Regression: AMT Agent connectivity not working in v1.1.24, last known working in v1.1.20

[abjoseph]

Describe the bug After upgrading from 1.1.20 to 1.1.24 my AMT agents are no longer showing as connected (online) on the "My Devices" page. This is while the agents are powered down into one of soft-off states (e.g. S5). Only after powering on the machines, do the AMT agent shows as online and I'm able to "Connect" to the Intel AMT portal.

To Reproduce Steps to reproduce the behavior:

1. Install and setup Meshcentral with v1.1.20.
2. Have at least 1 AMT agent registered within MeshCentral and shows as activated e.g.
3. Proceed to the "My Server" tab and click the "Check server version" link.
4. Within the pop-up, select the "Latest Version" checkbox and click ok to initiate the server self-update.
5. Observe after a few minutes that the AMT Agent no longer shows as online and you're not able to connect to the Intel AMT portal.

Expected behavior I expected that after updating to v1.1.24 my previously registered AMT Agents would continue to show as online and that I would be able to access the Intel AMT portal even when the machine is in one of the soft-off states (e.g. S3-S5) without the machine having to be powered-on.

Screenshots If applicable, add screenshots to help explain your problem.

AMT Agents online (v1.1.20)

AMT Agents offline (after updating to v1.1.24)

Server Software (please complete the following information):

• OS: Ubuntu 20.04
• Virtualization: LXC
• Network: reverse proxy [nginx] with ssl offload
• Version: 1.1.20
• Node: 14.21.1

Client Device (please complete the following information):

• Device: Desktop (Whitebox PC)
• OS: Windows 11 Enterprise
• Network: Remote over WAN
• Browser: Google Chrome, MS Edge, Firefox
• MeshCentralRouter Version: N/A

Remote Device (please complete the following information):

• Device: Lenovo M920q & Intel NUC 11
• OS: Windows 11 Pro 23H2 (Both)
• Network: Remote over WAN (but in same physical local network)
• Current Core Version (if known):

  Current Core: Dec 9 2022, 1807787178
  Agent Time: 2024-06-23 12:29:19.447-04:00.
  User Rights: 0xffffffff.
  Platform: win32.
  Capabilities: 15.
  Server URL: wss://remote.example.com:443/agent.ashx.
  Built-in LMS: Disabled.
  OS: Microsoft Windows 11 Pro - 23H2/22631.
  Modules: amt-apfclient, amt-lme, amt-manage, amt-mei, computer-identifiers, monitor-border, power-monitor, smbios, sysinfo, util-agentlog, wifi-scanner-windows, wifi-scanner, win-console, win-deskutils, win-info, win-securitycenter, win-terminal, win-virtual-terminal, win-volumes.
  Server Connection: true, State: 1.
  Node ID: seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd
  Application Location: C:\Program Files\Mesh Agent\

Additional context Add any other context about the problem here.

Your config.json file

{
  "__comment__" : "This is a sample configuration file, edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
  "settings": {
    "Cert": "remote.example.com",
    "_MongoDb": "mongodb://127.0.0.1:27017",
    "_MongoDbName": "meshcentral",
    "_MongoDbChangeStream": true,
    "_WANonly": true,
    "_LANonly": true,
    "_Minify": 1,
    "_SessionTime": 30,
    "_SessionKey": "MyReallySecretPassword1",
    "_DbEncryptKey": "MyReallySecretPassword2",
    "_DbExpire": {
      "events": 1728000,
      "powerevents": 864000
    },
    "webPageLengthRandomization": true,
    "Port": 4430,
    "AliasPort": 443,
    "RedirPort": 800,
    "_AllowLoginToken": true,
    "_AllowFraming": true,
    "_WebRTC": false,
    "_ClickOnce": false,
    "_SelfUpdate": true,
    "AgentPing": 60,
    "AgentPong": 300,
    "_AgentIdleTimeout": 150,
    "MeshErrorLogPath": "/tmp/meshcentral",
    "_NpmPath": "c:\\npm.exe",
    "_NpmProxy": "http://1.2.3.4:80",
    "_AllowHighQualityDesktop": true,
    "_UserAllowedIP": "127.0.0.1,192.168.1.0/24",
    "_UserBlockedIP": "127.0.0.1,::1,192.168.0.100",
    "_AgentAllowedIP": "192.168.0.100/24",
    "_AgentBlockedIP": "127.0.0.1,::1",
    "LocalDiscovery": {
      "name": "MeshCentral",
      "info": "Local MeshCentral Remote Management Server"
    },
    "TlsOffload": "192.168.10.23",
    "TrustedProxy": "192.168.10.23",
    "MpsPort": 44330,
    "MpsAliasPort": 4433,
    "MpsTlsOffload": true,
    "_No2FactorAuth": true,
    "_WebRtConfig": {
      "iceServers": [
        { "urls": "stun:stun.services.mozilla.com" },
        { "urls": "stun:stun.l.google.com:19302" }
      ]
    },
    "_AutoBackup": {
      "backupIntervalHours": 24,
      "keepLastDaysBackup": 10,
      "zipPassword": "MyReallySecretPassword3",
      "_backupPath": "C:\\backups"
    },
    "_Redirects": {
      "meshcommander": "https://www.meshcommander.com/"
    }
  },
  "domains": {
    "": {
      "Title": "Mesh Command",
      "Title2": "Meshcentral",
      "mstsc": true,
      "_TitlePicture": "title-sample.png",
      "_UserQuota": 1048576,
      "_MeshQuota": 248576,
      "_NewAccounts": true,
      "_UserNameIsEmail": true,
      "_NewAccountEmailDomains": [ "sample.com" ],
      "_NewAccountsRights": [ "nonewgroups", "notools" ],
      "_Footer": "<a href='https://twitter.com/mytwitter'>Twitter</a>",
      "CertUrl": "https://remote.example.com:443/",
      "_PasswordRequirements": { "min": 8, "max": 128, "upper": 1, "lower": 1, "numeric": 1, "nonalpha": 1, "reset": 90, "force2factor": true },
      "_AgentNoProxy": true,
      "_GeoLocation": true,
      "_UserAllowedIP": "127.0.0.1,192.168.1.0/24",
      "_UserBlockedIP": "127.0.0.1,::1,192.168.0.100",
      "_AgentAllowedIP": "192.168.0.100/24",
      "_AgentBlockedIP": "127.0.0.1,::1",
      "___UserSessionIdleTimeout__" : "Number of user idle minutes before auto-disconnect",
      "_UserSessionIdleTimeout" : 30,
      "__UserConsentFlags__" : "Set to: 1 for desktop, 2 for terminal, 3 for files, 7 for all",
      "_UserConsentFlags" : 7,
      "_Limits": {
        "_MaxDevices": 100,
        "_MaxUserAccounts": 100,
        "_MaxUserSessions": 100,
        "_MaxAgentSessions": 100,
        "MaxSingleUserSessions": 10
      },
      "_AmtAcmActivation": {
        "log": "amtactivation.log",
        "certs": {
          "mycertname": {
            "certfiles": [ "amtacm-leafcert.crt", "amtacm-intermediate1.crt", "amtacm-intermediate2.crt", "amtacm-rootcert.crt" ],
            "keyfile": "amtacm-leafcert.key"
          }
        }
      },
      "_Redirects": {
        "meshcommander": "https://www.meshcommander.com/"
      },
      "_yubikey": { "id": "0000", "secret": "xxxxxxxxxxxxxxxxxxxxx", "_proxy": "http://myproxy.domain.com:80" },
      "_httpheaders": { "Strict-Transport-Security": "max-age=360000" },
      "_agentConfig": [ "webSocketMaskOverride=1" ]
    },
    "_customer1": {
      "DNS": "customer1.myserver.com",
      "Title": "Customer1",
      "Title2": "TestServer",
      "NewAccounts": 1,
      "Auth": "sspi",
      "Footer": "Test",
      "_CertUrl": "https://192.168.2.106:443/"
    },
    "info": {
      "share": "C:\\ExtraWebSite"
    }
  },
  "_letsencrypt": {
    "__comment__": "Go to https://letsdebug.net/ first before trying Let's Encrypt.",
    "email": "myemail@myserver.com ",
    "names": "myserver.com,customer1.myserver.com",
    "rsaKeySize": 3072,
    "production": false
  },
  "_peers": {
    "serverId": "server1",
    "servers": {
      "server1": { "url": "wss://192.168.2.133:443/" },
      "server2": { "url": "wss://192.168.1.106:443/" }
    }
  },
  "_smtp": {
    "host": "smtp.myserver.com",
    "port": 25,
    "from": "myemail@myserver.com",
    "tls": false
  }
}

[si458]

Node 14 is EOL, the min requirement is node 16, and recommended node 18. So please update node and try again

[abjoseph]

Node 14 is EOL, the min requirement is node 16, and recommended node 18. So please update node and try again

@si458 When I updated MeshCentral to v1.1.24, node was also updated to v18 and that's the result that was screenshot above where the AMT agents aren't connecting.

[si458]

Config all looks OK at first glance? What's your reverse proxy config? I'm guessing the AMT port is also proxied via ur reverseproxy?

Do u get any errors when u start meshcentral?

[abjoseph]

Config all looks OK at first glance? What's your reverse proxy config? I'm guessing the AMT port is also proxied via ur reverseproxy?

1. It's the exact same config that was working with v1.1.20, so I'm not inclined to suspect configuration as the issue.
2. The reverse proxy is nginx and again, this is exactly the same config between v1.1.20 and v.1.1.24.
3. Correct.
4. No errors when starting meshcentral

   
   root@meshcentral:~# systemctl status meshcentral.service
   * meshcentral.service - MeshCentral Service
    Loaded: loaded (/etc/systemd/system/meshcentral.service; enabled; vendor preset: enabled)
    Active: active (running) since Sun 2024-06-23 16:49:27 UTC; 11min ago
   Main PID: 1473 (node)
     Tasks: 22 (limit: 76917)
    Memory: 169.3M
       CPU: 5.969s
    CGroup: /system.slice/meshcentral.service
            |-1473 /usr/bin/node meshcentral
            `-1485 /usr/bin/node /root/meshcentral/node_modules/meshcentral/meshcentral --launch 1473

Jun 23 16:49:30 meshcentral node[1473]: Code signed MeshCmd64.exe. Jun 23 16:49:30 meshcentral node[1473]: Code signed MeshService.exe. Jun 23 16:49:30 meshcentral node[1473]: Code signed MeshService64.exe. Jun 23 16:49:33 meshcentral node[1473]: Code signed MeshCmd.exe. Jun 23 16:49:36 meshcentral node[1473]: Code signed MeshCmdARM64.exe. Jun 23 16:49:36 meshcentral node[1473]: MeshCentral Intel(R) AMT server running on remote.example.com:44330, alias port 4433. Jun 23 16:49:36 meshcentral node[1473]: MeshCentral HTTP server running on port 4430, alias port 443. Jun 23 16:49:36 meshcentral node[1473]: Loaded web certificate from "https://remote.example.com:443/", host: "remote.example.com" Jun 23 16:49:36 meshcentral node[1473]: SHA384 cert hash: 306b824ab8ba70ae49a609cfb827a9df68db3c9d165a924d6b772070dbcef5ca288d31400609ac147bbd7cab7a9dc00f Jun 23 16:49:36 meshcentral node[1473]: SHA384 key hash: 9d59e535a5b179e64b678875e7b69cc598aef257956912afd86d8e9abd601df17529e04735692d379bf4315524b6d5bf

Was there a change/update to the discovery and connectivity logic for AMT in v1.1.22 and later??

[abjoseph]

P.S - I've created a clone of LXC machine with the v1.1.20 installation via my virtualization host and making NO OTHER changes besides updating Meshcentral to v1.1.24 via the self-update feature, all the agent-based machines come online however, the AMT machines never come back online.

The Only variable is the meshcentral version.

[si458]

Somethings changed. Code signed MeshService64.exe It's codesigned all ur exes again? And this only happens if a dns name or certificate has changed? How did u update? Do u have any agents, or is it only AMT devices?

Edit. Also check its full output journalctl -u meshcentral.service

[si458]

Try the following

1. Stop the meshcentral service
2. cd /root/meshcentral
3. node node_modules/meshcentral --debug amt

See what logs appear? Anything helpful there?

[abjoseph]

@si458 I ran the node node_modules/meshcentral --debug amt for both the v1.1.20 and v1.1.24 installations, results below. The v1.1.24 installation never outputs anything for AMT, which makes sense since the agents never come online.

The third output is after I power on the two machines, Servyr-M920q and Servyr-NUC11. There is an issue with the v1.1.24 installation when machines are off whereas this was working before in v1.1.20.

v1.1.20 Install, Machines Powered off.

root@meshcentral:~# systemctl stop meshcentral.service
root@meshcentral:~# cd meshcentral/
root@meshcentral:~/meshcentral# node node_modules/meshcentral --debug amt
WARNING: MeshCentral will require Node v16 or above in the future, your current version is v14.21.1.
MeshCentral HTTP redirection server running on port 800.
MeshCentral v1.1.20, Hybrid (LAN + WAN) mode.
Code signed MeshService64.exe.
Code signed MeshCmd64.exe.
Code signed MeshCmd.exe.
Code signed MeshCmdARM64.exe.
Code signed MeshServiceARM64.exe.
Code signed MeshService.exe.
MeshCentral Intel(R) AMT server running on remote.example.com:44330, alias port 4433.
MeshCentral HTTP server running on port 4430, alias port 443.
Loaded web certificate from "https://remote.example.com:443/", host: "remote.example.com"
  SHA384 cert hash: 306b824ab8ba70ae49a609cfb827a9df68db3c9d165a924d6b772070dbcef5ca288d31400609ac147bbd7cab7a9dc00f
  SHA384 key hash: 9d59e535a5b179e64b678875e7b69cc598aef257956912afd86d8e9abd601df17529e04735692d379bf4315524b6d5bf
AMT: Start Management node//yPbYCzLdse0WxhjZOwu$@IDKJm2PggFbtQtqEJfjZPyzwjOpWeUvpRYqYTjFIWjK 3
AMT: Servyr-NUC11 Checking Intel AMT state...
AMT: Servyr-NUC11 Attempt Initial Contact Local
AMT: Servyr-NUC11 Attempt Initial Local Contact 3 Servyr-NUC11.example.org
AMT: Servyr-NUC11 Direct-Connect TLS Servyr-NUC11.example.org admin
AMT: Start Management node//VAfyxz1KHnxHyLcW7XtkUcD$TCN32h7SAxMvZMjOOLHXrwAQ8QemHcAlZFpls3Ub 3
AMT: Start Management node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$ 3
AMT: Servyr-DevBox Checking Intel AMT state...
AMT: Servyr-DevBox Attempt Initial Contact Local
AMT: Servyr-DevBox Attempt Initial Local Contact 3 Servyr-DevBox.example.org
AMT: Servyr-DevBox Direct-Connect TLS Servyr-DevBox.example.org admin
AMT: Servyr-M920q Checking Intel AMT state...
AMT: Servyr-M920q Attempt Initial Contact Local
AMT: Servyr-M920q Attempt Initial Local Contact 3 Servyr-M920q.example.org
AMT: Servyr-M920q Direct-Connect TLS Servyr-M920q.example.org admin
AMT: Servyr-NUC11 Initial Contact Response 200
AMT: Servyr-NUC11 Intel AMT connected with TLS.
AMT: Servyr-DevBox Initial Contact Response 200
AMT: Servyr-DevBox Intel AMT connected with TLS.
AMT: Servyr-M920q Initial Contact Response 200
AMT: Servyr-M920q Intel AMT connected with TLS.
AMT: Servyr-NUC11 Fetching hardware inventory.
AMT: Servyr-DevBox Fetching hardware inventory.
AMT: Servyr-M920q Fetching hardware inventory.
AMT: Servyr-NUC11 Done.
AMT: Servyr-M920q Done.
AMT: Servyr-DevBox Done.

v1.1.24 Install, Machines Powered off.

root@meshcentral:~/meshcentral# node node_modules/meshcentral --debug amt
MeshCentral HTTP redirection server running on port 800.
MeshCentral v1.1.24, Hybrid (LAN + WAN) mode.
Code signed MeshService64.exe.
Code signed MeshService.exe.
Code signed MeshCmdARM64.exe.
Code signed MeshServiceARM64.exe.
Code signed MeshCmd64.exe.
Code signed MeshCmd.exe.
MeshCentral Intel(R) AMT server running on remote.example.com:44330, alias port 4433.
MeshCentral HTTP server running on port 4430, alias port 443.
Loaded web certificate from "https://remote.example.com:443/", host: "remote.example.com"
  SHA384 cert hash: 306b824ab8ba70ae49a609cfb827a9df68db3c9d165a924d6b772070dbcef5ca288d31400609ac147bbd7cab7a9dc00f
  SHA384 key hash: 9d59e535a5b179e64b678875e7b69cc598aef257956912afd86d8e9abd601df17529e04735692d379bf4315524b6d5bf

v1.1.24 Install, Machines Powered on.

root@meshcentral:~/meshcentral# node node_modules/meshcentral --debug amt
MeshCentral HTTP redirection server running on port 800.
MeshCentral v1.1.24, Hybrid (LAN + WAN) mode.
Code signed MeshCmd64.exe.
Code signed MeshCmdARM64.exe.
Code signed MeshServiceARM64.exe.
Code signed MeshService.exe.
Code signed MeshService64.exe.
Code signed MeshCmd.exe.
MeshCentral Intel(R) AMT server running on remote.example.com:44330, alias port 4433.
MeshCentral HTTP server running on port 4430, alias port 443.
Loaded web certificate from "https://remote.example.com:443/", host: "remote.example.com"
  SHA384 cert hash: 306b824ab8ba70ae49a609cfb827a9df68db3c9d165a924d6b772070dbcef5ca288d31400609ac147bbd7cab7a9dc00f
  SHA384 key hash: 9d59e535a5b179e64b678875e7b69cc598aef257956912afd86d8e9abd601df17529e04735692d379bf4315524b6d5bf
AMT: Start Management node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$ 3
AMT: Servyr-M920q Checking Intel AMT state...
AMT: Servyr-M920q Attempt Initial Contact Local
AMT: Servyr-M920q Attempt Initial Local Contact 3 Servyr-M920q.example.org
AMT: Servyr-M920q Direct-Connect TLS Servyr-M920q.example.org admin
AMT: Servyr-M920q Initial Contact Response 200
AMT: Servyr-M920q Intel AMT connected with TLS.
AMT: Servyr-M920q Fetching hardware inventory.
AMT: Servyr-M920q Done.
AMT: Start Management node//KR@Lev7CYbYEZDfDZL0sEjf$CGEvbrGAuIHiLHGOiAu6UJ1vW5X36JbSL9EkC@az 3
AMT: Servyr-NUC11 Checking Intel AMT state...
AMT: Servyr-NUC11 Attempt Initial Contact Local
AMT: Servyr-NUC11 Attempt Initial Local Contact 3 Servyr-NUC11.example.org
AMT: Servyr-NUC11 Direct-Connect TLS Servyr-NUC11.example.org admin
AMT: Servyr-NUC11 Initial Contact Response 200
AMT: Servyr-NUC11 Intel AMT connected with TLS.
AMT: Servyr-NUC11 Fetching hardware inventory.
AMT: Servyr-NUC11 Done.

[si458]

Something isn't right with ur setup?

Why is it code-signing the applications every time u start meshcentral?

It should only do that once and never again.

What's the layout of ur meshcentral-data folder?

[abjoseph]

P.S - Below is the output when I issue a AMT power off command for the two machines:

...
AMT: Servyr-NUC11 Fetching hardware inventory.
AMT: Servyr-NUC11 Done.
performPowerAction node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$ 8
AMT: Servyr-M920q performPowerAction 8
performPowerAction node//KR@Lev7CYbYEZDfDZL0sEjf$CGEvbrGAuIHiLHGOiAu6UJ1vW5X36JbSL9EkC@az 8
AMT: Servyr-NUC11 performPowerAction 8
AMT: Servyr-M920q Stop Management node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$ 3
AMT: Servyr-M920q Remove device node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$ 3 1
AMT: Servyr-NUC11 Stop Management node//KR@Lev7CYbYEZDfDZL0sEjf$CGEvbrGAuIHiLHGOiAu6UJ1vW5X36JbSL9EkC@az 3
AMT: Servyr-NUC11 Remove device node//KR@Lev7CYbYEZDfDZL0sEjf$CGEvbrGAuIHiLHGOiAu6UJ1vW5X36JbSL9EkC@az 3 1

[abjoseph]

Something isn't right with ur setup?

Why is it code-signing the applications every time u start meshcentral?

It should only do that once and never again.

What's the layout of ur meshcentral-data folder?

I understand that "Code signed" thing seems unusual to you but I'm primarily concerned about the AMT agents not showing online and since the "Code signed" output is the same for both versions, then logic would imply that it might not be the cause of the AMT issue. Just my opinion.

root@meshcentral:~/meshcentral/meshcentral-data# ls -lha
total 1.1M
drwxr-xr-x 3 root root   23 Jun 23 17:47 .
drwxr-xr-x 7 root root    8 Jun 13 23:33 ..
-rw-r--r-- 1 root root 2.5K Jun 27  2020 agentserver-cert-private.key
-rw-r--r-- 1 root root 1.5K Jun 27  2020 agentserver-cert-public.crt
-rw-r--r-- 1 root root 2.5K Jun  8  2022 codesign-cert-private.key
-rw-r--r-- 1 root root 1.6K Jun  8  2022 codesign-cert-public.crt
-rw-r--r-- 1 root root 4.7K Jun 27  2020 config.exampple.json
-rw-r--r-- 1 root root 4.9K Aug  8  2023 config.json
-rw-r--r-- 1 root root 4.7K Jun 27  2020 config.json~
-rw-r--r-- 1 root root 3.6M Jun 23 17:44 meshcentral-events.db
-rw-r--r-- 1 root root    0 Jul 16  2021 meshcentral-plugins.db
-rw-r--r-- 1 root root  44K Jun 23 17:44 meshcentral-power.db
-rw-r--r-- 1 root root 245K Jun 23 17:44 meshcentral-stats.db
-rw-r--r-- 1 root root 303K Jun 23 17:44 meshcentral.db
-rw-r--r-- 1 root root 1.7K Jun 27  2020 mpsserver-cert-private.key
-rw-r--r-- 1 root root 1.5K Jun 27  2020 mpsserver-cert-public.crt
-rw-r--r-- 1 root root 2.5K Jun 27  2020 root-cert-private.key
-rw-r--r-- 1 root root 1.6K Jun 27  2020 root-cert-public-backup.crt
-rw-r--r-- 1 root root 1.6K Jun 27  2020 root-cert-public.crt
-rw-r--r-- 1 root root  198 Jun 23 17:34 serverstate.txt
drwxr-xr-x 2 root root    8 Apr 24  2023 signedagents
-rw-r--r-- 1 root root 2.5K Jun 27  2020 webserver-cert-private.key
-rw-r--r-- 1 root root 1.7K Jun 27  2020 webserver-cert-public.crt
root@meshcentral:~/meshcentral/meshcentral-data#

[si458]

Try rerunning amtconfig in the console tab of one of the devices and see what it outputs (might take a min to finish with logs)

Then shut the device down and see if u can still see it online

I'm confused why it says Remov Device?

I don't have an amt 11 device only 7, and I'm not seeing this issue? But will look more into it tomorrow if I can

[si458]

The problem is the code-siging only happens if the dns name changes, which in turn regenerates certificates, like the amt certificate, which in turn would explain WHY they can't connect because the certificate has changed?

[si458]

Try also running node node_modules/meshcentral --debug

This will output ALL debug logs and might give more of an insight!

Note the will be loads of logs too

[abjoseph]

Try rerunning amtconfig in the console tab of one of the devices and see what it outputs (might take a min to finish with logs)

Then shut the device down and see if u can still see it online

I'm confused why it says Remove Device?

I don't have an amt 11 device only 7, and I'm not seeing this issue? But will look more into it tomorrow if I can

Servyr-NUC11, amtconfig:

> amtconfig 
Enabled live view of Intel AMT configuration events, "amtevents off" to disable.
13:54:13, LMS tunnel start.
13:54:14, Checking Intel AMT state...
13:54:17, Intel AMT connected.
13:54:23, Done.
13:54:23, LMS tunnel closed.

Servyr-M920q, amtconfig:

> amtconfig 
Enabled live view of Intel AMT configuration events, "amtevents off" to disable.
13:55:59, LMS tunnel start.
13:56:00, Checking Intel AMT state...
13:56:03, Intel AMT connected.
13:56:10, Done.
13:56:10, LMS tunnel closed.

[abjoseph]

The problem is the code-siging only happens if the dns name changes, which in turn regenerates certificates, like the amt certificate, which in turn would explain WHY they can't connect because the certificate has changed?

Understood.

[abjoseph]

Try also running node node_modules/meshcentral --debug

This will output ALL debug logs and might give more of an insight!

Note the will be loads of logs too

Output below, v1.1.24

Spoiler warning

``` root@meshcentral:~/meshcentral# node node_modules/meshcentral --debug MAIN: Core module windows-amt is 646343 bytes. MAIN: Core module linux-amt is 592266 bytes. MAIN: Core module linux-noamt is 491730 bytes. MAIN: Core module windows-recovery is 137824 bytes. MAIN: Core module linux-recovery is 82212 bytes. MAIN: Core module windows-agentrecovery is 61977 bytes. MAIN: Core module linux-agentrecovery is 6365 bytes. MAIN: Core module windows-tiny is 6305 bytes. MAIN: Core module linux-tiny is 6305 bytes. MeshCentral HTTP redirection server running on port 800. AUTHLOG: Server listening on 0.0.0.0 port 800. MeshCentral v1.1.24, Hybrid (LAN + WAN) mode. MAIN: Code signing with arguments: {"out":"/root/meshcentral/meshcentral-data/signedagents/MeshService.exe","desc":"example Command","url":"https://remote.example.com/","time":"http://timestamp.comodoca.com/authenticode","proxy":null} MAIN: Code signing with arguments: {"out":"/root/meshcentral/meshcentral-data/signedagents/MeshService64.exe","desc":"example Command","url":"https://remote.example.com/","time":"http://timestamp.comodoca.com/authenticode","proxy":null} MAIN: Code signing with arguments: {"out":"/root/meshcentral/meshcentral-data/signedagents/MeshServiceARM64.exe","desc":"example Command","url":"https://remote.example.com/","time":"http://timestamp.comodoca.com/authenticode","proxy":null} MAIN: Code signing with arguments: {"out":"/root/meshcentral/meshcentral-data/signedagents/MeshCmd.exe","desc":"example Command","url":"https://remote.example.com/","time":"http://timestamp.comodoca.com/authenticode","proxy":null} MAIN: Code signing with arguments: {"out":"/root/meshcentral/meshcentral-data/signedagents/MeshCmd64.exe","desc":"example Command","url":"https://remote.example.com/","time":"http://timestamp.comodoca.com/authenticode","proxy":null} MAIN: Code signing with arguments: {"out":"/root/meshcentral/meshcentral-data/signedagents/MeshCmdARM64.exe","desc":"example Command","url":"https://remote.example.com/","time":"http://timestamp.comodoca.com/authenticode","proxy":null} Code signed MeshServiceARM64.exe. Code signed MeshService.exe. Code signed MeshCmd64.exe. Code signed MeshCmdARM64.exe. Code signed MeshCmd.exe. Code signed MeshService64.exe. DISPATCH: AddEventDispatch [ 'server-shareremove' ] CERT: loadCertificate() - Loading certificate from remote.example.com:443, Hostname: remote.example.com... DISPATCH: AddEventDispatch [ '*' ] DISPATCH: DispatchEvent [ '*' ] MAIN: Server started MeshCentral Intel(R) AMT server running on remote.example.com:44330, alias port 4433. AUTHLOG: Server listening on 0.0.0.0 port 44330. MeshCentral HTTP server running on port 4430, alias port 443. CERT: loadCertificate() - TLS connected, got certificate. Loaded web certificate from "https://remote.example.com:443/", host: "remote.example.com" SHA384 cert hash: 306b824ab8ba70ae49a609cfb827a9df68db3c9d165a924d6b772070dbcef5ca288d31400609ac147bbd7cab7a9dc00f SHA384 key hash: 9d59e535a5b179e64b678875e7b69cc598aef257956912afd86d8e9abd601df17529e04735692d379bf4315524b6d5bf HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '216.164.233.22', 'x-forwarded-for': '216.164.233.22', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': '9CS9aWf2YK/hh0J1W7JB5z==', 'sec-websocket-version': '13' } WEBREQUEST: (216.164.233.22) /agent.ashx/.websocket AGENT: New agent at 216.164.233.22:52842 HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '216.48.99.147', 'x-forwarded-for': '216.48.99.147', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'Jqj8MG9k0knta+pL18AzvU==', 'sec-websocket-version': '13' } WEBREQUEST: (216.48.99.147) /agent.ashx/.websocket AGENT: New agent at 216.48.99.147:52848 AGENT: Verified agent connection to E8QcvChSMV9DPGLTjb8974cxRtC1tvxoAApWuMo1I1FbAECkgHY0omfa0rC@1Hl0 (216.48.99.147:52848). DISPATCH: DispatchEvent [ 'node//E8QcvChSMV9DPGLTjb8974cxRtC1tvxoAApWuMo1I1FbAECkgHY0omfa0rC@1Hl0', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] HTTPHEADERS: GET /login { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'cache-control': 'max-age=0', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'sec-ch-ua-platform': '"Windows"', 'upgrade-insecure-requests': '1', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'navigate', 'sec-fetch-user': '?1', 'sec-fetch-dest': 'document', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=0, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiTWtOYWtKVnQiLCJ0IjoyODY1Mjc2M30=; xid.sig=sEaDZOD4LyghEQz_O-CdmgQuK6KCv1ZqDTIuKeCvkjP3U3_CgH3NZLQlE0Bc6iA7' } WEBREQUEST: (192.168.10.1) /login WEB: handleRootRequestLogin() HTTPHEADERS: GET /styles/style.css { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'text/css,*/*;q=0.1', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'style', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"10a92-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=0', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=e30=; xid.sig=s2TKuwbEjWInNlb-9bVLqKzgF4B234g7U2jkU8QQSecSeQqNNOY5mARhdM6r7dMe' } WEBREQUEST: (192.168.10.1) /styles/style.css HTTPHEADERS: GET /scripts/common-0.0.1.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"2665-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=e30=; xid.sig=s2TKuwbEjWInNlb-9bVLqKzgF4B234g7U2jkU8QQSecSeQqNNOY5mARhdM6r7dMe' } WEBREQUEST: (192.168.10.1) /scripts/common-0.0.1.js HTTPHEADERS: GET /scripts/u2f-api.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"5ff1-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=e30=; xid.sig=s2TKuwbEjWInNlb-9bVLqKzgF4B234g7U2jkU8QQSecSeQqNNOY5mARhdM6r7dMe' } WEBREQUEST: (192.168.10.1) /scripts/u2f-api.js HTTPHEADERS: GET /welcome.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', referer: 'https://remote.example.com/login', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"434d0-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=e30=; xid.sig=s2TKuwbEjWInNlb-9bVLqKzgF4B234g7U2jkU8QQSecSeQqNNOY5mARhdM6r7dMe' } WEBREQUEST: (192.168.10.1) /welcome.png HTTPHEADERS: GET /manifest.json { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'cors', 'sec-fetch-dest': 'manifest', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"219-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=2' } WEBREQUEST: (192.168.10.1) /manifest.json HTTPHEADERS: GET /favicon.ico { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=1, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=e30=; xid.sig=s2TKuwbEjWInNlb-9bVLqKzgF4B234g7U2jkU8QQSecSeQqNNOY5mARhdM6r7dMe' } WEBREQUEST: (192.168.10.1) /favicon.ico HTTPHEADERS: GET /android-chrome-192x192.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"922e-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=e30=; xid.sig=s2TKuwbEjWInNlb-9bVLqKzgF4B234g7U2jkU8QQSecSeQqNNOY5mARhdM6r7dMe' } WEBREQUEST: (192.168.10.1) /android-chrome-192x192.png DISPATCH: DispatchEvent [ 'node//E8QcvChSMV9DPGLTjb8974cxRtC1tvxoAApWuMo1I1FbAECkgHY0omfa0rC@1Hl0', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] HTTPHEADERS: GET / { host: 'remote.example.com', 'x-real-ip': '88.99.15.3', 'x-forwarded-for': '88.99.15.3', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9', 'user-agent': 'Uptime-Kuma/1.23.10' } WEBREQUEST: (88.99.15.3) / WEB: handleRootRequestLogin() HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'th6BVUY9tita5TSl4VThkn==', 'sec-websocket-version': '13' } WEBREQUEST: (192.168.10.1) /agent.ashx/.websocket AGENT: New agent at 192.168.10.1:32842 HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'Ez+k+oK9fIO39uoRymcRwk==', 'sec-websocket-version': '13' } WEBREQUEST: (192.168.10.1) /agent.ashx/.websocket AGENT: New agent at 192.168.10.1:32846 HTTPHEADERS: POST /login { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'content-length': '59', 'cache-control': 'max-age=0', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'sec-ch-ua-platform': '"Windows"', 'upgrade-insecure-requests': '1', origin: 'null', 'content-type': 'application/x-www-form-urlencoded', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'navigate', 'sec-fetch-user': '?1', 'sec-fetch-dest': 'document', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=0, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=e30=; xid.sig=s2TKuwbEjWInNlb-9bVLqKzgF4B234g7U2jkU8QQSecSeQqNNOY5mARhdM6r7dMe' } WEBREQUEST: (192.168.10.1) /login WEB: handleRootPostRequest, action: login WEB: checkUserOneTimePassword() WEB: checkUserOneTimePassword: fail (2). WEB: handleLoginRequest: 2FA token required WEB: handleRootRequestEx: sending 2FA challenge. WEB: getHardwareKeyChallenge: fail WEB: handleRootRequestLogin() AGENT: Verified agent connection to idyx8LNkYOjbUOBPuZgnHD75PRc@hQiE5REny9GkfMmpDoUH2DDS7BHhnjrLUZnJ (216.164.233.22:52842). DISPATCH: DispatchEvent [ 'node//idyx8LNkYOjbUOBPuZgnHD75PRc@hQiE5REny9GkfMmpDoUH2DDS7BHhnjrLUZnJ', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] HTTPHEADERS: GET /styles/style.css { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'if-none-match': 'W/"10a92-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'text/css,*/*;q=0.1', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'style', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=0', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJlIjoiMjV5SWV0U3Uka2Z6dGdPZlJPOEhyaVNsTWg5cEhtYUJWd2NWRHNEZmwwVXBSYXZkNFkwTEBCcG13d1NPOXVTUmpQanY1QVVXSXJJNHVKTGpTUjJ2dXdyVFFmdjFFVjF2RVZEZlY5RnRKSDltbldaMXJaOG8wOFMxZWNYaWszTT0ifQ==; xid.sig=x3nzs-kTo162W-yeGlVkuJGMHPv5iDD-9bSxbeUqusddMUDTxCOu78lICb6yrqqT' } WEBREQUEST: (192.168.10.1) /styles/style.css HTTPHEADERS: GET /scripts/common-0.0.1.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'if-none-match': 'W/"2665-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJlIjoiMjV5SWV0U3Uka2Z6dGdPZlJPOEhyaVNsTWg5cEhtYUJWd2NWRHNEZmwwVXBSYXZkNFkwTEBCcG13d1NPOXVTUmpQanY1QVVXSXJJNHVKTGpTUjJ2dXdyVFFmdjFFVjF2RVZEZlY5RnRKSDltbldaMXJaOG8wOFMxZWNYaWszTT0ifQ==; xid.sig=x3nzs-kTo162W-yeGlVkuJGMHPv5iDD-9bSxbeUqusddMUDTxCOu78lICb6yrqqT' } WEBREQUEST: (192.168.10.1) /scripts/common-0.0.1.js HTTPHEADERS: GET /scripts/u2f-api.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'if-none-match': 'W/"5ff1-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJlIjoiMjV5SWV0U3Uka2Z6dGdPZlJPOEhyaVNsTWg5cEhtYUJWd2NWRHNEZmwwVXBSYXZkNFkwTEBCcG13d1NPOXVTUmpQanY1QVVXSXJJNHVKTGpTUjJ2dXdyVFFmdjFFVjF2RVZEZlY5RnRKSDltbldaMXJaOG8wOFMxZWNYaWszTT0ifQ==; xid.sig=x3nzs-kTo162W-yeGlVkuJGMHPv5iDD-9bSxbeUqusddMUDTxCOu78lICb6yrqqT' } WEBREQUEST: (192.168.10.1) /scripts/u2f-api.js HTTPHEADERS: GET /welcome.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'if-none-match': 'W/"434d0-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', referer: 'https://remote.example.com/login', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJlIjoiMjV5SWV0U3Uka2Z6dGdPZlJPOEhyaVNsTWg5cEhtYUJWd2NWRHNEZmwwVXBSYXZkNFkwTEBCcG13d1NPOXVTUmpQanY1QVVXSXJJNHVKTGpTUjJ2dXdyVFFmdjFFVjF2RVZEZlY5RnRKSDltbldaMXJaOG8wOFMxZWNYaWszTT0ifQ==; xid.sig=x3nzs-kTo162W-yeGlVkuJGMHPv5iDD-9bSxbeUqusddMUDTxCOu78lICb6yrqqT' } WEBREQUEST: (192.168.10.1) /welcome.png HTTPHEADERS: GET /manifest.json { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'cors', 'sec-fetch-dest': 'manifest', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"219-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=2' } WEBREQUEST: (192.168.10.1) /manifest.json HTTPHEADERS: GET /android-chrome-192x192.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"922e-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJlIjoiMjV5SWV0U3Uka2Z6dGdPZlJPOEhyaVNsTWg5cEhtYUJWd2NWRHNEZmwwVXBSYXZkNFkwTEBCcG13d1NPOXVTUmpQanY1QVVXSXJJNHVKTGpTUjJ2dXdyVFFmdjFFVjF2RVZEZlY5RnRKSDltbldaMXJaOG8wOFMxZWNYaWszTT0ifQ==; xid.sig=x3nzs-kTo162W-yeGlVkuJGMHPv5iDD-9bSxbeUqusddMUDTxCOu78lICb6yrqqT' } WEBREQUEST: (192.168.10.1) /android-chrome-192x192.png HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '216.48.99.147', 'x-forwarded-for': '216.48.99.147', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': '2ehrAd7cN5rn3/SoqXlGjD==', 'sec-websocket-version': '13' } WEBREQUEST: (216.48.99.147) /agent.ashx/.websocket AGENT: New agent at 216.48.99.147:32902 HTTPHEADERS: POST /login { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'content-length': '57', 'cache-control': 'max-age=0', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'sec-ch-ua-platform': '"Windows"', 'upgrade-insecure-requests': '1', origin: 'null', 'content-type': 'application/x-www-form-urlencoded', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'navigate', 'sec-fetch-user': '?1', 'sec-fetch-dest': 'document', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=0, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJlIjoiMjV5SWV0U3Uka2Z6dGdPZlJPOEhyaVNsTWg5cEhtYUJWd2NWRHNEZmwwVXBSYXZkNFkwTEBCcG13d1NPOXVTUmpQanY1QVVXSXJJNHVKTGpTUjJ2dXdyVFFmdjFFVjF2RVZEZlY5RnRKSDltbldaMXJaOG8wOFMxZWNYaWszTT0ifQ==; xid.sig=x3nzs-kTo162W-yeGlVkuJGMHPv5iDD-9bSxbeUqusddMUDTxCOu78lICb6yrqqT' } WEBREQUEST: (192.168.10.1) /login WEB: handleRootPostRequest, action: tokenlogin AGENT: Verified agent connection to IFH2CoI@P8JEzckg8IkUcRT5CQTmJDaGEnJWHx6VSRL41yQk43T3HvFVi31NcUGE (192.168.10.1:32842). DISPATCH: DispatchEvent [ 'node//IFH2CoI@P8JEzckg8IkUcRT5CQTmJDaGEnJWHx6VSRL41yQk43T3HvFVi31NcUGE', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] WEB: checkUserOneTimePassword() WEB: checkUserOneTimePassword: success (authenticator). WEB: handleLoginRequest: successful 2FA login DISPATCH: DispatchEvent [ '*', 'server-users', 'user//ajoseph' ] AUTHLOG: Accepted password for ajoseph from 192.168.10.1 port 32912, SessionID: VuFylo+L, Browser: Edge/125.0.0.0, OS: Windows/10 WEB: handleLoginRequest: login ok (2) COOKIE: Encoded AESGCM cookie: {"userid":"user//ajoseph","domainid":"","ip":"192.168.10.1","time":1719165856} COOKIE: Encoded AESGCM cookie: {"ruserid":"user//ajoseph","x":"VuFylo+L","time":1719165856} WEB: handleRootRequestEx: success. AGENT: Verified agent connection to Va4xUnJor2NYz8Mc8Fgn0U9E2kmrvhM8qCgxEUykET2fAQq8DyIzYeeI8EVCz0qX (192.168.10.1:32846). DISPATCH: DispatchEvent [ 'node//Va4xUnJor2NYz8Mc8Fgn0U9E2kmrvhM8qCgxEUykET2fAQq8DyIzYeeI8EVCz0qX', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//Va4xUnJor2NYz8Mc8Fgn0U9E2kmrvhM8qCgxEUykET2fAQq8DyIzYeeI8EVCz0qX', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] HTTPHEADERS: GET /styles/style.css { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'if-none-match': 'W/"10a92-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'text/css,*/*;q=0.1', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'style', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=0', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /styles/style.css HTTPHEADERS: GET /styles/ol.css { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'text/css,*/*;q=0.1', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'style', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1623-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=0', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /styles/ol.css HTTPHEADERS: GET /styles/ol3-contextmenu.min.css { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'text/css,*/*;q=0.1', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'style', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"12cd-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=0', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /styles/ol3-contextmenu.min.css HTTPHEADERS: GET /styles/xterm.css { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'text/css,*/*;q=0.1', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'style', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1218-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=0', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /styles/xterm.css HTTPHEADERS: GET /styles/flatpickr.min.css { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'text/css,*/*;q=0.1', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'style', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"3edd-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=0', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /styles/flatpickr.min.css HTTPHEADERS: GET /scripts/common-0.0.1.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'if-none-match': 'W/"2665-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/common-0.0.1.js HTTPHEADERS: GET /scripts/meshcentral.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"ba4-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/meshcentral.js HTTPHEADERS: GET /scripts/amt-0.2.0.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"12e7c-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/amt-0.2.0.js HTTPHEADERS: GET /scripts/amt-wsman-0.2.0.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"4255-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/amt-wsman-0.2.0.js HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '216.48.99.147', 'x-forwarded-for': '216.48.99.147', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'VeFCyoTxWg1D9DYTeUn8k1==', 'sec-websocket-version': '13' } WEBREQUEST: (216.48.99.147) /agent.ashx/.websocket AGENT: New agent at 216.48.99.147:32962 HTTPHEADERS: GET /scripts/amt-desktop-0.0.2.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"c793-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/amt-desktop-0.0.2.js HTTPHEADERS: GET /scripts/amt-terminal-0.0.2.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"97fa-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/amt-terminal-0.0.2.js HTTPHEADERS: GET /scripts/zlib.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"11b0-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/zlib.js HTTPHEADERS: GET /scripts/zlib-inflate.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"16202-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/zlib-inflate.js HTTPHEADERS: GET /scripts/zlib-adler32.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"27f4-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/zlib-adler32.js HTTPHEADERS: GET /scripts/zlib-crc32.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"257a-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/zlib-crc32.js HTTPHEADERS: GET /scripts/amt-redir-ws-0.1.0.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"3ccb-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/amt-redir-ws-0.1.0.js HTTPHEADERS: GET /scripts/amt-wsman-ws-0.2.0.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"397e-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/amt-wsman-ws-0.2.0.js HTTPHEADERS: GET /scripts/agent-redir-ws-0.1.1.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"45b4-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/agent-redir-ws-0.1.1.js HTTPHEADERS: GET /scripts/agent-redir-rtc-0.1.0.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1ac5-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/agent-redir-rtc-0.1.0.js HTTPHEADERS: GET /scripts/agent-desktop-0.0.2.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"b951-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/agent-desktop-0.0.2.js HTTPHEADERS: GET /scripts/agent-rdp-0.0.1.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"34e4-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/agent-rdp-0.0.1.js HTTPHEADERS: GET /scripts/qrcode.min.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"4dd7-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/qrcode.min.js HTTPHEADERS: GET /scripts/xterm.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"42382-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/xterm.js HTTPHEADERS: GET /scripts/xterm-addon-fit.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"949-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/xterm-addon-fit.js HTTPHEADERS: GET /scripts/flatpickr.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"c09f-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/flatpickr.js HTTPHEADERS: GET /mstsc/mstsc.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"759-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /mstsc/mstsc.js HTTPHEADERS: GET /mstsc/keyboard.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"2821-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /mstsc/keyboard.js HTTPHEADERS: GET /mstsc/rle.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"75f3f-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /mstsc/rle.js HTTPHEADERS: GET /mstsc/client.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"2aa6-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /mstsc/client.js HTTPHEADERS: GET /mstsc/canvas.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"c73-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /mstsc/canvas.js HTTPHEADERS: GET /scripts/u2f-api.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'if-none-match': 'W/"5ff1-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/u2f-api.js HTTPHEADERS: GET /scripts/charts.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"32043-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/charts.js HTTPHEADERS: GET /scripts/moment.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"9c51c-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/moment.js HTTPHEADERS: GET /scripts/chartjs-adapter-moment.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"a18-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/chartjs-adapter-moment.js HTTPHEADERS: GET /scripts/filesaver.min.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"a05-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/filesaver.min.js HTTPHEADERS: GET /scripts/ol.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"7dd9d-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/ol.js HTTPHEADERS: GET /scripts/ol3-contextmenu.js { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'script', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"2c8c-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /scripts/ol3-contextmenu.js HTTPHEADERS: GET /images/x16.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"259-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=2, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /images/x16.png HTTPHEADERS: GET /images/link4.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"83-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wifQ==; xid.sig=56KYIW161HF-_3S-6GEoAPlX272FdMlPY2gzSCGBR7aM9rTNij_kyGV3ewdO_Wk9' } WEBREQUEST: (192.168.10.1) /images/link4.png DISPATCH: DispatchEvent [ 'node//idyx8LNkYOjbUOBPuZgnHD75PRc@hQiE5REny9GkfMmpDoUH2DDS7BHhnjrLUZnJ', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] DISPATCH: DispatchEvent [ 'node//IFH2CoI@P8JEzckg8IkUcRT5CQTmJDaGEnJWHx6VSRL41yQk43T3HvFVi31NcUGE', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] COOKIE: Encoded AESGCM cookie: {"a":"apf","n":"node//IFH2CoI@P8JEzckg8IkUcRT5CQTmJDaGEnJWHx6VSRL41yQk43T3HvFVi31NcUGE","m":"mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv","time":1719165857} HTTPHEADERS: GET /images/link6.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"c6-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=2, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/link6.png HTTPHEADERS: GET /serverpic.ashx { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"116f8-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=2, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /serverpic.ashx HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '216.48.99.147', 'x-forwarded-for': '216.48.99.147', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'ZOORsZLHjbLUUMqYVXXZEV==', 'sec-websocket-version': '13' } WEBREQUEST: (216.48.99.147) /agent.ashx/.websocket AGENT: New agent at 216.48.99.147:33272 HTTPHEADERS: GET /images/icon-star-notify-16.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"21e-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-star-notify-16.png HTTPHEADERS: GET /images/icon-relay-notify.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"180-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-relay-notify.png HTTPHEADERS: GET /images/icon-help-notify-16.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1a4-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-help-notify-16.png HTTPHEADERS: GET /commander.ashx { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'sec-ch-ua-platform': '"Windows"', 'upgrade-insecure-requests': '1', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'navigate', 'sec-fetch-dest': 'iframe', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"b8f55-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=0, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /commander.ashx HTTPHEADERS: GET /images/icon-play.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"23a-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-play.png HTTPHEADERS: GET /images/icon-chat.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"166b-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-chat.png HTTPHEADERS: GET /images/icon-notify.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"d36-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-notify.png HTTPHEADERS: GET /images/icon-lock.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"d1b-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-lock.png HTTPHEADERS: GET /images/icon-url2.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"d0f-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-url2.png HTTPHEADERS: GET /images/icon-background.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"d3b-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-background.png HTTPHEADERS: GET /images/icon-camera.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"d25-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-camera.png HTTPHEADERS: GET /images/icon-film.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1278-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-film.png HTTPHEADERS: GET /images/icon-clipboard-in.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"157d-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-clipboard-in.png HTTPHEADERS: GET /images/icon-clipboard-out.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1616-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-clipboard-out.png HTTPHEADERS: GET /images/icon-refresh.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"e86-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-refresh.png HTTPHEADERS: GET /images/icon-keylock-red.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1fe4-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-keylock-red.png HTTPHEADERS: GET /images/icon-keylock.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"d43-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-keylock.png HTTPHEADERS: GET /images/icon-share2.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"209-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-share2.png HTTPHEADERS: GET /images/details/graph64.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1ddb-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/details/graph64.png HTTPHEADERS: GET /images/webp/mesh-256.webp { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"5648-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/webp/mesh-256.webp HTTPHEADERS: GET /images/webp/user-256.webp { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"12cc-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/webp/user-256.webp HTTPHEADERS: GET /images/user-256.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"4beb-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/user-256.png HTTPHEADERS: GET /images/webp/group-256.webp { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"1f1c-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/webp/group-256.webp HTTPHEADERS: GET /sounds/chimes.mp3 { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'accept-encoding': 'identity;q=1, *;q=0', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'audio', 'accept-language': 'en-US,en;q=0.9', range: 'bytes=0-8831', 'if-none-match': 'W/"2280-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /sounds/chimes.mp3 HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'Ub1VlRh8HHNd5qmtPqais1==', 'sec-websocket-version': '13' } WEBREQUEST: (192.168.10.1) /agent.ashx/.websocket AGENT: New agent at 192.168.10.1:33482 HTTPHEADERS: GET /manifest.json { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: '*/*', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'cors', 'sec-fetch-dest': 'manifest', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"219-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=2' } WEBREQUEST: (192.168.10.1) /manifest.json HTTPHEADERS: GET /logo.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"54b3-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /logo.png HTTPHEADERS: GET /images/leftbar-64.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"b071-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/leftbar-64.png AGENT: Verified agent connection to gSKWwpNwmZ03JGvVAAiU5@d4Xs7MAbw5vyupWA5dKp54vhWaiRvkBRWbp0YSeib$ (216.48.99.147:33272). DISPATCH: DispatchEvent [ 'node//gSKWwpNwmZ03JGvVAAiU5@d4Xs7MAbw5vyupWA5dKp54vhWaiRvkBRWbp0YSeib$', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] HTTPHEADERS: GET /control.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', pragma: 'no-cache', 'cache-control': 'no-cache', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', origin: 'https://remote.example.com', 'sec-websocket-version': '13', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb', 'sec-websocket-key': 'JfIiVtwhzk8FpvE6uo27Wg==', 'sec-websocket-extensions': 'permessage-deflate; client_max_window_bits' } WEBREQUEST: (192.168.10.1) /control.ashx/.websocket DISPATCH: DispatchEvent [ '*', 'server-users' ] DISPATCH: RemoveAllEventDispatch DISPATCH: AddEventDispatch [ 'user//ajoseph', 'server-allusers', '*', 'mesh//cUba2FzagwLPQFwqKrAX6IHPs7SI4Wydiu0w0sApXQc314s6ZjwwNq617KLe2wHz', 'mesh//wRjPzBBoBO@VdZBjCeJwByVQ@SosAWr@zEQBFqBpqFE3pD7uZMRlHj1XHm8h1v6W', 'mesh//eyWJ2n1LfNKzGgGRYi1WK4i9HpLdVUNoTJTorl3Gm6jc8whb6q3wr1GYFBk0J8nb', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW', 'mesh//ubDgTFIq02ecuytuuEJ1QK2IFsWgXHgg$60wm9veLhEOOIE9VBf0nf2HKANDJUiC', 'mesh//oOGtGE8ktsDZFaS8DF4rd5mLmTIaMUoL8pBWwb5TInDCuP0y$VHVv3hFL0vt9iW0' ] HTTPHEADERS: GET /images/user-256.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"4beb-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/user-256.png AGENT: Verified agent connection to YnFBWSfthCxyvB9AZvfmAAZs6psvpzV20u7ztiY4wPPj77MCQNOjjpItjIwJXA@a (216.48.99.147:32962). DISPATCH: DispatchEvent [ 'node//YnFBWSfthCxyvB9AZvfmAAZs6psvpzV20u7ztiY4wPPj77MCQNOjjpItjIwJXA@a', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] HTTPHEADERS: GET /android-chrome-192x192.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"922e-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /android-chrome-192x192.png COOKIE: Encoded AESGCM cookie: {"a":"apf","n":"node//idyx8LNkYOjbUOBPuZgnHD75PRc@hQiE5REny9GkfMmpDoUH2DDS7BHhnjrLUZnJ","m":"mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd","time":1719165857} DISPATCH: DispatchEvent [ 'node//YnFBWSfthCxyvB9AZvfmAAZs6psvpzV20u7ztiY4wPPj77MCQNOjjpItjIwJXA@a', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] HTTPHEADERS: GET /images/key12.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"e2d-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/key12.png HTTPHEADERS: GET /images/views.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"e8b-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'u=1, i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/views.png HTTPHEADERS: GET /images/icons50.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"7b13-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icons50.png DISPATCH: DispatchEvent [ 'node//E8QcvChSMV9DPGLTjb8974cxRtC1tvxoAApWuMo1I1FbAECkgHY0omfa0rC@1Hl0', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] HTTPHEADERS: GET /images/c2.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"e6-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/c2.png HTTPHEADERS: GET /images/icon-collapse.png { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', 'sec-ch-ua': '"Microsoft Edge";v="125", "Chromium";v="125", "Not.A/Brand";v="24"', 'sec-ch-ua-mobile': '?0', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0', 'sec-ch-ua-platform': '"Windows"', accept: 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8', 'sec-fetch-site': 'same-origin', 'sec-fetch-mode': 'no-cors', 'sec-fetch-dest': 'image', 'accept-encoding': 'gzip, deflate, br, zstd', 'accept-language': 'en-US,en;q=0.9', 'if-none-match': 'W/"4d8-7438674ba0"', 'if-modified-since': 'Sat, 26 Oct 1985 08:15:00 GMT', priority: 'i', cookie: 'amp_dummy-=8V2eNz8fZskHcZl2oFigg6.VXNlcnMtMjI=..1i12fj0li.1i12fk3eg.13.c.1f; apt.uid=AP-YFGMCGUNNIFB-2-1719159469999-78563671.0.2.6b933aba-006b-4c12-b4b5-a0ddc2adfcf4; xid=eyJ1c2VyaWQiOiJ1c2VyLy9ham9zZXBoIiwiaXAiOiIxOTIuMTY4LjEwLjEiLCJ4IjoiVnVGeWxvK0wiLCJ0IjoyODY1Mjc2NH0=; xid.sig=7AZw08yZLlAMfkiTKI02m2Fa5F5_Q5RsK4iWnQDbb7WzzOXLY3mmJFPeuQkReUrb' } WEBREQUEST: (192.168.10.1) /images/icon-collapse.png DISPATCH: DispatchEvent [ 'node//gSKWwpNwmZ03JGvVAAiU5@d4Xs7MAbw5vyupWA5dKp54vhWaiRvkBRWbp0YSeib$', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] DISPATCH: DispatchEvent [ 'node//YnFBWSfthCxyvB9AZvfmAAZs6psvpzV20u7ztiY4wPPj77MCQNOjjpItjIwJXA@a', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] DISPATCH: DispatchEvent [ 'node//Va4xUnJor2NYz8Mc8Fgn0U9E2kmrvhM8qCgxEUykET2fAQq8DyIzYeeI8EVCz0qX', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] COOKIE: Encoded AESGCM cookie: {"a":"apf","n":"node//Va4xUnJor2NYz8Mc8Fgn0U9E2kmrvhM8qCgxEUykET2fAQq8DyIzYeeI8EVCz0qX","m":"mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv","time":1719165858} COOKIE: Encoded AESGCM cookie: {"a":"apf","n":"node//YnFBWSfthCxyvB9AZvfmAAZs6psvpzV20u7ztiY4wPPj77MCQNOjjpItjIwJXA@a","m":"mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd","time":1719165858} AGENT: Verified agent connection to 7ZS1QUfnf94VARMC048ueCYsnAumNk2lCSFLCOdzBy8C2X3gTlHoJvq0@b@KK8QN (216.48.99.147:32902). DISPATCH: DispatchEvent [ 'node//7ZS1QUfnf94VARMC048ueCYsnAumNk2lCSFLCOdzBy8C2X3gTlHoJvq0@b@KK8QN', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] AGENT: Verified agent connection to aOfK6wanwDy$vQwnguLULX5CFe4Gzl5IkhHEOQ7OzGb8eb3FQP5YIIuRTsMEmqNR (192.168.10.1:33482). DISPATCH: DispatchEvent [ 'node//aOfK6wanwDy$vQwnguLULX5CFe4Gzl5IkhHEOQ7OzGb8eb3FQP5YIIuRTsMEmqNR', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//aOfK6wanwDy$vQwnguLULX5CFe4Gzl5IkhHEOQ7OzGb8eb3FQP5YIIuRTsMEmqNR', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//7ZS1QUfnf94VARMC048ueCYsnAumNk2lCSFLCOdzBy8C2X3gTlHoJvq0@b@KK8QN', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] DISPATCH: DispatchEvent [ 'node//aOfK6wanwDy$vQwnguLULX5CFe4Gzl5IkhHEOQ7OzGb8eb3FQP5YIIuRTsMEmqNR', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] COOKIE: Encoded AESGCM cookie: {"a":"apf","n":"node//7ZS1QUfnf94VARMC048ueCYsnAumNk2lCSFLCOdzBy8C2X3gTlHoJvq0@b@KK8QN","m":"mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd","time":1719165859} COOKIE: Encoded AESGCM cookie: {"a":"apf","n":"node//aOfK6wanwDy$vQwnguLULX5CFe4Gzl5IkhHEOQ7OzGb8eb3FQP5YIIuRTsMEmqNR","m":"mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv","time":1719165859} HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'I8CpCfyGXcUK+WULypjT5U==', 'sec-websocket-version': '13' } WEBREQUEST: (192.168.10.1) /agent.ashx/.websocket AGENT: New agent at 192.168.10.1:33600 AGENT: Verified agent connection to WmLR4wegDz$wg9Im$XKW@wwxPsziVbIRtqYb8iogivXnseVILw3n$aXp0Hzxtjhv (192.168.10.1:33600). DISPATCH: DispatchEvent [ 'node//WmLR4wegDz$wg9Im$XKW@wwxPsziVbIRtqYb8iogivXnseVILw3n$aXp0Hzxtjhv', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] DISPATCH: DispatchEvent [ 'node//WmLR4wegDz$wg9Im$XKW@wwxPsziVbIRtqYb8iogivXnseVILw3n$aXp0Hzxtjhv', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] DISPATCH: DispatchEvent [ 'node//IFH2CoI@P8JEzckg8IkUcRT5CQTmJDaGEnJWHx6VSRL41yQk43T3HvFVi31NcUGE', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//gSKWwpNwmZ03JGvVAAiU5@d4Xs7MAbw5vyupWA5dKp54vhWaiRvkBRWbp0YSeib$', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] DISPATCH: DispatchEvent [ 'node//aOfK6wanwDy$vQwnguLULX5CFe4Gzl5IkhHEOQ7OzGb8eb3FQP5YIIuRTsMEmqNR', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//WmLR4wegDz$wg9Im$XKW@wwxPsziVbIRtqYb8iogivXnseVILw3n$aXp0Hzxtjhv', '*', 'mesh//zquAUvuBfAFOyqaBatCymVOfFJtrTmVdRKqimwmJUKKF0ruuk$iSW3rVbA9IvZMW' ] DISPATCH: DispatchEvent [ 'node//idyx8LNkYOjbUOBPuZgnHD75PRc@hQiE5REny9GkfMmpDoUH2DDS7BHhnjrLUZnJ', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] DISPATCH: DispatchEvent [ 'node//Va4xUnJor2NYz8Mc8Fgn0U9E2kmrvhM8qCgxEUykET2fAQq8DyIzYeeI8EVCz0qX', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//7ZS1QUfnf94VARMC048ueCYsnAumNk2lCSFLCOdzBy8C2X3gTlHoJvq0@b@KK8QN', '*', 'mesh//slrFcvD9hQFkTdz@R8yFWCu$3yNgNazBPL13yRF9AjTX@uIBm6pO2QqaGjaFlkzd' ] DISPATCH: DispatchEvent [ '*' ] HTTPHEADERS: GET / { host: 'remote.example.com', 'x-real-ip': '88.99.15.3', 'x-forwarded-for': '88.99.15.3', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', connection: 'upgrade', accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9', 'user-agent': 'Uptime-Kuma/1.23.10' } WEBREQUEST: (88.99.15.3) / WEB: handleRootRequestLogin() HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'oyt7w4no/Y+0Jdfa/uzstG==', 'sec-websocket-version': '13' } WEBREQUEST: (192.168.10.1) /agent.ashx/.websocket AGENT: New agent at 192.168.10.1:55262 DISPATCH: DispatchEvent [ 'node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$', '*', 'mesh//wRjPzBBoBO@VdZBjCeJwByVQ@SosAWr@zEQBFqBpqFE3pD7uZMRlHj1XHm8h1v6W' ] AMT: Start Management node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$ 3 AMT: Servyr-M920q Checking Intel AMT state... AMT: Servyr-M920q Attempt Initial Contact Local AMT: Servyr-M920q Attempt Initial Local Contact 3 Servyr-M920q.example.org AMT: Servyr-M920q Direct-Connect TLS Servyr-M920q.example.org admin DISPATCH: DispatchEvent [ 'node//KR@Lev7CYbYEZDfDZL0sEjf$CGEvbrGAuIHiLHGOiAu6UJ1vW5X36JbSL9EkC@az', '*', 'mesh//wRjPzBBoBO@VdZBjCeJwByVQ@SosAWr@zEQBFqBpqFE3pD7uZMRlHj1XHm8h1v6W' ] AMT: Start Management node//KR@Lev7CYbYEZDfDZL0sEjf$CGEvbrGAuIHiLHGOiAu6UJ1vW5X36JbSL9EkC@az 3 AMT: Servyr-NUC11 Checking Intel AMT state... AMT: Servyr-NUC11 Attempt Initial Contact Local AMT: Servyr-NUC11 Attempt Initial Local Contact 3 Servyr-NUC11.example.org AMT: Servyr-NUC11 Direct-Connect TLS Servyr-NUC11.example.org admin AMT: Servyr-NUC11 Initial Contact Response 200 AMT: Servyr-NUC11 Intel AMT connected with TLS. AMT: Servyr-M920q Initial Contact Response 200 AMT: Servyr-M920q Intel AMT connected with TLS. AMT: Servyr-NUC11 Fetching hardware inventory. AMT: Servyr-M920q Fetching hardware inventory. DISPATCH: DispatchEvent [ 'node//KR@Lev7CYbYEZDfDZL0sEjf$CGEvbrGAuIHiLHGOiAu6UJ1vW5X36JbSL9EkC@az', '*', 'mesh//wRjPzBBoBO@VdZBjCeJwByVQ@SosAWr@zEQBFqBpqFE3pD7uZMRlHj1XHm8h1v6W' ] DISPATCH: DispatchEvent [ 'node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$', '*', 'mesh//wRjPzBBoBO@VdZBjCeJwByVQ@SosAWr@zEQBFqBpqFE3pD7uZMRlHj1XHm8h1v6W' ] AMT: Servyr-M920q Done. DISPATCH: DispatchEvent [ 'node//GL6B7$2vKcDtxcftjwpR1By25a6a5X98tO9a$X0ZLlKL3375xV$iIbKm@ED0bRj$', '*', 'mesh//wRjPzBBoBO@VdZBjCeJwByVQ@SosAWr@zEQBFqBpqFE3pD7uZMRlHj1XHm8h1v6W' ] AMT: Servyr-NUC11 Done. AGENT: Verified agent connection to jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@ (192.168.10.1:55262). DISPATCH: DispatchEvent [ 'node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//KR@Lev7CYbYEZDfDZL0sEjf$CGEvbrGAuIHiLHGOiAu6UJ1vW5X36JbSL9EkC@az', '*', 'mesh//wRjPzBBoBO@VdZBjCeJwByVQ@SosAWr@zEQBFqBpqFE3pD7uZMRlHj1XHm8h1v6W' ] COOKIE: Encoded AESGCM cookie: {"a":"apf","n":"node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@","m":"mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv","time":1719166213} HTTPHEADERS: GET /agent.ashx/.websocket { host: 'remote.example.com', 'x-real-ip': '192.168.10.1', 'x-forwarded-for': '192.168.10.1', 'x-forwarded-host': 'remote.example.com:443', 'x-forwarded-proto': 'https', upgrade: 'websocket', connection: 'upgrade', 'sec-websocket-key': 'LvovP99Wr5hN4V5C96iSgE==', 'sec-websocket-version': '13' } WEBREQUEST: (192.168.10.1) /agent.ashx/.websocket AGENT: New agent at 192.168.10.1:55274 DISPATCH: DispatchEvent [ 'node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] AGENT: Verified agent connection to seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd (192.168.10.1:55274). DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] COOKIE: Encoded AESGCM cookie: {"a":"apf","n":"node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd","m":"mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv","time":1719166218} DISPATCH: DispatchEvent [ 'node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@', '*' ] DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*' ] DISPATCH: DispatchEvent [ 'node//jNuZL9DuXYObytIZ0432Ls@ucaasX$poejCR$hernr2YAH2w1jPyA84lq7jPBfQ@', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] DISPATCH: DispatchEvent [ 'node//seTNBXRhgb77zxX8ukH6MJoSd9KuTNsP3Ae8IVEtbUE$93e7PHx3uB877LM$Iabd', '*', 'mesh//H7iJ3SwIOq4Fn6cBpjYS$vASwd1Xw8jFJ@6jEr9QOtVMNgVTnGkzrWdpeEcU@dOv' ] ```

[si458]

The full log above, did you switch the computers on? Where they already switched on? Did they show in the Web panel as online but offline?

[abjoseph]

The full log above, did you switch the computers on? Where they already switched on? Did they show in the Web panel as online but offline?

1. They were off and I switched them on after starting in debug mode. The last section of the log is the output after I switched them on.
2. They showed in the Web panel as online ONLY after I switched them on.

[abjoseph]

FYI - I have a few of these mini-PCs with Intel ME, if you're in the states, I can send you one on loan to use for testing. I appreciate the work that's been done with MeshCentral and I wouldn't mind lending one for a good cause. The Intel ME version would be v12.0.90.

[si458]

Oh wow, any hardware I can use for testing is appreciated! Do email me! Check my github page sorry just realised u said states, dont worry about it, im UK 🇬🇧

[si458]

these are the changes we did between 1.1.20 and 1.1.24 - https://github.com/Ylianst/MeshCentral/compare/1.1.20...1.1.24 we changed 0% to do with AMT so im totally confused? altho my test machine which uses AMT 7, is showing as Intel AMT Cira and Hybernating

[si458]

are your AMT machines local to your meshcentral server? because in theory as ur using a reverse proxy they should be connecting over CIRA as they arent local to meshcentral

also what is ur group settings for AMT? these are mine

[PathfinderNetworks]

Just to interject- I am running 1.1.24 and all my AMT devices are working properly. I don't use a reverse proxy and my agents are code signed.

[abjoseph]

Just to interject- I am running 1.1.24 and all my AMT devices are working properly. I don't use a reverse proxy and my agents are code signed.

@PathfinderNetworks No problem, the additional data point is appreciated. Can you share the same information about your setup that I did in the original issue creation? Also, can you add the following bit of information about your setup for comparison's sake?

1. What version of Intel ME are your AMT devices?
2. How did you update to v1.1.24? via the built-in self-updater or manually at the command line using npm install?
3. Did skip versions in your update or have you been updating meshcentral sequentially through each new release?
4. Do you have a group AMT policy defined like the screenshot si458 showed above in the screenshot and if so, what is it?
5. When you state that your agents are code signed, are you saying that it doesn't show the code signed output on startup like my outputs or are did you code signed the agents manually?

Thanks again and appreciate any information that you can share.