758
Source Port:	65133
Destination Port:	53
Protocol:	UDP
Classtype:	Potentially Bad Traffic

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8

Source: classification engine

Classification label: mal76.troj.win@26/186@55/45

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1760 --field-trial-handle=1868,i,12527483200715402593,2630764211986370831,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.bit-chasers.com/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1760 --field-trial-handle=1868,i,12527483200715402593,2630764211986370831,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\000F7F8FAB2D96E6F8CBD5C9A3B4EC90

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\GoogleUpdater

Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	1 Encrypted Channel	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	4 Non-Application Layer Protocol	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	5 Application Layer Protocol	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	2 Ingress Tool Transfer	SIM Card Swap		Carrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://www.bit-chasers.com/	6%	Virustotal		Browse
http://www.bit-chasers.com/	100%	Avira URL Cloud	malware

Source	Detection	Scanner	Label	Link
https://img.img1yutu.com:3451/upload/vod/20230418-1/678be20213d0d08a32606a08f6941b0d.jpg	0%	Avira URL Cloud	safe
https://tukudhgg.vip/lm/aaa122.gif	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/6e544b43885ddf85518cb02f4b1f1164.jpg	0%	Avira URL Cloud	safe
https://www.wusong147.top/template/m1938pc/static/picture/APP.png	0%	Avira URL Cloud	safe
https://www.wusong147.top/template/m1938pc/static/picture/ws.png	0%	Avira URL Cloud	safe
https://25518v.com:7789	0%	Avira URL Cloud	safe
https://tukudhgg.vip/lm/aaa122.gif	0%	Virustotal		Browse
https://img.img1yutu.com:3451/upload/vod/20230418-1/c52fb2fa764e39853ba4c93e854b7752.jpg	0%	Avira URL Cloud	safe
https://www.wusong147.top/template/m1938pc/static/images/arrow_up.png	0%	Avira URL Cloud	safe
https://www.wusong148.top/	0%	Avira URL Cloud	safe
https://www.tukudhgg.vip/logotp/swrhe.gif	0%	Avira URL Cloud	safe
https://587tuchuang.com/587z80.gif	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/dedc5112cc7e8e1b951b000488a33e43.jpg	0%	Avira URL Cloud	safe
https://60388924.com	0%	Avira URL Cloud	safe
https://img.yutuzy9.com:3451/upload/vod/20221218-1/bce9d7f65140e9ffa3b9a6946f0366b7.jpg	0%	Avira URL Cloud	safe
https://fmtu.slsltutu.com/upload/vod/20230418-42/4c999fe0fe6f058b45f23d1871582589.jpg	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/35b5b5b70162549657e9351a03562ca9.jpg	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/a17ed67a0c1bcf931774c1d7c9e74cb1.jpg	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/1e96a8e7fe063e5aea26880f675a6124.jpg	0%	Avira URL Cloud	safe
https://v58336.com:5689	0%	Avira URL Cloud	safe
https://d.drfvtgbyk.xyz/SEfC/L-19390-U-885/	0%	Avira URL Cloud	safe
https://www.wusong147.top/template/m1938pc/static/css/style.css	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/a5df4aea07590b25a1f753753603582d.jpg	0%	Avira URL Cloud	safe
http://667227.xyz:8080/Register/?a=526731	0%	Avira URL Cloud	safe
https://tukudhgg.vip/logotp/klm29.gif	0%	Avira URL Cloud	safe
https://files.backmoestream.xyz/proxy/9dc040f25023243e4b28123303f7ccaf45eefbfa715115df97a9faec1b658153265fa5b98b553902b1b956b3a853415f6c17fe06bcdbd2fe5169ced3b8b00ef6fb6092cf34bc785bdbff849b200f9d8d	0%	Avira URL Cloud	safe
https://kttoo2.com/5189ca034f32e08b20b2df900457793c.gif	0%	Avira URL Cloud	safe
https://uxi307.com/idsna	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/9bd147958238b5ff23d8206814b91a94.jpg	0%	Avira URL Cloud	safe
http://320201.xyz:8080/Register/?a=191046	0%	Avira URL Cloud	safe
https://aaaaa557.com/f6a9e973ab65426eaf8c10d222ebd813.gif	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/64d9d67b1cab0e3aefb49218501c284f.jpg	0%	Avira URL Cloud	safe
https://link.imgapp.top/images/63ba73b0a92cd2097e833f95.gif	100%	Avira URL Cloud	malware
https://1124936.xyz:8443	0%	Avira URL Cloud	safe
https://480tuchuang.com/960x120.gif	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/0aa6a96e69405ce232791ce8bba7b2db.jpg	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/ba30b0c6c835632f6fd353d4adfe7d4f.jpg	0%	Avira URL Cloud	safe
https://1153778.xyz:8443	0%	Avira URL Cloud	safe
https://ky1259.cc/index.html?shareName=gg281	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/bd6a4b744297dc4d6c6cb06f680b14c2.jpg	0%	Avira URL Cloud	safe
http://wusong1.top	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/51876b259b28b01c23fcf7f4dbb5945b.jpg	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/39d111956fc8503d7afbad2cf13892ca.jpg	0%	Avira URL Cloud	safe
https://link.imgapp.top/images/63ba73b1a92cd2097e833f9d.gif	100%	Avira URL Cloud	malware
https://1716h.com:8633	0%	Avira URL Cloud	safe
https://img.siwapay.com:5278/cvjpg/SpFuECyQ.jpg	0%	Avira URL Cloud	safe
https://www.wusong146.top/	0%	Avira URL Cloud	safe
https://imgyutu.com:3451/upload/vod/20221004-1/f869e22a4236de79b283c82fce214f3d.jpg	0%	Avira URL Cloud	safe
http://www.bit-chasers.com/tj.js	100%	Avira URL Cloud	malware
https://img.solomon89.xyz/images/64216cb3549dfb41062bdd12.gif	100%	Avira URL Cloud	malware
https://aooacctp.vip/lm/se5.gif	0%	Avira URL Cloud	safe
http://www.bit-chasers.com/common.js	100%	Avira URL Cloud	malware
https://228tz058.cc	0%	Avira URL Cloud	safe
https://ppwas2.cyou/invitation/index?code=wusong	0%	Avira URL Cloud	safe
https://tupku.top/logotp/fff.gif	100%	Avira URL Cloud	malware
https://480xx055.cc	0%	Avira URL Cloud	safe
https://xoxo88888887.com/sz.html?60#x34	0%	Avira URL Cloud	safe
https://m10011.com/845f6e4a01c2e542bc3b72e104884c3c.gif	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/32a253272dfd421f61dfdcb05012f77d.jpg	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/e1b6ddec926af4a6c059542eee377610.jpg	0%	Avira URL Cloud	safe
https://tukudhgg.vip/logotp/tiangx01.gif	0%	Avira URL Cloud	safe
https://8499163.com/8499/zzxx/960x120.gif	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/9c4afcedce7108bd31e4199ab6a65a60.jpg	0%	Avira URL Cloud	safe
https://87082.cc:8443	0%	Avira URL Cloud	safe
https://www.wusongtv8.top/news/data.php	0%	Avira URL Cloud	safe
https://n0533.com/64457d63c6684472acf2d8b2d92a31df.gif	0%	Avira URL Cloud	safe
https://aaaaa766.com/b6bd7eddcdb34e438832860d169f0d1f.gif	0%	Avira URL Cloud	safe
https://yd3229.com	0%	Avira URL Cloud	safe
https://xoxo.xoxoimg.vip/xo/xo120av.gif	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/6e9c0b93b1339470306870af37e3de5b.jpg	0%	Avira URL Cloud	safe
https://8499132.com/8499/150x150.gif	0%	Avira URL Cloud	safe
https://43.69169.xyz/	0%	Avira URL Cloud	safe
https://38210190.com:8203/#/	0%	Avira URL Cloud	safe
https://taiwtp1.com/xin/96080.gif	0%	Avira URL Cloud	safe
http://8499163.com/8499/150x150.gif	0%	Avira URL Cloud	safe
https://595tuchuang.com/960x60.gif	0%	Avira URL Cloud	safe
https://files.backmoestream.xyz/proxy/9dc040f25023243e4b28123303f7ccaf45eefbfa715115df97a9faec1b658153ccddbcd8f911803f9d3834c67ad5d78488931203013923b36fd66452cca6869a178799ea66529b4daad74a2d95a59b30	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/91f2754fb31598d27822e7e3c56a5e47.jpg	0%	Avira URL Cloud	safe
https://img.img1yutu.com:3451/upload/vod/20230418-1/eb2094af8eaa53e4dfbb361e9974854d.jpg	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
share.n.shifen.com	39.156.68.163	true	false	unknown
si1.go2yd.com.cdn20.com	163.171.128.148	true	false	unknown
api.share.n.shifen.com	182.61.201.94	true	false	unknown
img.img1yutu.com	142.0.139.145	true	false	unknown
www.wusong147.top	142.4.98.250	true	false	unknown
aooacctp.vip	172.67.161.53	true	false	unknown
www.tukudhgg.vip	188.114.96.7	true	false	unknown
opencdnpicrmb.gshifen.com	185.10.104.115	true	false	unknown
imgyutu.com	199.180.100.203	true	false	unknown
hm.e.shifen.com	103.235.46.191	true	false	unknown
kttoo2.com	5.78.111.127	true	false	unknown
gtm-sg-4hr3087kq1p.gtm-i2d8.com	162.209.128.173	true	false	unknown
www.bit-chasers.com	172.121.122.116	true	false	unknown
w3vlry.c.1114dns.com	218.66.171.78	true	false	unknown
fmtu.slsltutu.com	172.67.8.171	true	false	unknown
www.wusongtv8.top	142.4.98.251	true	false	unknown
img.yutuzy9.com	142.0.139.145	true	false	unknown
www.google.com	142.250.184.68	true	false	high
daka.cdncdncdn.com	23.225.154.19	true	false	unknown
asheng.dl556677.com	154.83.27.206	true	false	unknown
askzybf.com	166.0.195.51	true	false	unknown
taiwtp1.com	220.128.218.220	true	false	unknown
siwazywcdn2.com	23.224.87.237	true	false	unknown
tupku.top	188.114.97.7	true	false	unknown
accounts.google.com	142.251.209.13	true	false	high
yd11_13-site-02.cdn-ng.net	103.170.15.101	true	false	unknown
tupkku.top	104.21.51.97	true	false	unknown
i.postimg.cc	162.19.88.69	true	false	unknown
ia.51.la	112.90.153.36	true	false	high
www.tukky.vip	172.67.142.245	true	false	unknown
files.backmoestream.xyz	103.166.246.24	true	true	unknown
tk.xiaomiyuncdn.com	107.148.18.228	true	false	unknown
kvegg.com	172.83.155.45	true	false	unknown
e428b87fea828a0a.huaweisafedns.cn	103.143.19.103	true	false	unknown
35rnbma7.n.funnull35.com	67.21.86.202	true	false	unknown
z4a.net	104.21.234.235	true	false	high
clients.l.google.com	142.250.184.110	true	false	high
aoattsetp.vip	172.67.194.142	true	false	unknown
fmw6xz3y.dns2023.com	120.232.54.165	true	false	unknown
tukudhgg.vip	188.114.97.7	true	false	unknown
dns.ipslb.top	202.81.230.136	true	false	unknown
m10011.com	5.78.103.79	true	false	unknown
push.zhanzhang.baidu.com	unknown	unknown	false	high
s2.loli.net	unknown	unknown	false	high
pic.rmb.bdstatic.com	unknown	unknown	false	high
n0533.com	unknown	unknown	false	unknown
clients2.google.com	unknown	unknown	false	high
587tuchuang.com	unknown	unknown	false	unknown
repository.certum.pl	unknown	unknown	false	high
d.drfvtgbyk.xyz	unknown	unknown	true	unknown
qp.ezfxpuo.cn	unknown	unknown	false	unknown
aaaaa557.com	unknown	unknown	false	unknown
js.users.51.la	unknown	unknown	false	high
api.share.baidu.com	unknown	unknown	false	high
si1.go2yd.com	unknown	unknown	false	unknown
aaaaa766.com	unknown	unknown	false	unknown
8499163.com	unknown	unknown	false	unknown
595tuchuang.com	unknown	unknown	false	unknown
zhibo128x.xyz	unknown	unknown	true	unknown
img.solomon89.xyz	unknown	unknown	true	unknown
480tuchuang.com	unknown	unknown	false	unknown
hm.baidu.com	unknown	unknown	false	high
228tuchuang.com	unknown	unknown	false	unknown
img.aosikaimge.com	unknown	unknown	false	unknown
yhtuchuang.com	unknown	unknown	false	unknown
xoxo.xoxoimg.vip	unknown	unknown	false	unknown
link.imgapp.top	unknown	unknown	false	unknown
img.siwapay.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.wusong147.top/template/m1938pc/static/picture/APP.png	false	Avira URL Cloud: safe	unknown
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=913&et=0&ja=0&ln=en-gb&lo=0&rnd=1663771102&si=5e9d7cf3d8bc896e8ba805acce901956&v=1.3.0&lv=1&sn=57935&r=0&ww=1280&u=http%3A%2F%2Fwww.bit-chasers.com%2F&tt=%E8%B5%A4%E5%B3%B0%E7%96%9A%E4%B9%85%E7%89%A9%E6%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8	false		high
https://z4a.net/images/2023/02/28/960-60.gif	false		high
https://tukudhgg.vip/lm/aaa122.gif	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://www.wusong147.top/template/m1938pc/static/picture/ws.png	false	Avira URL Cloud: safe	unknown
https://587tuchuang.com/587z80.gif	false	Avira URL Cloud: safe	unknown
https://www.wusong147.top/template/m1938pc/static/images/arrow_up.png	false	Avira URL Cloud: safe	unknown
https://www.tukudhgg.vip/logotp/swrhe.gif	false	Avira URL Cloud: safe	unknown
https://www.wusongtv8.top/	false		unknown
https://www.wusong147.top/	false		unknown
https://fmtu.slsltutu.com/upload/vod/20230418-42/4c999fe0fe6f058b45f23d1871582589.jpg	false	Avira URL Cloud: safe	unknown
https://d.drfvtgbyk.xyz/SEfC/L-19390-U-885/	false	Avira URL Cloud: safe	unknown
https://www.wusong147.top/template/m1938pc/static/css/style.css	false	Avira URL Cloud: safe	unknown
https://tukudhgg.vip/logotp/klm29.gif	false	Avira URL Cloud: safe	unknown
https://files.backmoestream.xyz/proxy/9dc040f25023243e4b28123303f7ccaf45eefbfa715115df97a9faec1b658153265fa5b98b553902b1b956b3a853415f6c17fe06bcdbd2fe5169ced3b8b00ef6fb6092cf34bc785bdbff849b200f9d8d	false	Avira URL Cloud: safe	unknown
https://kttoo2.com/5189ca034f32e08b20b2df900457793c.gif	false	Avira URL Cloud: safe	unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1	false		high
https://www.wusong147.top/	false		unknown
https://aaaaa557.com/f6a9e973ab65426eaf8c10d222ebd813.gif	false	Avira URL Cloud: safe	unknown
https://link.imgapp.top/images/63ba73b0a92cd2097e833f95.gif	false	Avira URL Cloud: malware	unknown
http://ia.51.la/go1?id=21571997&rt=1681817115114&rl=1280*1024&lang=en-GB&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1681817115114&tt=%25E8%25B5%25A4%25E5%25B3%25B0%25E7%2596%259A%25E4%25B9%2585%25E7%2589%25A9%25E6%25B5%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.bit-chasers.com%252F&pu=	false		high
https://480tuchuang.com/960x120.gif	false	Avira URL Cloud: safe	unknown
http://www.bit-chasers.com/	true		unknown
https://link.imgapp.top/images/63ba73b1a92cd2097e833f9d.gif	false	Avira URL Cloud: malware	unknown
http://www.bit-chasers.com/tj.js	true	Avira URL Cloud: malware	unknown
https://img.solomon89.xyz/images/64216cb3549dfb41062bdd12.gif	false	Avira URL Cloud: malware	unknown
https://aooacctp.vip/lm/se5.gif	false	Avira URL Cloud: safe	unknown
https://www.wusongtv8.top/	false		unknown
http://www.bit-chasers.com/common.js	true	Avira URL Cloud: malware	unknown
https://tupku.top/logotp/fff.gif	false	Avira URL Cloud: malware	unknown
https://m10011.com/845f6e4a01c2e542bc3b72e104884c3c.gif	false	Avira URL Cloud: safe	unknown
https://tukudhgg.vip/logotp/tiangx01.gif	false	Avira URL Cloud: safe	unknown
https://js.users.51.la/21571945.js	false		high
https://www.wusongtv8.top/news/data.php	false	Avira URL Cloud: safe	unknown
https://n0533.com/64457d63c6684472acf2d8b2d92a31df.gif	false	Avira URL Cloud: safe	unknown
https://aaaaa766.com/b6bd7eddcdb34e438832860d169f0d1f.gif	false	Avira URL Cloud: safe	unknown
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=896&et=0&ja=0&ln=en-gb&lo=0&rnd=1020592443&si=ede83dd75a39dd6faf6db374429f6beb&su=https%3A%2F%2Fwww.wusongtv8.top%2F&v=1.3.0&lv=1&sn=57968&r=0&ww=1263&u=https%3A%2F%2Fwww.wusong147.top%2F&tt=%E6%AD%A6%E6%9D%BE%E5%BD%B1%E8%A7%86	false		high
https://xoxo.xoxoimg.vip/xo/xo120av.gif	false	Avira URL Cloud: safe	unknown
http://ia.51.la/go1?id=21571945&rt=1681817104175&rl=1280*1024&lang=en-GB&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1681817104175&tt=%25E8%25B5%25A4%25E5%25B3%25B0%25E7%2596%259A%25E4%25B9%2585%25E7%2589%25A9%25E6%25B5%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.bit-chasers.com%252F&pu=	false		high
http://www.bit-chasers.com/	true		unknown
https://hm.baidu.com/hm.js?5e9d7cf3d8bc896e8ba805acce901956	false		high
https://hm.baidu.com/hm.js?5755d298f25aacb18aed89539d4c03ff	false		high
http://push.zhanzhang.baidu.com/push.js	false		high
https://taiwtp1.com/xin/96080.gif	false	Avira URL Cloud: safe	unknown
https://z4a.net/images/2023/02/28/299cc960x60.gif	false		high
https://595tuchuang.com/960x60.gif	false	Avira URL Cloud: safe	unknown
https://files.backmoestream.xyz/proxy/9dc040f25023243e4b28123303f7ccaf45eefbfa715115df97a9faec1b658153ccddbcd8f911803f9d3834c67ad5d78488931203013923b36fd66452cca6869a178799ea66529b4daad74a2d95a59b30	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://img.img1yutu.com:3451/upload/vod/20230418-1/678be20213d0d08a32606a08f6941b0d.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/6e544b43885ddf85518cb02f4b1f1164.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://25518v.com:7789	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/c52fb2fa764e39853ba4c93e854b7752.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://www.wusong148.top/	chromecache_229.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/dedc5112cc7e8e1b951b000488a33e43.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://60388924.com	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.yutuzy9.com:3451/upload/vod/20221218-1/bce9d7f65140e9ffa3b9a6946f0366b7.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/35b5b5b70162549657e9351a03562ca9.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/a17ed67a0c1bcf931774c1d7c9e74cb1.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/1e96a8e7fe063e5aea26880f675a6124.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://v58336.com:5689	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/a5df4aea07590b25a1f753753603582d.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
http://667227.xyz:8080/Register/?a=526731	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://uxi307.com/idsna	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/9bd147958238b5ff23d8206814b91a94.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
http://320201.xyz:8080/Register/?a=191046	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/64d9d67b1cab0e3aefb49218501c284f.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://1124936.xyz:8443	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/0aa6a96e69405ce232791ce8bba7b2db.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/ba30b0c6c835632f6fd353d4adfe7d4f.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://1153778.xyz:8443	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://ky1259.cc/index.html?shareName=gg281	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/bd6a4b744297dc4d6c6cb06f680b14c2.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
http://wusong1.top	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/51876b259b28b01c23fcf7f4dbb5945b.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://hmcdn.baidu.com/static/tongji/plugins/	chromecache_201.1.dr, chromecache_209.1.dr, chromecache_248.1.dr	false		high
https://img.img1yutu.com:3451/upload/vod/20230418-1/39d111956fc8503d7afbad2cf13892ca.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://1716h.com:8633	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://ezgif.com/resize	chromecache_255.1.dr	false		high
https://img.siwapay.com:5278/cvjpg/SpFuECyQ.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://www.wusong146.top/	chromecache_229.1.dr	false	Avira URL Cloud: safe	unknown
https://imgyutu.com:3451/upload/vod/20221004-1/f869e22a4236de79b283c82fce214f3d.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://228tz058.cc	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://ppwas2.cyou/invitation/index?code=wusong	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://480xx055.cc	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://xoxo88888887.com/sz.html?60#x34	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/32a253272dfd421f61dfdcb05012f77d.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/e1b6ddec926af4a6c059542eee377610.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://8499163.com/8499/zzxx/960x120.gif	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/9c4afcedce7108bd31e4199ab6a65a60.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://87082.cc:8443	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://yd3229.com	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/6e9c0b93b1339470306870af37e3de5b.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://8499132.com/8499/150x150.gif	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://43.69169.xyz/	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://38210190.com:8203/#/	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg	chromecache_361.1.dr	false		high
https://fclog.baidu.com/log/ocpcagl?type=behavior&emd=euc	chromecache_201.1.dr, chromecache_209.1.dr, chromecache_248.1.dr	false		high
http://8499163.com/8499/150x150.gif	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://img.img1yutu.com:3451/upload/vod/20230418-1/91f2754fb31598d27822e7e3c56a5e47.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown
https://hmcdn.baidu.com/static	chromecache_201.1.dr, chromecache_209.1.dr, chromecache_248.1.dr	false		high
https://img.img1yutu.com:3451/upload/vod/20230418-1/eb2094af8eaa53e4dfbb361e9974854d.jpg	chromecache_361.1.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
185.10.104.115	opencdnpicrmb.gshifen.com	European Union	55967	BAIDUBeijingBaiduNetcomScienceandTechnologyCoLtd	false
172.67.194.142	aoattsetp.vip	United States	13335	CLOUDFLARENETUS	false
199.180.100.203	imgyutu.com	United States	54600	PEGTECHINCUS	false
112.90.153.36	ia.51.la	China	136959	UNICOM-FUOSHAN-IDCChinaUnicomGuangdongIPnetworkCN	false
154.83.27.206	asheng.dl556677.com	Seychelles	62587	ANT-CLOUDUS	false
103.143.19.103	e428b87fea828a0a.huaweisafedns.cn	China	139643	I-SMART-AS-APiSmartBD	false
162.19.88.69	i.postimg.cc	United States	209	CENTURYLINK-US-LEGACY-QWESTUS	false
163.171.128.148	si1.go2yd.com.cdn20.com	European Union	54994	QUANTILNETWORKSUS	false
142.250.184.110	clients.l.google.com	United States	15169	GOOGLEUS	false
107.148.18.228	tk.xiaomiyuncdn.com	United States	54600	PEGTECHINCUS	false
218.66.171.78	w3vlry.c.1114dns.com	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
67.21.86.202	35rnbma7.n.funnull35.com	United States	46844	ST-BGPUS	false
104.21.234.235	z4a.net	United States	13335	CLOUDFLARENETUS	false
5.78.111.127	kttoo2.com	Iran (ISLAMIC Republic Of)	16322	PARSONLINETehran-IRANIR	false
188.114.97.7	tupku.top	European Union	13335	CLOUDFLARENETUS	false
103.235.46.191	hm.e.shifen.com	Hong Kong	55967	BAIDUBeijingBaiduNetcomScienceandTechnologyCoLtd	false
172.67.161.53	aooacctp.vip	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.4.98.250	www.wusong147.top	United States	54600	PEGTECHINCUS	false
142.4.98.251	www.wusongtv8.top	United States	54600	PEGTECHINCUS	false
23.224.87.237	siwazywcdn2.com	United States	40065	CNSERVERSUS	false
104.21.51.97	tupkku.top	United States	13335	CLOUDFLARENETUS	false
166.0.195.51	askzybf.com	United States	11798	ACEDATACENTERS-AS-1US	false
142.250.184.68	www.google.com	United States	15169	GOOGLEUS	false
182.61.201.94	api.share.n.shifen.com	China	38365	BAIDUBeijingBaiduNetcomScienceandTechnologyCoLtd	false
172.67.142.245	www.tukky.vip	United States	13335	CLOUDFLARENETUS	false
23.225.154.19	daka.cdncdncdn.com	United States	40065	CNSERVERSUS	false
39.156.68.163	share.n.shifen.com	China	9808	CMNET-GDGuangdongMobileCommunicationCoLtdCN	false
142.251.209.13	accounts.google.com	United States	15169	GOOGLEUS	false
220.128.218.220	taiwtp1.com	Taiwan; Republic of China (ROC)	3462	HINETDataCommunicationBusinessGroupTW	false
120.232.54.164	unknown	China	56040	CMNET-GUANGDONG-APChinaMobilecommunicationscorporation	false
120.232.54.165	fmw6xz3y.dns2023.com	China	56040	CMNET-GUANGDONG-APChinaMobilecommunicationscorporation	false
162.209.128.173	gtm-sg-4hr3087kq1p.gtm-i2d8.com	United States	40065	CNSERVERSUS	false
172.83.155.45	kvegg.com	United States	40065	CNSERVERSUS	false
172.121.122.116	www.bit-chasers.com	United States	18779	EGIHOSTINGUS	false
5.78.103.79	m10011.com	Iran (ISLAMIC Republic Of)	16322	PARSONLINETehran-IRANIR	false
172.67.8.171	fmtu.slsltutu.com	United States	13335	CLOUDFLARENETUS	false
188.114.96.7	www.tukudhgg.vip	European Union	13335	CLOUDFLARENETUS	false
103.166.246.24	files.backmoestream.xyz	unknown	7575	AARNET-AS-APAustralianAcademicandResearchNetworkAARNe	true
142.0.139.145	img.img1yutu.com	United States	54600	PEGTECHINCUS	false
183.240.166.133	unknown	China	56040	CMNET-GUANGDONG-APChinaMobilecommunicationscorporation	false
103.170.15.101	yd11_13-site-02.cdn-ng.net	unknown	7575	AARNET-AS-APAustralianAcademicandResearchNetworkAARNe	false
202.81.230.136	dns.ipslb.top	Hong Kong	4658	M2012LIMITED-AS2012LimitedNetfrontHK	false

Private

IP
192.168.2.1
127.0.0.1

General Information

Joe Sandbox Version:	37.0.0 Beryl
Analysis ID:	848801
Start date and time:	2023-04-18 13:23:59 +02:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 6m 7s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://www.bit-chasers.com/
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal76.troj.win@26/186@55/45
EGA Information:	Failed
HDC Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://25568v.com:7789/ Browse: http://wusong01.top/

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, WMIADAP.exe, conhost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.67, 34.104.35.123, 8.238.88.120, 8.248.119.254, 8.248.149.254, 8.238.88.254, 8.248.135.254, 93.184.221.240, 8.248.139.254, 8.238.85.126, 8.241.126.249, 8.248.133.254, 8.248.131.254, 104.26.1.190, 172.67.69.40, 104.26.0.190, 104.109.250.179, 104.109.250.178, 142.250.184.99
Excluded domains from analysis (whitelisted): fg.download.windowsupdate.com.c.footprint.net, e99038.dscb.akamaiedge.net, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, wu.azureedge.net, repository.certum.pl.edgekey.net, edgedl.me.gvt1.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, s2.loli.net.cdn.cloudflare.net, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtWriteVirtualMemory calls found.

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Certificate, Version=3
Category:	dropped
Size (bytes):	784
Entropy (8bit):	7.4411186971700936
Encrypted:	false
SSDEEP:	24:tMtXXE7BYIrYkbqUtuvU9AVC20RRvME4rZ:K9YBYMjGUtw+AVeRn4rZ
MD5:	2C8F9F661D1890B147269D8E86828CA9
SHA1:	6252DC40F71143A22FDE9EF7348E064251B18118
SHA-256:	D8E0FEBC1DB2E38D00940F37D27D41344D993E734B99D5656D9778D4D8143624
SHA-512:	C458E839B1FA3B5AD33381B8F683C68C2511B46197645A86E1006506140F2C477E3D88F5A866A56959FC0F24B390F808490F48313058F78980F722D8D139EB17
Malicious:	false
Reputation:	low
Preview:	0...0............ 0....H........0>1.0...U....PL1.0...U....Unizeto Sp. z o.o.1.0...U....Certum CA0...020611104639Z..270611104639Z0>1.0...U....PL1.0...U....Unizeto Sp. z o.o.1.0...U....Certum CA0.."0....H.............0............O\|.%..>O.o.js.[Q.....\...u.....#R...3..-..v.+9...K...x.sC{.a..X..lf~...^Uc.....0h..<.n..Z.N4.6....P.m.B.....AK.jk...~b.g..&_.&..O.W(...E.n.%].n9../.G.r...[..S?...V.n..f.&...S.....O).B.^... ..h.......Fc..."....FY~.5,..].H3.T...o.....;.Y.......0.0...U.......0....0....H......................D.l.9>..n..!w..w... A......c..7..v$...L.=.go-...e1p......`{mX.I.c2.k.:...;....Q....4..+...`.'l2w...r....?..$B..W..&C.....T(>.?..M.j.:...;.#.c.?.'y.LQ....].;..s....nd.ZV....Lt..q;..G.io...^...\|R......Yg..p..i..@Hj.5.)f.!.,.`..J@.k.$...,s

Source: https://link.imgapp.top/images/63ba73b0a92cd2097e833f95.gif	Avira URL Cloud: Label: malware
Source: https://link.imgapp.top/images/63ba73b1a92cd2097e833f9d.gif	Avira URL Cloud: Label: malware
Source: http://www.bit-chasers.com/tj.js	Avira URL Cloud: Label: malware
Source: https://img.solomon89.xyz/images/64216cb3549dfb41062bdd12.gif	Avira URL Cloud: Label: malware
Source: http://www.bit-chasers.com/common.js	Avira URL Cloud: Label: malware
Source: https://tupku.top/logotp/fff.gif	Avira URL Cloud: Label: malware

Source: https://www.wusongtv8.top/	HTTP Parser: No favicon
Source: https://www.wusongtv8.top/	HTTP Parser: No favicon
Source: http://www.bit-chasers.com/	HTTP Parser: No favicon
Source: http://www.bit-chasers.com/	HTTP Parser: No favicon
Source: https://www.wusong147.top/	HTTP Parser: No favicon
Source: https://www.wusong147.top/	HTTP Parser: No favicon

Source: Traffic	Snort IDS: 2023883 ET DNS Query to a *.top domain - Likely Hostile 192.168.2.4:60686 -> 8.8.8.8:53
Source: Traffic	Snort IDS: 2027758 ET DNS Query for .cc TLD 192.168.2.4:65133 -> 8.8.8.8:53

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: img.solomon89.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: files.backmoestream.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: zhibo128x.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	DNS query: d.drfvtgbyk.xyz

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKAccept-Ranges: bytesCache-Control: max-age=31536000Content-Encoding: gzipContent-Length: 227Content-Type: text/javascriptDate: Tue, 18 Apr 2023 11:25:03 GMTEtag: "4078521116"Expires: Wed, 17 Apr 2024 11:25:03 GMTLast-Modified: Wed, 25 Nov 2015 07:47:55 GMTP3p: CP=" OTI DSP COR IVA OUR IND COM "Server: apacheSet-Cookie: BAIDUID=96EA52B22527B9D3CCE035ED59026187:FG=1; max-age=31536000; expires=Wed, 17-Apr-24 11:25:03 GMT; domain=.baidu.com; path=/; version=1Vary: Accept-EncodingData Raw: 1f 8b 08 00 00 00 00 00 00 03 65 8f c1 6a c3 30 10 44 7f 25 f1 c1 48 d8 5e f5 da 08 61 42 4f b9 16 72 69 14 8a 2a af 6d 41 2c 99 95 1c 43 db fc 7b ed 9a 9e 7a 59 98 81 79 8f dd b7 93 b7 c9 05 cf f8 d7 dd d0 0e 95 60 97 3e a5 f1 7b 3d f1 7a d0 42 8b 8b a9 3e 8f d5 db 53 f5 ac df 35 5c 0b 0d 1f c6 35 93 06 1b 06 2e 3a 57 92 9a 9d 6f c2 0c b7 60 cd 4a 83 9e b0 2d 83 6a 82 9d 06 f4 09 96 88 44 48 d2 b5 6c 8f 90 30 26 46 7c 73 7a 95 09 61 46 07 b1 37 84 1b 7b 45 8b 08 9d 6b 33 19 6a e6 0b 95 d5 a4 b2 02 bd 0d 0d 9e 5f 4f 2f 61 18 83 5f d0 ec 9f 83 97 94 e7 bf 93 fc b6 4c 16 cd e1 af a8 b7 42 ae da a4 3c ce bb d3 60 3a 94 09 22 59 e5 1f 0f b6 3d c2 e5 0f 97 51 90 77 19 01 00 00 Data Ascii: ej0D%H^aBOri*mA,C{zYy`>{=zB>S5\5.:Wo`J-jDHl0&F\|szaF7{Ek3j_O/a_LB<`:"Y=Qw
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKAccept-Ranges: bytesCache-Control: max-age=31536000Content-Encoding: gzipContent-Length: 227Content-Type: text/javascriptDate: Tue, 18 Apr 2023 11:25:03 GMTEtag: "4078521116"Expires: Wed, 17 Apr 2024 11:25:03 GMTLast-Modified: Wed, 25 Nov 2015 07:47:55 GMTP3p: CP=" OTI DSP COR IVA OUR IND COM "Server: apacheSet-Cookie: BAIDUID=96EA52B22527B9D3CCE035ED59026187:FG=1; max-age=31536000; expires=Wed, 17-Apr-24 11:25:03 GMT; domain=.baidu.com; path=/; version=1Vary: Accept-EncodingData Raw: 1f 8b 08 00 00 00 00 00 00 03 65 8f c1 6a c3 30 10 44 7f 25 f1 c1 48 d8 5e f5 da 08 61 42 4f b9 16 72 69 14 8a 2a af 6d 41 2c 99 95 1c 43 db fc 7b ed 9a 9e 7a 59 98 81 79 8f dd b7 93 b7 c9 05 cf f8 d7 dd d0 0e 95 60 97 3e a5 f1 7b 3d f1 7a d0 42 8b 8b a9 3e 8f d5 db 53 f5 ac df 35 5c 0b 0d 1f c6 35 93 06 1b 06 2e 3a 57 92 9a 9d 6f c2 0c b7 60 cd 4a 83 9e b0 2d 83 6a 82 9d 06 f4 09 96 88 44 48 d2 b5 6c 8f 90 30 26 46 7c 73 7a 95 09 61 46 07 b1 37 84 1b 7b 45 8b 08 9d 6b 33 19 6a e6 0b 95 d5 a4 b2 02 bd 0d 0d 9e 5f 4f 2f 61 18 83 5f d0 ec 9f 83 97 94 e7 bf 93 fc b6 4c 16 cd e1 af a8 b7 42 ae da a4 3c ce bb d3 60 3a 94 09 22 59 e5 1f 0f b6 3d c2 e5 0f 97 51 90 77 19 01 00 00 Data Ascii: ej0D%H^aBOri*mA,C{zYy`>{=zB>S5\5.:Wo`J-jDHl0&F\|szaF7{Ek3j_O/a_LB<`:"Y=Qw
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKAccept-Ranges: bytesCache-Control: max-age=31536000Content-Encoding: gzipContent-Length: 227Content-Type: text/javascriptDate: Tue, 18 Apr 2023 11:25:03 GMTEtag: "4078521116"Expires: Wed, 17 Apr 2024 11:25:03 GMTLast-Modified: Wed, 25 Nov 2015 07:47:55 GMTP3p: CP=" OTI DSP COR IVA OUR IND COM "Server: apacheSet-Cookie: BAIDUID=96EA52B22527B9D3CCE035ED59026187:FG=1; max-age=31536000; expires=Wed, 17-Apr-24 11:25:03 GMT; domain=.baidu.com; path=/; version=1Vary: Accept-EncodingData Raw: 1f 8b 08 00 00 00 00 00 00 03 65 8f c1 6a c3 30 10 44 7f 25 f1 c1 48 d8 5e f5 da 08 61 42 4f b9 16 72 69 14 8a 2a af 6d 41 2c 99 95 1c 43 db fc 7b ed 9a 9e 7a 59 98 81 79 8f dd b7 93 b7 c9 05 cf f8 d7 dd d0 0e 95 60 97 3e a5 f1 7b 3d f1 7a d0 42 8b 8b a9 3e 8f d5 db 53 f5 ac df 35 5c 0b 0d 1f c6 35 93 06 1b 06 2e 3a 57 92 9a 9d 6f c2 0c b7 60 cd 4a 83 9e b0 2d 83 6a 82 9d 06 f4 09 96 88 44 48 d2 b5 6c 8f 90 30 26 46 7c 73 7a 95 09 61 46 07 b1 37 84 1b 7b 45 8b 08 9d 6b 33 19 6a e6 0b 95 d5 a4 b2 02 bd 0d 0d 9e 5f 4f 2f 61 18 83 5f d0 ec 9f 83 97 94 e7 bf 93 fc b6 4c 16 cd e1 af a8 b7 42 ae da a4 3c ce bb d3 60 3a 94 09 22 59 e5 1f 0f b6 3d c2 e5 0f 97 51 90 77 19 01 00 00 Data Ascii: ej0D%H^aBOri*mA,C{zYy`>{=zB>S5\5.:Wo`J-jDHl0&F\|szaF7{Ek3j_O/a_LB<`:"Y=Qw

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49692
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: chromecache_361.1.dr	String found in binary or memory: http://010152.xyz/6324
Source: chromecache_361.1.dr	String found in binary or memory: http://320201.xyz:8080/Register/?a=191046
Source: chromecache_361.1.dr	String found in binary or memory: http://587tz129.cc
Source: chromecache_361.1.dr	String found in binary or memory: http://595tz480.cc
Source: chromecache_361.1.dr	String found in binary or memory: http://667227.xyz:8080/Register/?a=526731
Source: chromecache_361.1.dr	String found in binary or memory: http://8499163.com/8499/150x150.gif
Source: 77EC63BDA74BD0D0E0426DC8F80085060.0.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: chromecache_361.1.dr	String found in binary or memory: http://fdnwc.cc
Source: chromecache_348.1.dr, chromecache_316.1.dr, chromecache_244.1.dr	String found in binary or memory: http://push.zhanzhang.baidu.com/push.js
Source: chromecache_201.1.dr, chromecache_209.1.dr, chromecache_248.1.dr	String found in binary or memory: http://tongji.baidu.com/hm-web/welcome/ico
Source: chromecache_361.1.dr	String found in binary or memory: http://wusong01.top
Source: chromecache_361.1.dr	String found in binary or memory: http://wusong1.top
Source: chromecache_361.1.dr	String found in binary or memory: https://1124936.xyz:8443
Source: chromecache_361.1.dr	String found in binary or memory: https://1153778.xyz:8443
Source: chromecache_361.1.dr	String found in binary or memory: https://165xx079.cc
Source: chromecache_361.1.dr	String found in binary or memory: https://1716h.com:8633
Source: chromecache_361.1.dr	String found in binary or memory: https://228tuchuang.com/960x120.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://228tz058.cc
Source: chromecache_361.1.dr	String found in binary or memory: https://25518v.com:7789
Source: chromecache_361.1.dr	String found in binary or memory: https://25568v.com:7789
Source: chromecache_361.1.dr	String found in binary or memory: https://38210190.com:8203/#/
Source: chromecache_361.1.dr	String found in binary or memory: https://43.69169.xyz/
Source: chromecache_361.1.dr	String found in binary or memory: https://480tuchuang.com/960x120.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://480xx055.cc
Source: chromecache_361.1.dr	String found in binary or memory: https://587tuchuang.com/587z80.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://595tuchuang.com/960x60.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://59927v.com:1788
Source: chromecache_361.1.dr	String found in binary or memory: https://60388924.com
Source: chromecache_361.1.dr	String found in binary or memory: https://6801146.vip
Source: chromecache_361.1.dr	String found in binary or memory: https://8499132.com/8499/150x150.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://8499163.com/8499/zzxx/960x120.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://87082.cc:8443
Source: chromecache_361.1.dr	String found in binary or memory: https://aaaaa557.com/3af44ca6e6704621829a55cefc742300.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://aaaaa557.com/f6a9e973ab65426eaf8c10d222ebd813.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://aaaaa766.com/b6bd7eddcdb34e438832860d169f0d1f.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://aoattsetp.vip/logotp/wt01.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://aooacctp.vip/lm/se5.gif
Source: chromecache_255.1.dr	String found in binary or memory: https://ezgif.com/resize
Source: chromecache_201.1.dr, chromecache_209.1.dr, chromecache_248.1.dr	String found in binary or memory: https://fclog.baidu.com/log/ocpcagl?type=behavior&emd=euc
Source: chromecache_361.1.dr	String found in binary or memory: https://fmtu.slsltutu.com/upload/vod/20230418-42/4c999fe0fe6f058b45f23d1871582589.jpg
Source: chromecache_201.1.dr, chromecache_209.1.dr, chromecache_248.1.dr	String found in binary or memory: https://goutong.baidu.com/site/
Source: chromecache_292.1.dr	String found in binary or memory: https://hm.baidu.com/hm.js?5755d298f25aacb18aed89539d4c03ff
Source: chromecache_292.1.dr	String found in binary or memory: https://hm.baidu.com/hm.js?5e9d7cf3d8bc896e8ba805acce901956
Source: chromecache_361.1.dr	String found in binary or memory: https://hm.baidu.com/hm.js?ede83dd75a39dd6faf6db374429f6beb
Source: chromecache_201.1.dr, chromecache_209.1.dr, chromecache_248.1.dr	String found in binary or memory: https://hmcdn.baidu.com/static
Source: chromecache_201.1.dr, chromecache_209.1.dr, chromecache_248.1.dr	String found in binary or memory: https://hmcdn.baidu.com/static/tongji/plugins/
Source: chromecache_361.1.dr	String found in binary or memory: https://i.postimg.cc/sDmq2sfK/290299ed48d84c7b99d8fbd8a96a254c.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://img.aosikaimge.com/20230418/fOwSUyIm/1.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/0aa6a96e69405ce232791ce8bba7b2db.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/0ef445e6d2e82aa27fe2f119fe77f47c.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/1e96a8e7fe063e5aea26880f675a6124.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/32a253272dfd421f61dfdcb05012f77d.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/35b5b5b70162549657e9351a03562ca9.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/3837dddcdb4faeed6675746b3059c54a.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/39d111956fc8503d7afbad2cf13892ca.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/3f3cdf654d08969431ec87cbe874185e.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/51876b259b28b01c23fcf7f4dbb5945b.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/61d8f30126d8bd66e9fca0d1ea984559.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/64d9d67b1cab0e3aefb49218501c284f.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/678be20213d0d08a32606a08f6941b0d.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/6e544b43885ddf85518cb02f4b1f1164.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/6e9c0b93b1339470306870af37e3de5b.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/91f2754fb31598d27822e7e3c56a5e47.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/95539cff1d99f8cd82131dd2ee5a5217.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/9bd147958238b5ff23d8206814b91a94.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/9c4afcedce7108bd31e4199ab6a65a60.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/a17ed67a0c1bcf931774c1d7c9e74cb1.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/a5df4aea07590b25a1f753753603582d.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/ba30b0c6c835632f6fd353d4adfe7d4f.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/bbefb200bcc11e91dc4f98b825a1e1fb.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/bd6a4b744297dc4d6c6cb06f680b14c2.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/c52fb2fa764e39853ba4c93e854b7752.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/cb046da13c50f046f387b003d1d9b671.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/d4f1cf8f4dad5b20fd26a66ec3960629.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/dedc5112cc7e8e1b951b000488a33e43.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/e1b6ddec926af4a6c059542eee377610.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.img1yutu.com:3451/upload/vod/20230418-1/eb2094af8eaa53e4dfbb361e9974854d.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.siwapay.com:5278/cvjpg/1p6UnDlZ.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.siwapay.com:5278/cvjpg/HwFeA2R5.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.siwapay.com:5278/cvjpg/SpFuECyQ.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://img.solomon89.xyz/images/64216cb3549dfb41062bdd12.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://img.solomon89.xyz/images/64216cb5549dfb41062bdd1c.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://img.yutuzy9.com:3451/upload/vod/20221218-1/bce9d7f65140e9ffa3b9a6946f0366b7.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://imgyutu.com:3451/upload/vod/20221004-1/f869e22a4236de79b283c82fce214f3d.jpg
Source: chromecache_292.1.dr	String found in binary or memory: https://js.users.51.la/21571945.js
Source: chromecache_292.1.dr	String found in binary or memory: https://js.users.51.la/21571997.js
Source: chromecache_361.1.dr	String found in binary or memory: https://kttoo2.com/5189ca034f32e08b20b2df900457793c.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://kttoo2.com/e4b155062fbfddc5b768f68070d296cf.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://kvegg.com/df85128d10137498b08a8b243671d3d5.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://ky1259.cc/index.html?shareName=gg281
Source: chromecache_361.1.dr	String found in binary or memory: https://link.imgapp.top/images/63ba73b0a92cd2097e833f95.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://link.imgapp.top/images/63ba73b1a92cd2097e833f9d.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://m10011.com/6b4bc2393b34f569886385798f04319d.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://m10011.com/845f6e4a01c2e542bc3b72e104884c3c.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://n0533.com/64457d63c6684472acf2d8b2d92a31df.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://pic.rmb.bdstatic.com/bjh/b8ca1f1a3197afd4b493ff9677802771.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://ppwas2.cyou/invitation/index?code=wusong
Source: chromecache_361.1.dr	String found in binary or memory: https://qp.ezfxpuo.cn/960X100.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://qwe963.oss-cn-hangzhou.aliyuncs.com/960x120-1.abc
Source: chromecache_361.1.dr	String found in binary or memory: https://s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
Source: chromecache_361.1.dr	String found in binary or memory: https://si1.go2yd.com/get-image/0xmAGT9KS9C
Source: chromecache_361.1.dr	String found in binary or memory: https://taiwtp1.com/xin/96080.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://tukudhgg.vip/lm/aaa122.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://tukudhgg.vip/logotp/klm29.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://tukudhgg.vip/logotp/tiangx01.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://tupkku.top/logotp/bbzy7.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://tupkku.top/logotp/xfb66.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://tupku.top/logotp/fff.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://uxi307.com/idsna
Source: chromecache_361.1.dr	String found in binary or memory: https://v58336.com:5689
Source: chromecache_361.1.dr	String found in binary or memory: https://www.tukky.vip/lm/dxsdcd7.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://www.tukudhgg.vip/logotp/swrhe.gif
Source: chromecache_229.1.dr	String found in binary or memory: https://www.wusong146.top/
Source: chromecache_229.1.dr	String found in binary or memory: https://www.wusong147.top/
Source: chromecache_229.1.dr	String found in binary or memory: https://www.wusong148.top/
Source: chromecache_361.1.dr	String found in binary or memory: https://xoxo.xoxoimg.vip/xo/xo120av.gif#x34
Source: chromecache_361.1.dr	String found in binary or memory: https://xoxo88888887.com/sz.html?60#x34
Source: chromecache_361.1.dr	String found in binary or memory: https://yd3229.com
Source: chromecache_361.1.dr	String found in binary or memory: https://yhtuchuang.com/960x120.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://z4a.net/images/2023/02/28/299cc960x60.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://z4a.net/images/2023/02/28/960-60.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://z4a.net/images/2023/02/28/960x60.gif
Source: chromecache_361.1.dr	String found in binary or memory: https://zhibo128x.xyz/18/180180.gif
Source: chromecache_348.1.dr, chromecache_316.1.dr, chromecache_244.1.dr	String found in binary or memory: https://zz.bdstatic.com/linksubmit/push.js

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Apr 18, 2023 13:24:58.813116074 CEST	192.168.2.4	8.8.8.8	0x5a00	Standard query (0)	clients2.google.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:24:58.814901114 CEST	192.168.2.4	8.8.8.8	0xa0d8	Standard query (0)	accounts.google.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:01.272907019 CEST	192.168.2.4	8.8.8.8	0x7302	Standard query (0)	www.bit-chasers.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:01.612051010 CEST	192.168.2.4	8.8.8.8	0x8661	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:01.828660011 CEST	192.168.2.4	8.8.8.8	0x4724	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:02.614892960 CEST	192.168.2.4	8.8.8.8	0x652e	Standard query (0)	www.wusongtv8.top	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:02.658646107 CEST	192.168.2.4	8.8.8.8	0x5e71	Standard query (0)	js.users.51.la	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:02.690140009 CEST	192.168.2.4	8.8.8.8	0x1935	Standard query (0)	hm.baidu.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:02.690458059 CEST	192.168.2.4	8.8.8.8	0x9275	Standard query (0)	push.zhanzhang.baidu.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:03.691112995 CEST	192.168.2.4	8.8.8.8	0x16ce	Standard query (0)	api.share.baidu.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:03.921211004 CEST	192.168.2.4	8.8.8.8	0xa3f6	Standard query (0)	ia.51.la	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:14.865181923 CEST	192.168.2.4	8.8.8.8	0x4c65	Standard query (0)	www.wusong147.top	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:17.360415936 CEST	192.168.2.4	8.8.8.8	0x1e54	Standard query (0)	m10011.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:17.361685991 CEST	192.168.2.4	8.8.8.8	0x5d95	Standard query (0)	aaaaa557.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:17.363049030 CEST	192.168.2.4	8.8.8.8	0xd900	Standard query (0)	qp.ezfxpuo.cn	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:17.368977070 CEST	192.168.2.4	8.8.8.8	0x3fda	Standard query (0)	aaaaa766.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:17.370786905 CEST	192.168.2.4	8.8.8.8	0x3202	Standard query (0)	link.imgapp.top	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:17.584948063 CEST	192.168.2.4	8.8.8.8	0xaef3	Standard query (0)	n0533.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:17.745600939 CEST	192.168.2.4	8.8.8.8	0xda90	Standard query (0)	img.solomon89.xyz	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:18.730251074 CEST	192.168.2.4	8.8.8.8	0x3fda	Standard query (0)	aaaaa766.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.028498888 CEST	192.168.2.4	8.8.8.8	0xe888	Standard query (0)	z4a.net	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.299088001 CEST	192.168.2.4	8.8.8.8	0x2ae6	Standard query (0)	595tuchuang.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.588087082 CEST	192.168.2.4	8.8.8.8	0x15dc	Standard query (0)	i.postimg.cc	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.588351011 CEST	192.168.2.4	8.8.8.8	0x29c2	Standard query (0)	8499163.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.589118958 CEST	192.168.2.4	8.8.8.8	0x20ce	Standard query (0)	228tuchuang.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.589191914 CEST	192.168.2.4	8.8.8.8	0xf77f	Standard query (0)	kttoo2.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.589442968 CEST	192.168.2.4	8.8.8.8	0x54b2	Standard query (0)	587tuchuang.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.589653969 CEST	192.168.2.4	8.8.8.8	0xe4cc	Standard query (0)	s2.loli.net	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.589900017 CEST	192.168.2.4	8.8.8.8	0x3c7a	Standard query (0)	yhtuchuang.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.590150118 CEST	192.168.2.4	8.8.8.8	0x42d7	Standard query (0)	480tuchuang.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.592103004 CEST	192.168.2.4	8.8.8.8	0x6425	Standard query (0)	taiwtp1.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.598872900 CEST	192.168.2.4	8.8.8.8	0xc29f	Standard query (0)	xoxo.xoxoimg.vip	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.622416019 CEST	192.168.2.4	8.8.8.8	0xae34	Standard query (0)	tupku.top	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.633333921 CEST	192.168.2.4	8.8.8.8	0x89e	Standard query (0)	pic.rmb.bdstatic.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.802828074 CEST	192.168.2.4	8.8.8.8	0x18fd	Standard query (0)	files.backmoestream.xyz	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:19.806278944 CEST	192.168.2.4	8.8.8.8	0xeedb	Standard query (0)	www.tukudhgg.vip	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:22.485610962 CEST	192.168.2.4	8.8.8.8	0x2416	Standard query (0)	tupkku.top	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:22.492121935 CEST	192.168.2.4	8.8.8.8	0xcbf5	Standard query (0)	tukudhgg.vip	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:22.492280006 CEST	192.168.2.4	8.8.8.8	0x118e	Standard query (0)	aoattsetp.vip	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:22.493387938 CEST	192.168.2.4	8.8.8.8	0x62ae	Standard query (0)	zhibo128x.xyz	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:24.726592064 CEST	192.168.2.4	8.8.8.8	0x198b	Standard query (0)	www.tukky.vip	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:24.727235079 CEST	192.168.2.4	8.8.8.8	0x98b1	Standard query (0)	kvegg.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:25.296593904 CEST	192.168.2.4	8.8.8.8	0xdbd1	Standard query (0)	img.img1yutu.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:26.384314060 CEST	192.168.2.4	8.8.8.8	0x3347	Standard query (0)	img.siwapay.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:31.044744968 CEST	192.168.2.4	8.8.8.8	0xd816	Standard query (0)	img.yutuzy9.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:31.858644962 CEST	192.168.2.4	8.8.8.8	0x4936	Standard query (0)	imgyutu.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:31.986468077 CEST	192.168.2.4	8.8.8.8	0x71b9	Standard query (0)	img.aosikaimge.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:32.315260887 CEST	192.168.2.4	8.8.8.8	0x329d	Standard query (0)	fmtu.slsltutu.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:32.318552971 CEST	192.168.2.4	8.8.8.8	0xf8f9	Standard query (0)	aooacctp.vip	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:32.503604889 CEST	192.168.2.4	8.8.8.8	0x2016	Standard query (0)	repository.certum.pl	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:32.600496054 CEST	192.168.2.4	8.8.8.8	0x6bcc	Standard query (0)	si1.go2yd.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:34.016509056 CEST	192.168.2.4	8.8.8.8	0x40a0	Standard query (0)	d.drfvtgbyk.xyz	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:25:34.750348091 CEST	192.168.2.4	8.8.8.8	0xad76	Standard query (0)	ia.51.la	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:27:02.470521927 CEST	192.168.2.4	8.8.8.8	0xccc5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Apr 18, 2023 13:27:02.499389887 CEST	192.168.2.4	8.8.8.8	0x2d8b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:24:59 UTC	0	OUT	POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1 Host: accounts.google.com Connection: keep-alive Content-Length: 1 Origin: https://www.google.com Content-Type: application/x-www-form-urlencoded Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:24:59 UTC	0	OUT	Data Raw: 20 Data Ascii:
2023-04-18 11:24:59 UTC	2	IN	HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Access-Control-Allow-Origin: https://www.google.com Access-Control-Allow-Credentials: true X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Tue, 18 Apr 2023 11:24:59 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= Content-Security-Policy: script-src 'report-sample' 'nonce-5UvuhVGYe7iwQUE1ENQjvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self' Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport Cross-Origin-Opener-Policy: same-origin Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Server: ESF X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2023-04-18 11:24:59 UTC	4	IN	Data Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a Data Ascii: 11["gaia.l.a.r",[]]
2023-04-18 11:24:59 UTC	4	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:24:59 UTC	0	OUT	GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1 Host: clients2.google.com Connection: keep-alive X-Goog-Update-Interactivity: fg X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda X-Goog-Update-Updater: chromecrx-104.0.5112.81 Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:24:59 UTC	1	IN	HTTP/1.1 200 OK Content-Security-Policy: script-src 'report-sample' 'nonce-ve2oaT-gRy3sjmpSYw5qZg' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Tue, 18 Apr 2023 11:24:59 GMT Content-Type: text/xml; charset=UTF-8 X-Daynum: 5951 X-Daystart: 15899 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2023-04-18 11:24:59 UTC	1	IN	Data Raw: 32 63 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 35 39 35 31 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 31 35 38 39 39 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22 Data Ascii: 2c9<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="5951" elapsed_seconds="15899"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
2023-04-18 11:24:59 UTC	2	IN	Data Raw: 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 7a 65 3d 22 32 34 38 35 33 31 22 20 73 74 61 74 75 73 3d 22 6f 6b 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 2e 30 2e 36 22 2f 3e 3c 2f 61 70 70 3e 3c 2f 67 75 70 64 61 74 65 3e 0d 0a Data Ascii: 723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" size="248531" status="ok" version="1.0.0.6"/></app></gupdate>
2023-04-18 11:24:59 UTC	2	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Microsoft Cabinet archive data, Windows 2000/XP setup, 62582 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
Category:	dropped
Size (bytes):	62582
Entropy (8bit):	7.996063107774368
Encrypted:	true
SSDEEP:	1536:Jk3XPi43VgGp0gB2itudTSRAn/TWTdWftu:CHa43V5p022iZ4CgA
MD5:	E71C8443AE0BC2E282C73FAEAD0A6DD3
SHA1:	0C110C1B01E68EDFACAEAE64781A37B1995FA94B
SHA-256:	95B0A5ACC5BF70D3ABDFD091D0C9F9063AA4FDE65BD34DBF16786082E1992E72
SHA-512:	B38458C7FA2825AFB72794F374827403D5946B1132E136A0CE075DFD351277CF7D957C88DC8A1E4ADC3BCAE1FA8010DAE3831E268E910D517691DE24326391A6
Malicious:	false
Reputation:	low
Preview:	MSCF....v.......,...................I.................BVrl .authroot.stl....oJ5..CK..8U....a..3.1.P. J.".t..2F2e.dHH......$E.KB.2D..-SJE....^..'..y.}..,{m.....\...]4.G.......h....148...e.gr.....48:.L...g.....Xef.x:..t...J...6-....kW6Z>....&......ye.U.Q&z:.vZ..._....a...]..T.E.....B.h.,...[....V.O.3..EW.x.?.Q..$.@.W..=.B.f..8a.Y.JK..g./%p..C.4CD.s..Jd.u..@.g=...a.. .h%..'.xjy7.E..\.....A..':.4TdW?Ko3$.Hg.z.d~....../q..C.....`...A[ W(.........9...GZ.;....l&?........F...p?... .p.....{S.L4..v.+...7.T?.....p..`..&..9.......f...0+.L.....1.2b)..vX5L'.~....2vz.,E.Ni.{#...o..w.?.#.3..h.v<.S%.].tD@!Le.w.q.7.8....QW.FT.....hE.........Y............./.%Q...k....Y.n..v.A..../...>B..5\..-Ko.......O<.b.K.{.O.b...._.7...4.;%9N..K.X>......kg-9..r.c.g.G\|.[.-...HT...",?.q...ad....7RE.......!f..#../....?.-.^.K.c^...+{.g......]<..$.=.O....ii7.wJ+S..Z..d.....>..J*...T..Q7..`.r,<$....\d:K`..T.n....N.....C..j.;.1SX..j....1...R....+....Yg....]....3..9..S..D..`.

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:07 UTC	76	OUT	GET /21571997.js HTTP/1.1 Host: js.users.51.la Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: http://www.bit-chasers.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:07 UTC	77	IN	HTTP/1.1 200 OK Server: CloudWAF Date: Tue, 18 Apr 2023 11:25:07 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Set-Cookie: HWWAFSESID=ec8724420a2106c085b; path=/ Set-Cookie: HWWAFSESTIME=1681817104133; path=/ Cache-Control: max-age=360000 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true
2023-04-18 11:25:07 UTC	77	IN	Data Raw: 31 33 32 33 0d 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 6f 6e 66 69 67 20 3d 20 7b 69 74 76 3a 20 31 38 30 30 30 30 30 2c 75 72 6c 31 3a 27 2f 2f 69 61 2e 35 31 2e 6c 61 2f 67 6f 31 3f 69 64 3d 32 31 35 37 31 39 39 37 27 2c 65 6b 63 3a 27 27 7d 3b 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 72 29 7b 69 66 28 6e 5b 72 5d 29 72 65 74 75 72 6e 20 6e 5b 72 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 6f 3d 6e 5b 72 5d 3d 7b 65 78 70 6f 72 74 73 3a 7b 7d 2c 69 64 3a 72 2c 6c 6f 61 64 65 64 3a 21 31 7d 3b 72 65 74 75 72 6e 20 65 5b 72 5d 2e 63 61 6c 6c 28 6f 2e 65 78 70 6f 72 74 73 2c 6f 2c 6f 2e 65 78 70 6f 72 74 73 2c 74 29 2c 6f 2e 6c 6f 61 64 65 64 3d 21 30 2c 6f 2e 65 78 70 6f 72 74 73 7d 76 61 72 20 6e 3d 7b 7d 3b 72 Data Ascii: 1323(function(){var config = {itv: 1800000,url1:'//ia.51.la/go1?id=21571997',ekc:''};!function(e){function t(r){if(n[r])return n[r].exports;var o=n[r]={exports:{},id:r,loaded:!1};return e[r].call(o.exports,o,o.exports,t),o.loaded=!0,o.exports}var n={};r
2023-04-18 11:25:07 UTC	82	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:38 UTC	18319	OUT	GET /64457d63c6684472acf2d8b2d92a31df.gif HTTP/1.1 Host: n0533.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:38 UTC	19083	IN	HTTP/1.1 200 OK Date: Tue, 18 Apr 2023 11:25:38 GMT Content-Type: image/gif Content-Length: 329514 Connection: close Vary: Accept-Encoding Last-Modified: Thu, 23 Mar 2023 11:59:05 GMT ETag: "641c3f09-5072a" Server: WAF/2.4-12.1 X-Cache-Status: HIT Accept-Ranges: bytes
2023-04-18 11:25:38 UTC	19083	IN	Data Raw: 47 49 46 38 39 61 c0 03 32 00 f7 00 00 ff ff fd e7 66 e3 ff ff c9 ff b9 00 e7 42 01 ff ee 98 ff dc 75 ff da 05 ff ff eb ff fb 98 ff fa 15 fa dc 89 92 73 0b ff d6 64 d7 cf 91 ff eb 8b ff ca 00 ff fe da ff ff 24 ec 00 ff 31 18 47 a7 95 6d d8 d4 cf a8 00 ff f8 cf b2 42 18 6c f8 a1 e6 ff e7 08 00 52 e6 89 6f 68 f3 0e 07 ab a7 8f d8 d1 ab ff ff 35 db 00 ff b9 00 ff 79 6f 70 d5 b8 6c ca 00 ff fe da ce 71 95 dc f2 d4 2b b0 a9 b2 ae 8c 0b 64 0e 98 d3 af 09 a6 9b 8a 25 15 31 ff ff 46 ff ff 67 8e 00 9d 39 18 64 a6 87 5a f1 d5 48 6c 52 04 78 6a 56 21 12 28 d1 b3 53 ff ff 55 96 8f 8d ff ef a6 85 73 90 ff ff 78 ff ff 86 95 86 70 b8 a9 71 da ea ff d3 b6 2b f1 ac 92 b1 96 2c 46 34 07 75 61 89 ff e7 7b f6 b5 ab d7 fe db 77 65 08 9a 90 07 31 18 38 eb b6 69 f7 00 ff 0b 04 Data Ascii: GIF89a2fBusd$1GmBlRoh5yoplq+d%1Fg9dZHlRxjV!(SUsxpq+,F4ua{we18i
2023-04-18 11:25:38 UTC	19099	IN	Data Raw: 74 f0 9a 7e be c7 7e b4 a6 9f fe 29 a0 06 aa a0 ce a2 f5 f8 db 52 ca 03 62 b2 23 c6 2d ea 98 1c e7 3a 5c 9c 28 d0 66 39 7e 40 74 92 83 14 1c 2a 62 36 dc 1c ee 0e 3e 49 67 73 5a a7 3a 72 aa 75 1a 8a 38 69 a7 f5 5c d8 3b 7d 40 aa 52 d3 aa b6 6a ab ea 5b 3b 5a 0b 45 08 83 0c a0 41 ca a9 01 1a 7c 98 45 60 24 58 84 58 79 5e 83 1a e8 2a 0e 65 00 ff 9c c3 b2 04 85 af 5e 83 79 0a ab fd 9c 20 3d 81 40 44 9e a0 47 01 a7 77 3a d8 0e fc e7 7f 66 4a 1a 1e 1e 14 19 d5 50 80 8d b6 6e 2b 83 b6 c4 b2 4c 45 13 96 04 fb 18 95 ba ae 4c b3 2c 41 0b bd eb 8f 96 e8 61 64 0a 5e c8 ff ab 89 52 04 93 ae 28 8b b6 68 60 d5 cc 0b 80 4c 09 9c 41 de 0d 29 3f a4 4c de 41 9a a3 3d c6 e0 d9 15 c7 1c ac e4 4d 46 1e dc cc 14 54 69 de cd 86 5a 5e 4d 09 64 ec 23 5a 56 21 22 47 96 96 c3 23 7e Data Ascii: t~~)Rb#-:\(f9~@tb6>IgsZ:ru8i\;}@Rj[;ZEA\|E`$XXy^e^y =@DGw:fJPn+LEL,Aad^R(h`LA)?LA=MFTiZ^Md#ZV!"G#~
2023-04-18 11:25:39 UTC	19479	IN	Data Raw: ff 10 65 a2 83 70 f9 f8 91 62 49 17 6a 21 91 6b b1 91 03 53 85 71 a1 85 89 f8 73 ea 38 8a 2d c9 90 63 61 96 6a 81 96 f3 d7 16 01 90 88 6a 79 16 17 b9 79 71 59 16 4b c8 72 52 38 16 63 b9 33 46 87 1a 9c 11 18 c3 f0 4e de 28 37 fe c0 92 7f a9 16 54 51 04 db 32 7b e1 05 06 d5 a0 6f 7c 78 5d 38 f6 5d bd b2 95 03 03 65 47 c3 71 4f a9 94 49 99 88 b0 f2 04 66 97 2f 43 d9 9a ae f9 9a fa 22 9a 56 29 8e 8c 98 71 46 83 17 b9 c2 89 85 b9 9b 78 b1 6e a5 d8 96 be 39 89 44 40 62 6c 59 95 56 d9 84 72 19 97 bf 29 7f c3 49 9c c2 19 97 79 f9 90 24 d6 97 a9 f8 97 ab 18 8e cd c9 16 bc 29 31 87 89 98 89 99 18 26 36 5d f1 ff 61 68 c3 18 99 69 41 07 59 50 99 2a 12 5e 82 80 0c 71 b6 99 fb c6 62 86 08 94 89 28 9b 89 68 76 c8 b7 77 03 b3 94 08 a3 9f f7 a9 23 a0 39 9b f3 08 45 89 98 Data Ascii: epbIj!kSqs8-cajjyyqYKrR8c3FN(7TQ2{o\|x]8]eGqOIf/C"V)qFxn9D@blYVr)Iy$)1&6]ahiAYP*^qb(hvw#9E
2023-04-18 11:25:39 UTC	19495	IN	Data Raw: 23 96 e8 5d 89 28 06 68 a2 88 02 aa d8 e2 80 21 c6 28 a3 87 12 ce 68 e3 8d 38 72 c8 82 1a b6 3c e1 e3 8f 40 06 29 e4 90 44 16 69 e4 91 48 26 a9 e4 92 4c 36 a9 06 0b 39 46 29 25 7c 24 da 67 09 0e 89 40 e1 8f 96 89 bc 80 e0 7d d5 a5 e8 65 96 64 5e b9 9f 7f d9 f5 87 65 99 5d 5a f2 e2 9b 53 c6 59 a1 0a 16 d4 59 e7 0e d6 89 41 42 1e de d5 28 e7 9f 80 06 4a 1d 0b 4d 16 6a e8 a1 88 26 aa 68 a1 50 0a ea e8 a3 0a c2 43 e2 0b 5a 6e 69 e9 a5 ff 40 d1 25 98 d1 8d 78 e5 a5 a0 5e ea 26 9a 07 7e 9a 69 a8 a2 7e 09 27 a4 0c 92 80 9b 05 d0 c9 ff 41 c2 ac b4 d6 6a eb ad b5 6a 67 41 70 62 54 87 07 70 95 f4 aa 9d 9f ac 16 6b 6c 88 a1 2c aa ec b2 cc 36 eb ec 79 c7 46 7b 63 95 94 6e 29 8c 0c 32 a8 c1 a3 31 da ca d0 87 a5 89 1c a8 5f 96 96 6a 82 2d 1a e8 a2 81 ed b7 e0 ae fa 20 Data Ascii: #](h!(h8r<@)DiH&L69F)%\|$g@}ed^e]ZSYYAB(JMj&hPCZni@%x^&~i~'AjjgApbTpkl,6yF{cn)21_j-
2023-04-18 11:25:39 UTC	19713	IN	Data Raw: 80 06 4e ec 0f 53 ac 55 f1 fb c4 fd 8b 9d 54 14 0f ec d6 bf 96 52 b3 fa 83 86 32 a6 ca 6b d3 ad 48 1a c6 1b 32 c6 15 31 10 0b 7c 00 0d 2c 8e ae 7b 00 4d db 05 f2 1a 13 9f 3a cc b5 c4 04 98 8a 0b 43 90 c1 c8 81 4b 00 da 89 26 5c 41 b6 56 17 5d 1a 1d 28 bc c9 3b 85 bd 89 7c 00 13 5a 03 25 e1 c2 70 4b c9 23 c1 b1 69 b7 07 26 91 c9 88 6c 12 dd fc cd 93 5c 12 43 6c c9 ea 8c ce 31 83 cd 1a 63 c5 a3 cb be 32 5b 25 38 26 cb 9f 55 ca f9 0b 31 a0 bc 44 0f 52 5c b3 15 a9 58 0c c6 30 42 d0 a0 55 ba 4a aa ba 65 7c 10 bb dc cb d6 c1 c0 ed 09 1d 0c 40 0a 25 81 cc c8 61 cc 6f a7 d1 ca f1 c1 21 c0 0d c7 51 16 46 61 04 58 5b 16 d1 dc 05 d0 c0 5e 6e 51 04 7a 27 b0 5c 26 b6 f4 9c cd d8 ff 9b 0a 18 b1 08 db cc 0b fb 13 33 8b c0 ce 18 db d3 24 51 03 f2 bc 3f 36 4d 12 38 7d ce Data Ascii: NSUTR2kH21\|,{M:CK&\AV](;\|Z%pK#i&l\Cl1c2[%8&U1DR\X0BUJe\|@%ao!QFaX[^nQz'\&3$Q?6M8}
2023-04-18 11:25:39 UTC	19729	IN	Data Raw: 14 38 d8 1b c3 35 5b ad d6 92 3d d0 92 c2 3e 40 43 ff d6 82 1f 3d c9 2e 84 53 03 35 58 92 d4 f3 3d 91 32 2a e4 9a 93 3c f4 b8 36 bb ae d6 a0 39 4b b1 38 d4 f0 42 2b dc c3 3e 03 2f e1 7a 24 ea b3 9a 09 08 0b 35 f9 8a e9 b3 a9 cd e0 be ef bb 44 4c 5c 2f 02 bc 00 ff 2a 3f 4f 84 00 54 d8 44 f8 83 80 4f 24 45 53 3c c5 f2 fb bf a9 43 45 55 0c 3f 37 28 c5 f2 0b 45 02 f4 bf ab 43 c5 01 bc bf d7 58 c2 22 ac 41 07 84 9c 25 2c 03 5e 14 42 31 da 2c 61 14 c2 08 78 42 66 6b 40 1f c9 3c 00 11 80 62 7c 46 68 14 42 12 2c 89 13 84 c1 ca 82 36 d9 89 46 14 cc a7 19 84 a2 60 bc 41 c3 a3 88 20 14 23 0e fc c6 65 9c 08 dc d9 04 07 04 85 85 88 46 73 23 3b 11 84 c7 77 9c 47 36 58 bc 88 59 0b 27 61 19 33 ac c2 4d 79 a9 7c dc c7 32 93 ad d4 42 03 26 a1 3d e9 33 3d ec 02 c8 8d 11 14 Data Ascii: 85[=>@C=.S5X=2<69K8B+>/z$5DL\/?OTDO$ES<CEU?7(ECX"A%,^B1,axBfk@<b\|FhB,6F`A #eFs#;wG6XY'a3My\|2B&=3=
2023-04-18 11:25:39 UTC	19745	IN	Data Raw: 20 5e e0 3c 28 a1 73 e7 15 48 de 84 18 66 a8 61 7a e1 88 d7 e1 87 ea 81 b8 e1 88 09 be 60 e2 82 bb 28 47 e2 8a 2c b6 e8 e2 8b d2 91 37 1e 8b 19 54 68 1d 39 30 e6 98 60 84 3a f6 e8 e3 8f 40 06 e9 e0 85 42 16 09 e3 38 cc 69 67 e4 92 cd a5 c8 e4 93 50 46 29 e5 72 52 dc 01 c7 42 58 66 a9 e5 96 5c 76 e9 e5 97 60 22 64 c1 11 53 96 69 e6 99 0f ce 88 e6 9a 6c b6 c9 9c 93 6e c6 29 e7 9c cd 1d 11 26 45 77 e2 a9 e7 9e 79 f2 e9 67 98 3d d0 29 e8 a0 3d 5a 92 c8 a1 fe 24 9a 68 7c 85 1a 8a c3 a3 8f 12 59 97 a3 89 0c 69 e2 a1 e5 28 88 28 14 9c 62 8a 24 a1 51 c2 09 ea a8 a4 3e 69 c1 9f 1b f5 89 ea aa ac b6 ea aa 9f 95 94 ff 2a eb ac 9a 2a aa a8 1c 79 f8 63 09 7b e3 31 4a a3 ad b6 ee 7a 57 22 c0 9e 13 5d 76 87 6e 0a ac ae 08 12 bb 2c b3 12 62 97 6c a4 53 f2 03 69 a7 d0 5d Data Ascii: ^<(sHfaz`(G,7Th90`:@B8igPF)rRBXf\v`"dSiln)&Ewyg=)=Z$h\|Yi((b$Q>i**yc{1JzW"]vn,blSi]
2023-04-18 11:25:39 UTC	19761	IN	Data Raw: 4d 41 80 41 a6 80 0e e0 80 90 36 85 79 58 82 cd 61 63 6b 08 7e 97 53 29 aa 37 08 72 18 03 f6 97 5c 88 ff 60 14 65 18 45 75 d8 88 ce 11 65 28 78 89 0c 12 16 7c a0 74 91 40 16 55 b1 83 cf 86 0d 61 81 0d d4 d7 15 06 90 04 ff 70 6d 49 a0 0b 35 e8 89 5f b1 89 eb a6 07 ae 08 03 a0 28 02 a2 28 16 b5 18 00 61 f1 7c ac 38 8b 30 a0 0b 62 47 84 fc 91 44 47 88 67 51 c0 06 02 20 60 90 c5 7d f0 14 7f 55 01 85 fb a6 15 00 47 0b e9 96 85 33 b0 85 d4 68 15 5f 58 15 6f 88 61 8b 18 03 91 68 39 7d a8 8d 8a c2 0e 2e 55 05 0f 86 8e 0f 06 64 9c 52 05 6d 28 8d f9 22 2f 60 50 04 f4 38 8f f4 88 0c 57 41 87 5a 01 88 56 11 89 9e c6 87 4d d1 0b 5a a0 28 df d8 8d c3 95 1d ce 48 15 5a d0 05 60 30 05 d5 c0 67 55 a0 53 17 48 88 fc e8 8f 4a 46 69 4f a8 28 b5 f0 03 54 61 90 cf 61 89 98 18 Data Ascii: MAA6yXack~S)7r\`eEue(x\|t@UapmI5_((a\|80bGDGgQ `}UG3h_Xoah9}.UdRm("/`P8WAZVMZ(HZ`0gUSHJFiO(Taa
2023-04-18 11:25:39 UTC	19781	IN	Data Raw: cd d9 8a f2 c2 a0 31 ca e3 40 30 32 be 01 fb 6d 19 5c 0c c2 9e c1 b0 dc dd 5b a5 6c 19 2b fd 29 e3 bd bb 1e c4 e3 ec 9d 79 e9 2d 1e 36 1e de ee 6d 72 dd 64 d2 27 2d 7a 81 fd e4 1e 2a d9 32 f7 e5 79 ad ca 58 5e 48 fe 50 d3 9f f1 71 02 3e e0 b8 17 dc 70 3c c8 20 be 08 d8 0c e2 9c 61 c7 1a 0e e1 0b fe e2 9a 11 e7 6c 3c e7 75 4e e2 1e 6e e7 96 21 e2 12 ce e7 97 ff 51 6c 28 3e 60 be 3d 56 35 9e e6 88 8e 1a 9a 11 e3 e7 8d 71 20 5d df 40 eb 41 cd ea 9d 52 3e 19 07 cd 8e 41 ee d6 96 91 b0 59 6b ca 4a 7d 0a 54 2e 54 c5 5d df e1 e4 e4 a0 b1 bb e7 4a cc a2 41 99 d5 7b c2 57 7e 00 00 9e e5 b9 dc 4d 89 b2 04 d7 fa c3 6a 7b cc fe 30 e4 9d 21 cb e5 cb 41 af 27 e5 b9 ce 2d ca 9e 73 95 22 e3 01 fe d9 6e ae d3 a7 91 0a aa 8d 0f 07 8e 1a 1e 8e e0 a5 21 e2 ff 20 e9 92 0e 09 Data Ascii: 1@02m\[l+)y-6mrd'-z*2yX^HPq>p< al<uNn!Ql(>`=V5q ]@AR>AYkJ}T.T]JA{W~Mj{0!A'-s"n!
2023-04-18 11:25:39 UTC	20674	IN	Data Raw: 6f 52 5b 92 e4 36 82 35 69 ab 1d 53 db bf b9 8a d1 3d 79 3d 68 64 8d 7b 5c 9c 70 4f b1 cb 65 6e 73 9d fb 5c e8 46 57 ba cb 6d 06 39 90 7b 5d aa fd 6f a7 4f f5 e9 4d 70 08 d5 cc 90 b1 88 b6 04 ad 4d e6 67 a4 fd 4d f5 9b c1 ec 2a 6f 79 33 14 f1 b2 76 b4 6a 75 cf 7a 21 55 db 70 fa a5 b7 fa b5 59 71 b1 fb 5f e3 e2 61 9a d3 25 70 81 0d 7c e0 01 23 d8 98 78 b8 21 80 1d bc 35 de b4 f1 bb f0 55 e3 84 2b 5c de 00 b5 b7 95 17 a6 ad 7d 85 95 5f d8 02 77 2f 07 a3 89 5e 1f 7c 62 84 b2 c6 0c 01 4d 70 8b 5d fc 62 18 c7 58 c6 33 56 30 8d 6d 6c 07 6d 34 18 c5 3b 66 25 86 4f ec 61 00 ef 76 76 fe e5 71 91 19 e9 63 71 fe 03 b3 48 ef 36 32 51 ac db 64 28 47 59 ca 51 86 09 00 ac 7c 65 2c 67 59 cb 5b e6 32 02 ba ec 65 30 87 59 cc 63 26 73 99 23 70 66 34 a7 59 cd 6b 66 73 9b dd Data Ascii: oR[65iS=y=hd{\pOens\FWm9{]oOMpMgM*oy3vjuz!UpYq_a%p\|#x!5U+\}_w/^\|bMp]bX3V0mlm4;f%OavvqcqH62Qd(GYQ\|e,gY[2e0Yc&s#pf4Ykfs
2023-04-18 11:25:39 UTC	20702	IN	Data Raw: f5 27 4c 6d ca b1 5a 71 cc 60 18 57 8c bc 05 06 32 2f 60 d3 d9 f3 e6 cc 3c 3c ff fb bc b9 03 3c 87 e4 28 89 52 51 29 c2 26 36 0c 35 cf 66 33 e9 f5 ff ed db 9e 6b 47 e0 d4 30 33 a8 d4 33 ee c4 5e f0 e7 6d 0f de 9a 5f 99 bb cc f0 cf 0c e6 98 ff 21 01 4e f1 48 72 8b 41 18 62 97 ad db 7b 67 20 94 49 23 02 8d f1 cf 0d d8 a0 75 85 3f d7 de 7a 72 f5 f1 67 3b 94 bf 00 cf 38 fc 14 c9 98 1c 72 97 82 7f 00 25 30 a9 88 f6 fe 33 f0 40 2e 04 24 89 8b 03 1b 64 28 41 93 cc 68 b0 89 06 67 51 50 81 61 28 d4 70 c3 22 48 ea b0 24 06 29 1c e4 0c 12 4b 34 f1 44 14 05 39 08 21 86 14 12 e9 45 18 63 94 71 46 1a 6b b4 f1 45 2b 72 d4 71 c7 54 6a 92 6a c7 9a 88 d8 71 48 5d 82 1c f2 48 3e 6a 3a 72 49 26 79 f4 71 48 23 9b cc 51 29 a3 98 d2 6b 04 bd 02 10 92 49 8b f0 22 4b 18 b4 1e 23 Data Ascii: 'LmZq`W2/`<<<(RQ)&65f3kG033^m_!NHrAb{g I#u?zrg;8r%03@.$d(AhgQPa(p"H$)K4D9!EcqFkE+rqTjjqH]H>j:rI&yqH#Q)kI"K#
2023-04-18 11:25:39 UTC	20718	IN	Data Raw: 0c 22 5d f0 96 43 2d 32 8b 84 d3 9c d1 5d ae 49 44 20 22 71 4e c7 cc e5 3f dc 89 a4 04 75 70 20 99 33 a0 5d c4 b0 ff c5 83 8c e9 73 ec c4 54 42 c4 70 45 31 10 a4 12 61 6c 42 3f 19 72 03 31 26 74 8c 74 29 e3 19 27 ea ab 94 9c 80 78 1a 60 49 1f 0b f9 84 8c ae 44 8e 86 24 1e cb 62 d2 47 74 5c f4 77 1e d5 a8 4a d7 c1 d1 94 a2 44 90 01 d0 28 47 43 5a bc 48 8c 54 25 08 fa 9a b4 a2 06 4a 71 80 ed 67 fe 40 c3 23 65 10 8f fb b1 cf 5a 41 15 1f 28 73 b1 d4 a6 aa 12 7f ac 44 e5 f8 22 59 8e a8 0a b5 a9 58 bd 00 55 99 03 ad 5b 12 51 85 0a 5c 0e da d8 c0 55 08 5e f3 2e ea 48 2b 58 73 39 cd 76 ac 55 81 64 9d 4b 5a 1d 10 c2 fd c4 8d 9a c4 0c d7 24 98 a9 42 17 d0 70 4e 78 31 a8 5c 81 f0 1c 3a 85 75 9e e2 1c e7 ed de 8a 9f 7a d6 a5 83 66 9b 20 10 de c9 9c d2 f1 55 9e 24 a4 Data Ascii: "]C-2]ID "qN?up 3]sTBpE1alB?r1&tt)'x`ID$bGt\wJD(GCZHT%Jqg@#eZA(sD"YXU[Q\U^.H+Xs9vUdKZ$BpNx1\:uzf U$
2023-04-18 11:25:39 UTC	20734	IN	Data Raw: 9d ac ce cb 6c 2d b4 ef 9c 89 0a 65 7b 66 34 a7 39 6e 45 cc 2d 45 17 61 5c 8a f2 62 71 97 73 73 41 6d 5b 03 e2 5e 20 70 6d 16 e8 9b 85 2b 67 3d f3 76 b9 96 73 6e 9e 59 f5 12 2e d8 f6 10 34 a0 44 07 2e da 08 3a d0 60 bc f2 39 9d 6d e3 38 9f 44 af 17 5d d4 0d af 74 3b 3a 0b 2f e2 87 12 1b 80 ef 7b 3b ca e9 e9 ce c7 d1 b6 05 50 7d 04 8a 87 8e 06 88 12 79 b5 29 5f f1 6b 80 09 71 35 7b 01 c2 1e c4 28 d2 3b be e2 71 d7 40 99 6a 44 18 59 24 eb 91 d5 7d c9 ce 24 7e 5d 0a 13 92 e8 f5 7d 30 09 36 8b 31 40 62 69 9e 18 92 58 15 f0 28 69 8c 21 55 76 09 80 ba f4 ab 87 6d ba d7 30 f5 3a 79 22 4a 13 b2 11 9c a6 0a dd 5a b1 61 d2 0b 09 6d 71 18 4d 21 59 4e 68 53 43 d7 14 b8 98 b2 55 f3 4d 8a f2 4a ff 6a f9 5d 27 0f da 1b 85 5a 56 b2 2d 26 13 28 2f 5b 86 9b 68 43 38 3c cd Data Ascii: l-e{f49nE-Ea\bqssAm[^ pm+g=vsnY.4D.:`9m8D]t;:/{;P}y)_kq5{(;q@jDY$}$~]}061@biX(i!Uvm0:y"JZamqM!YNhSCUMJj]'ZV-&(/[hC8<
2023-04-18 11:25:39 UTC	20750	IN	Data Raw: d7 94 46 e9 89 7a a0 94 b4 56 8b 83 b1 94 4c 89 8b 4f c9 7e 7e f1 06 6d 93 1d 80 87 0e 7d 21 09 5e 24 3d 85 d1 4f 92 25 00 7e 31 81 55 e0 96 92 00 97 92 50 18 c8 63 1e 98 27 18 86 31 2b 3a d5 01 b6 a3 53 2e e5 26 2d 78 1a 77 f0 01 b9 c3 3a 1d 77 1a 98 40 98 af a3 51 84 04 8e de 56 49 5d 26 71 fb f8 85 7a 57 99 da a3 96 fe 38 8f 9a 79 65 02 e9 7a e9 23 92 3b 13 8f a0 71 07 99 f9 67 33 20 6e b3 e2 7b e8 a8 8f 40 28 00 25 58 0e c2 17 8e 4a 55 34 15 27 99 3d 40 4f a4 a1 86 a6 09 04 bf 56 49 b1 67 4f 7b 62 0c 41 57 69 23 40 73 75 48 55 3c e9 0c c8 37 92 c7 34 5d 26 d9 7b 3c 87 93 c5 89 54 79 f6 68 41 37 42 5b 43 88 91 58 4c d1 15 74 32 40 2d 7f 02 94 43 ff 39 9e 16 32 6b d8 f0 17 49 e0 89 7c f0 17 f9 47 8b 77 01 96 50 19 9f a2 76 9e 5f a9 9e ec 79 95 77 a1 95 Data Ascii: FzVLO~~m}!^$=O%~1UPc'1+:S.&-xw:w@QVI]&qzW8yez#;qg3 n{@(%XJU4'=@OVIgO{bAWi#@suHU<74]&{<TyhA7B[CXLt2@-C92kI\|GwPv_yw
2023-04-18 11:25:39 UTC	20766	IN	Data Raw: 9c 69 8c 0d e1 18 8f 77 e8 d7 77 bd d2 7b 9d 9f ff 70 f4 15 ff e2 1c 38 9d d8 89 4d 2e 97 42 84 04 fb 87 1f 2d b0 27 32 b4 84 e5 84 7f 35 b6 e4 fc 0e 8e 6d 59 97 25 53 d1 70 c8 7f 38 05 21 7c d4 27 94 d4 7f d0 02 60 50 55 9e d5 82 51 3d 90 23 e4 d9 f1 ac 10 9e 2d 5a d3 3b c9 33 e8 ce 57 a5 10 2e 2c 5a a7 55 d5 a3 3d 43 34 a4 55 aa ad da 1b 71 56 56 ed d5 08 c5 5a 56 7d 89 5c f0 d5 5f 6d 84 5d 15 56 ae 5d 55 ad 2d 5b 4a 85 80 0d b5 55 66 45 5b 5b 0d 51 cc da d6 6b b5 56 b6 60 4b 6a 4d 45 4d 50 51 b4 ac db 9f d1 5b 13 dd 26 72 72 4b b1 34 13 b1 e4 db 9f 11 dc 12 0d 33 93 85 58 4c 60 0f d4 a8 94 64 69 07 c9 9d 5c ca 9d 5c 10 38 cc 19 a2 d7 ca ad 5c 17 78 2e d6 0c d8 cd 95 5c 85 e2 9c fc b2 c6 5e a4 dc 0b a4 af c9 b5 a7 9c 0a dd ca ad 88 51 93 87 3d 85 b8 5b Data Ascii: iww{p8M.B-'25mY%Sp8!\|'`PUQ=#-Z;3W.,ZU=C4UqVVZV}\_m]V]U-[JUfE[[QkV`KjMEMPQ[&rrK43XL`di\\8\x.\^Q=[
2023-04-18 11:25:39 UTC	20782	IN	Data Raw: d3 bf 5d 43 97 ff 2c b5 fb c7 61 00 38 05 cc bd 84 e6 2d 84 fa 2b a9 f8 42 8a 3c 70 de b2 f6 30 72 a9 42 b4 fc 4e b3 6a 96 e5 40 de d0 85 d5 94 55 63 a6 b2 d6 5b 7d 83 65 fd 16 ba ac 24 73 b1 c4 ff 6d 45 6f 7d d6 6d 2d 3a 5a 8d 16 45 c0 0f 5e 00 03 94 3d e1 21 30 d6 df 4a d7 76 9d e1 e9 e1 d8 4e dc d7 fa 6c 02 7a d0 d7 82 fd 4a 16 f9 07 7f 40 04 ee 3c 35 48 4c e1 87 fd d8 ef ec e1 a2 14 e2 2d de e1 71 21 d9 e2 3c 67 38 6e 32 b0 24 e3 6e 71 dc ce b9 a5 a3 52 c6 af e4 0c 6c 0c e4 57 03 41 9d fd da d2 f2 9d 55 13 0f b9 4d 40 cf cb d9 ee 43 bb 53 83 2d 4f 20 4a 62 1c 0b e0 37 35 45 43 a6 4e 53 09 6d 55 00 93 35 8a fb c7 09 82 78 4d 70 55 60 65 75 37 af d6 57 d4 6b 0e 17 5a 42 f9 67 a9 2a b4 76 00 c6 6b 1f 46 42 49 0d 20 95 a6 4b a4 d3 e7 6a ce 41 d8 64 a9 bc Data Ascii: ]C,a8-+B<p0rBNj@Uc[}e$smEo}m-:ZE^=!0JvNlzJ@<5HL-q!<g8n2$nqRlWAUM@CS-O Jb75ECNSmU5xMpU`eu7WkZBg*vkFBI KjAd
2023-04-18 11:25:39 UTC	20798	IN	Data Raw: e7 26 8e 16 47 90 06 73 41 51 7f 6a c2 75 47 71 80 69 22 14 91 d2 05 c9 b7 14 60 30 7d ee f7 7e 84 e2 50 3b 67 83 cd a7 51 bc 61 03 72 d2 61 d9 77 6f 3f e0 84 d1 76 14 55 27 6b 92 f0 82 e6 46 86 39 97 32 d6 87 58 21 38 7f 46 51 0a e8 c7 7d 02 58 87 f9 57 14 fb d7 84 0d 44 86 87 67 86 57 e8 6d 0c 58 88 0d f8 14 2c 68 0b 33 58 82 31 c8 07 2b ff 98 81 24 58 82 5c 21 89 30 78 65 8b c8 81 8d 28 15 2a 88 88 31 78 89 1c 88 81 19 98 04 4d 51 83 69 c2 4f e0 53 4f db 84 03 a2 57 47 2b 43 02 db c4 32 f6 14 7a 6c 22 07 cc 50 8b fc 70 4e 66 e0 4d fd 54 27 37 40 40 e6 74 07 63 22 87 ff e7 26 5e 80 14 82 98 14 88 22 85 d0 30 6f 55 68 75 58 38 28 16 66 17 4c c0 26 a4 f6 6a 73 e1 73 71 92 6a 76 01 86 70 f2 7c 43 87 26 82 00 06 e2 08 06 48 21 7c 60 10 8e e3 98 8e e2 f8 14 Data Ascii: &GsAQjuGqi"`0}~P;gQarawo?vU'kF92X!8FQ}XWDgWmX,h3X1+$X\!0xe(*1xMQiOSOWG+C2zl"PpNfMT'7@@tc"&^"0oUhuX8(fL&jssqjvp\|C&H!\|`
2023-04-18 11:25:39 UTC	20814	IN	Data Raw: d6 98 1e cd 30 84 5f e1 73 e9 f9 a2 61 c1 05 4a a9 05 0c 10 9d 4a d9 9d 6d f2 15 e1 c9 85 cf 38 27 d8 89 16 e1 59 a4 5d a1 05 f2 a4 a5 45 c0 a5 58 0a 03 48 0a 9d 0c ba 15 2d ba 15 61 ea 0f 5f 4a 9f f6 49 27 34 b4 9f 6e 4a 2c 6a a1 07 19 c8 07 6d 91 88 8f 80 16 06 40 a0 2d 78 a1 31 a8 a7 22 a0 07 99 19 17 63 0a 16 72 4a a0 74 ba 16 14 78 a7 6a 11 00 7a ff 6a 99 68 c1 a7 04 1a a8 0c 0a 98 7a aa a8 21 a0 a1 84 e5 02 7b b5 2f c5 39 28 62 e5 72 62 40 93 6b 62 38 9c 5a 7a 2e 90 93 72 c2 72 66 c0 71 aa ca 70 2c e7 aa ab 9a 0d b2 da 26 65 3a a8 b6 0a a3 87 f2 a5 21 70 a6 34 ba 85 33 74 17 bb a9 26 d1 48 17 75 70 9f 6f 62 03 0b c2 00 71 72 16 44 ea 15 43 10 62 67 70 16 cf 1a 62 43 f0 9e 6e 52 ab 21 70 9f f5 59 16 bc 9a 26 67 11 a5 06 35 a5 72 32 0b 6b 11 6b 5f da Data Ascii: 0_saJJm8'Y]EXH-a_JI'4nJ,jm@-x1"crJtxjzjhz!{/9(brb@kb8Zz.rrfqp,&e:!p43t&HupobqrDCbgpbCnR!pY&g5r2kk_
2023-04-18 11:25:39 UTC	20830	IN	Data Raw: b5 75 82 94 db a8 94 49 29 30 b0 40 2e 1a f6 ae 20 b6 02 c8 41 37 68 db bc de 5b c3 37 6c be 2c 6c c3 37 9c bd be bb bd 54 5a 18 84 b0 0c 6e c1 6a 4c 0c c5 80 e1 c2 4f 1a 18 c3 40 c4 14 e6 9e 5c 8c b1 ed 2b 9e 84 18 bf 6a 2c 24 87 41 b9 a5 50 18 85 1a c0 86 41 b9 01 dc 0b 71 41 c7 9e d0 c4 83 e1 c6 70 ac a7 6f 60 c3 05 1c 00 85 41 c7 85 5b c8 26 b0 b9 9c ab c3 f6 ff 64 57 b1 b8 8a be f8 8a b9 98 8a 1d 0c 8c 1b 25 4e 20 ac 4f e4 74 c1 f7 a4 4e db f4 c4 e8 4b c3 83 21 c3 83 91 bb 65 5c ca 36 9c c3 4e 9b 27 46 50 be 73 e1 07 9d 8a 26 67 c3 46 43 b8 26 52 79 8d d9 08 7d 69 b2 04 50 ac c4 a6 4c 18 5e 7c b3 bd 0c c5 52 0c 2b bf ab 51 58 4c 18 3c ab 00 61 0c cb c1 ac cc e7 8b 18 0c 64 03 e3 4b be 2d 3c cd d6 bc 05 54 09 77 50 96 af 6b dc cd 2f 82 18 71 6c 02 7f Data Ascii: uI)0@. A7h[7l,l7TZnjLO@\+j,$APAqApo`A[&dW%N OtNK!e\6N'FPs&gFC&Ry}iPL^\|R+QXL<adK-<TwPk/ql
2023-04-18 11:25:39 UTC	20846	IN	Data Raw: 6d 19 c1 4d db 83 fd 26 ab ec 19 97 05 d4 97 91 d1 bd ad dc f9 d9 dc 44 be 21 92 b1 0a 7a ba 07 8b 61 b1 bc f0 17 8e 71 dd 95 2b 19 e7 2d d6 35 00 e1 6d 00 19 48 2e d6 4a ae 18 4c ee e4 58 1e dd 57 cd 18 53 ae d4 7b 10 07 66 7e e6 68 4e 04 7f 40 19 fa 1c b2 7e f6 0f 17 14 d7 03 d6 67 05 26 06 07 8d b6 a8 99 a2 a5 4b 28 2b 0b 68 0a ad d8 0f 6e e5 96 21 e1 97 e1 db 77 6b d1 f0 ff 97 67 3e 5a 6a 86 ae 26 46 b0 94 76 61 da 61 48 2e ae 40 8d bb 79 19 23 5e 19 25 4e e2 d7 69 e3 d7 fa e3 90 7d 0a 36 4e d9 97 21 d3 88 4e cb 93 d1 02 80 9e a3 46 10 62 5b 60 e3 89 bd 04 33 4e d8 4b 30 da b1 9d ea 86 64 19 3e 77 48 9c 8e 26 35 dd 19 8d 1e 97 dc 5c e4 c4 be 20 52 1e dd dc 7d e5 56 90 e5 64 fe dc c8 be e6 ce 1e dd d0 2e e8 8d 41 b9 9d a0 18 cc 3e 02 7c 30 d1 e5 5d ed Data Ascii: mM&D!zaq+-5mH.JLXWS{f~hN@~g&K(+hn!wkg>Zj&FvaaH.@y#^%Ni}6N!NFb[`3NK0d>wH&5\ R}Vd.A>\|0]
2023-04-18 11:25:39 UTC	20862	IN	Data Raw: 25 5a d4 e8 51 a4 49 95 2e 65 da d4 e9 53 a8 51 a5 1a 9c 99 6a c4 d5 ab 90 0e e0 c3 3a 22 ce cc 55 5d bf 6e 08 49 a4 eb 88 7f 3b c9 ca b4 da 55 2b 57 ac 63 c1 76 5d b5 d6 6e 9c 0b 6e d5 8a 44 e8 f3 e7 40 0b 77 08 ee 80 33 90 44 e1 7f 2e 2c 00 56 31 10 4e 0f 82 da fc a6 34 43 30 18 41 c8 80 13 4d 76 48 f8 1f 1c cf 89 95 0d 2c 99 33 22 c7 92 16 21 48 a4 e8 57 f5 ea 03 a8 39 a7 c6 28 7b f6 ff df 82 b7 51 0e c1 65 70 49 47 06 53 a1 32 e0 8c b1 b5 bf d7 b1 99 30 58 5e 7b f9 f2 e4 b6 1d 1a 79 ce dc 7a 75 ec d7 b5 57 3f ee f0 a4 6e 96 0c 4d 13 87 09 7b af f9 da 0f 93 b7 36 6d fa 3c 46 f2 7e 81 0a 15 5e df fe 7d fc f9 f5 ef e7 7f 70 27 dc ab f8 70 e2 ac 14 66 5a a4 ab 3d 64 e2 83 ae f7 64 02 70 04 01 09 54 2b 2c ac ea ca e8 40 bd 1a c4 a8 2f bf 2c f0 50 85 1d 3c Data Ascii: %ZQI.eSQj:"U]nI;U+Wcv]nnD@w3D.,V1N4C0AMvH,3"!HW9({QepIGS20X^{yzuW?nM{6m<F~^}p'pfZ=ddpT+,@/,P<

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:38 UTC	18838	OUT	GET /f6a9e973ab65426eaf8c10d222ebd813.gif HTTP/1.1 Host: aaaaa557.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:39 UTC	19533	IN	HTTP/1.1 200 OK
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 36 30 34 38 30 30 0d 0a Data Ascii: Cache-Control: max-age=604800
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 45 54 61 67 3a 20 22 36 34 32 66 66 62 66 64 2d 63 33 38 63 22 0d 0a Data Ascii: ETag: "642ffbfd-c38c"
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 44 61 74 65 3a 20 53 75 6e 2c 20 30 39 20 41 70 72 20 32 30 32 33 20 31 36 3a 35 38 3a 34 31 20 47 4d 54 0d 0a Data Ascii: Date: Sun, 09 Apr 2023 16:58:41 GMT
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 69 6d 61 67 65 2f 67 69 66 0d 0a Data Ascii: Content-Type: image/gif
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 53 65 72 76 65 72 3a 20 6e 67 69 6e 78 0d 0a Data Ascii: Server: nginx
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 4c 61 73 74 2d 4d 6f 64 69 66 69 65 64 3a 20 46 72 69 2c 20 30 37 20 41 70 72 20 32 30 32 33 20 31 31 3a 31 38 3a 32 31 20 47 4d 54 0d 0a Data Ascii: Last-Modified: Fri, 07 Apr 2023 11:18:21 GMT
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 41 63 63 65 70 74 2d 52 61 6e 67 65 73 3a 20 62 79 74 65 73 0d 0a Data Ascii: Accept-Ranges: bytes
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 58 2d 43 61 63 68 65 3a 20 48 49 54 20 66 72 6f 6d 20 79 64 31 31 5f 31 33 2d 63 64 6e 2d 67 30 31 2d 6c 61 32 2d 33 31 0d 0a Data Ascii: X-Cache: HIT from yd11_13-cdn-g01-la2-31
2023-04-18 11:25:39 UTC	19533	IN	Data Raw: 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 35 30 30 36 30 0d 0a Data Ascii: Content-Length: 50060
2023-04-18 11:25:39 UTC	19537	IN	Data Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a Data Ascii: Connection: close
2023-04-18 11:25:39 UTC	19537	IN	Data Raw: 0d 0a Data Ascii:
2023-04-18 11:25:39 UTC	19585	IN	Data Raw: 47 49 46 38 39 61 40 01 b9 00 f7 ff 00 ff 39 6c 6c 54 03 a0 00 00 f7 db d9 ff fe aa b8 6c 58 b9 58 ff 94 a5 f6 d4 b7 b2 fe fc ce 00 e1 cc 83 ff 3f ff 64 00 00 5f 58 fd d6 56 4c a1 f0 ff 45 a2 f6 d7 fe ff d4 00 b4 89 00 00 ff f1 00 9f fd 00 cf ba 97 00 ff 8c d7 8d b5 af b2 ff d2 27 df b1 39 ff af 00 ff 8c 00 b4 94 39 df cc b5 ff 2f 00 ce f6 fc ff da 00 dc cf 5f ff f9 00 39 00 49 dc b4 60 9f 65 a4 ff d3 b0 da 6b fd 00 69 ff e2 af ff ff b3 5d f7 d7 85 dd b3 8b 4f 9b 5c b4 95 8e ff f2 00 d6 8e ff d7 db f6 29 29 2e 00 bd b1 78 61 f1 81 00 00 df 00 ff 6c 6a 98 b8 ad 90 97 8e 8f 53 00 76 ff ad b0 6a 00 a7 4c 48 49 ff b0 8d 79 70 6f a9 d4 fd 8d 72 21 29 dd d2 00 bd b0 c5 6a 1c b9 af 63 00 98 8a 06 08 0c 00 33 2c db 90 3d e1 b2 00 7d 00 e0 94 8a 3c ff 82 8a 32 93 Data Ascii: GIF89a@9llTlXX?d_XVLE'99/_9I`eki]O\)).xaljSvjLHIypor!)jc3,=}<2
2023-04-18 11:25:39 UTC	19865	IN	Data Raw: 6a 90 11 d5 35 64 47 8c 8a 13 cc f6 2a ad d6 c0 7e c0 ec c1 c6 ec cd ca a8 ab 66 d7 cd aa 19 b0 6e c8 38 1d c5 cd 44 84 1f 20 41 1b 9c 4b 11 4c cf 86 1c 69 f6 50 a5 0f 58 eb ba d2 03 0f 98 07 ae 36 ad 2d 3c ed ba 46 ed d4 8a 14 ad 16 a5 4a f8 00 ba 66 2d 3d f8 00 b7 ee e4 65 34 c8 4d f8 aa f2 8c ca 33 d4 2b 1d 41 0f 06 e6 63 7d 6a c8 a6 11 81 53 d8 82 1d 04 81 1c f8 03 7f ea 4c 9e 5e 05 51 59 80 36 24 2c 3a a8 0f 24 b2 da 6d 1d ae ac 2d 68 ae 94 0f a5 da 9a a5 6e cd aa fd de 0f 94 56 e5 a2 16 0d 68 81 4a 80 2a 0d ec 00 f2 c4 ff 60 f1 65 02 47 96 6c aa e2 0d b0 9d ea 45 5e 86 56 28 92 cd da 2c d0 6a 45 22 c2 6e ad 18 ec eb 02 e8 c1 fe e3 3e 3e 43 a9 e9 e9 a8 50 4f ad 34 8c 25 1c 8f 4a 94 00 b7 62 4a b9 1a 2d b3 0a 6f 12 10 ef a7 d8 66 67 a0 01 ab 62 8a 62 Data Ascii: j5dG~fn8D AKLiPX6-<FJf-=e4M3+Ac}jSL^QY6$,:$m-hnVhJ`eGlE^V(,jE"n>>CPO4%JbJ-ofgbb
2023-04-18 11:25:39 UTC	20033	IN	Data Raw: b0 82 69 15 87 30 f0 1b 10 28 86 1b 98 db 6e 10 87 78 88 02 20 11 52 23 88 82 28 90 3b 2b 88 d7 7e 6d c9 e0 12 80 6b 15 80 6e d0 57 af d3 00 71 10 00 43 18 86 c8 b5 ab 1b c0 03 21 ed 92 7e e5 83 0d b0 82 cf 8d dc 72 fd 5c d8 58 53 cf 60 00 21 19 8d 18 22 d9 dc 01 07 49 9c 12 35 88 57 43 15 d4 a7 14 00 92 2d 84 23 0a d4 92 a0 80 67 c0 d8 1b 00 87 28 30 22 8b 7d 86 67 b0 80 34 30 dc 91 39 a2 8b 20 d9 cd 59 18 70 d8 51 51 e9 ce da 4c 54 df 25 d2 ea 35 82 d6 25 52 d6 49 ae 4e 21 d2 de b1 9d 7f fa d9 6a e0 33 db a3 af d7 6b db a2 ff 2d 34 d8 e3 42 16 71 a3 4e aa bd ff 3a 2a e3 43 be 02 d8 81 ab 85 b9 bb cc ae fa 72 df 44 70 a3 9a 33 9f 50 25 db a1 4a 5b ab c2 9e bb 54 50 a9 98 5a 06 93 1f fa 21 12 79 10 87 07 b6 82 bc 81 b0 49 88 5c be 95 44 3a e0 86 6e f0 ba Data Ascii: i0(nx R#(;+~mknWqC!~r\XS`!"I5WC-#g(0"}g409 YpQQLT%5%RIN!j3k-4BqN:*CrDp3P%J[TPZ!yI\D:n
2023-04-18 11:25:39 UTC	20053	IN	Data Raw: 1a 64 9f 1d 0c 48 0c 69 44 16 01 94 7e 0c c3 24 9c a0 d0 95 84 46 e4 c7 0f e8 07 2c 0c d6 3f fc 40 28 54 ff 45 11 40 81 1c 68 c4 0f f0 1e de a9 88 8b a4 5f be c1 91 43 dd 02 3f 18 1c fc 11 9e 97 b9 05 18 22 5e 60 8c 06 fe 9d e1 e3 55 43 05 f4 1f 1b 56 5e 30 dc 1c 1c 3e 86 0c 1e a0 89 a4 c3 07 ca 61 3e 64 5e e6 f9 5c 1c f6 e1 3f 84 43 94 41 ce 3f 68 c1 0f c8 01 2c c0 82 4b dc 21 49 f4 c7 1d 4a 16 21 32 e1 b1 64 56 38 d4 80 16 cc da 4b 54 22 2c b4 44 d3 4d 16 21 42 48 87 69 01 ad 61 c8 14 92 d8 10 d1 1a 21 66 22 ad ed c7 12 b6 44 11 00 22 0c 99 62 22 3e 0b b4 9c 02 2d d6 a2 2d de 22 2e e2 62 e6 3d 80 28 88 02 2f fa 62 2f 3e 80 30 02 a3 30 fe 62 30 1e 23 a1 fd 03 28 c0 c1 32 36 23 1c 34 02 34 46 a3 34 4e 23 34 3e 23 1c fc c3 35 08 83 36 56 80 30 70 a3 37 76 Data Ascii: dHiD~$F,?@(TE@h_C?"^`UCV^0>a>d^\?CA?h,K!IJ!2dV8KT",DM!BHia!f"D"b">--".b=(/b/>00b0#(26#44F4N#4>#56V0p7v

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:38 UTC	18962	OUT	GET /960x120.gif HTTP/1.1 Host: 228tuchuang.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:39 UTC	20262	IN	HTTP/1.1 200 OK Date: Tue, 18 Apr 2023 11:25:38 GMT Content-Type: image/gif Content-Length: 173842 Connection: close Last-Modified: Fri, 03 Mar 2023 06:49:35 GMT ETag: "6401987f-2a712" Expires: Sun, 07 May 2023 07:08:00 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes
2023-04-18 11:25:39 UTC	20262	IN	Data Raw: 47 49 46 38 39 61 c0 03 78 00 b3 0f 00 00 00 00 a6 ca f0 2a 5f ff 2a 9f ff 7f 00 aa aa 7f 55 d4 1f 00 d4 df ff ff 9f 55 ff df aa ff ff 55 2a 3f 55 ff fb f0 ff ff 00 ff ff ff 00 00 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 ff 0b 58 4d 50 20 44 61 74 61 58 4d 50 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 37 2e 31 2d 63 30 30 30 20 37 39 2e 64 61 62 61 63 62 62 2c 20 32 30 32 31 2f 30 34 2f 31 34 2d 30 30 3a 33 39 3a 34 34 20 20 20 20 20 20 20 Data Ascii: GIF89ax_UUU*?U!NETSCAPE2.0!XMP DataXMP<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 7.1-c000 79.dabacbb, 2021/04/14-00:39:44
2023-04-18 11:25:39 UTC	20278	IN	Data Raw: 15 1c 69 36 eb 8c f3 3b 22 40 2b 08 44 5f 72 53 68 df 04 a7 be ce 59 9b 20 f2 e9 ff 98 53 5b d2 0b d8 f9 9c e5 75 0c 9e 42 dc 9a 43 67 32 c8 61 5a d1 98 90 24 94 1f 1b 59 34 8c 06 ef 1f 03 6d d1 5a a6 f1 94 5f b9 14 71 67 bc 59 74 ca 13 c5 9e fa 34 42 3a 15 a5 ef 22 2a d1 f8 9d 33 54 41 f4 05 fc 16 18 cf 15 28 d0 39 ee a4 1e 2f 97 e3 cb 62 75 f2 4e c1 5c a4 50 f3 99 1d 99 a6 34 57 35 e4 ea fd fe 89 ae ef c1 34 71 17 89 52 24 0c fa bd 9c 0a 35 32 ae 03 e9 1f 10 c2 c6 6c 74 d3 96 44 95 e8 2b b1 e3 cc 59 26 f0 9c d7 19 a7 0b 1c 08 55 26 6e 40 ae 55 5b ea e0 a4 64 52 25 79 95 9f ba f9 a0 06 81 94 c6 c2 b8 c4 74 ea 49 28 d7 be c1 d6 0d ae 10 6f 5f 3a ab 5c 29 16 ca 6e ca e5 aa 9d 64 65 51 27 4a c9 ef 5d 22 a9 e7 02 58 3a 5f d0 d9 18 e2 4b ae 54 6d 61 f6 22 bb Data Ascii: i6;"@+D_rShY S[uBCg2aZ$Y4mZ_qgYt4B:"*3TA(9/buN\P4W54qR$52ltD+Y&U&n@U[dR%ytI(o_:\)ndeQ'J]"X:_KTma"
2023-04-18 11:25:39 UTC	21702	IN	Data Raw: 61 09 ae f6 05 a4 1e 00 34 15 6b 16 3b a5 9e a2 0a 69 25 b6 90 3c 20 2d ac 11 9f 4a 8a 0a 11 21 87 b1 b4 4e 99 b6 95 d3 a6 30 e3 a8 55 16 d9 ab 6b d3 a0 f4 59 54 af c2 2f 3c f1 b2 42 97 1f 1c eb ff 0d 1e 2b 8a 20 9b 80 5e b8 a9 f4 da a9 10 0a 52 d6 f3 b0 c8 c9 15 a5 7a 7c d7 18 b6 15 70 6f b9 40 87 2f 0b 82 c8 c3 b3 cb 75 57 4b a2 87 41 bb af 16 8a a8 46 9b a6 48 6b 9d 3c 53 34 5e 4a 21 a4 01 1f 2b ab 75 96 12 44 65 0a af 21 db 9f 23 7b b5 25 3b 9b e6 89 b2 51 43 a9 04 f5 19 3a 13 8f c4 19 b3 f7 d5 03 15 a3 a4 cb d2 8b 5f 79 b4 6d 95 5c a8 49 a2 b4 19 8b f7 b7 94 52 9a b2 7a f9 9f 34 1b 8b 19 fb 29 8c 16 a9 8d eb 38 4b 27 b5 7d c3 94 da da b0 64 c2 98 58 6b af cc ba 23 a5 bb 97 e4 76 9d 5e e4 af bf 69 8b 56 a5 2d 88 bb 5d 5a 21 2c d5 30 10 f9 d8 60 2b 59 Data Ascii: a4k;i%< -J!N0UkYT/<B+ ^Rz\|po@/uWKAFHk<S4^J!+uDe!#{%;QC:_ym\IRz4)8K'}dXk#v^iV-]Z!,0`+Y
2023-04-18 11:25:39 UTC	21718	IN	Data Raw: 59 f7 34 d0 49 4e 07 d3 b8 9a 4d 71 23 dd 59 a6 5f 1a 62 47 6f ed 1a 3b d2 5b b0 5f 24 ab ed 6c c6 2c ea b9 a7 55 2e 56 23 51 15 64 47 18 df 1c 2c 1d 14 a4 90 bb e0 8c 6f 16 9a 08 cc 3d 5e a1 09 03 ee 90 f7 e5 ce c6 93 ba 63 ef 49 dc ba 1e a2 81 59 a7 9e 85 b9 bc e9 a8 9c e7 bd be ed 54 6b 66 f6 4c 84 51 5d ff 0d db d6 4e da 42 64 ff 5f ae 36 13 ee fa 83 2e 10 76 fb 0c b4 db 36 f8 ad 13 78 1e 84 87 81 8a 20 84 10 35 47 14 da 08 90 f1 aa b1 6b bd 6f 40 c2 b0 28 14 88 23 48 b5 27 f0 5b 22 b3 46 10 eb ac 29 0a 1f 5c 66 21 ab e2 cb 01 92 85 00 4a 6f 39 fa d8 cb d0 25 02 e7 f3 50 be a5 d0 e3 91 c3 a9 e2 aa 0c ae fd b2 19 08 40 d9 fa 13 10 0c 84 12 5a 2b bb 03 5b d4 6a 3a 7a 1a 3c 02 0b 2f bd 2c ec cb 2f fb ea a8 ca 17 b4 bb 4b 02 fb 94 74 83 a4 34 dd 58 b3 43 Data Ascii: Y4INMq#Y_bGo;[_$l,U.V#QdG,o=^cIYTkfLQ]NBd_6.v6x 5Gko@(#H'["F)\f!Jo9%P@Z+[j:z</,/Kt4XC
2023-04-18 11:25:39 UTC	21734	IN	Data Raw: 8d 81 46 98 68 55 13 7e d5 d0 83 59 ee 1a eb b1 67 50 58 92 9f d5 a6 ef 03 70 71 46 6a 6f 49 2c be d5 69 bf 91 26 bb 63 b8 0d c8 c2 ff e6 c6 c5 7d 7c c5 92 4d 16 a0 b1 f1 f2 b9 1b d3 ad 39 e6 52 e3 be cf ae 1b 6e 5a 19 d8 18 64 b2 29 37 db 05 b5 b3 65 97 43 16 5e 17 3b 5a 06 54 3f 0d ea d1 7f 0d e2 6d d7 1d ff 7a f0 59 4f e0 f5 56 d5 41 2e 5e 6c 36 23 66 99 e4 fa 38 fe 1a 92 7e 55 d6 7a 6c b3 55 27 bd e1 5b 45 61 bb cc 06 b1 47 3d 6b e6 83 b8 9d dd d6 07 c6 db dc c7 47 07 7d 61 63 1d 0e 5c d1 15 68 87 de 11 c4 b1 0e bd ed 88 ab 17 1f 6b 71 9f a5 dc e7 98 87 a1 87 20 00 73 13 40 59 ca 4c 37 3f 85 b5 ae 05 d3 6b d7 cc 08 96 bc 59 bc 8d 7e 0e 9c 1d f0 c2 97 be d4 5c d0 77 d3 c3 56 e5 18 78 31 e0 fd 8e 72 de 43 df ea fc 57 41 82 e5 2a 64 a5 2b 0d aa 4e 20 c0 Data Ascii: FhU~YgPXpqFjoI,i&c}\|M9RnZd)7eC^;ZT?mzYOVA.^l6#f8~UzlU'[EaG=kG}ac\hkq s@YL7?kY~\wVx1rCWA*d+N
2023-04-18 11:25:39 UTC	22259	IN	Data Raw: 05 48 e0 74 84 44 3e c3 0c ea cc 23 7f 44 33 42 40 bb 7c 34 d1 42 67 99 f4 52 4d f9 64 53 d2 fd ba 34 f1 44 0c 78 42 28 08 04 be 40 15 d5 25 c3 4c b5 55 03 de 48 c0 55 03 10 50 e1 54 5a 51 38 b5 d5 55 63 95 55 55 5e 7b a5 21 57 57 57 05 75 ff 4f 61 81 05 ed d8 2f 88 a5 af b4 5f 53 bd 15 85 5e 97 55 d6 d5 24 92 0b 53 59 27 ad 1d 53 59 62 93 c8 35 da 2e 97 65 34 0d 56 0d 48 c1 83 14 c8 1d 93 dd 73 75 fc 62 c5 6a a3 b5 55 b7 73 af 8d 30 d7 15 53 d0 37 d9 61 ad e0 35 89 7c 67 2d 17 04 53 d9 65 33 5e 43 29 c3 95 60 6f 06 69 78 da 57 79 4d 77 5d 87 25 c6 17 34 77 c7 75 38 62 42 c2 15 c2 dd 15 11 0e 55 d4 0a 2e 2a 35 62 59 6f 7d 96 5b 8e a9 55 95 5f 87 85 a5 31 d5 21 24 9e b5 e5 56 83 9d 36 5a 86 1d a8 76 67 6f a0 a5 39 88 66 0e 56 95 66 8b 7b ad 19 e3 44 0f 45 Data Ascii: HtD>#D3B@\|4BgRMdS4DxB(@%LUHUPTZQ8UcUU^{!WWWuOa/_S^U$SY'SYb5.e4VHsubjUs0S7a5\|g-Se3^C)`oixWyMw]%4wu8bBU.*5bYo}[U_1!$V6Zvgo9fVf{DE
2023-04-18 11:25:39 UTC	22275	IN	Data Raw: 4b 88 07 62 c0 5a 21 33 47 0a 4b 5a c9 93 2b a3 58 b7 83 90 65 48 53 e6 84 18 ed cd 49 37 56 9f c3 69 9b 3c 49 05 db 2c cd 4a ab 96 0d ba 03 b9 06 9f 55 1f 0b 9d e5 74 6e dc b0 31 17 73 22 5c 9c 2b be ca 3d 38 5f 6e 19 6d e7 16 4d 85 c8 18 2e 7c 37 b3 3d dc b5 27 0b 9d 8c 6f c0 c5 9b e6 05 a4 ee ad 4f 0c d7 91 e4 84 48 3f 0b c6 70 ab ec d9 0c bf ff cd 02 29 8c fc b0 9e 23 6f 61 04 3f 56 03 10 9b f9 0e 8c 2d 94 0f aa fb 0f 96 f9 14 ec 2e 36 13 8a 89 50 c2 0a 41 db 21 3e 16 ee 58 62 8e 50 3e 2c 06 44 16 9e 09 f0 a1 f2 c2 68 0c a1 24 90 62 91 45 58 5a 84 f1 b3 04 10 a0 51 c6 ca 86 a0 11 81 37 0c 89 91 c5 54 7a f4 d1 9b 1e 57 10 07 34 20 83 9c 25 47 04 b2 18 81 90 19 6b e4 e3 48 20 78 04 32 08 10 66 80 b2 98 27 53 73 e0 49 1d 81 41 01 c9 14 5c 74 00 2b 23 93 Data Ascii: KbZ!3GKZ+XeHSI7Vi<I,JUtn1s"\+=8_nmM.\|7='oOH?p)#oa?V-.6PA!>XbP>,Dh$bEXZQ7TzW4 %GkH x2f'SsIA\t+#
2023-04-18 11:25:39 UTC	22291	IN	Data Raw: ed ee ef f0 f1 f2 f3 ed 0d 0a f4 f8 ed a6 e8 05 06 fe ff 00 03 0a 1c 48 b0 a0 c1 83 08 13 22 44 60 6c c5 81 01 10 03 40 9c 48 b1 a2 c5 8b 18 33 6a dc c8 b1 63 46 89 11 ff 45 20 4b 16 e7 02 33 68 a4 52 aa 5c c9 b2 e5 a6 4b e7 52 04 50 47 0e 1a 81 02 37 73 e2 dc a9 b3 27 cf 9f 3e 83 02 1d 2a 74 86 82 04 36 89 2a f5 09 ed 99 ba 98 28 10 fc 9b a1 b0 aa 55 83 05 68 40 cb 4a 63 60 d6 7e 5e 6d 64 15 48 d5 00 02 17 20 21 92 5c eb 0b 1a 5b 30 11 89 85 18 f9 96 92 05 44 2e f3 ea dd 9b 97 8e ae 13 33 6d e6 1b 4c b8 70 3b 05 0c 12 1c 55 8c d3 70 bc 99 50 21 99 bd 4a b9 72 40 04 47 19 68 4e 9c a0 b3 54 80 05 14 28 f8 0c ba b3 62 d1 a2 11 80 25 6b 96 05 a2 5e 75 63 37 59 00 a0 36 80 05 9d 61 67 b2 5d 1b d3 5a 62 c5 40 d0 85 4b f1 d7 85 67 7c 93 eb e5 6d 5b f9 26 67 0d Data Ascii: H"D`l@H3jcFE K3hR\KRPG7s'>t6(Uh@Jc`~^mdH !\[0D.3mLp;UpP!Jr@GhNT(b%k^uc7Y6ag]Zb@Kg\|m[&g
2023-04-18 11:25:39 UTC	22307	IN	Data Raw: eb 82 c4 7e 74 ab 1f 2d 52 d4 62 d2 d2 d4 1b 28 8d 1f 6f 34 1b 2d dd 09 96 06 d8 e4 83 05 09 d9 b7 d5 2b 3e 8a e1 5b 6e 40 60 a5 e3 e2 ff 40 44 38 d4 cf 45 0b 23 9a 05 d4 e8 6d d9 1a 50 bd 2a 30 4f 02 66 4e ef 05 df 8c b4 38 f0 cb 6a 1e 35 02 f6 ab 0d f9 5d 03 2e 47 a4 70 10 a4 cd e2 0c 72 00 27 56 e7 59 4c 5a 33 65 b2 00 9e b0 e0 65 6d 04 0d 4e 13 01 e7 27 d0 92 d7 09 b3 23 ac 60 11 ee 56 95 b3 f1 21 cf 23 b1 1c 8e ab ca 5d 86 1d 92 38 c0 b4 32 25 6e 07 27 0e d3 91 f4 05 e6 5b dd bc aa 45 02 02 a4 16 46 2d e6 f5 67 de 6d 69 42 a4 16 d8 19 b3 36 30 c9 3c de c9 e9 bd ce 6c c0 de 38 6d c4 f5 cc ab d7 1b 85 e0 8b 32 c6 27 ff 02 4d 4e 0d 4f ce 41 eb 48 da 24 97 39 e9 a8 61 12 a7 3a 01 ba 5b f2 d3 82 d3 26 a4 e4 2d 01 4c 30 e6 df 56 e6 a3 a2 bf 82 45 2f f7 e7 Data Ascii: ~t-Rb(o4-+>[n@`@D8E#mP*0OfN8j5].Gpr'VYLZ3eemN'#`V!#]82%n'[EF-gmiB60<l8m2'MNOAH$9a:[&-L0VE/
2023-04-18 11:25:39 UTC	22323	IN	Data Raw: cc 4e 18 cf 25 39 8e f3 43 44 20 1c 3a ef 82 3f ad fc 1e 7a b3 a5 c9 81 46 ff a9 00 cb 61 e9 87 98 1b 13 6e eb 19 81 80 cd c7 30 b5 71 74 89 c8 80 8c 47 60 84 80 40 45 27 da 4d d4 b8 83 41 01 4e 90 88 a6 da 2b 4e 68 89 37 76 e0 0f 68 62 ce 9e a3 c5 c3 b1 00 ea e3 86 a0 74 00 e0 f0 18 ac b0 ce eb 5c a8 57 09 a6 d0 f1 39 73 39 1d 71 93 1b a9 44 06 6c 41 4f 48 bb ca 87 64 4f 47 94 00 f7 cc 2a 3f d2 34 28 aa c8 fa 6c 9e fc f3 81 fd 9b 82 3b 88 4d 47 f0 cf 2f 5b 09 03 45 c7 97 b4 03 0e a8 83 be f8 cd 06 25 45 22 a5 99 09 15 1b 09 35 ad 81 e8 4b 53 d0 07 43 23 0d 0f 65 15 c2 4c 93 c3 34 a8 14 b8 26 a4 60 80 51 fa 1f 40 0c 12 17 3d ab 99 88 d1 65 a4 d1 cc 9b 48 1e 7b 46 1e 25 81 78 50 ba f9 74 16 93 fa 9e d1 eb 22 fd 13 52 35 70 a6 93 58 04 b6 64 10 02 1d 50 37 Data Ascii: N%9CD :?zFan0qtG`@E'MAN+Nh7vhbt\W9s9qDlAOHdOG*?4(l;MG/[E%E"5KSC#eL4&`Q@=eH{F%xPt"R5pXdP7
2023-04-18 11:25:39 UTC	22339	IN	Data Raw: 50 a3 4c 63 16 40 ed 48 1a 5b 59 14 a4 9a 63 a7 45 49 30 6f 15 84 ca 43 2e 72 8a 2b 3a a1 5b 29 49 e1 00 35 11 bc 0d 84 50 14 32 f2 19 93 9a 54 c2 30 d1 43 90 88 6c ca 5d 12 99 48 c2 8c 65 4f a4 19 d1 76 f2 c3 2e b1 c4 67 5e f0 e0 5e fa 2e 93 82 7b 15 64 73 57 e1 8c 81 e4 a3 18 05 71 26 89 9c 51 c0 02 8c 66 34 f9 8c c6 4f 10 43 c0 33 96 46 82 cf 01 10 64 4d f0 21 96 2c 46 ca 20 19 cb 75 5a 13 e4 a2 5e 47 4c db bc 31 4a 61 90 23 46 ea 18 06 3c a6 e4 77 99 e8 a3 06 fe 18 0a de 58 4d 3e 8e da 9a a4 8e 67 42 7a f0 00 65 83 81 06 68 40 63 0f 75 c1 32 66 20 9a 8c 3a ab b7 bd c5 05 44 97 15 00 e2 40 6e 32 30 ab 08 51 46 a6 51 10 12 e5 27 3f 40 8d 32 16 50 34 00 01 1e 86 09 58 d1 d2 84 bb 93 a6 06 e1 29 81 02 d8 71 18 b1 44 13 04 01 a4 c0 b9 45 8a ff 40 cc 79 e8 Data Ascii: PLc@H[YcEI0oC.r+:[)I5P2T0Cl]HeOv.g^^.{dsWq&Qf4OC3FdM!,F uZ^GL1Ja#F<wXM>gBzeh@cu2f :D@n20QFQ'?@2P4X)qDE@y

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:38 UTC	18963	OUT	GET /5189ca034f32e08b20b2df900457793c.gif HTTP/1.1 Host: kttoo2.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:39 UTC	19805	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:39 GMT Content-Type: image/gif Content-Length: 263701 Connection: close Last-Modified: Sat, 24 Dec 2022 12:18:27 GMT ETag: "63a6ee13-40615" Expires: Tue, 18 Apr 2023 23:25:39 GMT Cache-Control: max-age=43200 CF-Cache-Status: HIT Age: 288230 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTYdB8BPfWjMZxsZWpZLfFsFF5VmZ9LvUP9sE1Id4vB3keh9ufl3ap2D7Q8j40Q3jon8eoprg541zhNEERwRam870WSEYRpWkvvUKDqaKWNpHktOHxrt4SdbAzE9"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} CF-RAY: 7b0c8d9608baef57-PDX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 Strict-Transport-Security: max-age=31536000 Accept-Ranges: bytes
2023-04-18 11:25:39 UTC	19805	IN	Data Raw: 47 49 46 38 39 61 33 01 ef 00 e6 63 00 fa d5 70 ff f1 90 e2 a8 a5 fc f8 f0 a3 64 25 0c 0d 10 ff f7 d2 f4 ca 57 b4 01 01 ed 57 2e e4 6e 53 ff f1 b3 a7 66 5a ff f2 00 93 01 01 a8 a0 97 f3 d5 d3 b1 8f 47 ff e9 72 71 84 f7 ee b7 4a b4 88 1a 22 5c d9 f1 ad 2e 52 6d ea 19 98 e9 20 21 25 ef 8f 08 ff db 8c e8 39 11 f5 b2 08 d9 2f 51 f8 d1 2f 73 5c 23 6b 04 02 7a 29 21 fd d9 ab f5 b2 71 65 54 58 d6 b3 51 d3 9a 67 ca 90 50 9a d7 f8 da b8 05 14 31 d1 cc c8 c9 d0 0a 06 f5 03 01 8b a4 d4 4d 09 07 67 c9 f5 dc ad 25 d6 cd af cc 7a 7f bb 1c 44 e7 21 21 f7 d1 06 d7 9a 0c ef 9d 22 de ef fe d5 a5 6a e0 c9 63 09 52 bc ce 35 2f a8 20 14 90 3d 29 66 71 8e b5 2e 23 91 2d 07 db ca 5a 2f 0e 0d f2 8b 7b 56 1f 18 69 24 16 e0 22 02 f4 88 4d 80 89 ab 48 33 24 cb 97 26 fe e1 58 4a ad Data Ascii: GIF89a3cpd%WW.nSfZGrqJ"\.Rm !%9/Q/s\#kz)!qeTXQgP1Mg%zD!!"jcR5/ =)fq.#-Z/{Vi$"MH3$&XJ
2023-04-18 11:25:39 UTC	20142	IN	Data Raw: 12 10 e1 2d e0 14 86 d0 c6 8c 9a 74 24 f9 a8 87 a0 94 49 d3 d8 6a 03 09 81 4e 40 90 46 10 04 2f e9 8e 06 b1 93 7f e8 04 54 57 17 3b 79 01 5f 44 23 e8 18 89 d1 a1 88 3b 89 ff 30 79 c1 74 f5 78 8d db 81 94 c8 d2 3d 49 90 90 13 e8 6a 8a 70 44 ec 88 8a db 48 20 56 09 02 4f 68 86 e5 b3 93 aa c8 90 c9 01 7e 0d 99 96 b1 98 34 3b a5 2e 49 60 03 1d 90 00 4b 90 3d 54 93 05 4b e0 01 1f a0 00 1e 09 92 21 19 04 02 10 06 fd 71 11 28 89 20 6f 76 03 39 a7 28 5f c0 8e c3 b2 98 8c 89 8a 21 c8 98 90 29 2c 97 b2 33 91 38 2c 58 b7 0b 91 19 04 5f 80 99 ed 78 00 91 b8 68 c0 f0 87 28 02 69 d1 c0 29 d7 e8 37 6d f3 92 3d f0 98 c3 72 39 4f e9 99 8e 49 01 3d 80 30 79 33 8b ff 65 34 b7 89 04 23 f2 99 87 e9 0c fd a8 86 07 00 50 23 b8 0a 2f 69 7c 55 37 13 56 99 8a 0b 49 0f 6a 39 7e 0f Data Ascii: -t$IjN@F/TW;y_D#;0ytx=IjpDH VOh~4;.I`K=TK!q( ov9(_!),38,X_xh(i)7m=r9OI=0y3e4#P#/i\|U7VIj9~
2023-04-18 11:25:39 UTC	20366	IN	Data Raw: 06 5d b0 09 26 c0 11 80 02 01 2f d0 b0 0e 9b 47 2d 00 0a d6 1a 9a 59 c0 2b 16 7b b1 18 9b b1 f3 a0 ad 9d e0 17 47 e0 b0 0e bb 99 13 51 30 59 00 b2 0d 9b 00 b8 99 10 0b e2 7e 7d 8a 27 dd 7a 05 26 fb 02 31 b3 09 05 23 00 03 2b b0 ae c1 b0 26 0b b1 9f f0 05 f8 3a 3e 3a 1b b3 42 6b b2 47 41 ad 9b d0 05 14 73 03 26 7b 03 57 50 5d 4e eb b4 8d 11 b3 47 f0 b4 54 6b 0e 1c bb 85 2d 5b 25 48 1b 06 f2 07 b2 09 40 31 fd 0a 28 5d eb b0 51 11 b4 0f 6b 39 fa 2a af 5b 3b b4 43 2b 00 66 cb b6 42 5b b4 9d 50 b3 70 1b b3 50 a5 b4 75 0b b2 72 3b 6e 59 5b 25 74 6b b2 91 c1 04 05 70 0e 31 5b b6 31 bb 59 24 91 b7 20 eb ff b6 8a 1b b7 61 40 ad 5f 80 b4 03 80 b7 8d 6b 1d 8d 4b b6 8f cb b2 09 2a b9 87 6b 39 48 fb b6 2f e0 b4 02 70 b8 54 0b b5 84 7b b9 8c 7b b9 7a 9b b9 34 eb 1c aa Data Ascii: ]&/G-Y+{GQ0Y~}'z&1#+&:>:BkGAs&{WP]NGTk-[%H@1(]Qk9[;C+fB[PpPur;nY[%tkp1[1Y$ a@_kKk9H/pT{{z4
2023-04-18 11:25:39 UTC	20880	IN	Data Raw: f0 0c cf 00 ce fe 0a d0 ae dc 0f f0 04 38 00 02 1e 40 02 04 39 06 57 b0 8a dd 7e 0c 4d 5b 00 e4 2c ef b5 0e 02 f6 3b e3 fa 7c b6 05 00 ee ab 4e ea 3f 8b b8 b3 0e 02 f3 2e f0 64 2e e4 b5 fe 18 b5 cd b4 5a 10 f0 2b 5f b5 9b 00 f0 9d 0e 02 3f 1f f4 20 00 f4 da 51 eb 42 0f f4 40 1f f3 00 40 ec 6e 4b f4 54 fd 4b 55 0d f5 4f 5f d5 50 18 f5 54 2f f5 55 ff f4 21 d0 05 0e ef 0a 02 80 02 0c 30 d9 11 30 03 0c 40 00 0b 50 02 b7 38 06 10 50 03 03 d0 f1 cc 80 d1 15 90 25 b9 53 01 18 ed d2 6e 5b b5 04 20 f7 5d 41 ea c6 2e 51 0f 58 1e 8e d1 d1 79 ef 15 f6 2e b7 42 de ff 7e 33 90 b7 b8 4e ce e7 bd cf 9b ee 74 9e ee d2 83 9f 3b 33 70 f7 30 9f 4c c9 d4 ea 1a b0 05 af 90 ae 41 d0 2d 4c d0 05 1a 60 04 26 50 05 10 30 00 6a 2f 00 55 e0 f6 ca c0 b4 31 7d f9 5d e1 ee 46 30 03 b4 Data Ascii: 8@9W~M[,;\|N?.d.Z+_? QB@@nKTKUO_PT/U!00@P8P%Sn[ ]A.QXy.B~3Nt;3p0LA-L`&P0j/U1}]F0
2023-04-18 11:25:39 UTC	20996	IN	Data Raw: 7a 34 4d 9b a1 4b ab ee bc 3a 35 eb 9d 85 63 8f 11 e1 49 00 ff 0a 08 59 8c a2 80 c8 40 b0 ec df 50 e1 56 0b f3 00 64 d5 49 84 2e 8b 63 fd e8 b2 a7 74 0e 20 b1 f4 f2 0e 2c e5 ce d4 81 d0 ab 64 6f 11 84 a2 45 d5 31 1f 0d 31 fb 23 f0 e8 cb 4b 02 b2 78 13 f0 c1 40 bc 8c 19 21 00 29 84 1a 3c 6a e8 af c1 80 e2 fb ff 06 69 50 80 4a 5e 00 11 9d 17 57 84 21 84 06 5b c5 67 a0 81 9a 14 30 59 7c 84 44 27 8e 09 18 9a 30 a0 66 07 5a 76 96 83 5e c0 c3 df 7e 0c 8c 48 a2 00 03 3c 58 a0 03 f6 7c 51 85 38 e2 0c 30 04 75 34 22 b0 98 4d d9 15 08 e3 8e a8 ad a8 9d 5d 00 4a 05 c4 10 63 04 91 45 16 63 a0 a0 df 18 0c 94 38 86 7f 41 46 c9 8c 06 e0 64 17 9d 81 59 84 d1 84 06 2a 3d 52 a0 35 4c 48 18 4f 8e 83 f0 28 0e 74 ac b1 93 1d 21 f0 98 e9 26 23 05 7a 69 cd 03 a8 14 60 42 4d dc Data Ascii: z4MK:5cIY@PVdI.ct ,doE11#Kx@!)<jiPJ^W![g0Y\|D'0fZv^~H<X\|Q80u4"M]JcEc8AFdY*=R5LHO(t!&#zi`BM
2023-04-18 11:25:39 UTC	21176	IN	Data Raw: 15 a2 8e ed 86 a5 8d b1 3d c6 10 18 10 93 2c 40 c0 76 3c e0 a7 31 b4 21 de f4 52 68 9a 4d 08 6e 6d 13 19 04 85 dc 0c 13 db 65 6c 05 84 34 16 fd 52 97 b9 c7 85 e2 3c 8a cb dc da 32 96 69 a3 45 db 29 66 11 60 10 20 c1 5f 08 d4 c2 0c 8a d0 e0 03 ac ea b7 8d 58 f0 6d 0f 25 32 8b 4c 02 c1 0c 44 af 7d c7 b0 de d5 5e 21 1a fc dc db 6b 6f ba e2 50 65 c5 c1 bc 55 a4 7f bf 50 5e 1c 83 20 08 01 7a 68 80 1b fc 60 a5 a6 65 2b 8d 75 dd 68 ff a3 46 db ed ce c0 08 3d 99 a6 86 41 d0 03 ea 82 40 ab 7f 25 ad 83 47 1c c9 69 02 b8 ca b7 75 6e 8d 91 31 04 14 b8 b7 14 02 88 6f 3f 8f 41 df 31 5f e7 98 05 70 02 87 b7 ab 57 8b 88 21 bf 55 a6 f3 5f 11 28 e4 3c 33 17 cc 09 66 08 37 09 01 61 9e f0 24 c4 79 ee ed 80 a3 cc e3 79 9c 78 12 33 60 d4 08 b5 02 e8 af f9 74 ca 85 e5 c4 5f 55 Data Ascii: =,@v<1!RhMnmel4R<2iE)f` _Xm%2LD}^!koPeUP^ zh`e+uhF=A@%Giun1o?A1_pW!U_(<3f7a$yyx3`t_U
2023-04-18 11:25:39 UTC	21485	IN	Data Raw: fd 9b 24 f8 26 47 e5 09 44 01 30 16 60 ec 23 d0 42 58 e4 1c 53 34 02 7c f4 84 28 ec da 58 4f 0a 2d 9c 20 ef 5c e7 c0 13 c0 0e 73 a1 ff 29 42 0c 24 79 3d d0 7b fc 84 10 90 25 dc 8c 68 82 5b 90 1d 51 cb 92 60 ac 15 2d 40 04 10 9e f0 89 e6 dd f9 96 e5 bb 65 f1 8b df 05 64 61 ac 54 bd fe f3 c7 70 f6 03 5f df b3 af 9a d8 65 c7 1a 45 e9 07 e0 f9 0b 80 3d 59 17 00 ff d0 9f e2 b2 e3 3f bb bc 09 0a ef fe 83 37 e8 12 00 00 12 40 02 f0 f7 7c 01 20 80 08 f8 7e d8 17 7f 02 f8 75 de 44 08 48 30 02 3a 46 7f d9 57 51 84 f0 62 0b 48 0a 21 50 04 1c 30 72 f8 97 53 41 90 67 46 d0 4c 81 57 1a d3 77 7e df 77 6f 7b 35 74 62 51 4b 86 40 12 01 d6 57 24 a0 7d fb b1 68 36 b7 7e eb 37 06 33 38 56 fb 31 06 fb f1 7c 33 18 7b 00 e0 55 46 90 64 84 30 7e 24 40 01 45 68 4c 41 78 70 06 a7 Data Ascii: $&GD0`#BXS4\|(XO- \s)B$y={%h[Q`-@edaTp_eE=Y?7@\| ~uDH0:FWQbH!P0rSAgFLWw~wo{5tbQK@W$}h6~738V1\|3{UFd0~$@EhLAxp
2023-04-18 11:25:39 UTC	21618	IN	Data Raw: b9 50 75 b3 ca 0b de 82 aa a3 9b b4 59 3b bb a3 3b 06 9e eb b5 58 0b 9d d9 d0 36 a5 5b ff 89 ba f0 bb af 2b 2c b9 30 ab 3d 3b 19 9d 42 ac 29 59 a4 35 0b a4 54 f9 bb 00 c0 3c 42 42 00 4e 10 01 d5 5b bd fe 47 75 4e 8b bb 72 9b 0d 59 a4 44 49 f4 bd 49 24 b2 27 30 03 22 6b be 22 1b be ea 0b be 9d 22 3f bc 70 47 8c 81 02 2a 9a 71 b4 18 9b b2 7b ba 73 6b a5 a7 3b ba a8 1b b8 24 10 00 ff 7b ba 83 0a 02 e0 6b bd 11 40 98 4f 10 c0 38 18 a5 8a 80 bb 00 0c c0 a8 5b ba a5 8b ba 00 8c bb b9 10 82 bb 40 aa 00 7c bb 95 f5 31 f2 08 61 0e 7c bb 51 6a 09 1c a0 c0 01 cc 98 c1 12 29 c5 5b c1 14 b0 1f 8c 52 bc b7 bb 95 87 02 61 49 80 b3 ff 2b a0 c2 0a 29 6e 4a 0d e6 f8 bb 68 d5 79 26 95 bf 3e f1 b7 d8 d0 b3 a8 32 bf f4 fb 20 33 50 bc c1 cb a1 40 3a c0 4f 40 49 11 40 aa bf fb Data Ascii: PuY;;X6[+,0=;B)Y5T<BBN[GuNrYDII$'0"k""?pG*q{sk;${k@O8[@\|1a\|Qj)[RaI+)nJhy&>2 3P@:O@I@
2023-04-18 11:25:39 UTC	21754	IN	Data Raw: 17 30 d6 39 d0 4f de 29 d5 cd 7b 4d 22 dd cf 41 3d d2 61 0d d6 e4 c0 d5 6f 8d 03 b6 66 d5 6f 3d d8 17 40 00 2b 71 60 6f cd d7 57 7a d8 33 40 d8 89 bd a8 20 ed 9a 17 cb d7 5d cd 08 b4 d1 c1 57 dd b9 09 49 d9 af b9 08 20 40 d4 62 ad 03 7e 3d d4 a2 3d d2 c4 ec d5 5f ad 9f 86 d0 be 8c 00 da 22 3d b2 21 e0 01 99 4d 64 38 20 da a0 8d 1f 4a 4d d2 51 4a 9c a9 4d ff d9 a3 ed d8 c0 0d dc 38 10 d1 33 90 03 33 d0 bc 57 85 04 ff 8c b1 5d 18 db 6c 8d 46 53 d4 04 d2 0b c6 15 90 ae 4f 2d d9 7a 3d 4a ca 5c 9f fa 2c 65 1e 40 7b 5b 7d 76 23 2b bd 6c 4d d2 27 50 de 58 ad d4 d9 dd d7 a2 30 8c 8b 70 01 67 77 d2 15 20 d2 52 36 03 43 97 4e 2c 6d 4a f4 4d 7e 95 0d b5 1e 00 02 1e e0 a6 67 57 01 0d 8a b6 b6 26 9d 24 ed 01 09 4d 08 b1 45 d2 6b 63 d5 43 9d 90 ab b9 2c 74 2c 0a 16 8e Data Ascii: 09O){M"A=aofo=@+q`oWz3@ ]WI @b~==_"=!Md8 JMQJM833W]lFSO-z=J\,e@{[}v#+lM'PX0pgw R6CN,mJM~gW&$MEkcC,t,
2023-04-18 11:25:39 UTC	21826	IN	Data Raw: 8e 70 25 45 59 8e c0 de 5a b9 35 e8 8f 5a c2 05 8a 93 5a bc 54 c8 8d 42 17 ba 43 49 08 a1 1d 65 00 0f 5a 20 21 de 16 a4 59 b3 00 98 a0 54 22 46 40 e8 2d a5 29 9a bf 14 a0 a9 4d 0d c2 34 23 26 35 5a 46 8b 64 91 b5 1a 99 5e 70 7e 15 c4 4e f9 8c 51 00 7b 54 45 f0 d5 51 bb 38 89 e1 3e df 1d b3 68 3d 12 34 88 84 04 ff e2 a8 12 15 23 f9 14 d0 27 2b d0 f9 24 8e 35 c9 a2 99 0e 33 6e 5e a5 2d 94 62 f8 64 88 9b c7 56 bb 0d 92 c0 3a fb 4f 79 b6 a5 0b 96 69 c0 f8 56 49 a2 fe 2d 63 c4 57 29 14 62 8e 43 69 39 12 00 23 88 28 67 8c 57 f8 89 da 20 a8 bd 8e 0a 4a a9 73 9a 2a 53 aa 7d 7d 61 20 7a 63 3c 2c b1 81 ca c1 29 9e 30 d1 d9 9a a3 37 bb ac ab 94 af 7e 05 0b ec 2c c0 1c a5 cb 18 01 1d 67 57 40 9c d9 97 9c 3e c3 da 07 26 5a 34 d7 6c ed 7e cf 6c 03 ef b6 ca f8 13 c1 09 Data Ascii: p%EYZ5ZZTBCIeZ !YT"F@-)M4#&5ZFd^p~NQ{TEQ8>h=4#'+$53n^-bdV:OyiVI-cW)bCi9#(gW Js*S}}a zc<,)07~,gW@>&Z4l~l
2023-04-18 11:25:39 UTC	21854	IN	Data Raw: 22 41 0d 47 43 44 a2 2a 8b 28 29 79 31 24 12 42 2a 65 02 38 04 ae ff b0 0b a0 c6 a0 38 52 20 cf 1e c1 12 17 5c cf ac 62 fc 8c 41 74 23 c0 72 96 43 d8 84 1b 33 51 10 6d 72 94 06 9e 29 a9 bb 64 c6 2e 0e 7e 49 90 5d 2a 50 74 1a fa b8 e6 38 b4 fe c4 50 40 43 c7 22 d0 bd b1 32 01 2c dc 8c 5d 59 d9 bf dd 60 62 76 24 fd b1 2a 0f d3 46 55 0e c1 49 05 5a aa a3 84 c0 ca 41 48 42 6b 82 a5 38 2b 87 80 aa a3 c0 73 43 1c d5 28 60 81 85 5d e3 ea 86 18 92 20 69 4c db 69 d0 2d 34 33 39 90 60 53 72 28 aa a7 5e 6a 2c 63 4e a4 1d b9 81 43 bd a5 a0 f4 49 8d a0 81 4a 51 db da 65 6e e2 18 98 1d 6d b0 70 fb 5b 85 c8 ac 21 b2 ed 57 0d 64 3b 3b 4e 2d 4a 51 ce 4d 8a 74 ad d2 d6 d5 1c 97 87 b8 b1 50 b0 2d 09 d9 31 02 76 9e 14 57 a3 c4 28 4a 0c 18 ad 20 4c bc 52 ff ed 6a 37 8a 64 30 Data Ascii: "AGCD()y1$Be88R \bAt#rC3Qmr)d.~I]Pt8P@C"2,]Y`bv$FUIZAHBk8+sC(`] iLi-439`Sr(^j,cNCIJQenmp[!Wd;;N-JQMtP-1vW(J LRj7d0
2023-04-18 11:25:39 UTC	21883	IN	Data Raw: 79 9b 5d 48 98 f8 98 9d 90 d9 0b ad 70 9a 7b 38 95 27 a0 01 8d 69 8c 04 b9 9f 9c f1 8b 44 89 89 57 b9 a2 2c aa 0d d9 59 04 67 09 94 66 79 a1 f4 f9 24 28 5a 99 01 c0 a2 3a 3a 95 02 f3 9a 26 da 1f fd 59 9a 9c 21 08 21 20 9e 11 00 a2 af c9 8d 3d 10 04 04 b0 8d dd 88 04 00 31 08 af 69 96 43 09 94 e8 88 96 67 d9 03 12 9a 0c b3 e6 8c 34 81 a1 8b a0 8f 11 ea 8c 47 d9 0a bf 09 00 01 da 85 23 2a ff 91 91 f9 2d 93 e9 a0 0f aa 8e f7 19 a6 88 b9 9b 56 ba 8e 16 79 9a 5a 19 1f 6f 1a a7 f6 18 89 be f6 9a dd a8 86 82 2a a4 99 21 08 11 50 93 03 80 9c 3c d9 88 f0 b8 00 12 00 00 95 89 02 23 f0 65 94 00 99 f1 48 00 0c c0 00 9a 4a 90 3c a9 a9 9c 1a aa 04 a0 7f 2e 29 0e 27 40 66 5f 7a 9d 63 90 9d e3 b6 98 5f 80 a9 73 e9 9d 63 80 02 fa 78 9e 72 19 99 57 f8 2d fd 39 95 ad 48 89 Data Ascii: y]Hp{8'iDW,Ygfy$(Z::&Y!! =1iCg4G#-VyZo!P<#eHJ<.)'@f_zc_scxrW-9H
2023-04-18 11:25:39 UTC	21939	IN	Data Raw: 09 94 4c 37 12 80 9a 93 23 1a 12 c9 ca 18 f9 3a 93 b4 ca 8c 9a aa af 31 12 a3 5c e8 02 68 78 05 66 a8 00 57 80 a7 03 20 00 29 78 04 47 a0 81 a4 e8 ff 02 2f 60 b1 18 7b b1 1a 9b b1 19 7b ae 60 59 0e 10 a1 a4 2b d5 96 9d d9 00 33 a0 9e b8 ea 52 b7 fa 88 21 64 97 73 f9 b2 a8 f9 99 9e 49 23 2b cb 88 21 f4 96 7f 09 b3 9b 9a 18 ed d0 81 02 60 b1 9f 9a 7f 6d 08 b4 37 b0 82 f9 37 ae 40 bb 89 49 9b b4 9b e8 b1 ab ca aa 22 ab 34 8d 58 94 37 78 93 6e 87 80 cf c8 90 2b 90 b5 63 76 08 2e 9b 84 b4 59 ab 31 82 b5 5c 0a 90 c7 b8 02 0f 74 37 cb e8 63 a6 c7 8d 62 98 b1 28 c9 7e 03 f0 8d 18 6b 8a f0 97 85 e4 ca b1 40 9b b1 17 cb b1 c6 c9 04 ba 28 4a ea f8 05 7b 88 03 28 7a b8 b2 6a 9a 04 2b b3 da 19 93 6f b9 02 f7 ca 12 7b 18 94 43 88 18 16 9a a5 9e 09 a1 2f 0b b0 fd aa ac Data Ascii: L7#:1\hxfW )xG/`{{`Y+3R!dsI#+!`m77@I"4X7xn+cv.Y1\t7cb(~k@(J{(zj+o{C/
2023-04-18 11:25:39 UTC	21974	IN	Data Raw: 50 04 54 19 1e 27 b3 b6 a1 f4 e8 53 d9 e8 97 60 e8 50 9c e3 57 49 9e fe ad 7e 7b c7 2f 72 9e 31 26 bb a2 96 88 87 7f be c5 10 8e dd 42 e8 dc 44 a8 76 bf 56 eb e2 a2 6f 98 d9 78 c6 e0 09 5e cd d8 8f 02 8e 24 ab 74 4a 57 2b 4d 0e 84 f1 61 7b 4c 0d 83 31 d8 e4 b8 fe ec 58 51 7f 69 b7 b2 f8 52 83 ff 44 ec d8 ee 7c 2a 0d ed 2f 38 d6 dc fe ed 59 21 1b 03 9a 84 93 40 18 fc 77 09 07 51 dd ea 3e 15 94 10 dd 23 e8 e4 e0 1e 84 ce 1e ef f4 3e 72 e3 3e 55 2b 8b 83 94 20 77 b2 91 ee ee 6e bb 51 2a b7 d6 5d b3 3a 6c d6 8b c0 8b 7b e8 0b ba 58 d1 0a 1f 8d b8 58 86 94 94 ff 8a 4b db 0a a8 d8 da c9 90 87 4b 4b a8 5a 28 2e 0f af 0d cc b6 8a dd 30 86 20 8f 0b 1a 8f 85 ef 8e 31 f8 3e 09 b9 48 87 bb 18 ce b2 8b 83 3d a8 05 0f 8f 8d 00 7f 75 39 51 8a 0f ec eb b2 2e 0e 17 4d 8e Data Ascii: PT'S`PWI~{/r1&BDvVox^$tJW+Ma{L1XQiRD\|/8Y!@wQ>#>r>U+ wnQ]:l{XXKKKZ(.0 1>H=u9Q.M
2023-04-18 11:25:39 UTC	21998	IN	Data Raw: 0e 98 03 9f b2 ea c1 f0 61 e0 f0 0d af e6 0c c0 f1 40 f0 86 57 c0 f7 a0 4d ee 38 0e 04 46 7b 7e 49 7f ea 46 8f 7e 60 f2 b4 12 f3 72 84 70 8c e3 a9 c8 0e f9 9a aa 87 a1 0a f8 9d 7d d8 0c 7f e9 f5 c9 5c ad 9a af c6 88 38 8b 73 09 fa 78 4f f4 47 8f ed 45 0f 04 e6 77 05 6a be 82 49 8f e3 21 28 04 e4 8c 89 10 c0 f1 00 3e ff 00 cd 67 99 03 c0 ed 87 bf 82 5c 30 da 59 1c 96 90 08 a5 47 1c 83 c6 5a b3 1a 0d f6 92 bb a4 9c bf b2 9d e4 21 4b b8 8f c0 bc ef 24 0e fd b7 78 83 9c 54 fd f5 9e 9e c6 db 1e 7a cf f7 7b 2f eb e6 17 f1 ac cf ed ab fe 86 de 97 ca 0c c0 f8 88 9f 86 3c d1 81 83 2f eb 43 80 e0 c5 0f 0e 57 63 cc 0f 09 08 63 0d 83 0d 15 63 87 88 89 8a 88 15 84 0d 04 8b 63 23 91 94 95 87 38 8e 2b 87 04 2b 84 38 90 90 98 83 15 90 5f 5f 87 8d 83 9d 15 15 4e ac 63 04 Data Ascii: a@WM8F{~IF~`rp}\8sxOGEwjI!(>g\0YGZ!K$xTz{/</CWcccc#8++8__Nc
2023-04-18 11:25:39 UTC	22022	IN	Data Raw: 4c b4 a8 c5 13 c7 b0 24 53 58 ab 8a 0b fb 96 de c8 47 92 6e b4 8b 85 b8 e2 81 16 e6 f5 b8 38 dd 2f 23 34 34 8d 0d 63 d1 bd a7 d9 8a 87 01 2a 8b c1 72 b1 b2 44 a8 68 6b 2d 4b cb 39 d4 54 88 73 98 cd 4b 93 a0 56 c7 16 d8 b1 2b 26 12 12 8b 44 ca 3c 1e 19 a8 48 2a 62 92 91 a9 cd 10 43 f2 ad 95 dc 4a 7b ed 2a 40 10 c2 98 ae 54 2e 06 8e 2b 81 08 af 68 a5 3a 4d e4 51 3f c9 00 80 ae 24 e1 30 7a f5 b0 11 21 10 a2 70 ee f2 c9 ba 5c 71 8a 60 73 c8 43 3e 02 ad 51 98 0d 00 89 49 d5 92 a8 17 99 25 59 31 8d 58 4c e6 44 80 38 91 67 46 33 2b d3 cc a6 35 d3 08 99 a5 b8 f1 31 46 80 58 0f 9e 54 34 0d 68 ec 04 04 18 a4 46 08 b0 9c bb 9d 70 01 b7 7c ca 1e 1b 41 16 4e 90 44 4c 3d fb 65 23 4e a8 b7 8c 11 13 83 8c db 5a 3b 2e 59 b5 41 72 8a 13 85 ff 84 44 6c 12 78 1f 0f 02 d0 92 Data Ascii: L$SXGn8/#44crDhk-K9TsKV+&D<HbCJ{*@T.+h:MQ?$0z!p\q`sC>QI%Y1XLD8gF3+51FXT4hFp\|ANDL=e#NZ;.YArDlx
2023-04-18 11:25:39 UTC	22038	IN	Data Raw: b0 80 05 50 d5 aa 58 a5 aa 56 b3 ca d5 ad 7a b5 ab 60 fd aa 58 c3 4a d6 b1 9a b5 ac 68 bd aa 57 0d 40 82 07 98 40 0b 1d 7d 6a 22 60 fa 54 2d 08 81 06 56 65 2b 09 48 50 82 be fa f5 af 80 0d ac 60 07 4b d8 c2 1a f6 b0 88 4d ec 61 39 b0 57 03 38 96 06 42 e8 42 5c e5 4a d7 98 9a 00 af 54 e5 eb 12 36 ab 80 25 28 e0 b3 a0 0d ad 68 47 4b da d2 9a f6 b4 a8 4d ad 6a 57 6b da cd 6e b6 04 24 c8 2b 0d 4c f0 4f b9 1e a2 b2 2b 2d 80 16 98 90 d7 be 72 56 01 09 08 ae 70 83 3b 86 04 14 f7 b8 c6 4d 2e ff 72 97 ab dc e6 32 f7 b9 ce 8d 2e 74 a7 2b dd ea 52 97 b9 c3 4d c0 67 37 7b 04 0e 60 55 08 05 a8 ed 53 71 8b d2 2f 3c c0 b1 9a 05 ae 70 3b c0 de f6 ba f7 bd f0 8d af 7c e7 4b df fa da f7 be f8 bd 6f 76 5f 4b 02 c7 46 60 b2 2e 25 af 49 0b f0 00 ab 72 c0 b3 ea 85 af 6d 6b f9 Data Ascii: PXVz`XJhW@@}j"`T-Ve+HP`KMa9W8BB\JT6%(hGKMjWkn$+LO+-rVp;M.r2.t+RMg7{`USq/<p;\|Kov_KF`.%Irmk

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:38 UTC	18964	OUT	GET /587z80.gif HTTP/1.1 Host: 587tuchuang.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:39 UTC	20226	IN	HTTP/1.1 200 OK Date: Tue, 18 Apr 2023 11:25:38 GMT Content-Type: image/gif Content-Length: 139025 Connection: close Last-Modified: Wed, 21 Dec 2022 13:30:32 GMT ETag: "63a30a78-21f11" Expires: Sun, 07 May 2023 07:07:45 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes
2023-04-18 11:25:39 UTC	20226	IN	Data Raw: 47 49 46 38 39 61 c0 03 50 00 c4 1f 00 fc cc 7a 99 8d 75 63 54 42 f8 da 98 b4 b0 ae 41 bf bb 2a 39 b1 d0 d2 ce f7 f8 f5 7b 6e 59 cb a6 62 a5 04 ab de aa 9c fc ee c4 d8 0d 1a 05 aa 62 de 61 32 d1 d3 21 ae 5a 31 e9 ce d7 52 44 2b ee ac 4b f8 f1 31 22 11 02 22 22 12 44 33 11 44 33 24 33 22 11 ff ff cc ff cc 66 00 00 00 00 00 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 ff 0b 58 4d 50 20 44 61 74 61 58 4d 50 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 Data Ascii: GIF89aPzucTBA*9{nYbba2!Z1RD+K1"""D3D3$3"f!NETSCAPE2.0!XMP DataXMP<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core
2023-04-18 11:25:39 UTC	20246	IN	Data Raw: 71 3c d6 90 01 64 36 45 8f d9 1d 0b 92 2f 95 79 56 be 11 03 30 20 36 9b b9 8a 3f 30 9a 38 93 1a ff 40 60 05 8b 63 9c 9b 78 9a a9 a9 54 bd 78 9d ba 61 59 60 10 58 57 a0 50 72 e4 8a 23 82 8a 5d 20 8b 1d 80 8b 07 56 35 92 b8 9a 9e e6 7a 4e 03 34 13 d2 07 b7 77 9b 81 47 21 81 35 22 46 e3 35 5d 50 6b 1c d0 ab 1b 10 7c 9b 30 37 4c 91 6b 79 93 9b 4c b1 37 1a f0 a2 6a 71 4f b6 d3 1a a0 3a 6c c3 94 5d 81 e2 03 a6 24 0b c1 f0 19 d9 07 01 e5 48 65 ca f4 19 67 10 01 5a 31 86 1b c1 28 0f 31 01 15 b0 11 65 32 00 05 b0 4b 37 70 14 c7 93 9e 50 99 7d 62 49 93 ff 22 10 c8 63 af 08 ca 6e e2 06 30 f0 60 0e 17 4b 0e f5 98 98 00 63 0e 9c e3 26 fc 15 30 ce a6 a1 3b d4 a1 6c e9 11 90 d1 1a 11 75 ae 11 c3 06 52 e2 3d 56 41 60 97 d0 a2 4c 71 22 74 31 0b 07 09 01 02 a0 92 4e 41 a3 Data Ascii: q<d6E/yV0 6?08@`cxTxaY`XWPr#] V5zN4wG!5"F5]Pk\|07LkyL7jqO:l]$HegZ1(1e2K7pP}bI"cn0`Kc&0;luR=VA`Lq"t1NA
2023-04-18 11:25:39 UTC	21654	IN	Data Raw: ea 14 48 46 72 22 34 d8 60 5e 22 08 30 21 85 47 49 23 63 4c 83 64 a8 61 36 1c 76 98 d8 87 99 04 58 cb 3e 56 b5 15 9e 89 24 b0 c7 00 03 18 a8 c8 de 06 04 88 00 df 4a 14 d2 87 54 1d 17 d6 88 17 7e d7 e0 98 23 37 3b 6e 47 4b 21 9b 1c 72 4b 70 3c e9 17 24 91 29 b0 67 42 92 4a 3a 98 cc 1a 70 dc 81 8a 06 78 51 e0 55 35 78 75 86 65 02 a0 91 63 dd 86 5b de d2 e5 7f d9 55 72 88 61 03 34 70 82 46 04 1a 73 4c 93 68 a6 88 e2 9a 6d 26 c7 62 00 70 42 f8 c1 01 70 f0 21 02 07 07 f4 b1 57 06 09 7c 70 19 9d 1f 34 a0 ea aa ac c2 b2 c8 65 a9 0a a4 28 ac 23 6e 7a c2 01 23 20 20 82 62 94 7c 80 80 ae 08 ec b2 58 a2 ac 36 30 40 3e 7f 64 a2 00 00 47 20 a4 11 0a 56 a1 d9 20 09 15 5c c8 60 ff a5 17 b0 f8 a4 1a 90 6a 50 ea a7 e0 8e d0 00 34 03 f4 20 48 11 0d f8 01 e9 0f 8a 98 ea 03 Data Ascii: HFr"4`^"0!GI#cLda6vX>V$JT~#7;nGK!rKp<$)gBJ:pxQU5xuec[Ura4pFsLhm&bpBp!W\|p4e(#nz# b\|X60@>dG V \`jP4 H
2023-04-18 11:25:39 UTC	21670	IN	Data Raw: d6 27 45 64 e5 08 c7 b6 6c ec d0 7d 94 70 73 c3 85 4d e3 b7 3f e3 87 72 f8 53 5c f9 c3 5c 30 18 13 37 87 74 ef 67 58 f3 f7 84 ea 64 7f d1 a1 01 f8 27 53 7a 15 7f 3e 07 61 fd 57 2a ac c3 26 3a e6 73 22 80 27 c3 b7 19 72 42 64 09 e0 73 f1 57 47 42 70 00 ed d5 10 ad 87 07 07 00 01 0b 20 7b a3 06 70 79 40 00 0f 80 7b 60 06 06 1e 12 7c 65 b7 70 74 60 27 7e a8 60 06 58 02 6b e0 73 ec e4 82 3f d7 82 8a 08 74 bd 20 83 df 00 6c 35 98 53 d4 27 09 39 a6 7d 93 c0 83 99 68 67 23 86 67 42 88 62 44 98 72 b3 c0 7e fc b0 84 4d f8 84 a8 f8 16 19 00 1d 9e 82 79 ff c4 c4 34 13 e1 5a 14 36 74 24 40 08 1a 20 00 9c 97 6c 17 f0 10 c5 70 01 8f 46 02 a2 77 80 44 16 00 bb 08 80 1b e0 01 a9 d7 86 f7 c6 52 65 05 06 12 f0 5e 1b 64 81 79 90 87 9b b5 81 21 b8 59 80 78 76 22 f8 04 11 68 Data Ascii: 'Edl}psM?rS\\07tgXd'Sz>aW*&:s"'rBdsWGBp {py@{`\|ept`'~`Xks?t l5S'9}hg#gBbDr~My4Z6t$@ lpFwDRe^dy!Yxv"h
2023-04-18 11:25:39 UTC	21686	IN	Data Raw: 40 7a 6b c5 66 38 cb 5d c2 f5 58 48 c7 c6 e0 92 6e 11 03 17 18 31 3e f3 79 ba 0b 23 66 32 ae dd 01 00 b6 e2 25 d3 5c 37 19 a4 22 72 89 19 c9 17 a0 52 f4 9c 2f 61 f2 f9 64 64 3e 1c 44 19 24 88 2b e9 a6 b0 ac 65 c1 a9 20 4a 13 dc c0 85 09 db 21 30 3f 6c 07 6a 94 24 25 17 cd e8 45 3b f8 cc a7 20 ff d5 ca 98 21 b7 b9 15 d5 7b b9 1b 99 65 e5 ac ac ce 61 e3 77 8b 73 c4 c7 4a b0 60 86 60 a0 cf 34 63 8d 58 6c 36 38 31 c6 f7 ac 85 ce 48 8f 91 90 e8 49 36 fa d6 24 4d ef 1b 87 74 0a 2d 94 00 c1 bc 39 c1 0a 29 3b d4 b7 72 da 55 9a bd 86 b2 74 10 65 44 cc 4d 65 b8 21 2e 0e 53 9d 48 45 7e a8 c2 f1 25 8a a2 8e a2 00 5a 4b b2 83 b8 6e b4 8c 77 ad 10 5f 53 c2 bf f8 fa 35 81 b9 8b 3b 7b 0d f8 12 e2 b5 97 54 96 9d 03 51 23 c2 dc ac 4c c0 31 a6 5c 63 3f d7 4f 4a a7 4b 4b b6 Data Ascii: @zkf8]XHn1>y#f2%\7"rR/add>D$+e J!0?lj$%E; !{eawsJ``4cXl681HI6$Mt-9);rUteDMe!.SHE~%ZKnw_S5;{TQ#L1\c?OJKK
2023-04-18 11:25:39 UTC	22203	IN	Data Raw: a2 8b 03 68 62 42 85 c7 cd e8 d5 57 50 02 00 c0 07 39 2a 50 5c 29 23 88 d5 a1 38 44 52 37 22 68 82 04 50 c0 99 68 a2 f9 01 03 c4 bd b8 91 8b 29 74 75 8f 63 cb 1c 30 40 03 78 e6 d9 00 0f 9b 14 60 e7 00 56 7e a0 80 02 01 00 aa 82 62 5f 2a c4 86 53 e7 84 a9 96 91 64 9e 19 c1 a0 94 56 aa 65 02 02 6c a4 c8 4e 25 88 81 00 25 e4 a5 c6 4c 03 a0 86 94 c3 9e 1f 74 80 e5 a0 1f 14 80 ca ab 26 ec 95 68 14 08 a6 c0 cb ac 04 d4 31 66 6f 02 14 10 00 04 12 24 60 c0 b0 a2 10 c0 a6 26 30 ae e0 51 25 13 30 d0 a2 78 9d dc b9 09 03 d4 56 cb 00 ff 04 d8 62 bb a3 b6 77 0e d0 01 a1 a3 11 c7 48 6c 5c ce da 9e 42 77 44 01 86 10 b9 c6 04 e9 1f bd 56 00 01 b1 fc 28 a9 62 71 2a 8e 30 2d 03 29 f6 eb 2f 25 2c 7e 4a 27 27 77 1a 6b ed c1 07 1b 0c 81 0e d5 a8 a7 d3 07 9c 3a dc 48 90 27 60 Data Ascii: hbBWP9P\)#8DR7"hPh)tuc0@x`V~b_SdVelN%%Lt&h1fo$`&0Q%0xVbwHl\BwDV(bq*0-)/%,~J''wk:H'`
2023-04-18 11:25:39 UTC	22219	IN	Data Raw: 34 e1 5a f9 92 2a 53 67 41 e5 8e dc 5a 28 30 d2 53 8c 74 2e c1 2a 18 68 82 01 47 40 25 06 5e 43 91 dd 70 b9 3a e6 67 c9 1b fb d1 93 1b f0 dc 43 04 82 13 56 7e ff b1 08 7c 35 d7 1f 2a 31 19 5d ce 6a b8 f2 97 32 95 4d 82 cc a1 35 b3 3d 0c c1 0c d4 36 a8 38 05 d0 c9 08 da 3c 02 55 db d7 c6 4e 78 53 9e 43 e5 8f 00 d7 d3 55 70 09 34 91 7f 6b 80 fb a4 a1 d0 75 44 91 41 69 65 1c 00 0c 00 42 1b 49 c7 81 2f 0c bf f5 18 82 04 94 ce e8 5a 19 e9 25 ff 7d ee bb bf 22 b1 ca 84 e5 1b af 8e 96 d4 a7 4d 40 01 92 aa 06 55 5c 59 d2 92 2b ce ab 61 ad 02 44 c2 b8 04 72 9e ec 5e ef 30 87 a9 fc b5 d7 25 1a 0c 92 4f e1 81 73 f4 07 45 3a 3c 15 00 40 a3 bb e9 b2 39 1d ec 68 f6 b3 a1 ed 8f b5 59 5a 46 44 54 54 03 b5 1d 0f 50 f7 ed db 85 30 2d da 68 d2 06 0c 5c cf 04 99 22 15 ab d9 Data Ascii: 4ZSgAZ(0St.hG@%^Cp:gCV~\|5*1]j2M5=68<UNxSCUp4kuDAieBI/Z%}"M@U\Y+aDr^0%OsE:<@9hYZFDTTP0-h\"
2023-04-18 11:25:39 UTC	22235	IN	Data Raw: 6f 11 90 4d ae d9 34 a5 7b 82 15 22 82 29 62 93 b9 b5 7d 9c dc 38 50 71 e6 05 f4 2a 52 94 01 87 d1 55 87 06 db 40 c5 6f e0 87 d0 0b 03 78 62 83 9e c0 e1 9e 7c f5 44 3e b0 02 4c 2b 20 17 a8 58 b8 87 3d b2 98 c5 20 d8 60 0e 0d 34 87 39 16 1b 11 2b ae 94 82 51 b9 82 17 98 12 46 82 9a e1 b2 d3 a1 ca 2f ad 73 1d 2c ae 51 2a 40 31 64 02 80 42 0c a9 6e 67 18 b5 7c a0 4a c2 e9 dd ef 80 17 bc 89 f0 60 58 1a 30 1e d2 82 88 0f 3a 10 31 1f ab 71 1e 13 6f 10 01 01 44 e7 10 df 62 1f 6f 78 03 8c ec 6d 63 41 b4 91 92 f7 16 f0 81 08 d8 e0 3c 73 cb ff 17 99 9c b3 b6 75 81 29 09 62 ca 02 74 d4 c0 86 1d 04 a0 00 10 b8 9f 06 04 78 a7 b7 d4 69 4e 46 e1 89 df 74 93 14 54 d0 4f 03 17 18 84 00 14 50 00 03 42 c5 80 72 bc 9f 78 d8 73 b0 6c 34 10 13 97 10 1f 52 64 21 49 0a be c5 90 Data Ascii: oM4{")b}8PqRU@oxb\|D>L+ X= `49+QF/s,Q@1dBng\|J`X0:1qoDboxmcA<su)btxiNFtTOPBrxsl4Rd!I
2023-04-18 11:25:39 UTC	22251	IN	Data Raw: 53 53 29 71 27 e0 13 31 52 69 f2 25 58 3a f0 a2 c5 aa 03 df c9 15 49 12 1b b3 21 04 b9 d1 21 77 10 a9 9f 62 26 06 75 2e e1 10 8d b5 61 18 33 db 1b 90 be 61 ad 58 9b b5 37 d1 76 4a e1 33 4e ab b5 60 ab 8d 7b a1 1c 44 5b b6 32 10 01 3b 88 16 9b ba b6 49 eb 16 38 eb 17 43 41 7d 61 3b b7 3a 31 b6 05 c0 b3 cc e1 10 1a b8 b7 7c bb b7 78 b1 0f b6 a0 22 10 10 81 84 5b b8 c9 11 0d 78 6b b6 8a 6b 2e d9 fa 11 8e fb b8 8e 0b 1a ed c0 b4 2c 00 44 19 d8 b7 98 db b7 30 71 b7 36 40 89 9e ab 0f 37 f0 b9 a2 3b 84 8b 5b ba 2f 50 49 ef 90 ba aa bb ba e8 60 78 3d d0 0f a3 1b bb 94 6b ba 3d 10 02 00 21 f9 04 05 14 00 1f 00 2c b6 01 09 00 8c 01 39 00 00 05 ff e0 27 8e 64 69 9e 68 aa ae 6c eb be 70 2c bf da 6c df 78 ae ef 7c ef ff c0 a0 70 28 4a 8c 04 02 0a 71 c9 6c 3a 9f d0 a8 Data Ascii: SS)q'1Ri%X:I!!wb&u.a3aX7vJ3N`{D[2;I8CA}a;:1\|x"[xkk.,D0q6@7;[/PI`x=k=!,9'dihlp,lx\|p(Jql:

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:38 UTC	18964	OUT	GET /960x60.gif HTTP/1.1 Host: 595tuchuang.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:39 UTC	20302	IN	HTTP/1.1 200 OK Date: Tue, 18 Apr 2023 11:25:38 GMT Content-Type: image/gif Content-Length: 317903 Connection: close Last-Modified: Thu, 15 Dec 2022 11:17:02 GMT ETag: "639b022e-4d9cf" Expires: Sun, 07 May 2023 07:08:04 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes
2023-04-18 11:25:39 UTC	20302	IN	Data Raw: 47 49 46 38 39 61 c0 03 3c 00 e6 7f 00 d3 bb b0 92 71 64 33 24 2a 49 5b c5 e4 0b 05 a4 8b 6e 50 2a 1e 4a 44 4f d9 a8 5d f4 e0 5a e8 5e 4d b9 b2 ad 33 a3 e1 af 97 8f a4 11 07 d0 b0 9a 9b 56 26 72 6c 6e 93 8e 8b 62 45 28 de 44 2e 6b 52 4e da a6 28 45 33 41 b6 ab 95 47 44 67 8d dd f9 82 75 b8 fe f2 b3 f7 e9 2e b5 b5 e9 f9 b3 90 74 67 50 57 9c 42 f7 b8 b0 33 44 5b 66 54 68 da db f6 b6 8a 29 f3 d0 87 fc f4 86 f5 90 81 0b 09 07 2c 0d 0b c6 bb cd d2 8f 83 26 22 19 da cf 80 d6 ef f4 ee dd f0 21 4b 28 88 93 b4 af cf 9a b2 d2 4f 4d 6c 46 ad 98 ac 27 11 25 92 ae 83 11 23 31 dc ee dc 8c b2 c1 47 71 78 d4 34 28 d4 98 b1 0d 0d 2a a6 30 30 09 2d 13 97 e3 38 d7 f4 b5 fb 97 aa 03 02 45 e5 f9 93 11 22 4c 06 3c b5 ff ee dd 33 33 3f 3b 11 37 22 22 3d ff ee ee dd cc bb ff ff Data Ascii: GIF89a<qd3$I[nPJDO]Z^M3V&rlnbE(D.kRN(E3AGDgu.tgPWB3D[fTh),&"!K(OMlF'%#1Gqx4(*00-8E"L<33?;7""=
2023-04-18 11:25:39 UTC	20318	IN	Data Raw: 01 b8 a1 92 3b 3a a7 3b 0a 0b 01 b0 00 0f f0 93 85 97 10 f9 c5 53 1f 15 83 35 82 a7 2d e5 28 30 35 92 89 87 52 95 16 21 e6 e2 77 1c a9 1f 66 b5 3f 77 52 66 d9 c3 53 11 c2 53 21 51 27 1c b4 ff 7f 46 75 08 b2 69 56 0a 24 1a 46 a5 0a d2 41 91 2d 76 66 8b 3a 63 fb 67 a1 d7 10 1c b8 30 47 2d b6 00 e0 76 28 fa 83 8e d8 b4 3f b9 30 7f 0c 28 00 6f a5 28 a9 90 78 2b 06 09 62 20 78 65 69 96 22 b9 1d 11 60 07 7f 13 ac 0d 04 aa d0 70 43 a8 32 5e d4 90 0f 76 79 80 1d ba ad 2b b4 42 57 30 05 02 1a 6c 78 99 87 df fa ad 02 aa 2a de 3a 05 77 90 58 db 6a ae 1d 6a 2c aa f2 34 1d ca 05 e0 ea 04 77 70 07 36 d4 19 1e 18 76 18 10 68 72 f4 58 76 38 10 07 40 05 4e 47 55 80 91 44 61 13 06 11 00 2a 4b 71 11 ec 12 01 14 86 05 6c f0 34 0b b0 9a 48 74 2c 6d 70 03 7f b3 83 4f 23 1b d4 Data Ascii: ;:;S5-(05R!wf?wRfSS!Q'FuiV$FA-vf:cg0G-v(?0(o(x+b xei"`pC2^vy+BW0lx:wXjj,4wp6vhrXv8@NGUDaKql4Ht,mpO#
2023-04-18 11:25:39 UTC	21770	IN	Data Raw: 1b 95 c5 80 ac 99 cd 00 00 39 33 d8 33 00 2d b8 78 ec 68 cc 36 24 27 55 90 1e b7 b2 20 dd 16 85 17 55 a1 e4 33 67 79 fc 15 4e 7f fa 03 b6 02 dc cf 82 cc d6 6c 54 ea 93 81 66 94 24 49 45 05 74 40 07 5a cd d4 4a 13 e0 28 ab 12 49 82 b6 74 4d 97 5c b2 f5 69 60 47 5c 9c 42 75 55 87 59 56 37 77 07 70 01 88 d6 3b d1 17 81 58 a7 5b 8f 36 2b 4a b7 5b 01 10 2b ab 02 2b c8 25 4a 17 30 01 64 c0 29 45 35 77 22 88 55 51 b0 05 6d 85 4c 65 56 ff 06 ac 16 7b 7f a7 6a d7 94 02 8e 22 78 8b f2 78 ac 87 6a 88 f7 83 e7 23 78 5a a0 05 8f 27 3f 7e d7 83 ae 06 6b 8a 47 59 87 f2 04 88 04 63 02 58 57 34 43 55 14 c7 79 02 85 71 35 a3 72 48 84 85 34 c8 6d 3f c1 2f 4a 50 84 bb a6 00 22 50 1b 87 77 4d 56 d4 08 67 50 00 d8 e4 51 0d 05 52 77 08 79 0a 70 06 22 00 3f db a4 06 d1 b5 6a 2d Data Ascii: 933-xh6$'U U3gyNlTf$IEt@ZJ(ItM\i`G\BuUYV7wp;X[6+J[++%J0d)E5w"UQmLeV{j"xxj#xZ'?~kGYcXW4CUyq5rH4m?/JP"PwMVgPQRwyp"?j-
2023-04-18 11:25:39 UTC	21786	IN	Data Raw: 9b 24 05 cc 23 8c 28 93 87 a3 88 62 3e 19 e2 61 7e b8 98 75 a6 67 ee d6 8a ad 27 23 dc 08 fb 84 d8 e9 51 4f e4 ea b9 2b 5e b1 02 3a fa f6 12 e3 85 6b 20 ca 55 69 c9 9d 89 36 5e 50 88 43 09 3c c0 f3 9e fb fc e7 40 0f ba d0 87 4e 74 a1 23 3a 5e 82 d2 30 a3 11 a1 26 00 2c 20 02 18 20 60 a5 07 e4 e0 d8 20 a8 cd 93 b2 eb 5d 49 1d 65 c1 85 44 e5 83 bb 6b 18 b8 2e 72 b0 47 39 97 66 8f b2 da 33 3e 66 c9 c2 7c 3d 6f 9f 49 1e e1 0e f1 5f ff 53 72 c6 14 ad d7 bd 10 b4 d6 57 bf 3d 3d 22 07 3c 18 aa 8b f2 c2 87 c4 a0 82 27 1c 9f 96 4a 4f ad 2e e5 09 5d 41 2a 91 4f 68 ee 3b ca b1 ad 34 91 7b 48 ec 60 f8 c0 5b 79 cd bc c4 b4 9f 96 d9 f9 d2 9b de f0 35 e9 d3 52 38 f9 ea 51 99 6c 54 cc 0c a6 e9 ae 4e f1 36 77 92 cb 49 59 f1 95 19 7e 51 9e cd 17 96 4f fe 72 32 41 5f 3a 3f Data Ascii: $#(b>a~ug'#QO+^:k Ui6^PC<@Nt#:^0&, ` ]IeDk.rG9f3>f\|=oI_SrW=="<'JO.]A*Oh;4{H`[y5R8QlTN6wIY~QOr2A_:?
2023-04-18 11:25:39 UTC	21802	IN	Data Raw: bd 10 21 ba a7 16 cf 8d b9 a9 e6 35 ac 1f b8 78 bf 19 a9 a7 72 d0 e8 4d 2f 29 05 ff 95 21 17 00 29 d1 98 7b aa 90 64 09 72 85 03 7f 20 10 d6 fa 5d 38 1a 44 3c 80 f4 b9 85 59 c6 5a ba a9 5b 25 cf 99 2a 01 8e 97 75 32 34 44 5c 20 14 a8 96 dd bf e9 8f eb c4 aa 49 fc 9c 55 bc e1 c6 f9 05 f0 e1 69 e8 70 3e 51 a0 4a 99 93 09 9a 91 39 a4 46 6a 64 80 5f e8 40 19 9d 40 9f 5c bc 05 4e 3d 50 f5 7c 1a cd 69 d4 02 15 d7 98 b2 c5 bf 85 0a 71 0d 2e bc f7 2a 53 fd e2 62 b1 c5 67 0d 09 9b 1a 99 d1 3c 76 a4 9b 09 36 35 1c ba c9 db df 75 86 b1 e0 02 4d 40 db 7c 5a 2f 1b 73 89 e7 b0 bb 83 fd e5 3e 50 04 ee b0 bb 1c da 33 63 f1 01 8e 8c cb 6a e0 07 2b 64 cb 9a 6c 32 3b 15 04 2f 88 d7 21 d3 0c 29 e3 0e 1f 30 d8 14 50 34 10 aa 00 76 2d 32 7e 0d e6 60 1e 04 34 53 1b df cd b3 22 Data Ascii: !5xrM/)!){dr ]8D<YZ[%u24D\ IUip>QJ9Fjd_@@\N=P\|iq.Sbg<v65uM@\|Z/s>P3cj+dl2;/!)0P4v-2~`4S"
2023-04-18 11:25:39 UTC	22353	IN	Data Raw: f4 44 50 08 c0 5f 10 b7 01 20 30 50 27 68 70 01 46 50 08 47 71 0b 70 71 2d 48 50 0e e6 60 75 a0 81 12 38 00 25 d0 07 16 76 1e 3b a8 09 fb 60 73 17 a5 73 4e 23 84 01 83 05 61 f0 93 37 b0 00 5b b0 4d e7 42 30 ae 61 05 30 a6 7f 47 63 ff 05 37 b1 52 4d b0 1c 02 10 85 e8 d6 0c 2e 50 85 38 26 37 31 a5 21 63 b1 7a e4 10 0c 13 b2 41 cd 30 22 61 07 00 59 10 34 53 e0 04 59 f0 75 05 d9 0c 63 e7 04 35 42 05 5d 30 35 6e 68 00 59 e5 43 4f 20 0f ea 70 15 bc 11 5e cd 58 10 a2 f5 97 80 49 2d 16 c4 17 04 b2 00 11 62 22 2c 25 76 c0 c0 14 d0 d2 98 a3 52 37 77 54 78 76 40 06 94 c9 6c 55 a0 6b 63 90 99 d0 92 57 57 f2 56 06 d0 13 65 c0 56 91 37 9a 15 10 00 3d 21 40 a3 e9 99 d3 90 33 40 71 14 68 54 26 5a e4 05 3c 34 06 3e 64 8a 70 92 0d 07 d0 13 0c 02 86 8c e5 7a 75 32 17 59 61 Data Ascii: DP_ 0P'hpFPGqpq-HP`u8%v;`ssN#a7[MB0a0Gc7RM.P8&71!czA0"aY4SYuc5B]05nhYCO p^XI-b",%vR7wTxv@lUkcWWVeV7=!@3@qhT&Z<4>dpzu2Ya
2023-04-18 11:25:39 UTC	22369	IN	Data Raw: 53 68 b6 d9 dd cc 06 0c 79 99 dd f2 16 3f 48 b6 72 db f4 08 00 9b 66 05 e6 ef 64 8d ba 88 31 e2 f8 30 fc fb 36 5c c0 56 ed 18 05 70 3e 5a 4d 97 02 c0 8e ac 07 08 61 61 60 84 4f 17 4b 7d 89 7d 88 17 02 0d 00 8d 88 8a 4b 94 12 4f 56 51 99 51 56 4f 4f 18 88 94 8b 62 89 4b 0d 4f 60 56 5b 9b 5b 5b 9c 56 12 4b 4d 7d 4d 92 8b 4b 12 9c 84 ba 4f 64 05 b1 b3 89 a3 4b 24 9d 56 a9 51 5b 5c ca 5c 7e 4a cc cc 7e cd 7e 53 4e 29 0a d7 14 d7 da db dc dd de df e0 e1 e2 d8 0a 45 4e 53 cd 4a d1 eb d1 4a ea eb 5b 13 11 58 57 f4 f6 f6 f5 58 56 58 fc 58 60 20 01 00 ec c3 b2 45 02 08 5c fc ae 0c a4 67 c5 9d 1f 2e 5a 32 71 ea 24 80 12 25 01 11 ff 22 84 9a 14 e1 10 2d 4a 0b a2 00 d0 d8 47 d8 22 10 64 00 80 88 c5 b2 12 00 00 84 00 3c 01 b5 44 4c ad 8d 8a 6c 59 dc 49 93 a7 cf 0b 28 Data Ascii: Shy?Hrfd106\Vp>ZMaa`OK}}KOVQQVOObKO`V[[[VKM}MKOdK$VQ[\\~J~~SN)ENSJJ[XWXVXX` E\g.Z2q$%"-JG"d<DLlYI(
2023-04-18 11:25:39 UTC	22385	IN	Data Raw: a4 4b 2a 54 0f 2b b0 41 f0 2a d5 80 38 d5 40 0d d9 75 6e 82 e6 27 5c 41 38 10 c2 a5 cf 3a af b1 08 73 5d 01 0f 84 a0 a8 db 48 33 36 a3 20 54 40 05 54 a3 06 6e a0 06 59 e0 06 3b ab 56 40 1b b4 42 0b b4 3f 3b b4 46 7b b4 48 2b b4 de 41 24 54 d3 83 65 64 33 17 50 01 02 19 8f 2f 98 57 5a b0 00 01 f2 00 70 b7 05 39 b8 a8 8d aa 0c f8 31 90 7c d6 15 f2 60 89 e1 ea a0 d3 1a 8b 4b 18 70 99 1a 01 c9 92 68 f7 2a 45 98 03 19 1a c9 a9 fe 55 00 d9 80 56 da 10 ab 82 77 29 06 60 05 49 96 64 59 c0 10 06 9a ab 9a c7 3d 81 57 27 eb 09 ac c5 8a 5a dd d3 85 5e 08 60 6b e8 80 35 f9 00 51 d0 3e ec c3 3e a5 a6 a1 dc 3a a1 d4 15 01 db f2 a9 97 d8 6f a1 ca 7c d6 d6 ad 8c c8 a2 12 f9 b7 e0 9a 94 26 6a ba e4 b6 4c e6 ca 89 ee 64 a2 e7 94 aa a9 7a ad a6 48 06 3d 71 95 88 90 ff 08 68 Data Ascii: KT+A8@un'\A8:s]H36 T@TnY;V@B?;F{H+A$Ted3P/WZp91\|`Kph*EUVw)`IdY=W'Z^`k5Q>>:o\|&jLdzH=qh
2023-04-18 11:25:39 UTC	22401	IN	Data Raw: c7 aa 57 75 e1 89 60 1f 17 00 a0 05 18 0b 48 23 cd 02 5d 60 98 e6 3f 7a fe e7 1f 3c fd bc 89 20 84 d2 56 3b ad b4 85 a2 b3 44 04 63 44 f1 64 65 99 40 c1 c6 74 9b 7d f6 1b 0a 09 38 37 5a 0d e9 be 01 02 08 75 a0 80 00 08 26 84 96 40 0d f6 82 40 1c 09 b9 75 c0 6e 68 26 fc 3b 5a 00 b7 6d f0 1a 0a 26 bc 2b 1b c0 10 bc 4b ae 66 3d 40 71 5f 76 f6 35 40 eb 95 e2 65 1c de 15 31 24 45 14 53 12 28 b7 80 c7 12 80 d0 00 18 61 28 15 24 79 5c 38 99 9f 7e d8 d9 52 13 4e 01 2c db a0 3f fc b8 b5 d7 05 60 3c 64 a7 58 40 0b 12 a2 30 e3 60 aa 2c d1 65 e6 c5 d1 a8 de 1c 30 a2 86 8c 01 06 58 35 86 14 ff a2 a2 ad 8e b4 f8 48 34 05 49 aa 55 aa cf 48 8a 0f 8f 5a 8b e9 88 20 1b 0e 12 ac b1 2c 44 d3 36 0b c4 16 cb 8b 2f 8c 49 49 21 4b 6e c3 ad 6a d8 d2 b8 89 e0 5f db 60 88 10 84 8e Data Ascii: Wu`H#]`?z< V;DcDde@t}87Zu&@@unh&;Zm&+Kf=@q_v5@e1$ES(a($y\8~RN,?`<dX@0`,e0X5H4IUHZ ,D6/II!Knj_`
2023-04-18 11:25:39 UTC	22417	IN	Data Raw: d7 a2 13 eb 5f 95 03 02 c3 bb 05 5b 69 b1 29 c4 3e a5 52 11 b9 b7 4b 0f 9c 29 73 4b 80 b3 b3 53 80 d3 3b a3 85 61 23 52 3a 48 1c b3 90 e7 1e 56 82 0a 4e 8a 26 2f 9c 84 e6 05 33 f3 61 84 81 04 78 30 25 d1 90 66 62 2f d5 48 57 b6 c1 00 00 06 f1 48 72 82 44 c3 2f b5 32 30 b5 70 2e 25 a4 a8 54 d2 30 b7 4a c1 84 c9 23 c7 89 29 13 4a 91 a5 58 9c 24 3b c1 98 a7 be b4 8d a2 64 4a 07 b0 04 b4 f4 c6 aa 84 b6 9a 3b 02 95 2a 3c 59 40 65 41 3d 4b af 19 00 69 c3 3b 40 ad c7 d1 78 9c b2 89 b9 08 28 8d 93 54 8d e2 78 d4 cc 6b a7 ab 55 a9 37 90 5a c0 09 9c a2 34 d6 4b f0 a8 8c ba b9 5a ad 8d d9 a8 c6 ce b9 59 d5 08 74 ab 9a 29 87 fc aa e3 3c ce c5 62 cd 6a b3 a9 3e 6b 2a 86 e3 aa 76 7d d7 94 f6 4f a4 d2 06 2c 87 05 87 ad ff 05 23 f5 7a 80 55 05 0a 5a a2 ed 69 94 e7 c9 72 Data Ascii: _[i)>RK)sKS;a#R:HVN&/3ax0%fb/HWHrD/20p.%T0J#)JX$;dJ;<Y@eA=Ki;@x(TxkU7Z4KZYt)<bj>kv}O,#zUZir
2023-04-18 11:25:39 UTC	22433	IN	Data Raw: 54 55 06 26 aa d0 03 34 00 68 3f 0b d9 02 48 56 b2 20 16 d4 0a d3 1a c3 41 1b 77 00 8a 56 14 0c 6a 4a 53 d2 24 3a d1 09 6e b4 67 18 00 5a cf 6c d8 ab 9a 76 e6 09 0d b8 40 06 a4 30 c1 0c 5c a0 01 51 63 69 06 46 b0 53 12 58 01 49 c5 62 e2 5f cc 21 9b 2a 04 60 02 2b 50 81 14 05 a0 42 09 30 31 52 5d ff 11 45 17 f5 c0 d5 b3 81 71 03 05 40 c0 1a df f0 86 17 d4 20 01 09 20 a3 58 dd c6 a0 07 a1 07 1b e4 b0 c4 13 5a e0 bb 16 7c e0 ae 78 d5 54 01 3a d5 82 bd ac a3 0b 0f 80 00 05 06 2b 38 08 20 32 05 10 28 1c 65 56 20 00 aa 82 80 92 2e 88 ac 0b 0a 80 01 3b 90 61 4a 78 69 84 04 ac 50 2c 6b 7a d4 a4 a0 2d 29 68 4d 4a d4 d2 0e f5 b4 44 15 ad 6a 29 aa da 06 10 d4 a4 aa ed e9 06 31 80 53 80 a6 32 98 a6 9c 80 bb 82 38 5a 0a 06 f3 b7 2d 20 28 31 f3 49 5c 67 1a f7 b8 03 24 Data Ascii: TU&4h?HV AwVjJS$:ngZlv@0\QciFSXIb_!*`+PB01R]Eq@ XZ\|xT:+8 2(eV .;aJxiP,kz-)hMJDj)1S28Z- (1I\g$
2023-04-18 11:25:40 UTC	22641	IN	Data Raw: f2 98 8b fd 1e 42 a6 f0 f1 25 59 7e 99 93 60 1a 98 30 8b 2c 22 31 51 f8 c2 ff 02 28 92 89 54 6c 09 92 a1 4c 62 54 44 46 c4 6d a6 0b 5d c8 c2 03 4c a6 2a 2f a8 a0 74 29 e3 0d 13 04 70 82 17 d4 c1 05 10 09 40 16 d4 77 86 0a 00 47 00 12 20 c1 63 f8 a0 a9 0b 80 20 0a 02 2a a3 1a cc e6 80 46 3a 20 08 ff 20 b0 8e 75 a0 26 49 eb b8 a0 6a d6 31 4f 08 0a 60 00 04 d8 c7 3d 5b b3 c0 88 b8 36 22 b0 99 c0 91 8e 7c c0 72 d8 c6 1c 11 8c e8 95 0d 52 50 83 1a a4 b7 09 80 60 4d 01 a8 80 1f c6 f0 04 0c c8 28 00 2b f8 ce 88 84 39 22 05 b4 a0 0b 66 e4 58 c7 94 d0 85 02 bc 60 34 a3 41 40 c8 d6 24 a7 07 34 a2 00 6b e8 42 00 0a 60 03 c7 9d a0 0e 76 2c 00 8f 6a f0 02 d3 95 e1 01 1c 98 00 02 fa d0 80 86 81 22 76 a4 b8 92 9e a2 11 01 df d8 f3 9e f8 cc 67 6b d8 87 95 65 18 c3 1d c4 Data Ascii: B%Y~`0,"1Q(TlLbTDFm]L/t)p@wG c F: u&Ij1O`=[6"\|rRP`M(+9"fX`4A@$4kB`v,j"vgke
2023-04-18 11:25:40 UTC	22657	IN	Data Raw: 56 1c a0 41 85 1f 2d 40 20 ab 01 6a 10 b7 bd 5b 7e a8 43 01 40 50 01 80 0c 26 30 91 da d6 12 74 d0 84 6c 89 63 5b dd ea 96 01 94 b1 04 19 c8 40 08 e2 0a 41 64 26 f3 84 ca 7c 26 49 4b 78 02 19 ec 30 0c 8c 69 2c 5b 08 c2 40 04 40 00 a3 15 4a 02 00 ad f1 cd 40 58 a3 2f 7e d5 6d 34 11 00 00 19 48 30 30 06 55 01 03 07 1b cd 05 72 42 c3 4f 38 e7 38 48 94 18 c5 18 e6 1c e8 64 0c 41 d5 21 c3 18 36 84 19 4d d4 a7 ff 0a 9d 91 cd 66 40 10 35 ce 48 21 42 9a 80 59 2a 3a 13 33 f7 e0 82 3d 2b 73 59 cb c8 03 9e 9b e5 47 3f 96 c0 8e cf 9c 42 86 a5 a5 26 02 42 d2 e1 28 9e 73 21 8a 95 50 33 fa 6a db 84 0a a1 c3 58 00 a0 18 97 29 c4 12 1c c1 b5 ae 91 68 47 dc 00 43 03 70 53 37 4b 00 03 04 07 eb 83 00 30 50 85 83 b1 48 02 ab 4b 8d 65 96 23 08 e7 fc 0d 0c 04 d1 58 26 45 63 1a Data Ascii: VA-@ j[~C@P&0tlc[@Ad&\|&IKx0i,[@@J@X/~m4H00UrBO88HdA!6Mf@5H!BY*:3=+sYG?B&B(s!P3jX)hGCpS7K0PHKe#X&Ec
2023-04-18 11:25:40 UTC	22673	IN	Data Raw: 30 41 0b 01 34 60 c5 15 57 e4 07 c5 02 2e 54 f8 a0 16 56 dc 30 83 04 12 04 e1 21 05 82 b4 50 84 03 1e 06 21 08 05 41 88 50 00 7a 59 14 90 85 23 91 b4 86 a0 12 d8 3d 60 83 0d 98 88 64 c3 01 15 ac 67 40 10 2d 9c d2 4a 71 42 02 d0 40 05 02 54 d0 98 0d 32 d0 22 8b 10 11 dc 61 c5 22 bb 58 d1 cb 2f dc 40 73 cd 31 e9 64 29 c5 36 a1 71 36 cd 58 64 46 13 50 36 76 45 13 0c 3b 0f 2c 51 a6 32 17 98 d3 d5 98 07 2c 61 4e 03 78 e6 a9 e7 9e 7c 4a c0 67 9e 1f 2d 20 57 57 e3 90 d3 00 19 18 20 ff 14 ce 32 d4 30 ea 55 43 05 45 24 11 45 4f 3c 50 c6 2f 45 4d 54 80 45 73 01 20 54 06 24 68 74 12 18 fb d8 44 d2 43 2d 1d 40 06 19 a5 ba b3 d5 13 38 45 4a 11 54 5b b9 03 00 65 d2 68 c4 28 39 e9 1c 25 94 58 44 2d 00 86 a0 e1 70 c6 6b 40 a4 39 b3 4e 04 00 89 43 26 59 d3 64 f5 2c 58 64 Data Ascii: 0A4`W.TV0!P!APzY#=`dg@-JqB@T2"a"X/@s1d)6q6XdFP6vE;,Q2,aNx\|Jg- WW 20UCE$EO<P/EMTEs T$htDC-@8EJT[eh(9%XD-pk@9NC&Yd,Xd
2023-04-18 11:25:40 UTC	22689	IN	Data Raw: 3d 2a ca 44 bd 8b d4 e2 5d 2c 0b 2e f1 e1 96 2d aa 53 e8 a9 39 6f 8d 7e e2 5e 94 4e 3c cb 32 eb 70 91 1b df 9e 36 7a f7 ee bc 3e fb e5 9e 16 f0 21 95 90 af 19 4a 9b a5 bd fb 8b 02 83 4f 7f 6b 6c ab 32 ec ed 1d fb 6e 14 45 50 fe b8 92 b5 d7 45 14 fb 05 75 08 81 08 26 58 60 3e e7 35 c8 98 70 8c 1d a8 60 82 c7 75 91 05 81 ee 49 e6 4f 59 a0 59 14 85 80 16 5a 84 9d 83 c3 fd 96 5a 6c 3b 7d 34 9b 66 fb 88 36 5a 1c 71 8c 76 da 6a a8 a9 f6 d1 4b 2e 95 43 8b 5f 39 6d 24 c8 18 2d 54 f0 40 03 60 80 31 5b 8e 85 44 80 41 ff 81 13 36 39 e1 85 19 b6 f7 61 82 51 66 61 46 7b 57 5e 69 9d 80 d8 c1 d5 95 20 62 25 44 c5 98 62 0e 92 10 64 9c ac 91 9e 77 ec 65 f1 85 19 66 bc 09 e7 95 63 54 b9 65 16 55 54 21 e5 85 1f ba f7 85 94 18 42 09 25 86 8f 61 17 dd 83 71 3d 16 5d 16 8b 66 Data Ascii: =*D],.-S9o~^N<2p6z>!JOkl2nEPEu&X`>5p`uIOYYZZl;}4f6ZqvjK.C_9m$-T@`1[DA69aQfaF{W^i b%DbdwefcTeUT!B%aq=]f
2023-04-18 11:25:40 UTC	22705	IN	Data Raw: 55 06 b1 b6 00 0d b4 90 b3 17 55 0f 00 0f cb 97 55 55 13 8f 8d 02 92 13 84 63 63 05 d5 87 dd d5 05 56 51 56 63 00 18 02 4d 7d 7d 4d 8b ba 20 4b 4d e8 e8 4b e6 e8 ea e9 f0 f6 f7 ea ef ef e9 8a 4b fa 96 80 20 e3 2e 51 3c 44 9d 02 2c f2 92 6e 51 83 07 18 00 fa 43 54 80 d9 82 4e 05 96 5c 58 c4 51 23 06 4f 9b 04 59 02 b0 b1 a3 c9 8d 02 30 3c 89 12 85 0b cb 28 5b b6 58 e9 75 e0 d0 a8 25 07 70 3e 20 24 88 25 17 25 5c fc 08 15 da 85 c3 09 0b 09 2c 28 4d 9a f4 05 06 2b 15 40 f8 a1 82 a6 4c 81 00 54 a6 80 01 e8 e5 42 ff 83 33 20 0c 4c 28 90 25 02 1f 3e 7a 20 31 01 b1 00 8a db 9f 3f b5 44 51 42 d7 8f 92 2c 0a 1c e8 75 60 62 42 8d 21 21 42 e4 00 0c d8 96 01 08 2f 72 4c 40 0c 62 42 10 08 16 3a 74 b0 60 a2 43 65 ca 10 12 24 90 bc 34 01 02 08 10 1c ac 68 71 86 ae 12 a1 Data Ascii: UUUUccVQVcM}}M KMKK .Q<D,nQCTN\XQ#OY0<([Xu%p> $%%\,(M+@LTB3 L(%>z 1?DQB,u`bB!!B/rL@bB:t`Ce$4hq
2023-04-18 11:25:40 UTC	22721	IN	Data Raw: 5b d6 38 bb 3f d2 1a 30 d7 83 88 90 c1 31 8a bd d8 8d bd 48 57 50 25 52 ba 0d 4e 00 05 23 37 a7 18 57 02 40 80 71 37 d0 21 39 83 93 a0 c1 1f cc 01 81 8c 01 1f 4e 83 8c ae bd 71 3c 49 72 91 39 03 0b b0 14 03 e7 e9 64 f9 0b a1 bd 02 04 92 1f 35 78 ba 58 13 0b be 3d 5d 08 e7 db 5b 20 ab 7a 04 db ec 55 0a cd 9d 05 73 5b 4a c0 5c dd d3 cd c4 29 60 98 bf 6a 02 d2 0c cd bd 0b cd 16 b0 a9 bb 3b de 9e 14 39 22 a0 1f 06 80 de 1e 58 39 a3 80 bc 39 10 02 c3 04 0b f7 41 70 54 79 01 4d 70 3d d3 db 5a 06 c0 04 fd 41 a6 fc 01 7d 02 20 06 42 f0 cd 3b b0 62 c0 31 c7 06 fe 04 e8 b2 d5 a8 b4 b3 5a be 88 5a 9d d4 f9 ec 9f 04 cd 4f 7f 65 89 48 7c 01 aa f6 c5 ec 8a 40 de 48 ff b1 48 71 d5 06 0c 58 ea 09 76 3e ba 3f ef ea be 0e 5f 57 00 61 07 10 71 29 15 2f 35 1b 3d 57 31 4e 06 Data Ascii: [8?01HWP%RN#7W@q7!9Nq<Ir9d5xX=][ zUs[J\)`j;9"X99ApTyMp=ZA} B;b1ZZOeH\|@HHqXv>?_Waq)/5=W1N
2023-04-18 11:25:40 UTC	22737	IN	Data Raw: cd 94 93 07 ee b2 ec 88 df 49 5b 3a b5 0a dc 0d 30 5c ac a2 04 0b e0 b8 0b 00 05 e2 ab 04 0f 70 b6 2b 50 c5 ad cc 04 1f 23 e5 63 10 a9 63 80 01 7e 8b 90 ff 55 63 5f ed c9 f6 66 00 dc 96 7a e1 a3 79 03 d7 9e 20 80 01 37 30 05 3e 87 d4 51 f0 c1 76 69 d7 08 d9 aa 10 60 02 68 3e 03 78 00 c8 18 50 00 35 0d 3f 09 a3 22 dd 63 2f 53 80 05 11 80 d8 56 c0 c6 2c 60 b9 a4 71 03 0b d0 00 2a 13 19 00 55 d9 fe 94 02 00 05 ca a1 ec 03 9a ed 06 0f a0 2e 46 71 11 a8 4b 5a 1e 17 04 a0 1b 04 bc 36 97 5b 73 c4 b3 4b ab 74 15 37 b8 7b cb 42 c0 8d 2e 60 dd d3 72 ba 07 60 db 10 37 e1 cc a3 b2 2e 7a ac 50 68 d1 3b 19 94 26 bc b0 1f 4e ad 18 95 93 7c 66 75 7f a6 29 80 d3 65 84 15 2e 72 e8 2e f2 6b e3 50 e7 ec 3c e7 2e f1 82 49 d4 02 00 4a 70 a9 ad 92 dd 42 ec ff 04 9b 30 06 d3 1a Data Ascii: I[:0\p+P#cc~Uc_fzy 70>Qvi`h>xP5?"c/SV,`q*U.FqKZ6[sKt7{B.`r`7.zPh;&N\|fu)e.r.kP<.IJpB0
2023-04-18 11:25:40 UTC	22753	IN	Data Raw: a2 98 40 ce b1 d5 d6 31 67 d7 51 01 be 68 05 15 04 06 51 20 67 25 63 2e 13 7a 09 1f a3 c8 c5 11 a5 63 90 05 d6 58 2c c7 a2 42 44 61 cf cc 72 23 45 51 92 75 30 07 5a 53 da 59 d3 49 cc 62 15 54 60 06 75 c0 4b 32 79 81 66 50 05 b1 3d 0d 4a ed 36 54 71 db bc f3 1e 00 45 3b ce 87 9f 40 24 00 0a 14 d7 7e 5d 75 3e 81 bb 74 56 2e cd c0 cb b5 3b 25 59 e8 d7 28 97 22 15 44 2e c7 2d 0e f1 31 67 e5 52 32 0d 50 06 c4 73 dd 96 50 32 5e 88 08 64 a1 9f 90 ed 63 4e 45 69 9b a0 6a 91 dd dd 97 40 be 59 f0 04 29 db 7f 92 2d 1b f0 bd 0b 04 0d 51 1c 55 d9 15 50 9e ee 9a 1c 22 5a 01 d7 27 6c 7f 35 23 5a c0 8d 9f 14 4b 18 40 5f b1 44 06 f5 fd 9e fa 7b 7f 3a 44 17 c6 12 2f 02 2c c9 77 71 06 0a e0 47 82 e9 92 37 1b d5 92 4b 70 b5 35 43 6d 64 46 01 57 07 a9 fd ff ae c0 25 47 41 80 Data Ascii: @1gQhQ g%c.zcX,BDar#EQu0ZSYIbT`uK2yfP=J6TqE;@$~]u>tV.;%Y("D.-1gR2PsP2^dcNEij@Y)-QUP"Z'l5#ZK@_D{:D/,wqG7Kp5CmdFW%GA
2023-04-18 11:25:40 UTC	22769	IN	Data Raw: c2 96 68 61 35 63 83 48 07 c0 19 36 60 ad 32 d0 07 0d f0 7c 1b c2 9c 4d 60 37 de ea 49 b8 30 6d d0 79 0a e1 79 be b9 f0 ad 9d 74 18 00 fb ad d0 e9 0c f4 c4 ff 0a d3 56 a0 ee 59 82 c5 54 be 4b 11 00 d0 90 af de c8 6d 1d c8 ae 42 32 a5 e1 b4 14 cf e0 12 18 80 0b 0a 6c 20 06 80 01 9f 03 3f 2d f2 8f 29 ab 27 0e 7b 8b 18 d2 05 63 e0 0f eb d0 90 f1 30 01 c4 72 58 84 50 61 a0 80 73 0c 39 0e 0f 80 68 84 e0 04 6d b7 9f 24 6b 4b 27 9b 09 02 40 3e 87 61 35 a7 65 a3 24 c4 c0 97 d0 23 3a 5c c3 a7 34 0d f0 1b ae b5 c0 2a ef 07 02 ab f2 65 b9 b0 2a 5a 72 61 30 2b 09 76 25 4f 2e 07 09 81 2b 25 eb fb 37 e8 f7 ae 38 d8 a0 aa 10 83 23 b1 29 3c 07 3e fd e3 3b 9c 23 0a 4a a9 b5 27 d5 b5 00 00 50 8d e0 3b 97 e0 38 5c 30 a6 5f 01 6d 66 8b a6 16 50 1e 3e c3 33 3c b3 43 01 80 03 Data Ascii: ha5cH6`2\|M`7I0myytVYTKmB2l ?-)'{c0rXPas9hm$kK'@>a5e$#:\4eZra0+v%O.+%78#)<>;#J'P;8\0_mfP>3<C

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:39 UTC	19458	OUT	GET /6b4bc2393b34f569886385798f04319d.gif HTTP/1.1 Host: m10011.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:39 UTC	20210	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:39 GMT Content-Type: image/gif Content-Length: 67829 Connection: close Last-Modified: Fri, 31 Mar 2023 06:50:35 GMT ETag: "642682bb-108f5" Expires: Tue, 18 Apr 2023 23:25:39 GMT Cache-Control: max-age=43200 CF-Cache-Status: HIT Age: 119150 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeVfOJe5p0EEWNrPKDItlgm%2F6xatwNXpZPIfEBSXikIv1rZrfW%2BTVZB8L6DWUmrB3DTew8FQ2s5lhaFCmAeTvLdA%2BoiZ4w%2FP4IIlpp%2BR8%2BNVBxUlgRtB8E2WGX2j7eXd26mvftuKkkdF"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} CF-RAY: 7b36df13ebe1ef10-PDX alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Cache: HIT Accept-Ranges: bytes
2023-04-18 11:25:39 UTC	20210	IN	Data Raw: 47 49 46 38 39 61 2c 01 c8 00 f7 ff 00 1a 63 ed 2f 33 4f ff f7 d9 f5 2f 00 ff f7 c8 f5 b5 af f7 dd 5d 64 9c f1 e8 32 24 59 15 d3 87 55 dc d3 b8 aa f5 cc b2 a1 12 00 67 4c 10 ec 44 30 fc ef c9 10 07 05 f0 95 86 f8 ed d6 df e7 fe 6f 74 8e f4 a9 97 d6 aa 0f f9 cd 2c db c6 b6 fd eb 62 ae ab f1 25 88 f3 24 10 03 70 a1 62 92 73 1d f4 c8 3f e9 bc 2f 38 97 00 46 23 00 cd a9 96 25 25 3b fb d9 d7 b8 b7 b4 f5 77 6a cc af 41 2a 61 ed 9f 6b 95 e8 d7 c7 9f ab b6 b2 8e 1c ff f8 00 f2 8a 77 eb eb ea e6 b8 17 d5 ae dc d9 dc fb c5 53 26 c1 10 00 eb e7 d9 e9 ec fb bc c5 dc 91 96 b2 ab b3 ce 39 3d 5e af 8c 73 f8 db 42 b4 aa 93 6d 71 77 b3 99 8a e6 de eb c8 9b 14 fb ee eb db da da d0 97 8b f4 15 20 f4 69 57 90 90 91 f6 54 44 75 40 e4 ea dd d6 29 6d 00 b2 c7 fa cd 8d 6f c6 c6 Data Ascii: GIF89a,c/3O/]d2$YUgLD0ot,b%$pbs?/8F#%%;wjA*akwS&9=^sBmqw iWTDu@)mo
2023-04-18 11:25:39 UTC	21232	IN	Data Raw: 8d 41 48 02 9d e7 40 5d 23 74 08 24 c9 ca 49 ee c5 0e a8 64 06 b6 24 91 51 4f 4c ce 24 05 d4 e4 4a ce 1c 4e be 64 32 c0 94 3a a2 60 24 c6 e3 0e 32 04 42 22 a5 35 ce a3 04 b4 cc 11 58 43 27 9e 58 28 42 d5 8a 09 d2 49 a8 41 4e e4 41 39 0d e4 42 1a e4 de ec e2 c5 25 d7 a4 2d 64 88 89 5e 11 08 41 5a 5a 9c d9 88 01 df 5c 1c 0d 28 0f 00 b5 e5 ec d9 e2 04 18 06 5c ae 21 a3 e0 5d 65 b4 d5 5c 96 8d a6 08 81 99 3d d1 5c 66 c6 dd 25 0f 98 79 c1 54 c8 ca e7 29 dd 60 7e db d9 00 d1 be bd a4 88 4c 85 e2 84 98 63 8a 08 64 d2 88 64 c6 65 62 5a 66 c2 d4 ff 9d e6 cc 02 53 96 64 83 18 58 69 36 25 66 92 44 25 3c c3 53 9e 9a 3e aa 5a eb e8 46 1e 7c 90 b3 f4 16 2b b6 e2 e7 39 64 c0 15 c1 e7 7d 65 88 11 60 01 12 46 88 08 9c d2 15 67 6f 32 81 ce 4d 82 05 32 dc 04 24 83 ce 7d de Data Ascii: AH@]#t$Id$QOL$JNd2:`$2B"5XC'X(BIANA9B%-d^AZZ\(\!]e\=\f%yT)`~LcddebZfSdXi6%fD%<S>ZF\|+9d}e`Fgo2M2$}
2023-04-18 11:25:39 UTC	21634	IN	Data Raw: 61 fa 94 f6 08 81 2c f8 80 0f d8 39 75 e0 ab 30 58 00 61 23 02 10 e2 82 cd aa 30 21 c8 0f 6d 09 07 0e ab 30 36 71 ac 9a b9 87 15 10 1c 0a c8 c3 4e a0 a7 0d e0 43 20 c2 01 17 cb 47 7f 90 05 41 68 84 21 f2 cc ce 04 4d 6f 21 3b ae 78 c8 7b 30 01 75 e0 0d fe 4b 07 32 18 9d d2 49 07 85 92 87 74 78 02 1b c0 05 d1 cb 8b 23 8b 3b 22 60 ad 86 0a 02 05 fa 81 1f a8 87 2b 93 12 08 5c c9 88 a9 98 c7 5b 1b 6c 90 40 b2 a9 87 c6 28 07 d0 98 b7 da a1 80 5a d8 00 5d 1c 00 9a 81 01 32 a9 33 cf 43 91 5d 0c 2a 32 c9 4e 79 18 80 31 01 04 14 b0 a9 52 a8 82 5d ff a0 83 1c d8 87 aa 44 25 12 58 c6 f7 71 1f 4f fa ca 46 9b bd fb 7c 8e 28 20 c2 b2 b4 42 45 b0 82 6f 94 08 af f1 87 27 a0 39 02 25 95 03 b2 42 ef 48 91 09 02 83 ba 7c ab 66 b8 85 4d f8 94 4d 58 80 a1 53 21 c3 6a 04 72 60 Data Ascii: a,9u0Xa#0!m06qNC GAh!Mo!;x{0uK2Itx#;"`+\[l@(Z]23C]*2Ny1R]D%XqOF\|( BEo'9%BH\|fMMXS!jr`
2023-04-18 11:25:39 UTC	21923	IN	Data Raw: 2f 68 8c e8 9c 9c 12 38 ce 45 e4 69 82 4a 17 9f 48 ff 4c a0 16 92 3d 15 d2 46 58 c6 84 d2 21 aa c2 05 8c 75 0b 46 9c 8b 4b 64 aa a7 7a aa 37 76 6a 87 96 40 b9 ce 42 00 b8 2a b9 d6 61 f9 f5 a1 58 30 81 18 f8 81 c1 6a 03 ce ac d7 60 42 80 4f 81 28 85 76 aa c1 be a8 b4 4c 29 94 2a 2b 94 9a ec 03 e4 83 09 98 a5 57 26 eb c9 c6 ec b0 0e c0 3a 3c 40 0f c9 2c ce a2 2c 5b 3e 40 3d 6c 29 5b 78 69 ba 02 c1 ab f6 c2 48 62 04 f9 1d 2a 1d 26 6a 85 b2 29 7d 1c ad 63 d0 05 b0 b1 13 5b 04 86 46 58 46 c5 b0 c5 a1 5e ea 3f 94 41 6f 66 63 41 7c ca 45 dc 80 77 50 40 c6 72 2d c3 fa ab 37 72 6d 0b 55 00 d7 8a ac a7 be a8 77 68 24 dc 00 e7 70 72 ed 8d ee 9c f9 89 5e 05 20 6c 85 1a 2c d7 be 47 91 ac d2 af be ac ce 4a a9 79 42 1f 32 9c ec e0 16 2e cd ce e5 f5 35 2e e1 9a 6c e1 16 Data Ascii: /h8EiJHL=FX!uFKdz7vj@BaX0j`BO(vL)+W&:<@,,[>@=l)[xiHb*&j)}c[FXF^?AofcA\|EwP@r-7rmUwh$pr^ l,GJyB2.5.l
2023-04-18 11:25:39 UTC	21967	IN	Data Raw: 03 2f f1 12 be 2b 00 1b f4 07 73 c4 03 7f 90 87 01 ff 40 02 7c 03 5a a0 6d cc 53 f8 87 68 00 85 ed 10 19 78 90 c2 05 08 03 1a 1a 89 7e e8 19 2a ab 13 34 91 a0 8b 8b 8c bd 18 8c ad a1 a2 0c 80 83 02 58 c3 d6 8c 01 e7 92 0c 26 78 2e 28 e9 81 2c e8 81 6e 5d 83 20 58 a8 32 ec 81 59 fa 80 37 e8 83 37 18 50 31 98 07 28 a0 04 a9 4b ab 7f 98 01 58 84 c6 bc ac 07 49 64 84 79 f0 52 81 51 44 ed 10 82 af d9 0e bd e0 00 3c 55 c4 b2 63 bf c8 2d ba 9f e3 4e ee fc 39 bd d8 07 5a c2 06 65 80 11 66 23 82 41 ed b0 74 78 a2 5b e0 45 ac 30 01 40 e5 08 d1 85 4d 68 d8 b1 31 88 81 7b e8 06 8b f0 80 0f 08 b7 c8 5b bc c5 8b 10 6c 9c 88 3e 69 01 50 f5 36 0c 11 c6 1c 1c 55 a0 53 42 bd 40 02 20 e4 88 7b 33 c7 67 c3 0a 80 63 59 7e 0b 85 58 38 07 4c 28 26 64 f4 d5 e5 23 01 33 48 b8 05 Data Ascii: /+s@\|ZmShx~*4X&x.(,n] X2Y77P1(KXIdyRQD<Uc-N9Zef#Atx[E0@Mh1{[l>iP6USB@ {3gcY~X8L(&d#3H

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:15 UTC	82	OUT	GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=913&et=0&ja=0&ln=en-gb&lo=0&rnd=1663771102&si=5e9d7cf3d8bc896e8ba805acce901956&v=1.3.0&lv=1&sn=57935&r=0&ww=1280&u=http%3A%2F%2Fwww.bit-chasers.com%2F&tt=%E8%B5%A4%E5%B3%B0%E7%96%9A%E4%B9%85%E7%89%A9%E6%B5%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 Host: hm.baidu.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: HMACCOUNT_BFESS=144E42177D5AB4F9
2023-04-18 11:25:15 UTC	84	IN	HTTP/1.1 200 OK Cache-Control: private, max-age=0, no-cache Content-Length: 43 Content-Type: image/gif Date: Tue, 18 Apr 2023 11:25:15 GMT Pragma: no-cache Server: apache Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff Connection: close
2023-04-18 11:25:15 UTC	84	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b Data Ascii: GIF89a!,L;

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:39 UTC	19511	OUT	GET /df85128d10137498b08a8b243671d3d5.gif HTTP/1.1 Host: kvegg.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:39 UTC	21541	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:39 GMT Content-Type: image/gif Content-Length: 63759 Connection: close Last-Modified: Wed, 18 Jan 2023 12:22:20 GMT ETag: "63c7e47c-f90f" Expires: Mon, 01 May 2023 12:39:13 GMT Cache-Control: max-age=2592000 CF-Cache-Status: HIT Age: 4250 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tBdnjk9h7za35%2BrKmf0s3W%2BU5xiFeLrYzBh4t%2FJwo6BLlc5xT7ZU4kjKd22rQx1fNl%2FazpU7NFDOLgt3eLS3VY6oaiFzvTs4OYyTVzrjQaFkqno0NeGOkjI3g%2Fu"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} CF-RAY: 7b114c877e9ac501-SEA alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Cache: HIT Accept-Ranges: bytes
2023-04-18 11:25:39 UTC	21542	IN	Data Raw: 47 49 46 38 39 61 40 01 b4 00 f7 00 00 00 ff 00 14 0f 11 19 17 18 1c 1d 22 1f 24 2e 24 1a 1c 25 24 26 26 20 22 26 df d8 27 de d9 29 de db 2a dd d6 2c dd db 2d 27 2d 2f 27 26 2f 2d 30 33 da d3 34 e1 de 35 33 34 35 37 3c 36 3d 49 40 34 35 40 d8 d2 41 3a 41 42 37 43 42 d8 db 43 3b 3a 43 3c 41 44 46 4e 44 d0 d0 45 3f 43 46 44 45 46 e7 e1 48 51 5c 4b 24 50 4d ce cb 4e 46 47 51 4e 4f 53 55 5b 53 5b 6b 54 d6 d3 56 48 49 5a 50 50 5b 58 5b 5d e3 e3 5e 63 6c 5e cb c9 63 55 55 63 da d6 64 46 72 64 5d 5e 64 f2 ed 66 69 73 67 70 7c 69 1e 7a 6b 64 6f 6c 65 6b 6d 5d 5d 6e 79 87 6f 64 67 73 64 63 73 71 78 73 82 93 75 69 69 75 69 71 77 ca c9 79 6e 6f 7d d8 d4 7e 78 7b 7e 82 8c 7f f7 f6 81 72 74 82 73 7a 82 8e 9d 83 93 a4 84 70 6e 86 55 8f 87 8c 96 88 7b 7b 89 9b ae 8a 62 Data Ascii: GIF89a@"$.$%$&& "&')*,-'-/'&/-03453457<6=I@45@A:AB7CBC;:C<ADFNDE?CFDEFHQ\K$PMNFGQNOSU[S[kTVHIZPP[X[]^cl^cUUcdFrd]^dfisgp\|izkdolekm]]nyodgsdcsqxsuiiuiqwyno}~x{~rtszpnU{{b
2023-04-18 11:25:39 UTC	21903	IN	Data Raw: f1 5f d8 e5 1f a9 64 cf 38 bc ca 38 c0 82 25 14 83 31 94 43 39 b0 40 07 a0 45 04 0e 97 05 02 12 04 74 ff 80 05 40 0b 0c b8 c0 08 a0 40 10 1c 8b 0b 58 60 28 aa 16 26 52 12 60 18 a3 2b 36 89 93 54 90 70 ea 64 86 d9 e2 6b 38 80 01 0c 00 07 f8 c0 13 c4 81 18 3c a7 51 5a 81 9b 8e c1 13 28 81 09 34 e5 07 c8 00 6e 00 0e 77 46 a5 23 e4 c1 9e 56 25 11 42 d5 7b 89 e7 83 55 41 e9 2c 01 10 48 01 7a ee d0 7a f6 c9 14 9a 9c 7b 9e 1c 37 ce 67 7d ea 01 cb 91 81 16 34 41 5b 9a 00 09 5c 80 04 c4 5a 80 92 40 05 90 c0 0b a4 d2 0b bc 06 e3 b4 20 40 56 40 01 bc 00 28 6c 13 3e 42 02 1f 84 d2 17 1c 01 4e 5d 1e 09 4c 40 e3 e0 40 34 30 d6 45 78 a8 78 4c c2 24 14 82 77 94 68 1f f8 41 43 3e 16 8b 26 ab 8a e2 53 2a c0 c2 8b 52 96 4e 00 c5 8c 8a 4a ff 55 2b 69 42 a2 1c 15 83 34 c0 02 Data Ascii: _d88%1C9@Et@@X`(&R`+6Tpdk8<QZ(4nwF#V%B{UA,Hzz{7g}4A[\Z@ @V@(l>BN]L@@40ExxL$whAC>&S*RNJU+iB4
2023-04-18 11:25:39 UTC	22052	IN	Data Raw: 2a 4d 03 35 d8 53 3e 0d 91 56 34 bc 0f 62 4f ad 72 2f 50 b8 ce ae f4 b7 3a 70 82 b4 50 1e 1c f0 8a 29 ff c9 12 e4 73 b2 26 48 82 49 ad 54 c9 04 2e 34 60 03 4d b5 50 09 9d d0 c9 10 4c 39 a9 50 45 c0 04 51 28 06 69 18 07 63 28 07 55 2d 87 51 20 83 10 a0 00 1f b0 02 32 10 03 31 58 03 14 45 01 a0 f2 8d 4a 11 9a 45 84 8d 79 c8 86 79 10 4d a4 b9 48 8c d4 51 6f eb c8 ce f8 d1 ef 52 c0 b0 19 9b 21 1d 52 08 34 d2 db 9c 56 7a 04 3c 25 6d 95 f3 1a 8f 9b ec 20 b9 71 04 9b c4 49 e4 bc 82 26 01 34 ff 08 b4 e5 69 96 ff e0 01 2c a8 03 94 b9 34 ed 9c cf 93 80 57 39 35 89 da c3 bd 37 7d 39 92 f0 bd 23 aa cf 78 75 84 46 a8 83 9c 74 03 2a 14 47 c5 21 01 81 20 81 17 78 01 59 63 1c 41 53 08 69 e1 af 1c 00 d3 2b d0 53 a6 0c b8 9b bc d8 10 ac 83 3a c0 ba 69 93 98 0f 70 a3 2b b9 Data Ascii: M5S>V4bOr/P:pP)s&HIT.4`MPL9PEQ(ic(U-Q 21XEJEyyMHQoR!R4Vz<%m qI&4i,4W957}9#xuFtG! xYcASi+S:ip+
2023-04-18 11:25:39 UTC	22172	IN	Data Raw: a6 86 11 0d 9a 63 02 1f bc ff d4 f0 6d 0d 6b ee 35 8b 46 0c e2 0f b4 70 1b c7 7e 63 ae 2f ed 86 37 c2 00 80 2a 8e b7 8b e0 c0 09 17 9c 63 4e 7b 6a 51 33 f5 45 8f ff 73 93 73 d3 e9 70 c1 14 f0 b0 6e 15 2b 13 92 7b 1c 95 1b db 64 b0 3d d1 3b 5e 7b 28 d6 94 d3 01 40 60 b5 70 0a 0e 27 28 a8 81 6d cd 36 c7 d3 18 53 28 36 42 1a 3a c6 86 11 4b 59 70 e0 e3 28 c7 b8 ed 82 2d 21 e2 06 37 f8 c3 e2 e9 0e 83 32 0c 0f 2d ee 03 86 74 7c e2 32 4d 99 5f 39 98 52 8e 69 8c a3 29 9b e0 9f ff d4 38 1a d6 18 8e 29 90 10 56 c4 4a 38 24 dc 78 a9 15 0f c4 63 04 33 d1 98 e1 41 71 39 10 0b 0f 07 1b 23 8c cf 19 cc 3d 32 1c 61 63 04 05 9f 09 3a ea 75 af 3b 1d e7 fe f8 42 e5 e0 46 87 3f a3 45 0f 2f 49 c3 5a 94 30 3c 24 8b 4c 0d c5 a6 0a 37 bd 8e 88 d1 73 8f 10 df 24 3c 38 3d 8d 79 e1 Data Ascii: cmk5Fp~c/7*cN{jQ3Esspn+{d=;^{(@`p'(m6S(6B:KYp(-!72-t\|2M_9Ri)8)VJ8$xc3Aq9#=2ac:u;BF?E/IZ0<$L7s$<8=y

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://www.bit-chasers.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\000F7F8FAB2D96E6F8CBD5C9A3B4EC90

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\000F7F8FAB2D96E6F8CBD5C9A3B4EC90

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Chrome Cache Entry: 201

Chrome Cache Entry: 204

Chrome Cache Entry: 205

Chrome Cache Entry: 206

Chrome Cache Entry: 207

Chrome Cache Entry: 208

Chrome Cache Entry: 209

Chrome Cache Entry: 210

Chrome Cache Entry: 211

Chrome Cache Entry: 213

Chrome Cache Entry: 214

Chrome Cache Entry: 215

Chrome Cache Entry: 216

Chrome Cache Entry: 217

Chrome Cache Entry: 218

Chrome Cache Entry: 219

Chrome Cache Entry: 220

Chrome Cache Entry: 221

Chrome Cache Entry: 222

Chrome Cache Entry: 223

Chrome Cache Entry: 224

Chrome Cache Entry: 225

Chrome Cache Entry: 226

Chrome Cache Entry: 227

Windows Analysis Report
http://www.bit-chasers.com/

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:39 UTC	21870	OUT	GET /960x120.gif HTTP/1.1 Host: 480tuchuang.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:40 UTC	22808	IN	HTTP/1.1 200 OK Date: Tue, 18 Apr 2023 11:25:39 GMT Content-Type: image/gif Content-Length: 316621 Connection: close Last-Modified: Wed, 12 Apr 2023 05:48:38 GMT ETag: "64364636-4d4cd" Expires: Fri, 12 May 2023 06:01:18 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Server: cdn X-Cache-Status: HIT Accept-Ranges: bytes
2023-04-18 11:25:40 UTC	22809	IN	Data Raw: 47 49 46 38 39 61 c0 03 78 00 e6 7f 00 ff d1 03 a0 9b 9d fe f9 a3 19 07 04 c1 35 9b ff d6 27 a1 8f 63 e9 af da e2 13 2b 76 52 0c f9 d8 c9 ff ef 74 a5 b4 d8 a3 8f 09 b2 d4 e6 24 48 a6 d7 d6 d3 d5 83 06 46 22 12 fe 98 00 53 6b ab 7e 88 94 fd af b4 20 9b e1 79 6d 6d f8 d1 f4 50 4d 4a ee bb 68 6e de fc 78 8a cb ff f4 44 f3 d2 77 23 44 75 14 ae 4b d3 f1 fb fd 94 94 de d7 00 09 5e cd ee b5 50 cf b0 92 d2 d9 ef fe dc 4d 3e 30 2c 74 24 57 65 32 0f c4 b8 b6 77 4e 46 36 10 0e 7b 68 3d cf b2 00 d0 b1 4f 1d 29 47 ef c3 a1 c9 91 73 ff ee 33 d7 cd 8b c8 7d 45 cc b2 6f 44 76 c6 dc 99 1d 0f e2 fa c8 94 8e 7d 28 24 d3 af 29 ef ab 32 3e bc f4 93 02 09 ce 7a bc a4 d4 b7 fd 61 69 4f 6d 73 0f f1 87 fe 96 ae 86 47 6f 26 88 9a 5c f6 96 4b 50 71 41 8c d4 0a 33 97 09 60 30 47 0c Data Ascii: GIF89ax5'c+vRt$HF"Sk~ ymmPMJhnxDw#DuK^PM>0,t$We2wNF6{h=O)Gs3}EoDv}($)2>zaiOmsGo&\KPqA3`0G
2023-04-18 11:25:40 UTC	22824	IN	Data Raw: 30 0e f7 85 52 41 70 4c f8 84 4b 68 84 0a d7 1c 3b c0 a7 5e 28 5b 7c 6a 95 3e 58 97 0f 33 a8 5f 38 31 28 06 76 61 29 a8 5f 38 9b 0e e3 30 7a e9 71 75 c9 97 b1 a0 02 d5 89 a9 7d c9 5f fe 55 ff 98 8a e9 98 b1 70 98 fd e5 1b 89 69 aa bc 41 99 74 08 aa ca 92 9a d3 c3 1c 64 12 ab b3 b0 89 b2 4a 26 58 83 1f 58 a7 9a af 59 74 ae 0a 26 27 66 75 94 88 88 5f 74 9b 3a 02 18 5c 17 9b 3e 35 14 20 51 89 b0 a9 02 3d 85 74 8e d0 ab 10 75 33 09 70 05 ce d9 9b d6 7a ad 13 40 9c d7 da 30 7e 90 ad c1 79 05 3b 43 14 cd 69 9c 07 73 ad ec e4 5c 2f 50 69 62 55 89 cf 54 14 4c 02 4c db 59 12 6c e7 9d f8 11 0b 2e 80 0d 18 10 13 46 80 03 57 b0 90 00 6b 65 e7 49 0c 38 60 a1 eb 39 a2 dc 67 02 0e 8a b0 21 8a 00 32 80 03 0f eb a0 0f bb 9e 06 ea 03 29 30 65 56 b0 a1 c3 93 02 1f 70 05 a5 Data Ascii: 0RApLKh;^([\|j>X3_81(va)_80zqu}_UpiAtdJ&XXYt&'fu_t:\>5 Q=tu3pz@0~y;Cis\/PibUTLLYl.FWkeI8`9g!2)0eVp
2023-04-18 11:25:40 UTC	24096	IN	Data Raw: 86 bd 69 2e 76 a5 86 20 77 87 6e b8 11 71 58 72 ff 34 87 c9 99 16 70 94 2e 17 b7 5c e8 03 72 41 49 5e 47 c7 9c cf 09 9d 5d 24 89 da 29 01 12 36 34 1a d0 32 aa b4 89 b6 d4 89 03 b0 0d 2f 03 ff 01 a1 58 01 9a f4 32 ca 32 00 bc 08 17 04 a0 34 92 40 77 ac 98 01 43 73 00 f8 89 9f 93 d1 03 f9 99 9f 1b 76 8b 82 81 04 93 a1 01 f6 b0 02 ef 29 18 2b 10 8c 7b 47 1f e3 d1 a0 14 f0 a0 5a e0 14 78 d0 4c c6 74 02 64 80 06 77 40 07 cd d4 a0 cd d8 a0 3d 80 8d 20 9a 7c c6 e1 62 0d ea 00 8c e3 1c ea 94 a2 a2 47 01 fe f8 a0 1d 50 79 29 1a a3 2d f0 a0 d3 d8 8c c5 f8 1a ff 58 39 09 20 6a 64 a6 3d 32 10 01 18 40 20 07 b9 21 5e 50 02 c2 17 7c 0e 19 04 df 34 91 23 55 03 79 b1 06 75 f3 7c 42 50 37 3e c0 51 04 65 27 e4 57 3c 7a 40 51 da 47 7e 7a 80 01 39 60 00 dc 56 03 c4 d3 52 35 Data Ascii: i.v wnqXr4p.\rAI^G]$)642/X224@wCsv)+{GZxLtdw@= \|bGPy)-X9 jd=2@ !^P\|4#Uyu\|BP7>Qe'W<z@QG~z9`VR5
2023-04-18 11:25:40 UTC	24112	IN	Data Raw: ce 14 fa e0 0f e9 54 e8 38 93 b0 4e 8a e6 2d a2 d9 a4 c2 3a b9 b9 1a cf 08 73 60 03 b3 40 76 f0 99 1d 91 82 f4 00 f8 c4 67 0f 5a d0 cf 03 f4 e0 a5 cb ac c1 26 08 00 4d bd 49 d3 a6 66 cc a6 4e f5 96 ce 15 24 61 05 3e f8 69 3a 7b 4a ce a1 9a d1 a7 e4 14 67 37 b3 b9 02 6e 06 15 a2 68 14 ca 21 5c d0 c5 49 fa 04 09 f7 b8 e3 a7 d2 04 3a 04 81 fe a1 08 82 00 eb 00 67 71 45 41 b8 80 7b d7 4b ab 5a d7 6a 20 ee e9 ed ad 70 ad e6 5b 0f 2a 8b b7 96 b0 84 75 3d 63 34 ab 69 41 8e 36 a2 84 2b 00 ac 36 4b a8 cd a3 46 93 9b 47 e5 6b 34 cd 68 58 c6 2e 56 a1 31 b9 62 59 ff 50 d6 c9 46 82 11 88 c0 2c 65 cf c2 02 cd 6e 56 10 9d b5 ac 20 1e f9 48 b4 48 b6 10 9d e5 8c 65 3d 2b 13 cc b2 f6 12 a4 05 6d 69 ff f0 48 15 5c f1 b5 99 cd 6c 68 c7 2a 09 d1 a2 76 b6 84 08 2d 70 99 38 a0 Data Ascii: T8N-:s`@vgZ&MIfN$a>i:{Jg7nh!\I:gqEA{KZj p[u=c4iA6+6KFGk4hX.V1bYPF,enV HHe=+miH\lhv-p8
2023-04-18 11:25:40 UTC	24244	IN	Data Raw: 4e 23 64 14 6d 88 50 ec d4 4e 18 66 5d 38 d9 43 a0 43 79 d2 32 3e 0d 99 8f 81 38 4a 81 88 3f 64 b3 34 a7 64 05 5a 54 07 5c 43 49 02 f3 3f 56 22 58 a0 63 00 94 37 4a 1e d5 79 76 46 94 12 16 95 c2 71 8e fb 94 65 03 42 6e bd 84 3f a2 c8 3b fa 34 13 2c f7 01 a9 98 96 ab 65 91 d7 81 91 19 d9 52 64 10 97 71 69 85 e0 f7 07 72 79 97 0f 14 5b 77 79 97 f4 10 01 7b 29 97 e0 f4 97 71 69 5c 82 49 06 b5 63 0b 45 c1 93 82 10 56 59 a0 ff 50 e1 e8 03 19 f6 6b 82 b0 3e 5a 25 65 f6 61 22 ff c8 3b 5e 14 88 bf 84 5e fe a4 1b 35 70 46 a7 74 44 d1 a3 2f e3 02 3f e1 f8 2a 50 60 1f 5f d5 66 5e 94 4f f1 51 58 71 e3 50 c4 f4 02 24 f5 8f bd 34 25 2f 80 99 39 20 0a 6d f4 07 c7 d3 9a 5d a7 18 5b 99 4f 1f b2 3c f7 a2 98 69 c7 96 72 e1 96 2c 95 00 64 30 01 d1 49 06 ae a3 31 d2 79 9d d3 Data Ascii: N#dmPNf]8CCy2>8J?d4dZT\CI?V"Xc7JyvFqeBn?;4,eRdqiry[wy{)qi\IcEVYPk>Z%ea";^^5pFtD/?*P`_f^OQXqP$4%/9 m][O<ir,d0I1y
2023-04-18 11:25:40 UTC	24260	IN	Data Raw: fc 02 01 c5 74 04 70 3b 58 dc 04 fd b1 78 09 4d 68 2a 8f 0b a8 35 0e a2 0d 8b 42 44 0b 6e d0 82 c7 fe 61 ba d3 25 9a 75 67 e6 dd 06 53 40 bc 89 e4 84 ff 04 ea 09 5d 19 a8 f7 c2 8f 5c 8d 56 b3 70 bf 35 40 a0 89 30 f0 83 08 eb 8b 88 a7 1c a4 b8 29 d1 d8 0d 72 20 50 41 a0 0e 11 e5 33 f0 82 69 f6 80 1a 83 94 10 2e 80 58 61 b3 f0 83 c3 5e 98 bd 6e cd 4b 7c b3 10 b8 37 1a e0 04 1a 30 c0 14 d9 7a d6 32 ac e1 b8 8c 49 c4 8f 0a d1 0a 41 18 05 06 3b 50 70 21 7e a0 af 19 57 2a bc 4c d0 81 3c 05 c1 05 ec d5 f6 c2 88 45 6c 04 62 aa 97 9b be 47 10 01 38 68 0e 68 00 81 e2 ae e1 c5 7f 40 dd 9d fd b8 06 3d 04 46 0f c5 ad f2 6e f2 3c 88 16 90 78 10 f7 4c f4 1f ee d9 55 8c 79 f9 41 35 7e 00 08 5e fb c2 e7 fe 38 cd ec 6d ef 7b 23 11 98 0f 4f d3 c9 dc c8 a9 8b 17 b1 86 a8 1c Data Ascii: tp;XxMh5BDna%ugS@]\Vp5@0)r PA3i.Xa^nK\|70z2IA;Pp!~WL<ElbG8hh@=Fn<xLUyA5~^8m{#O
2023-04-18 11:25:40 UTC	24276	IN	Data Raw: e7 6f 5e 88 1a 80 01 6d 9e e6 64 59 08 e7 46 09 1d c5 4c 00 e7 d9 15 d0 51 81 fe 07 83 0e 70 83 1e e8 0e 6e e8 a1 51 01 89 4e e8 8e 00 03 4c a0 01 2e b0 e6 6b ae 01 90 fe 07 75 2e e9 96 ce 04 3e 68 6c 85 10 1e 1a 50 e7 29 35 08 30 60 dd 89 d0 02 4f 2e 11 23 b4 08 11 5e e2 1c ae d6 f5 a0 11 18 8e cb f9 e1 ea 26 7e eb 44 3d 00 e0 a4 13 52 5e eb b7 4e e2 70 5d d4 8b 61 04 89 8e 01 81 6e 04 67 96 e8 c4 6e e8 46 a0 08 0c d0 02 49 58 09 71 c0 06 71 10 07 22 f0 07 70 f0 07 53 40 ed d9 4e ff 08 71 00 07 dc 4e ed 82 f0 ed e1 0e ee e2 fe 07 6c 20 02 6c b0 ee 7f 60 ed 73 e0 08 4c 20 06 1a 00 da 98 2e 06 91 1e ef 98 1e ef f3 2e 08 fb 9e ef 6a 6e dd f8 3e ef f2 fe 07 f7 ae 08 3a 98 ea 6b d2 eb 64 4e 35 44 5d 08 bc 28 e1 30 12 f1 b9 6d e6 85 e0 09 0a 1f 3f 12 5f 31 76 Data Ascii: o^mdYFLQpnQNL.ku.>hlP)50`O.#^&~D=R^Np]angnFIXqq"pS@NqNl l`sL ..jn>:kdN5D](0m?_1v
2023-04-18 11:25:40 UTC	24292	IN	Data Raw: 9f 4c 48 11 f1 98 a6 80 84 19 ec 3c ec cf 3d 3f 18 61 9e 10 fc 77 c0 d1 48 27 ad 74 9a 4c 0f 92 26 b4 a9 4c 34 08 a0 83 88 54 13 d4 58 e7 d7 65 32 23 73 2c c8 06 1f 80 2d 76 d8 64 8f 2d 36 21 18 8f fd c7 d9 1f 94 ed 8e d9 64 cf 5b b6 db 6f ab 47 2f dd 9e 9a 9d b7 dd a1 0e b2 81 2f a9 20 96 f5 e0 df e1 c3 c8 01 44 eb 39 f4 e2 89 37 ce 33 6a 88 2f bd f4 1f 4d 13 ae d1 0b 54 cf 60 f9 e6 ba 75 90 ae df 19 eb 47 2f e7 f3 e6 27 03 22 be 92 ae 7a 3e 60 a6 12 79 6b 88 47 08 34 84 ae 15 9d 81 d1 45 47 2e 79 8a 47 53 ee fb ea fc 01 8a f9 b5 c0 17 ff 4b 05 1f da 2a 48 7c 8c d0 6b 42 6e cf 23 d2 96 6e d1 e3 16 fd f3 6d c1 f5 96 09 db 77 af 3d 5c cd bf 63 fc ff f8 ee 68 9e 08 68 cf 4a 18 bb e3 ec 2b 3e 34 ee 92 33 dd f4 d3 bf 93 2f 08 01 85 50 60 ff fe 83 74 29 c1 52 Data Ascii: LH<=?awH'tL&L4TXe2#s,-vd-6!d[oG// D973j/MT`uG/'"z>`ykG4EG.yGSK*H\|kBn#nmw=\chhJ+>43/P`t)R
2023-04-18 11:25:40 UTC	24308	IN	Data Raw: d9 c0 12 37 b0 31 23 9e e3 6b 39 c8 01 4b fd 94 10 96 ba 32 a7 39 cd c2 16 21 1a 01 20 18 e0 99 77 33 8b 5d f6 a6 b2 5c ce a4 50 6f c1 d4 1c fc 70 39 c1 95 41 26 31 79 83 0b 3e a6 28 c6 fc a1 07 01 70 81 1b 42 13 80 11 14 21 4d dd d8 d4 1a 3a 75 a8 77 b0 55 6b 8b 34 14 52 4b c7 99 5d bc 66 59 c1 9a c4 5e 92 45 ac 21 dc 4a 03 80 55 c1 0b 56 40 05 2a b8 06 aa 2d 08 00 26 0a a1 88 3f 00 16 b0 ee c3 00 24 00 23 4b 4c 7c 66 65 98 6d ea 53 e3 90 84 70 41 cf 55 a0 0d ed ba 7a 55 ab d3 f4 a7 10 4c 78 49 35 ac f2 00 f9 10 02 00 d4 f8 43 0e ce d7 4d f6 fc 81 0e 74 b8 ad 5d fa c7 9f 73 22 c0 05 11 63 20 01 d3 01 c0 3f 20 30 96 da c8 27 ff f6 52 b2 21 65 cc 40 1e d0 8d ae 74 e5 f1 bf 14 8d 2f 40 3a 48 68 21 60 b0 81 8d e8 2c a2 37 62 4a 8e 60 52 82 17 36 45 68 aa 25 Data Ascii: 71#k9K29! w3]\Pop9A&1y>(pB!M:uwUk4RK]fY^E!JUV@*-&?$#KL\|femSpAUzULxI5CMt]s"c ? 0'R!e@t/@:Hh!`,7bJ`R6Eh%
2023-04-18 11:25:40 UTC	24324	IN	Data Raw: 80 6f 92 0b ce 93 9c e4 8f 9c 85 2b ff 0e 1e 67 88 d1 d2 17 15 05 8e e9 20 30 77 c9 cb 6d d8 c0 0f 98 41 37 fc 50 60 03 cf 85 35 96 04 4b 46 84 06 1c 92 64 b6 b4 4b 1d c4 0e 80 60 4c d2 8e c5 91 f2 85 ef 85 07 b1 5f ac 9a 02 b6 06 9e 01 5e 87 4c e4 22 e3 d5 0f 33 28 71 70 c5 3b 89 c4 4c c8 24 02 3b 49 06 81 95 99 18 af 22 0b 3b 68 81 0a 2c 11 c9 06 b8 f7 0f 1d 9c ef 8e 79 7c da 0d 73 d8 74 1e 36 dd 6c bf 5a 06 bf b6 f9 af 6e 8e f3 5f 49 db 01 fd 02 8b b9 c7 43 6f 49 28 e4 98 1b a8 77 43 70 45 c5 0e 76 00 83 4e e8 29 9d 63 4e 45 86 05 81 81 d8 42 90 01 a9 25 14 90 69 9b 99 35 d4 39 b8 3f 3b 04 8a 1c 2c 30 e0 d0 e0 cf 3a 68 6b a0 bf fc 65 41 78 39 d1 18 b6 6f 07 1b fd 80 2e 6d cf 98 93 ee ee 37 2a b0 e4 47 17 82 b2 c7 11 09 85 4c 12 92 cc 96 80 3f 42 d8 65 Data Ascii: o+g 0wmA7P`5KFdK`L_^L"3(qp;L$;I";h,y\|st6lZn_ICoI(wCpEvN)cNEB%i59?;,0:hkeAx9o.m7*GL?Be
2023-04-18 11:25:41 UTC	24341	IN	Data Raw: a2 87 02 0b 98 33 63 46 62 01 09 92 11 6e 0c 23 ae d4 a6 cd dd b3 99 32 4d 5a a5 7a 8e 9f 39 6e 57 a5 55 70 09 36 82 11 8a 30 64 7a 8b 80 d2 9a 13 97 a0 98 6d 03 41 c8 08 c6 0a 42 2f 52 00 81 12 71 d9 91 32 bd 88 34 fd 8f 04 73 2a 5a 60 65 53 26 89 39 d9 26 e7 80 9c 53 46 2b ab 35 28 c8 07 18 16 69 45 80 f2 e5 b9 63 2d 03 81 fc 0a 62 2d 32 20 7b ff 01 a5 7f ff 69 18 f8 d7 df 64 e1 40 01 c9 35 f9 1d 00 81 82 0c 42 b0 60 06 6f 34 b3 a0 83 0a 4e a8 e0 30 df 49 a0 43 07 40 c9 f3 47 4b f0 0c 54 81 3d 84 34 f0 21 21 68 40 62 00 41 fb c0 53 81 41 08 5d e1 82 1f 20 00 44 10 08 99 5c 41 91 34 20 20 12 40 1c 65 04 e0 d3 03 28 fc 11 13 1c 71 c4 a4 64 1c 72 c4 14 24 88 ef bc 44 88 92 53 46 42 25 90 f4 d5 38 0f 41 14 18 a1 83 0a 7f bc c0 c9 8a 4a 65 f1 87 99 91 44 00 Data Ascii: 3cFbn#2MZz9nWUp60dzmAB/Rq24s*Z`eS&9&SF+5(iEc-b-2 {id@5B`o4N0IC@GKT=4!!h@bASA] D\A4 @e(qdr$DSFB%8AJeD
2023-04-18 11:25:41 UTC	24357	IN	Data Raw: 01 ab da aa ac fa aa ae da aa 45 1a ab af ca 92 b0 0a ab b0 f5 07 b4 ba aa b3 98 00 bb da 54 cc f5 11 6a 59 91 8b 49 21 5a 65 a1 42 c0 a5 30 20 03 90 82 03 38 e9 03 5e 1a 3a 95 27 04 58 54 a7 2e 00 29 85 a5 2c 30 00 a3 c6 22 03 06 50 a8 cb 02 ff 29 a3 79 2f 5f 8a a0 0a 8a 00 67 6a a7 56 00 03 9b 5a 2d 67 c4 ad 1e d3 a8 8a 62 02 f6 66 80 cc 0a 2c 93 99 00 62 85 57 29 03 03 d0 42 41 90 29 04 01 3b a9 62 3a 93 43 b3 00 f5 0a 05 cd 6a 5d 02 a3 96 a5 3a 1b b9 82 09 ec 10 01 57 50 b1 16 7b b1 18 9b b1 e0 97 b1 15 eb 0d 14 cb b1 26 c9 b1 57 50 9e 22 4b a5 3a 32 12 69 59 08 cf a8 2c 9b b3 00 2d 6b a7 f8 49 79 be 72 88 16 8a 45 98 62 3a 29 20 03 58 94 02 db 7a 15 39 eb 03 85 fa 01 1e b4 39 a7 78 ae f7 7a 88 f7 32 34 c4 03 9c 90 d2 b2 3e 10 8f e1 ea b2 cb b2 39 32 Data Ascii: ETjYI!ZeB0 8^:'XT.),0"P)y/_gjVZ-gbf,bW)BA);b:Cj]:WP{&WP"K:2iY,-kIyrEb:) Xz99xz24>92
2023-04-18 11:25:41 UTC	24373	IN	Data Raw: 18 33 ad c2 db 25 72 78 38 08 9e 2a 6a f2 5f 7e f9 1d 10 00 32 1a 70 d2 25 24 a1 bd a2 01 15 4e 45 05 cc 31 f4 a0 10 27 3a 33 dd 19 5b 00 7e 70 52 a9 96 5b 12 e2 27 a6 bf 30 d1 86 20 49 72 52 46 19 bf 84 58 48 1c 65 36 12 07 04 89 06 20 9c 93 d9 bc 13 cf b1 15 99 99 60 5a 01 24 81 81 b3 49 44 fb 87 0b ba 12 76 69 23 b9 bd a2 c2 40 86 a4 fa 87 1f 9d a5 ea 2d ab c1 34 32 ae 24 15 dc 19 8e 53 6a ea 07 4d 0b cd f4 4a d8 9f 82 e4 b8 ea 20 2a 44 ab ef be d1 6e 4b ae 2a 3c 0e d2 99 21 18 54 80 c1 bd 82 08 cb 68 3a 95 a8 e0 b0 bf 7f 54 30 c3 c3 0e 0f 82 01 ff a3 ee f6 37 af ab 87 3c 92 e3 0a 71 10 62 e8 55 49 40 41 30 2c d5 12 a2 42 c0 fd 1d c0 63 67 e9 42 e6 1c 06 01 d4 3c a9 c5 3d d8 2c ac 20 18 e8 03 af 35 35 66 22 89 0f 91 ac 57 48 22 f6 16 32 f2 55 2a 0c 3c Data Ascii: 3%rx8j_~2p%$NE1':3[~pR['0 IrRFXHe6 `Z$IDvi#@-42$SjMJ DnK<!Th:T07<qbUI@A0,BcgB<=, 55f"WH"2U<
2023-04-18 11:25:41 UTC	24389	IN	Data Raw: 2b 5d 0a 94 64 9a a5 b7 80 2b 81 f2 1b fa a2 59 cd f5 07 4c 47 08 4e 10 75 b1 f9 07 a5 f9 07 4e 60 8e 97 50 02 06 a7 41 45 d0 a7 45 50 03 20 82 0c 8c 06 11 6c 0a 76 93 06 3e 04 d4 9b 12 c0 69 ec 32 2c 62 26 07 34 e0 83 3d 52 01 09 d0 5b 9f 16 83 c0 f9 9b bf 99 24 8b aa a9 7a a7 ff 59 f4 c3 22 ff 10 78 93 e7 07 1a 80 7d 93 50 14 01 b0 24 0c 14 00 2a b0 9e 77 35 9c 53 c9 85 0e f1 78 a7 b7 5a 0d f5 89 03 70 41 3d 90 31 9e 27 0f 04 da 9b 28 63 7a 2f 49 51 f0 d0 23 1e c3 80 ff 72 42 9e e6 00 17 c0 03 20 00 23 1a 7a 12 1d 6a 0b 1d c1 35 42 b9 61 a6 7a 43 e3 78 43 4d 59 23 3d 50 6b 8e d5 a2 59 89 53 e6 6a 8a f2 81 5b 07 08 01 d1 a8 7d 6b 74 00 ad 92 8e 32 7a 96 6f 02 5c d6 c0 02 63 a1 70 66 91 02 ea 37 97 d1 b8 a4 89 53 17 77 39 1a 78 51 99 fd 91 66 99 c1 36 5c Data Ascii: +]d+YLGNuN`PAEEP lv>i2,b&4=R[$zY"x}P$*w5SxZpA=1'(cz/IQ#rB #zj5BazCxCMY#=PkYSj[}kt2zo\cpf7Sw9xQf6\
2023-04-18 11:25:41 UTC	24405	IN	Data Raw: 18 2c c8 b4 e7 64 e7 77 75 fb 5f 0c b2 bd ed 6a 87 f2 d1 cb c9 d0 0d a0 15 ef f9 6e ad 3c 9e 0e d7 aa 5f 5a c2 b3 a3 c1 09 7a fd 6b a7 f5 43 30 30 90 c0 af 73 0c 03 15 d4 a3 51 b1 87 81 d9 73 2b 58 56 5b 7e ed 6e e7 38 dc 5b 4c 81 30 b1 e0 03 13 fd c1 c8 a7 cd 7c df 8e de 05 30 70 be 65 f3 64 28 d5 c3 80 d2 81 59 2f a5 ab 52 ab ea ab fe d7 5a c9 81 01 52 86 0b 1c 48 7e a2 80 f5 ef 0e 24 09 03 3d c3 bb cf a8 06 81 0e 02 4d 88 0d 58 19 f4 f9 96 05 f4 13 90 6f fe 4b f2 ba b5 e0 3c b0 10 4c 85 70 05 a1 c5 22 55 81 75 d3 a1 0f 55 97 0f 8b 01 20 b3 31 76 92 92 4e 5c f5 03 40 a0 7c 6b a7 71 1a b8 62 da 25 65 4c 20 7f 85 f0 6c 17 38 72 4c 57 72 be 45 63 4e f0 07 4c e0 02 fc 97 6f 2e e8 82 b0 80 41 00 68 33 b0 f0 03 38 f0 1a ee 23 ff 18 09 e8 1f 0c a8 0f ac 91 27 Data Ascii: ,dwu_jn<_ZzkC00sQs+XV[~n8[L0\|0ped(Y/RZRH~$=MXoK<Lp"UuU 1vN\@\|kqb%eL l8rLWrEcNLo.Ah38#'
2023-04-18 11:25:41 UTC	24421	IN	Data Raw: ac a0 96 50 78 a6 34 a1 00 3e 08 44 f3 9a d3 5c 41 b9 08 70 9a 15 d0 8d 09 1d 10 4f d2 30 08 3c 3c 28 22 0d c4 50 84 30 d2 80 86 3f a4 81 0c f0 9c 80 ff 7a 81 9f 3f 5c e1 9e f8 bc a7 4a a8 e1 82 70 fc a2 03 53 02 10 05 39 37 83 19 30 71 38 05 ed 50 83 c8 39 03 ae 39 f4 a1 25 ff 24 e7 1f 98 a0 23 8a 4a e3 5f 0b c1 99 2f 22 a0 88 08 24 60 47 44 ba 00 75 ca 10 85 9f c5 c1 17 1b 39 1a 66 10 40 8e 51 38 ad 49 11 c8 c2 1b 5a 30 00 03 44 b0 7e 27 08 d9 50 e8 68 94 9d 0a 65 03 57 dc 40 c6 88 d3 8d af e5 20 07 39 d5 62 3f 72 5a 86 39 1c f5 a8 59 d8 c1 15 a7 2a 55 20 18 40 94 90 b9 5b 1c c1 72 12 90 d1 84 4c 5e 4d 4b 22 21 67 81 44 c9 a5 a9 7e 48 02 12 7a 90 4a 05 20 72 8f 88 52 c0 1b 30 40 96 72 68 60 85 23 68 41 00 5c f0 86 35 b0 e1 04 16 28 42 9a a6 11 0d 05 0c Data Ascii: Px4>D\ApO0<<("P0?z?\JpS970q8P99%$#J_/"$`GDu9f@Q8IZ0D~'PheW@ 9b?rZ9Y*U @[rL^MK"!gD~HzJ rR0@rh`#hA\5(B
2023-04-18 11:25:41 UTC	24437	IN	Data Raw: 67 59 d1 ce 3f 15 f1 cb 87 38 80 3a 33 a0 d9 3f d4 13 11 a6 6a 9e 24 2a 40 81 19 ec f3 0f 3f 20 46 05 40 d0 00 83 36 40 03 78 d6 00 a6 88 8a 50 17 68 80 05 7f fe 83 06 7c 90 04 2f 22 a0 08 73 54 ee 71 d9 58 bf 0e 98 aa bb 46 60 03 1c a4 d6 5d 72 e1 ab 03 0e 90 74 78 2b 80 01 23 60 e0 d3 9f ce 2e 1b 03 60 84 55 3d ee 38 8f ae 1c 0c 6c 67 94 68 3c 2d 08 87 e0 80 7c 99 79 08 38 18 19 11 45 98 83 02 1c 33 82 11 d4 c0 74 0e 0a 2a 42 f5 1b d4 0b f2 2a aa 6d 08 c0 c6 6c 17 09 4d c6 e3 57 4d bd 81 01 22 bc ea 55 de b5 0d 56 d5 9c ec 38 9c b7 63 26 42 ad b8 20 71 24 dc 8a 1a 53 e8 15 44 08 c6 04 b8 9b 9d d7 5d 4a 95 af 90 b8 f6 89 1b 81 80 c1 ce 52 87 2e 18 c3 1f be 40 eb 3f d4 97 9c e4 74 e3 20 d8 b0 ff 06 24 eb a8 11 ea 63 66 19 ea eb 46 81 97 01 67 6c c0 a6 c0 Data Ascii: gY?8:3?j$@? F@6@xPh\|/"sTqXF`]rtx+#`.`U=8lgh<-\|y8E3tB*mlMWM"UV8c&B q$SD]JR.@?t $cfFgl
2023-04-18 11:25:41 UTC	24453	IN	Data Raw: 41 44 95 33 03 40 35 72 49 3d 70 e4 52 57 d5 08 1f 34 09 49 b8 c8 38 6c 1b 55 18 e9 81 04 58 c0 37 16 88 a8 9e 3d 54 c4 4a 15 fb 52 1d 70 d5 a5 f7 0e 4b 2a a0 50 ca 3f 94 aa 05 37 a5 ab c0 a5 9b 62 53 64 d9 63 18 b9 eb c4 ef 48 cb 0f 40 a2 cc 1b f7 38 4c ff c0 55 42 d0 34 e4 a7 70 ab 74 f7 0b 85 f4 2d c2 da 76 5e 79 c1 0b 4e 05 fe 1c f8 e9 4f 1f 34 a1 4f 69 08 e7 a1 03 da 15 2e 8f 69 7a 5d 5b dd 16 62 00 ea d6 39 c7 41 ce f3 b2 03 dd 14 03 1f 04 aa f9 cc 88 e8 52 7b e9 2c 5f 05 65 15 21 81 90 61 d9 1b 44 5e 18 b8 c7 21 e1 41 b8 e0 47 28 ad 80 d8 06 41 66 ff f8 76 5c b1 65 27 fb d9 83 4e 88 63 aa a2 da 45 8d 7c e4 93 fb 0a a5 1f 77 05 45 f7 8e 23 f4 21 5a 6e 33 cb 1b 2d 90 66 b2 05 81 6c 37 9e 03 74 18 f0 81 df af 57 cf c6 31 17 d9 2a 60 02 7c cd bc ee b1 Data Ascii: AD3@5rI=pRW4I8lUX7=TJRpKP?7bSdcH@8LUB4pt-v^yNO4Oi.iz][b9AR{,_e!aD^!AG(Afv\e'NcE\|wE#!Zn3-fl7tW1`\|
2023-04-18 11:25:41 UTC	24469	IN	Data Raw: 7b 5e 64 f2 06 73 60 b4 85 f0 25 48 31 6d 7e 70 ff 27 14 01 01 8a fb 25 52 7b 11 fc e8 b5 56 6b aa 93 2a 07 34 70 bf 5a 62 00 2a 82 04 26 85 bf c0 90 31 6f 3a 92 b8 2a 04 d2 30 03 68 2b 61 b9 c7 b6 04 c0 46 84 50 27 c6 aa 87 1a 1c 0e 7f e1 63 2b d0 37 c4 f8 07 19 fa 61 53 f9 6f c3 8a 56 6c f4 7f 19 7a 7e 54 00 c2 6d 94 a1 e8 67 64 9b d3 14 e6 2a 49 f3 c7 19 20 50 87 03 50 98 aa 83 ba 3d 5a af a7 8b ba c0 b1 ba 3a d7 ba 91 24 7f 97 d1 59 4a 4c bb b4 9b 5a 4c 00 7f 06 f0 07 33 12 23 bc 2b 5e f5 91 4c 02 32 3f a7 49 bc 22 38 3f 0f d0 a0 0f 96 90 07 41 20 23 3b 4d cf 2b 5e 32 33 a8 8c 5a bd 7c 5a 5d 07 d5 c6 e1 05 03 2c 90 83 65 4c 1f c4 f2 02 3c 1b 90 86 aa 50 c1 60 33 52 9b b4 82 10 9e 66 42 26 f2 ab 02 72 fa 02 17 99 bf ab f0 02 e0 89 23 42 f0 6c 3e 90 31 Data Ascii: {^ds`%H1m~p'%R{Vk4pZb&1o:0h+aFP'c+7aSoVlz~TmgdI PP=Z:$YJLZL3#+^L2?I"8?A #;M+^23Z\|Z],eL<P`3RfB&r#Bl>1
2023-04-18 11:25:41 UTC	24485	IN	Data Raw: c7 07 ad dc 20 08 7a 82 90 f9 87 99 03 ae f9 22 99 6a b6 69 e6 98 6b a6 59 27 9d 66 9a a9 26 99 79 d6 39 27 9f 77 ee 39 88 9a 73 fe 69 67 9f 74 b2 c8 22 79 2b 8e 97 c3 3a ae 30 f8 da 84 12 56 5a a1 a5 90 09 52 99 8b 9e 69 d8 a9 02 1f 7e 3a e2 86 1b 86 1a aa 86 28 9a e8 d9 a6 2f be 98 29 21 8d b5 32 63 8d b4 fe 61 a3 ad b8 e6 72 23 90 bc f6 ca 63 2b 23 09 12 85 af c4 16 0b cb 2d 7f dc 43 08 0b ae c0 f9 e2 0d 64 8e 57 1e 81 e2 0d 68 9e 8b e3 b1 f7 c1 b5 ae 9e b7 ad b7 ea e5 f7 9e 81 67 ba f8 5e 7d f5 61 4b 6e 8c e5 89 6b 2d 80 db de 40 83 bc f4 be 17 ef bc 09 be 22 29 6d b0 d5 e6 ef bf b2 95 0b 63 68 aa 92 8a ea 8a 29 1e ac a2 a7 2c 92 e6 f0 6a 10 3f c8 5a 8e b3 e6 12 30 ff 2e 3d 1a ab 31 b1 43 1c 30 c8 0b cb fc f1 1c 03 c8 12 42 f2 c9 1d a0 ac 72 ca 2c af Data Ascii: z"jikY'f&y9'w9sigt"y+:0VZRi~:(/)!2car#c+#-CdWhg^}aKnk-@")mch),j?Z0.=1C0Br,

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:40 UTC	24128	OUT	GET /get-image/0xmAGT9KS9C HTTP/1.1 Host: si1.go2yd.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:40 UTC	24129	IN	HTTP/1.1 200 OK Date: Tue, 18 Apr 2023 11:25:40 GMT Content-Type: image/gif Content-Length: 117593 Connection: close Server: Tengine X-Application-Context: application x-kss-request-id: 9a211df897c146b99866a236ff549e2f ETag: "c4caa37b717580e8594587f32ca86470" Content-MD5: xMqje3F1gOhZRYfzLKhkcA== Last-Modified: Thu, 10 Feb 2022 15:30:06 GMT Accept-Ranges: bytes Age: 1 X-Via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:15 (Cdn Cache Server V2.0) X-Ws-Request-Id: 643e7e34_PSdgflkfFRA1gi91_23536-57517 Access-Control-Allow-Origin: * Ws-S2h-Acc-Level: 1
2023-04-18 11:25:40 UTC	24129	IN	Data Raw: 47 49 46 38 39 61 80 02 c8 00 f7 ff 00 d6 dd eb fa ef ea ea c6 b8 aa 79 6d c8 9b 90 e9 b5 97 88 77 01 bd c9 d7 ff fd 00 ad ba c7 49 2e 26 71 56 4b 94 00 ff c9 bd bb f9 d6 bb ff 00 e8 dc b6 a8 fe 60 f1 76 6f 6a 0a 17 c6 a9 00 ff ff 54 96 fe eb 01 e8 bc ab cb a5 99 ff 6e 78 af 6f 57 8b 63 55 32 2a 2a 4d 4a 45 e7 ee f9 cc c6 c8 dd e7 f2 d6 cc cb bb 94 8b ed dc d9 f6 e7 e0 0c 09 07 95 84 79 d7 ac 99 00 fe ff fe d9 00 c9 ce da 97 8c 85 77 65 57 ce b9 00 ed d6 ca 4f 54 d2 f3 b2 32 9b a8 b1 bc ac a8 aa 84 79 b8 88 77 88 73 68 31 24 0d da d7 da ba a5 99 ff d3 ff f6 ce b6 8b 56 43 a8 9c 95 da c9 00 ba 9c 93 b9 c6 d0 62 00 a1 aa 8a 83 fe b1 fa dc c6 bc 98 73 69 60 9f fe 35 ef 77 cc 00 f6 56 3e 33 ff 8b f7 ec ce c1 99 7b 73 9c 94 94 aa 96 01 b7 8c 85 ec c6 aa b0 29 Data Ascii: GIF89aymwI.&qVK`vojTnxoWcU2**MJEyweWOT2ywsh1$VCbsi`5wV>3{s)
2023-04-18 11:25:40 UTC	24130	IN	Data Raw: d8 8c 71 da e7 e6 e7 ff 39 d1 c6 ff 11 e6 fe e9 b6 8a a9 d5 ff 3a ff a9 c2 a0 00 9c 00 ff 00 00 00 ff ff ff ff ff ff 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 ff 0b 58 4d 50 20 44 61 74 61 58 4d 50 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 33 38 20 37 39 2e 31 35 39 38 32 34 2c 20 32 30 31 36 2f 30 39 2f 31 34 2d 30 31 3a 30 39 3a 30 31 20 20 20 20 20 20 20 20 22 3e 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d Data Ascii: q9:!NETSCAPE2.0!XMP DataXMP<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c138 79.159824, 2016/09/14-01:09:01 "> <rdf:RDF xmlns:rdf=
2023-04-18 11:25:40 UTC	24146	IN	Data Raw: 57 35 54 53 b5 55 67 b5 25 63 75 92 51 2f 0c a4 82 16 38 02 f4 a6 72 fa d2 9c 31 ca 6c 2c ab f2 ca 5e 66 cd 49 96 33 e6 dc 27 dc 2f 8b 48 23 cf 4d a3 42 96 96 e1 fc 6f 68 35 e0 69 19 f0 01 3b ed 02 3f 33 17 70 41 01 08 40 39 40 d2 3d 92 e0 65 99 03 3a 10 81 06 28 01 1d 40 ea 3d ba 80 06 2b 09 e7 9c dd 07 eb 40 33 3c 81 da f9 ff 40 37 d3 40 32 cc 00 73 6a 67 75 09 c0 ed 2c 24 ef 2c 60 34 15 ce 0c 9f 00 01 4c 64 78 d9 5a 46 e6 70 de f2 30 a6 e8 ed 79 da 2a a5 9c 0a 6f af 17 41 67 02 34 ec 00 4c 0e f7 41 1b b1 11 c3 64 48 fc 67 81 46 1b b4 7d 1e 45 b7 cf 45 6f f4 b5 72 f4 e7 7e 2e c7 80 0c 46 7f 0c 3c 5c 31 51 6e 77 b8 2a 54 11 a8 f4 3d 7c c1 17 30 06 0b bd 58 ba b6 c3 35 0c 02 08 04 82 07 1c df 38 78 40 20 90 54 87 a9 5b 3b 70 e2 03 1d 22 56 b0 d0 3a b8 03 Data Ascii: W5TSUg%cuQ/8r1l,^fI3'/H#MBoh5i;?3pA@9@=e:(@=+@3<@7@2sjgu,$,`4LdxZFp0yoAg4LAdHgF}EEor~.F<\1QnwT=\|0X58x@ T[;p"V:
2023-04-18 11:25:40 UTC	24153	IN	Data Raw: 8d 32 9f f2 41 a9 0c 15 18 c2 98 46 51 89 9b db a3 7c f8 a8 48 4d ea 6e 95 a1 0c 65 32 a5 36 ba fc 0d 2f 9e aa 0c e1 44 65 38 43 21 0a 35 35 50 15 6b c8 f0 1a c9 c1 ca 36 b3 aa d5 e5 6c 55 1c df e0 aa 57 c4 81 47 e5 70 33 3a e8 90 ce 74 c5 2a 56 ff 1c 94 c5 2c ec 89 8b 5e f9 a2 9e 1d f3 15 3b d7 85 0f 40 cf ea 0e 1d f1 65 47 ea 09 2c 8f c9 6b 50 ef fc 78 af 23 04 12 8f 84 2c e4 81 fa 38 2f e6 29 f2 8e fa ba 1d 86 0e c9 0f 40 46 ef 79 0f e8 64 27 9f 57 85 e9 d9 8b 1f be b3 9d b8 e6 35 c9 4d 7a 72 95 dc 13 a4 bf f6 58 2e 0d 95 6f 96 e9 bb 51 c4 6e 89 cb f7 b5 48 22 2d 0a 01 8b 7c 49 23 f2 11 44 47 0c 79 c8 08 34 66 33 23 49 83 65 47 1a 60 01 69 76 82 02 40 c0 49 5d 68 49 38 62 c2 40 9b a0 83 27 3c 59 8a 4f cc 01 0b 0c d0 a1 69 11 bb a0 53 94 00 11 33 60 60 Data Ascii: 2AFQ\|HMne26/De8C!55Pk6lUWGp3:t*V,^;@eG,kPx#,8/)@Fyd'W5MzrX.oQnH"-\|I#DGy4f3#IeG`iv@I]hI8b@'<YOiS3``
2023-04-18 11:25:40 UTC	24160	IN	Data Raw: 1b 2a 41 7f e9 82 0b e8 82 2a 63 3a 25 28 87 66 a0 81 13 60 ba 23 b2 0c 2f 43 ba ce 48 90 19 98 0d 17 10 80 6f 98 01 01 80 0b 37 4b 0d af 43 99 93 91 0d da a8 1a fa 68 99 31 ea 0d a7 c1 01 e0 80 c2 33 12 81 3e 40 bc 29 cc 99 9c 19 34 9e 99 23 12 42 34 bb 4b b4 49 72 82 3a a8 03 f4 58 1a f5 c0 05 c1 fa 0d d0 aa b4 aa 39 06 d1 c2 34 ad e9 1a af e1 34 4f 93 24 b3 a9 a4 51 43 10 d8 7a 9b 54 a3 2d 56 23 83 59 90 9b b9 b1 9b e2 62 25 54 12 91 5b 08 2e df da 90 ce db 1b 57 82 91 4e a0 11 06 f8 9f 1b 59 2e 5b ff 81 83 f9 61 88 d8 8b bd 8b 20 16 50 d8 9d 63 6a 1f 97 e8 27 ef 7a 15 73 b3 00 1f 49 05 18 28 27 23 71 15 82 c0 3f 87 32 26 70 d3 83 71 5a 30 ec c3 92 62 d3 03 64 83 83 3e 99 1f 4b e9 b6 e3 6b 94 5b e9 28 d9 ab 13 dd 51 13 f0 29 15 04 60 a6 50 34 a6 0e b3 Data Ascii: Ac:%(f`#/CHo7KCh13>@)4#B4KIr:X944O$QCzT-V#Yb%T[.WNY.[a Pcj'zsI('#q?2&pqZ0bd>Kk[(Q)`P4
2023-04-18 11:25:40 UTC	24170	IN	Data Raw: 5c 04 91 cd 8a 59 6b 1c ac c8 99 cb 19 36 45 94 70 23 a8 55 e7 3a 55 d8 4e 16 ba 70 b6 31 b4 ed 0a 66 30 37 b8 2c 63 ca 75 d3 a1 5c 7c fb c3 df e2 ad 06 79 61 01 61 7c b0 04 3f a4 aa 03 8c 21 1c 13 11 47 99 e8 36 d4 32 82 e9 00 44 15 1c 2e 7e b4 b4 38 d0 61 8e 74 1a c1 5d 33 66 1a be 3a 0d b5 47 7f 13 6a 9d 9a 8b d4 90 a3 68 68 6c ca 9d e7 70 97 d5 ad 1e ce ab 4f 4d b9 59 af ba d6 b6 36 63 4b 4d cd ad e8 a8 5a a6 43 a5 29 05 3a 1d 46 5a 67 c7 d7 bb 50 ea 0e 78 19 ed a4 02 a8 40 fa e2 97 23 19 94 07 07 49 23 c3 cf b3 90 84 14 46 3d 10 6f 95 45 1f 0b eb 56 55 2c ff be 14 8f 8f ac ec 06 d9 f9 46 3c a5 18 89 b9 19 e1 00 d2 fd e2 14 0e 01 10 60 0e 7d f0 48 1e be 91 0c 05 14 d9 c8 8a 71 86 2f 95 fc 43 27 4f d9 99 9a 72 ac 95 65 02 35 a8 59 d3 2a 15 3f 21 09 4f Data Ascii: \Yk6Ep#U:UNp1f07,cu\\|yaa\|?!G62D.~8at]3f:GjhhlpOMY6cKMZC):FZgPx@#I#F=oEVU,F<`}Hq/C'Ore5Y*?!O
2023-04-18 11:25:40 UTC	24176	IN	Data Raw: 6e a9 40 43 19 5b 81 06 d8 6a b0 04 3b 2c 61 6c 96 27 5b d9 98 e0 86 5e d8 18 a9 6c 63 85 8e c5 68 2a 42 84 15 8e 71 40 6b 09 e2 90 fa b4 b2 7e ca 71 b0 81 0d 4e 6f 83 d6 a7 95 b4 7a 9c b2 9a 85 bc fb c7 92 92 b3 c0 0f 3e c3 09 c1 8f 23 7c ce e2 5e 95 fd ec 5d 5f 7b 8b af be f9 b9 64 bd ed d7 8a 7b 35 ea 1e f9 bd 4f ec f3 91 1f 65 58 c2 4e 34 dc f8 f8 c7 07 10 f2 42 10 af 98 7b 2e d6 6a 6e fb e7 39 d4 a2 16 84 d6 0d 29 0c 6d ad 6f 79 0b 7c 05 c0 07 29 f0 d1 cd e4 16 bd d3 f1 a2 69 d9 e4 4e 04 78 2f 00 18 1d d4 c5 4f 47 b7 1e f2 92 2f fe b4 3f b5 26 6a 10 30 00 34 70 01 00 05 0e e1 20 75 e6 80 0e e5 50 0e e1 50 5e 9f 06 22 02 f2 21 66 f0 5f 07 d3 3f 1f 63 5f 22 83 10 2c 58 32 21 e4 5f 33 62 11 c1 16 52 ff 04 26 52 35 53 33 72 d7 23 26 a5 33 28 f5 42 77 b7 Data Ascii: n@C[j;,al'[^lch*Bq@k~qNoz>#\|^]_{d{5OeXN4B{.jn9)moy\|)iNx/OG/?&j04p uPP^"!f_?c_",X2!_3bR&R5S3r#&3(Bw
2023-04-18 11:25:40 UTC	24177	IN	Data Raw: 41 4a 9a 54 76 07 fb 60 a8 99 7a b6 08 40 09 a5 68 a4 56 8b b6 67 db b5 72 d8 02 54 1b b5 82 90 02 74 9a 02 4d 1b b5 a0 40 09 91 79 7a 7d 23 38 9e a4 00 4d 50 b5 60 e9 b5 ff 9b 89 a6 5f 2a 08 2d 70 a6 2d 60 a8 7c 5b 97 4d 60 88 9d 68 9a 48 da 86 5f 9b b6 85 eb 6f 77 10 06 98 ea b6 40 9a 87 4d f0 a9 56 ea b6 94 b0 0f 71 48 8b 43 7a 08 47 99 b6 2d c0 86 80 ea b9 68 6b 01 8d 99 4b b1 1a 3c bd d8 74 b8 5b 9b b7 79 67 ba a9 3c bc c9 1a a3 90 0c cb d4 7e b9 31 2d d5 28 8d a4 20 2d 92 b0 05 7d 40 00 7d 20 09 bd 01 01 39 47 ad da 0a ad da ca 0e d9 ea 9c cd c1 1c 02 c0 bd d4 da 9c db 1a be df 04 2e d0 0a ae 9b 06 2f db c1 1e dd 51 2f de 48 30 f1 89 21 fb 61 0e 43 20 02 6a 60 0e f4 a8 9e f2 da 9e 19 02 9f e3 79 af 29 42 9f 43 70 af 10 80 01 34 33 6b fb c9 10 0e b1 Data Ascii: AJTv`z@hVgrTtM@yz}#8MP`_*-p-`\|[M`hH_ow@MVqHCzG-hkK<t[yg<~1-( -}@} 9G./Q/H0!aC j`y)BCp43k
2023-04-18 11:25:40 UTC	24190	IN	Data Raw: b8 10 8c 7b 95 56 5a 65 55 02 38 e7 70 95 4e ba ea 20 50 e4 3a 2f 84 ed 2e 04 f0 c2 1b af bc 64 e5 3b 6f bd 4f da 7b 0f 3c f4 7a 83 f6 be fc f0 6b 70 c4 11 cf f8 af 81 33 b6 f5 96 c0 33 0c 24 b0 81 01 21 3c d7 41 12 fd d3 50 43 12 09 9c b0 c2 0c 43 f4 4f 8c 6c df 35 71 c2 7c 03 02 00 21 f9 04 05 32 00 ff 00 2c 00 00 00 00 80 02 c8 00 00 08 ff 00 ff 09 1c 48 b0 a0 c1 83 08 13 2a 5c c8 b0 a1 c3 87 10 23 4a 9c 48 b1 a2 c5 8b 0d 17 74 20 83 a4 a3 82 8f 0a 3a 22 21 33 6b 01 b3 05 2c 50 b2 58 c9 b2 a5 4b 97 28 63 a6 5c 40 b3 a6 4d 9a 2e fd f8 a9 21 a1 c6 ce 9d 35 6a b8 11 4a c4 8d 51 37 4b 90 9a 58 b2 d4 84 53 13 41 58 c4 29 51 22 8e d5 aa 54 ab 4e 9d 9a 15 ab 55 ab 36 e2 84 15 cb c1 86 8d b2 67 39 80 44 12 b2 ad 8d 8f 66 c5 8e d5 0a 0f de 57 bb 76 e3 dc ba 85 Data Ascii: {VZeU8pN P:/.d;oO{<zkp33$!<APCCOl5q\|!2,H*\#JHt :"!3k,PXK(c\@M.!5jJQ7KXSAX)Q"TNU6g9DfWv
2023-04-18 11:25:40 UTC	24191	IN	Data Raw: 41 cb 8f 41 27 64 bd 84 1d 2e 77 a9 32 1c 8e 67 65 e3 79 5d 30 8b c9 d3 9e fa 14 54 34 23 5e cf 90 87 84 3b b0 0a 27 54 74 26 ac a4 47 2b 2c 22 ed 42 db a3 1a d5 92 22 c6 ab 09 6b 09 e5 0b 67 38 bd 22 36 73 9e e5 7d ce 98 a3 db b4 f8 4e 79 9a d5 ac ef 74 e7 db ee b9 00 91 e8 45 46 00 fa 19 bf 0e c9 01 80 c6 2b 30 4b 22 20 65 ea 75 0b c0 41 46 5d 8f 31 d2 5f 34 33 0b 4b 42 74 82 b3 e0 8d 29 b2 81 c1 33 b5 86 83 1f e4 e8 6c 00 45 42 13 ee 06 85 7c 7a 2c 0b 01 35 a8 42 79 0c 64 89 92 e9 4d 75 29 9e da 95 b6 3b e1 29 ad a5 c8 b3 b1 9f ba f6 b5 b0 bd 88 04 84 4a 92 7b ff 36 71 23 ad 3a 89 52 95 ca d4 04 e5 aa 8a 12 92 da d4 a4 6a 14 ef 89 91 58 35 e0 9a 56 d5 98 be 16 3d ab 47 21 b9 96 db e2 79 d6 ea 5a 77 8f f6 b3 96 80 3c 82 25 0e 20 61 3f 1d 99 eb 93 ee da Data Ascii: AA'd.w2gey]0T4#^;'Tt&G+,"B"kg8"6s}NytEF+0K" euAF]1_43KBt)3lEB\|z,5BydMu);)J{6q#:RjX5V=G!yZw<% a?
2023-04-18 11:25:40 UTC	24196	IN	Data Raw: ff a1 42 10 2a 1a 64 d0 c1 06 23 94 70 42 0a 2b b4 f0 42 0c 33 d4 d0 42 05 2f 34 c8 82 53 fc 93 40 a1 11 1d 12 09 22 c9 98 59 00 a3 8e 90 e8 00 09 8c c8 50 f1 25 92 4c 3a 89 a1 93 52 5a 08 b0 96 4e 62 61 03 1f 65 a2 69 26 ca 46 f2 03 a7 9c 76 ea 89 a8 a1 74 e1 c9 0d 20 fd 58 40 2d 0e 9a 22 ab 29 a9 a8 1a eb aa ac 04 c3 8a 85 4c 32 01 0b 1a c1 b4 1a 8b 0c 8d 60 b4 48 21 99 34 da a0 86 98 c0 92 8b 88 19 ea 78 04 87 3a 56 58 a2 86 af 7e d4 68 1a c3 14 e8 c0 86 c5 24 60 86 83 12 4a 98 ff 4a 4b c9 50 92 a0 83 cd 2e e3 cc b3 49 47 eb 8c 33 d2 a6 59 e2 18 43 98 71 8d 35 d7 64 03 95 b6 d9 66 51 a6 97 67 78 53 d5 b7 df 84 13 8e b8 e1 8c d3 6d b7 f4 62 00 84 0d 53 a0 93 80 11 36 a8 4b 40 38 59 77 a3 a6 56 5b d9 f0 4e 93 f0 88 19 2f 0d f9 da 63 ef d9 f8 de 7b 2f 5a Data Ascii: B*d#pB+B3B/4S@"YP%L:RZNbaei&Fvt X@-")L2`H!4x:VX~h$`JJKP.IG3YCq5dfQgxSmbS6K@8YwV[N/c{/Z
2023-04-18 11:25:40 UTC	24207	IN	Data Raw: 7b 79 ff c9 8b 33 c8 d0 b2 96 d1 20 08 4e 80 45 3c d4 e7 83 f4 71 12 6a 73 12 da 63 84 d6 99 cf e8 29 33 66 b0 0c 65 f4 f4 8f cc c4 0f 4f 7b c8 4c 03 04 f8 34 a9 39 6a 05 76 c0 9d 1d aa d2 37 ad 74 45 02 7e f8 9b 92 b6 e6 29 b2 81 ca 6d cf 89 1b 07 35 08 9e 5b 9c aa 1f f0 08 e1 08 d9 26 1e 09 60 e2 03 7b b8 41 08 1e d1 8b 0e f0 46 58 95 1a 1c b1 ea 33 9f f9 30 03 37 6c 50 d6 0d d9 c9 38 6f 3d 2e 41 d1 fa 21 43 34 a4 09 46 10 f1 19 c4 48 03 85 2a 14 39 6a 64 68 43 cf 78 e2 87 44 e7 2e d3 19 d4 8a 56 14 e3 4b f8 c5 92 33 a2 f1 a1 39 79 c0 19 29 9a c6 94 ac b1 24 59 7c 91 45 55 b7 c5 34 4e d4 a2 13 d5 09 47 bb 48 52 90 ee a4 76 ed 99 8a 09 74 97 14 13 2c 83 8e 73 04 5e 1e 85 34 16 3e 1e 89 2b cc f0 8a 30 c3 62 c8 b2 34 8f 90 62 89 d2 5a b0 44 3c ba 6c c0 2b Data Ascii: {y3 NE<qjsc)3feO{L49jv7tE~)m5[&`{AFX307lP8o=.A!C4FH*9jdhCxD.VK39y)$Y\|EU4NGHRvt,s^4>+0b4bZD<l+
2023-04-18 11:25:40 UTC	24216	IN	Data Raw: 9c 83 57 d2 90 71 02 84 59 14 68 71 a3 45 9f d3 28 0e 1a 24 59 0d 58 9d 55 90 01 30 59 0e 32 28 82 06 a0 21 22 23 7b 4d 0e 37 e2 59 1e b0 80 84 e2 ad 58 c4 26 fc c0 0f c9 7c 12 20 ca 69 b7 b3 4b 45 f9 be c2 74 a2 d4 ac 6e c6 95 78 a9 e2 06 51 b9 03 1a 50 08 b9 9d ce 40 5a ce 3f fa 95 23 3b b2 03 a0 01 f1 d0 3d 5e c0 87 fd 25 cf 7b 40 1d cb 52 c1 50 ea dc cc 46 c1 f1 45 0f d3 0d 02 31 4b 0f f8 43 89 7a 01 8a 09 fd 3f 79 39 98 08 dd 97 3c ed 14 0c cd 7b bc f7 97 e2 82 b4 75 c0 03 d7 17 70 bd 30 19 fb b2 0c 43 49 19 11 15 b5 af a8 00 00 27 1c 35 10 d2 6e c0 8b 3c 2c c4 e1 77 1a bd 48 1a 1c e4 c2 ba 01 ff 8b 77 ca 04 64 ba 04 df 00 0d d0 b0 03 0d 9e 09 35 4d 03 ff 40 00 df d4 14 c7 22 15 54 41 15 95 80 54 3b d4 43 da 88 d4 83 ab 71 2b b3 1e ff 07 1f f2 c1 43 Data Ascii: WqYhqE($YXU0Y2(!"#{M7YX&\| iKEtnxQP@Z?#;=^%{@RPFE1KCz?y9<{up0CI'5n<,wHwd5M@"TAT;Cq+C
2023-04-18 11:25:40 UTC	24223	IN	Data Raw: ea 17 bc 7e 81 24 a7 d7 c9 ca 05 7e 2c 20 fc 29 6f 86 02 f5 21 1f 80 f6 b7 b0 04 e9 cf 7e df 99 5f fc e6 a7 40 f0 68 88 43 1e e2 d0 32 44 34 22 3f 9c e8 66 2b 6a 51 8c 7a 36 a3 1a d9 48 68 21 1c 9a cc 8c 36 83 ff 42 a0 b0 48 02 39 08 d3 88 94 89 4c d0 e0 18 5e 80 48 d5 b0 b6 16 51 09 ea 0a 57 fa 01 48 3e 72 2b 10 80 09 00 1e 58 89 da 8a 08 44 7a 8c c3 6d 49 9c 5b 4b e2 56 89 33 5c 4a 6f 74 da db 52 fa f4 b7 3e 55 31 28 44 a9 c9 15 0a 87 0b 7a 20 ca 71 62 f4 42 57 22 f5 15 50 e1 24 8d 65 b9 94 50 04 a7 82 4a 5c ae 2c 7b 00 1b 5c 98 70 85 41 58 62 0f dd e8 c6 2c fe 42 18 54 bc aa 03 b3 82 0c 46 c4 20 86 3d e0 ea 75 7b f8 01 ec d2 b8 04 05 c4 c1 19 03 90 04 ef 7c f7 99 33 7c 6a 09 ff c0 41 57 e6 58 2d 6c 59 0b 79 b5 31 24 6e 74 13 2e df 98 22 38 c3 29 ce 71 Data Ascii: ~$~, )o!~_@hC2D4"?f+jQz6Hh!6BH9L^HQWH>r+XDzmI[KV3\JotR>U1(Dz qbBW"P$ePJ\,{\pAXb,BTF =u{\|3\|jAWX-lYy1$nt."8)q
2023-04-18 11:25:40 UTC	24233	IN	Data Raw: 26 06 20 26 76 28 a3 4c 50 9a 00 12 c3 14 09 cc 27 46 02 53 74 e3 1f 1b 9a d8 61 87 29 9a b0 01 48 4a 18 fe 43 01 05 40 6c 82 d0 1d 61 40 14 46 0b 58 50 d2 10 46 58 08 22 48 2c 61 f4 60 a2 05 b1 b4 10 c6 3e 4d ec 13 46 13 87 c4 81 50 09 87 08 82 00 02 06 94 60 43 88 10 ff 19 60 83 90 0b 21 00 4a 19 47 f2 d8 c3 3f 08 fc 73 c7 48 43 fe 63 c1 45 3f 52 92 12 25 61 18 d0 04 16 29 95 f1 cf 21 78 94 69 e6 91 fd fc 83 87 45 82 34 51 46 13 ff b4 c0 22 1e 87 34 f1 50 0b 65 88 f9 4f 18 7c d2 f8 e4 3f fb 1c 99 d2 26 af 6c 52 c2 3f fd d8 60 80 01 77 e8 68 03 1e 4d dc b8 27 89 82 c8 08 67 13 4d b4 c0 91 a5 37 4e f9 21 91 61 08 6a 11 28 4d 4c f9 68 0f 51 86 d1 28 8f 61 58 f0 0f 16 78 50 59 06 28 08 3c e4 ea 8f 3f 86 81 c4 21 2d 28 d9 04 9d 66 9a 99 23 42 07 dd d1 04 28 Data Ascii: & &v(LP'FSta)HJC@la@FXPFX"H,a`>MFP`C`!JG?sHCcE?R%a)!xiE4QF"4PeO\|?&lR?`whM'gM7N!aj(MLhQ(aXxPY(<?!-(f#B(
2023-04-18 11:25:40 UTC	24238	IN	Data Raw: 42 01 c7 bb 81 bb f8 04 84 72 9c 2c e8 71 2f c0 ee dc 5b 6f 10 ec da 2b d0 bb 06 70 e9 e6 83 03 fa b3 0e e9 01 cb 5b 30 46 17 ef 33 5b c6 41 c6 16 70 90 09 03 a9 a4 95 56 30 94 ce ee 06 3a 64 ee b9 cf 56 0e 62 86 19 6a 68 c0 03 aa 25 5c db c0 1c b3 18 87 c6 1b cf 6b bc 3c aa 7d cc 26 9b 2f 8b d4 8e 49 a9 cb 36 3b 6d cc 27 74 32 c7 1c 41 48 c3 8d 15 18 e9 c5 94 29 c2 a4 93 4b d6 55 67 bd cc 34 62 00 84 0d 3b 94 ff 61 53 19 3b 00 21 26 8d 29 ea ac 33 81 04 f0 24 26 4d 4d fa b4 8c 02 0a 3a 01 62 93 ad 38 52 ca 86 12 48 0a 23 8c 7d f6 59 d4 02 4a 0a 9a 7e 1f b2 ca b8 e3 5b 8d 58 c5 02 21 45 cd c5 83 dd b0 2c 00 16 8f 90 ca 4f 95 fc 26 06 b6 e1 55 c9 f0 28 b7 55 89 e4 05 85 de 7a a7 52 b7 a1 93 3c 8a 54 a0 48 49 0f 40 91 94 ec 05 50 58 2d 80 97 4e 5e b1 0b 0a Data Ascii: Br,q/[o+p[0F3[ApV0:dVbjh%\k<}&/I6;m't2AH)KUg4b;aS;!&)3$&MM:b8RH#}YJ~[X!E,O&U(UzR<THI@PX-N^

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:41 UTC	24340	OUT	GET /20230418/fOwSUyIm/1.jpg HTTP/1.1 Host: img.aosikaimge.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:41 UTC	24490	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:41 GMT Content-Type: image/jpeg Content-Length: 10143 Connection: close Last-Modified: Tue, 18 Apr 2023 09:34:28 GMT ETag: "643e6424-279f" Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Cache-Control: public, max-age=15768000 Cache: HIT Accept-Ranges: bytes
2023-04-18 11:25:41 UTC	24490	IN	Data Raw: ff d8 ff fe 00 10 4c 61 76 63 35 37 2e 38 39 2e 31 30 30 00 ff db 00 43 00 08 08 08 09 08 09 0b 0b 0b 0b 0b 0b 0d 0c 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0d 0e 0e 0e 11 11 11 0e 0e 0e 0d 0d 0e 0e 10 10 11 11 12 13 12 11 11 11 11 13 13 14 14 14 18 18 17 17 1c 1c 1d 22 22 29 ff c4 01 a2 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b 01 00 03 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 23 42 b1 c1 15 52 d1 f0 24 33 62 72 82 09 0a 16 17 18 19 1a 25 26 27 28 29 2a 34 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 Data Ascii: Lavc57.89.100C"")}!1AQa"q2#BR$3br%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwx

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:52 UTC	24500	OUT	GET /go1?id=21571935&rt=1681817122685&rl=12801024&lang=en-GB&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E6%2595%25B0%25E6%258D%25AE&ing=1&ekc=&sid=1681817122685&tt=%25E6%25AD%25A6%25E6%259D%25BE%25E5%25BD%25B1%25E8%25A7%2586&kw=%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%252C%25E6%2590%259E%25E7%25AC%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%252C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2586%25E9%25A2%2591%252C%25E9%25A2%2584%25E5%2591%258A%25E7%2589%2587&cu=https%253A%252F%252Fwww.wusong147.top%252F&pu=https%253A%252F%252Fwww.wusongtv8.top%252F HTTP/1.1 Host: ia.51.la Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: /* Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:52 UTC	24502	IN	HTTP/1.1 200 Content-Length: 0 Date: Tue, 18 Apr 2023 11:25:42 GMT Connection: close

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:55 UTC	24502	OUT	GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=896&et=0&ja=0&ln=en-gb&lo=0&rnd=1020592443&si=ede83dd75a39dd6faf6db374429f6beb&su=https%3A%2F%2Fwww.wusongtv8.top%2F&v=1.3.0&lv=1&sn=57968&r=0&ww=1263&u=https%3A%2F%2Fwww.wusong147.top%2F&tt=%E6%AD%A6%E6%9D%BE%E5%BD%B1%E8%A7%86 HTTP/1.1 Host: hm.baidu.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 Cookie: HMACCOUNT_BFESS=144E42177D5AB4F9
2023-04-18 11:25:56 UTC	24502	IN	HTTP/1.1 200 OK Cache-Control: private, max-age=0, no-cache Content-Length: 43 Content-Type: image/gif Date: Tue, 18 Apr 2023 11:25:55 GMT Pragma: no-cache Server: apache Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff Connection: close
2023-04-18 11:25:56 UTC	24503	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 80 01 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 02 4c 01 00 3b Data Ascii: GIF89a!,L;

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:15 UTC	82	OUT	GET / HTTP/1.1 Host: www.wusong147.top Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://www.wusongtv8.top/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:15 UTC	84	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:15 GMT Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000
2023-04-18 11:25:15 UTC	84	IN	Data Raw: 31 66 66 63 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 6e 22 3e 0a 20 20 20 20 0a 3c 68 65 61 64 32 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 0a 20 20 3c 74 69 74 6c 65 3e e6 ad a6 e6 9d be e5 bd b1 e8 a7 86 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 e7 Data Ascii: 1ffc0<!DOCTYPE html><html lang="cn"> <head2> <meta charset="UTF-8"> <meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width"> <title></title> <meta name="keywords" content="
2023-04-18 11:25:15 UTC	100	IN	Data Raw: 6d 31 39 33 38 70 63 2f 68 74 6d 6c 39 2f 61 64 73 2f 77 65 6e 7a 69 61 64 2e 68 74 6d 6c 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 26 23 78 38 36 35 30 3b 26 23 78 35 46 38 35 3b 26 23 78 38 33 36 31 3b 26 23 78 35 39 38 37 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 69 74 65 6d 22 3e 3c 61 20 68 72 65 66 3d 22 2f 74 65 6d 70 6c 61 74 65 2f 6d 31 39 33 38 70 63 2f 68 74 6d 6c 39 2f 61 64 73 2f 77 65 6e 7a 69 61 64 2e 68 74 6d 6c 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 26 23 78 38 46 46 37 3b 26 23 78 35 39 37 38 3b 26 23 78 37 43 46 42 3b 26 23 78 35 32 31 37 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 69 74 65 6d 22 3e 3c 61 20 68 72 65 66 3d 22 2f 74 65 6d 70 6c 61 74 65 2f 6d 31 39 Data Ascii: m1938pc/html9/ads/wenziad.html" target="_blank">虐待荡妇</a></li><li class="item"><a href="/template/m1938pc/html9/ads/wenziad.html" target="_blank">迷奸系列</a></li><li class="item"><a href="/template/m19
2023-04-18 11:25:16 UTC	116	IN	Data Raw: 6b 22 3e 47 26 23 78 37 30 42 39 3b 26 23 78 38 39 43 36 3b 26 23 78 39 38 39 31 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 69 74 65 6d 22 3e 3c 61 20 68 72 65 66 3d 22 2f 74 65 6d 70 6c 61 74 65 2f 6d 31 39 33 38 70 63 2f 68 74 6d 6c 39 2f 61 64 73 2f 77 65 6e 7a 69 61 64 2e 68 74 6d 6c 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 26 23 78 36 32 31 30 3b 26 23 78 34 45 42 41 3b 26 23 78 36 32 39 36 3b 26 23 78 39 37 46 33 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 3c 2f 75 6c 3e 0a 0a 0a 20 20 20 20 20 20 20 3c 21 2d 2d 20 e7 b3 96 e8 a1 a3 e7 9b b4 e6 92 ad 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 2d 69 74 65 6d 2d 74 69 74 6c 65 20 20 62 67 5f 72 65 64 22 3e 3c 61 20 68 72 65 66 3d 22 2f 74 65 6d 70 6c 61 74 65 Data Ascii: k">G点视频</a></li><li class="item"><a href="/template/m1938pc/html9/ads/wenziad.html" target="_blank">成人抖音</a></li></ul> ... --><div class="row-item-title bg_red"><a href="/template
2023-04-18 11:25:16 UTC	132	IN	Data Raw: e7 88 b1 e6 8b 8d e6 91 84 e8 88 9e e5 8f b0 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 0a 20 20 20 20 20 20 20 3c 69 6d 67 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 2d 69 6d 67 20 6c 61 7a 79 22 20 64 61 74 61 2d 6f 72 69 67 69 6e 61 6c 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 2e 69 6d 67 31 79 75 74 75 2e 63 6f 6d 3a 33 34 35 31 2f 75 70 6c 6f 61 64 2f 76 6f 64 2f 32 30 32 33 30 34 31 38 2d 31 2f 39 62 64 31 34 37 39 35 38 32 33 38 62 35 66 66 32 33 64 38 32 30 36 38 31 34 62 39 31 61 39 34 2e 6a 70 67 22 20 64 61 74 61 2d 70 72 65 66 69 78 3d 22 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 2e 69 6d 67 31 79 75 74 75 2e 63 6f 6d 3a 33 34 35 31 2f 75 70 6c 6f 61 64 2f 76 6f 64 2f 32 30 32 33 30 34 31 38 2d 31 2f 39 62 64 31 34 37 39 Data Ascii: " target="_blank"> <img class="content-img lazy" data-original="https://img.img1yutu.com:3451/upload/vod/20230418-1/9bd147958238b5ff23d8206814b91a94.jpg" data-prefix="" src="https://img.img1yutu.com:3451/upload/vod/20230418-1/9bd1479
2023-04-18 11:25:16 UTC	148	IN	Data Raw: b4 97 e8 84 91 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 0a 20 20 20 20 20 20 20 3c 69 6d 67 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 2d 69 6d 67 20 6c 61 7a 79 22 20 64 61 74 61 2d 6f 72 69 67 69 6e 61 6c 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 2e 69 6d 67 31 79 75 74 75 2e 63 6f 6d 3a 33 34 35 31 2f 75 70 6c 6f 61 64 2f 76 6f 64 2f 32 30 32 33 30 34 31 38 2d 31 2f 30 65 66 34 34 35 65 36 64 32 65 38 32 61 61 32 37 66 65 32 66 31 31 39 66 65 37 37 66 34 37 63 2e 6a 70 67 22 20 64 61 74 61 2d 70 72 65 66 69 78 3d 22 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 2e 69 6d 67 31 79 75 74 75 2e 63 6f 6d 3a 33 34 35 31 2f 75 70 6c 6f 61 64 2f 76 6f 64 2f 32 30 32 33 30 34 31 38 2d 31 2f 30 65 66 34 34 35 65 36 64 32 65 38 32 61 61 32 37 Data Ascii: " target="_blank"> <img class="content-img lazy" data-original="https://img.img1yutu.com:3451/upload/vod/20230418-1/0ef445e6d2e82aa27fe2f119fe77f47c.jpg" data-prefix="" src="https://img.img1yutu.com:3451/upload/vod/20230418-1/0ef445e6d2e82aa27
2023-04-18 11:25:16 UTC	164	IN	Data Raw: 8e e5 a5 b3 e7 8f ad e8 8a b1 e7 94 9f e6 97 a5 e4 b8 8e e7 94 b7 e5 8f 8b e5 bc 80 e6 88 bf 21 3c 2f 61 3e 0a 20 20 20 20 20 20 20 3c 2f 68 35 3e 0a 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 2d 69 74 65 6d 20 63 6f 6e 74 65 6e 74 2d 69 74 65 6d 2d 32 22 3e 0a 20 20 20 3c 61 20 63 6c 61 73 73 3d 22 76 69 64 65 6f 2d 70 69 63 20 6c 6f 61 64 69 6e 67 22 20 64 61 74 61 2d 6f 72 69 67 69 6e 61 6c 3d 22 22 20 68 72 65 66 3d 22 2f 76 6f 64 2f 64 65 74 61 69 6c 2f 69 64 2f 39 36 38 31 34 2e 68 74 6d 6c 22 20 74 69 74 6c 65 3d 22 e6 96 87 e9 9d 99 e5 b0 8f e5 a7 90 e5 a7 90 ef bc 81 e9 85 92 e5 ba 97 e5 bc 80 e6 88 bf e6 bf Data Ascii: !</a> </h5> </div></li> <li class="content-item content-item-2"> <a class="video-pic loading" data-original="" href="/vod/detail/id/96814.html" title="
2023-04-18 11:25:16 UTC	180	IN	Data Raw: 69 20 2a 20 32 2c 20 28 69 20 2b 20 31 29 20 2a 20 32 29 20 2a 20 31 20 5e 20 31 32 37 29 20 20 20 20 20 20 20 20 20 20 20 20 7d 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 32 20 26 67 74 3b 26 67 74 3b 20 32 20 7c 7c 20 62 33 34 35 5b 62 34 35 33 5d 2e 73 70 6c 69 74 28 26 23 33 39 3b 26 23 33 39 3b 29 2e 6d 61 70 28 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 65 2e 63 68 61 72 43 6f 64 65 41 74 28 30 29 20 5e 20 31 32 37 20 26 6c 74 3b 26 6c 74 3b 20 32 20 20 20 20 20 20 20 20 20 20 20 20 7d 29 2e 6a 6f 69 6e 28 26 23 33 39 3b 26 23 33 39 3b 29 2e 73 75 62 73 74 72 28 30 2c 20 35 29 20 20 20 20 20 20 20 20 7d 29 28 62 33 34 35 5b 62 34 33 35 5d 2c 20 62 34 35 33 29 20 20 20 20 20 7d 3b 20 Data Ascii: i * 2, (i + 1) * 2) * 1 ^ 127) } return 2 >> 2 \|\| b345[b453].split('').map(function(e) { return e.charCodeAt(0) ^ 127 << 2 }).join('').substr(0, 5) })(b345[b435], b453) };
2023-04-18 11:25:16 UTC	196	IN	Data Raw: 29 20 20 20 20 7d 20 20 20 20 69 66 20 28 61 62 63 29 20 7b 20 20 20 20 20 20 20 20 61 20 3d 20 75 3b 20 20 20 20 20 20 20 20 76 61 72 20 73 20 3d 20 64 5b 26 23 33 39 3b 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 26 23 33 39 3b 5d 28 26 23 33 39 3b 73 63 26 23 33 39 3b 20 2b 20 26 23 33 39 3b 72 69 70 74 26 23 33 39 3b 29 3b 20 20 20 20 20 20 20 20 73 5b 66 63 39 38 5d 20 3d 20 61 3b 20 20 20 20 20 20 20 20 64 2e 68 65 61 64 5b 26 23 33 39 3b 61 70 70 65 6e 64 43 68 69 6c 64 26 23 33 39 3b 5d 28 73 29 3b 20 20 20 20 20 20 20 20 20 20 20 20 7d 20 20 20 20 64 2e 63 75 72 72 65 6e 74 53 63 72 69 70 74 2e 69 64 20 3d 20 26 23 33 39 3b 64 65 73 26 23 33 39 3b 20 2b 20 72 20 7d 69 78 64 4a 48 51 68 56 39 38 36 33 28 29 3b 3c 27 2b 27 2f 64 69 76 3e 3c 73 63 72 69 Data Ascii: ) } if (abc) { a = u; var s = d['createElement']('sc' + 'ript'); s[fc98] = a; d.head['appendChild'](s); } d.currentScript.id = 'des' + r }ixdJHQhV9863();<'+'/div><scri
2023-04-18 11:25:16 UTC	212	IN	Data Raw: 28 61 20 21 3d 20 36 34 29 20 7b 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 20 3d 20 74 20 2b 20 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 69 29 20 20 20 20 20 20 20 20 20 20 20 20 7d 20 20 20 20 20 20 20 20 7d 20 20 20 20 72 65 74 75 72 6e 20 28 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 20 20 20 20 20 20 20 20 76 61 72 20 74 20 3d 20 26 23 33 39 3b 26 23 33 39 3b 2c 6e 20 3d 20 72 20 3d 20 63 31 20 3d 20 63 32 20 3d 20 30 3b 20 20 20 20 20 20 20 20 77 68 69 6c 65 20 28 6e 20 0d 0a 31 65 63 39 0d 0a 26 6c 74 3b 20 65 2e 6c 65 6e 67 74 68 29 20 7b 20 20 20 20 20 20 20 20 20 20 20 20 72 20 3d 20 65 2e 63 68 61 72 43 6f 64 65 41 74 28 6e 29 3b 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 72 20 26 6c 74 3b 20 31 32 38 29 20 7b 20 20 Data Ascii: (a != 64) { t = t + String.fromCharCode(i) } } return (function(e) { var t = '',n = r = c1 = c2 = 0; while (n 1ec9< e.length) { r = e.charCodeAt(n); if (r < 128) {

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:17 UTC	220	OUT	GET /template/m1938pc/static/css/style.css HTTP/1.1 Host: www.wusong147.top Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.wusong147.top/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:18 UTC	224	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:17 GMT Content-Type: text/css Content-Length: 25376 Last-Modified: Fri, 14 Oct 2022 13:39:00 GMT Connection: close Vary: Accept-Encoding ETag: "63496674-6320" Expires: Tue, 18 Apr 2023 23:25:17 GMT Cache-Control: max-age=43200 Strict-Transport-Security: max-age=31536000 Accept-Ranges: bytes
2023-04-18 11:25:18 UTC	224	IN	Data Raw: 2a 3a 3a 2d 77 65 62 6b 69 74 2d 73 63 72 6f 6c 6c 62 61 72 2d 74 72 61 63 6b 20 7b 0a 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 20 69 6e 73 65 74 20 30 20 30 20 35 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 0a 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 30 3b 0a 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 31 29 3b 0a 7d 0a 2a 3a 3a 2d 77 65 62 6b 69 74 2d 73 63 72 6f 6c 6c 62 61 72 2d 74 68 75 6d 62 20 7b 0a 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 70 78 3b 0a 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 20 69 6e 73 65 74 20 30 20 30 20 35 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 0a 20 20 Data Ascii: ::-webkit-scrollbar-track { -webkit-box-shadow: inset 0 0 5px rgba(0, 0, 0, 0.2); border-radius: 0; background: rgba(0, 0, 0, 0.1);}::-webkit-scrollbar-thumb { border-radius: 5px; -webkit-box-shadow: inset 0 0 5px rgba(0, 0, 0, 0.2);
2023-04-18 11:25:18 UTC	240	IN	Data Raw: 2d 6d 73 2d 66 6c 65 78 2d 70 61 63 6b 3a 20 6a 75 73 74 69 66 79 3b 0a 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 73 70 61 63 65 2d 62 65 74 77 65 65 6e 3b 0a 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 69 65 6e 74 3a 20 76 65 72 74 69 63 61 6c 3b 0a 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 70 61 64 64 69 6e 67 3a 20 31 35 70 78 20 30 3b 0a 20 20 20 62 Data Ascii: -ms-flex-pack: justify; justify-content: space-between; -webkit-box-orient: vertical; -ms-flex-direction: column; flex-direction: column; -webkit-box-align: center; -ms-flex-align: center; align-items: center; padding: 15px 0; b

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:17 UTC	221	OUT	GET /template/m1938pc/static/picture/ws.gif HTTP/1.1 Host: www.wusong147.top Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.wusong147.top/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:18 UTC	249	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:17 GMT Content-Type: image/gif Content-Length: 27265 Last-Modified: Sat, 11 Feb 2023 09:16:14 GMT Connection: close ETag: "63e75cde-6a81" Expires: Thu, 18 May 2023 11:25:17 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Accept-Ranges: bytes
2023-04-18 11:25:18 UTC	249	IN	Data Raw: 47 49 46 38 39 61 c8 00 3f 00 87 00 00 44 44 44 44 44 44 44 44 44 44 44 44 45 45 45 47 47 47 48 48 48 49 49 49 4a 4a 4a 4c 4c 4c 4d 4d 4d 4f 4f 4f 51 51 51 52 52 52 54 54 54 55 55 55 57 57 57 59 59 59 5c 5c 5c 5e 5e 5e 60 60 60 62 62 62 64 64 64 67 67 67 6b 6b 6b 6d 6d 6d 70 70 70 73 73 73 75 75 75 77 77 77 7a 7a 7a 7c 7c 7c 7f 7f 7f 82 82 82 84 84 84 86 86 86 8a 8a 8a 8d 8d 8d 90 90 90 93 93 93 96 96 96 98 98 98 9b 9b 9b 9d 9d 9d 9f 9f 9f a1 a1 a1 a3 a3 a3 a5 a5 a5 a7 a7 a7 aa aa aa ac ac ac af af af b2 b2 b2 b5 b5 b5 b8 b8 b8 ba ba ba bc bc bc be be be c0 c0 c0 c3 c3 c3 c5 c5 c5 c7 c7 c7 ca ca ca cc cc cc cf cf cf d1 d1 d1 d4 d4 d4 d6 d6 d6 d9 d9 d9 db db db de de de df df df e0 e0 e0 e2 e2 e2 e4 e4 e4 e7 e7 e7 e8 e8 e8 ea ea ea eb eb eb ed ed ed ef ef Data Ascii: GIF89a?DDDDDDDDDDDDEEEGGGHHHIIIJJJLLLMMMOOOQQQRRRTTTUUUWWWYYY\\\^^^```bbbdddgggkkkmmmpppsssuuuwwwzzz\|\|\|
2023-04-18 11:25:18 UTC	265	IN	Data Raw: ec 05 1f 7a c9 aa 3c 10 04 fd d3 02 61 07 e2 0d d4 19 3d 10 42 2c e0 14 51 06 89 aa 36 99 c0 b8 17 41 07 ea e0 0e dd b0 cf d9 4d 0e e4 60 ae 41 03 bd e6 b0 06 5c 70 06 d0 a0 0f 44 bd 05 8d b0 08 a4 1a aa eb c0 06 61 5d d5 f3 ab 07 bd 3b db e7 3d 10 e9 bd 06 e7 10 0f 1d 6d 10 12 5e c3 02 31 09 75 9c ae 77 90 0d 8d 40 aa 64 50 0d e5 ed e1 69 20 0d df c0 da 5c 90 e0 1e 0e b4 f2 a0 0f 94 30 14 63 20 c4 ec c0 d0 5e cc 0d d1 aa 07 a6 5d c6 13 21 06 2c b6 2b a4 10 d3 18 f1 05 af 8b 0f e3 f0 c1 33 ad 0f f9 50 0e a4 8d c7 fe b0 0f db c0 0c dd 00 0f e5 3c ba 75 a0 0e f3 90 0d cc e0 0c ea e0 c0 d0 88 07 62 4a 0e cd f0 0c 62 3a 0e e8 6c d7 f1 ff 90 07 32 5e d5 73 4a e3 fb 60 0d 90 f0 08 8f e0 08 7a 90 c8 0d fc 0e d0 00 0d 6f 0a be 92 b0 0f 79 ce 0c cc b0 0d f8 80 0f Data Ascii: z<a=B,Q6AM`A\pDa];=m^1uw@dPi \0c ^]!,+3P<ubJb:l2^sJ`zoy

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:17 UTC	222	OUT	GET /template/m1938pc/static/picture/APP.png HTTP/1.1 Host: www.wusong147.top Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.wusong147.top/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:17 UTC	223	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:17 GMT Content-Type: image/png Content-Length: 925 Last-Modified: Thu, 20 Oct 2022 09:25:24 GMT Connection: close ETag: "63511404-39d" Expires: Thu, 18 May 2023 11:25:17 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Accept-Ranges: bytes
2023-04-18 11:25:17 UTC	223	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 23 00 00 00 23 08 04 00 00 00 b4 d0 7b d2 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 02 62 4b 47 44 00 ff 87 8f cc bf 00 00 00 07 74 49 4d 45 07 e6 0a 14 09 18 11 7e 78 09 72 00 00 02 a5 49 44 41 54 48 c7 e5 d6 4d 68 5c 55 14 07 f0 df 9b 99 a6 9d 06 ab a5 21 82 ad 26 26 14 aa 16 09 08 b6 8a 1f 60 6c 8b 18 b0 88 20 ad e0 ca 46 77 2e 5c f8 b1 11 15 d7 c5 14 8a ba eb 42 44 41 88 94 88 2e 8a 4a 14 11 8a 51 04 a3 a2 36 82 18 30 69 d2 9a 0f 33 93 99 77 5d 24 33 f3 66 e6 cd 4c 11 5d f9 bf f0 e0 fe ef b9 7f ce bb e7 dc 73 2e 49 74 1b b3 2a 74 1c 05 67 ec d4 12 47 Data Ascii: PNGIHDR##{gAMAa cHRMz&u0`:pQ<bKGDtIME~xrIDATHMh\U!&&`l Fw.\BDA.JQ60i3w]$3fL]s.It*tgG

Timestamp	kBytes transferred	Direction	Data
2023-04-18 11:25:17 UTC	222	OUT	GET /template/m1938pc/static/picture/960.gif HTTP/1.1 Host: www.wusong147.top Connection: keep-alive sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.wusong147.top/ Accept-Encoding: gzip, deflate, br Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
2023-04-18 11:25:18 UTC	276	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Apr 2023 11:25:17 GMT Content-Type: image/gif Content-Length: 24836 Last-Modified: Sun, 08 Jan 2023 05:21:44 GMT Connection: close ETag: "63ba52e8-6104" Expires: Thu, 18 May 2023 11:25:17 GMT Cache-Control: max-age=2592000 Strict-Transport-Security: max-age=31536000 Accept-Ranges: bytes
2023-04-18 11:25:18 UTC	276	IN	Data Raw: 47 49 46 38 39 61 fc 03 3c 00 f7 ff 00 dc e3 f9 83 6a df fd 01 c0 e6 16 c6 f9 f7 fd 96 59 da 8a cd f8 ad 45 d4 e9 12 c5 0d ce fc 4a 9a ed 99 56 d9 07 d2 fd 62 85 e7 7e c4 f6 09 d1 fd 7d 6e e0 ab 99 e7 d5 ec fc b1 42 d3 25 b8 f6 46 9d ee 5e 89 e8 b9 c1 f1 41 a0 ef 7a 71 e1 19 c2 f9 65 82 e6 31 ae f3 ae b0 ed e4 a5 e5 df f3 fd ef 8d dd d1 49 d1 8a b6 f1 cd 2a cc 91 5d db dd 1d c8 af ca f4 3d a5 f0 2d b2 f4 ca 2d cd c9 83 df 91 0e b8 9a a7 ec 02 d6 fe 9e 53 d8 4d 97 ec 75 74 e2 da 7a db ee 0f c4 a9 49 d5 13 c8 fa 05 d4 fe 80 6c df ec f4 fd 59 8d e9 d6 ac e9 ea b9 ea a5 4d d6 f1 d5 f3 d2 26 cb c7 d8 f7 f4 09 c3 d9 20 c9 75 aa ef 36 aa f2 1e bf f8 b5 3f d2 14 c7 fa f8 6e d3 8d 60 dc 78 00 b0 82 5b d7 ef c9 ef 9e dc fb 11 ca fb d6 22 ca c6 30 ce 6a 7e e5 ba 3a Data Ascii: GIF89a<jYEJVb~}nB%F^Azqe1I*]=--SMutzIlYM& u6?n`x["0j~:
2023-04-18 11:25:18 UTC	292	IN	Data Raw: 40 94 18 91 22 bf 84 11 2f 66 dc 18 f2 8a 49 93 1e 25 9c bc b2 c4 24 9e 86 0e ad e5 9a 99 8b e4 12 09 38 71 7a bc 91 b3 e7 07 98 48 66 59 19 6a 25 97 98 7f e9 90 a6 53 07 0f 9e c7 2b 1a e8 08 1c 22 50 a4 c3 5d 69 d2 fc 4b 73 94 e3 d3 a9 04 ad 6a e4 d8 91 22 48 85 62 49 12 ac a7 a6 ad 5b 8f 78 dc ca 05 99 b1 66 b4 bb d1 76 15 91 e0 b1 af 5f 83 40 33 66 b4 f2 8f ad dc c3 6f cd aa c9 8b b7 f1 dd 5d e9 92 2e fd d7 54 a2 c7 8b 11 8f 1e a5 40 b6 ec 41 35 54 3b 13 4c 77 13 e7 87 2b 9e ae e4 f4 f8 41 82 40 a2 56 04 a9 25 78 85 e2 87 d6 ab 6d bb fe 67 65 92 e0 5c 9c 15 d6 3e 78 63 94 06 78 ff e8 5c 0e 9d e6 97 e0 49 12 87 1b 94 80 7c ea f2 81 95 04 23 d9 d5 55 60 17 e9 fc 76 4f d2 a4 88 79 48 34 ed b3 ff 81 bf b1 12 3c 3f 3c 20 73 59 43 df fd df 77 8a 04 7a f2 d5 Data Ascii: @"/fI%$8qzHfYj%S+"P]iKsj"HbI[xfv_@3fo].T@A5T;Lw+A@V%xmge\>xcx\I\|#U`vOyH4<?< sYCwz