Windows Analysis Report
http://togetherdating.co

ID:	1417265
Product:	CloudBasic
Start time:	20:21:27
Start date:	28.03.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:21:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	CFF46EAEBC2B281D52024D15F46930DD	163AC70184BF4DF83C0844693BD48A814E1563DF	482EC00EC40582FC76B5173AEE8E17B8FFE88D56ECB3C1D5B832E2708D38596B
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:21:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	FF7908111CB864C71EA53C49EF501260	9B3A8A160605C6CB5411D97C86561650FC8CD2D6	7559908817A321853A8F6E07E22D5780BD6EEA284726A99DD68AF891A6D97403
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	D76BF9B9E734DA5E8048FEDDC3D2715B	613DB3D7FD8992AB8BD8C2937540D5690C6E7249	6F1B2601F772E424C713F47E091F461AFF9A85ACDEE6D29DC98897ADE9536E51
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:21:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	528EA3AC5CABB49148BD700764424B98	7486B8181D190AD3669A8CFBA36E9D191DCE30A2	0C2D201AA1FDA5B17369E8F64D750F014B259B421CD0D638031D48083B613E0F
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:21:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	D573F63175990C57288992D923209FBC	81201D1D0531C00AB35CD99ACC3D81F5313B4549	F52415E984C5ADCC3A1653890647509E2149EAB14EF87CF6C8FE195457A42ACD
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:21:56 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	2FE737913C07D4A858184D4A8D093B47	110C7EC8A6518E089E27370AA2521B3C9EDB00BC	7FD69773C96E769A1CD80C7528588AB97EC21870F05D4C45599D3BA4959D853E
Chrome Cache Entry: 69	gzip compressed data, from Unix, original size modulo 2^32 13849	138F6948F4F82FDA4D44FAD50F5456BE	002792DD712E5DE8C48D71334CA6E45042D3C992	2F8100E5B650BCDE60F264ADA67F6B5712E61036260FCBE9173BB33FFC875CFF
Chrome Cache Entry: 70	gzip compressed data, from Unix, original size modulo 2^32 5058	4168BACCD372ABDACB4B1368A5EDF5A4	05DB72505D3623CACE51590F7213C9E6916DCBE8	92E8A7051A68EC0993B0C01C3EDDDAE3E8BD23534E3E4E790FCE291BD90BA575
Chrome Cache Entry: 71	gzip compressed data, from Unix, original size modulo 2^32 23854	37182E6DB4C0F52A504D1AC8CE13F094	CC57B331AF1FD9C52B0C91DEEA4FB481B1B7BE22	94B4568DF4962A7D80DA54615C506C2E52D0006B9E77F6B8E6ED3494FADFAA6A
Chrome Cache Entry: 73	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1138x776, components 3	39E737C9D79798175E1417105DD3E7B0	B6E64D8979D8D44C414B79091EBEE90428043896	A2B6A50A669EF311F1FBE6BE6174DE21A6E9CA12D186B6B2F323668C94241438
Chrome Cache Entry: 74	gzip compressed data, from Unix, original size modulo 2^32 6946	9E304F83FB5EF096356B15686E3CBC34	5B6809F40B048B66576B701B193FA71291D9708D	A27C81F99405B6DDF5F80D764CD86A1C68395EC31BF0B49C381394756D0A54BE
Chrome Cache Entry: 75	gzip compressed data, from Unix, original size modulo 2^32 2278	FA365B53F8DDE8376882043301D5EEE3	AA7C46F0FD5EFCE84227FFAE91FC556A9E2CD736	DDD4FCA2C8C260BB21FC7041CF363F2A73A8101EDD83D087111B79BCD2230544
Chrome Cache Entry: 76	gzip compressed data, from Unix, original size modulo 2^32 56736	C96891789082771FF6793E1C8A949E18	AB216038C98127295B6C6BCCC782DDAC65249198	58D3A1AA6F5260433A80DD0F5543F582E90767187EAEC193F66E3B38C01D5555
Chrome Cache Entry: 79	gzip compressed data, from Unix, original size modulo 2^32 41912	BD00A65A3EA09D3CD1FA688794C9EA7D	525296FD3C6AF7AFC58707463C309C630A3AC155	0552A268DEC918A167FD769F24EB621D606E88EE1B02D8B079E8D7DBE830CE1E
Chrome Cache Entry: 80	gzip compressed data, from Unix, original size modulo 2^32 3056	21ED64593651F92CBB60591ADFE5FD96	29A5EBDA80C8090188188D6080B21A63B264E0DE	506EBB4F855DE3B79514082C75DE0BA228AD06407D4BF1D3A99CB7C1A3825B4E
Chrome Cache Entry: 81	gzip compressed data, from Unix, original size modulo 2^32 47748	034AE5CD066D5167A0BBE83DB6B6D385	A90A6EA01B08B4C90A3D314C8C455BD750421DFF	E379C3E3C4CAA323DF1917DAA7F871C94FCFBE1EE5715EA2288B89AF35208762
Chrome Cache Entry: 82	gzip compressed data, from Unix, original size modulo 2^32 108028	5F1869CC10603261F3C1C773FE2AF60B	AF5BEA1AC50331C1071C806DE28397228A39C8EF	87880D8B1A2D4DFA00B6BE3D32F36F422CA14D2EAED1E0B3475A8813CD78B6D1
Chrome Cache Entry: 83	PNG image data, 4 x 8, 8-bit/color RGBA, interlaced	B07091E19BB41899BBF382B3594E2243	1FB1B039284C26667F694628B77FD359BD7CB053	94D2B592EB2933B57771C61BE58EE1DE20D8AE2BAF778657317449A2851C14CE
Chrome Cache Entry: 84	gzip compressed data, from Unix, original size modulo 2^32 3477	B3EFD449F00BA5ED7A6AA0225424EEB0	3501D94B31537557914D7E993EC508B68E5593CF	F0D7FC37DCBEBE89AE7A7C2C85D1B0F80F174D84EAEA5517CE40EE8B116DD736
Chrome Cache Entry: 85	gzip compressed data, from Unix, original size modulo 2^32 15552	4FD82857F2512953AE186CD3F55EBFE2	451D56D1C326D25A836DF52FD2C1A3D7E1601EFB	5FEC321E2B8736BC43BBE875CEB191FBFFB7822824F3428DFA134BF485D13429
Chrome Cache Entry: 86	gzip compressed data, from Unix, original size modulo 2^32 83606	975B03D7FD857300E0AD13D6769DE319	912DB7E9CADD0E2486D8380B80E0D2DD86E03C56	424897E5FADB664E036C49AAB9FC96C56E8D4A9A6A7FD6AB27F669BD2611F47A
Chrome Cache Entry: 87	ASCII text, with no line terminators	0E84E84CEFE7EC71D48BB27DE0622273	CB0B26F61FC7549730E7B7997EEC82F886A2E71F	CEF5B6D7128FE5E4DDBA4F17D651AE7F2028731E55D344460096693F82A57DB0
Chrome Cache Entry: 88	PNG image data, 121 x 33, 8-bit colormap, non-interlaced	2366E2603CEFFBB40899C84FDD580C5B	676C16652F4F7510D53C4074AE677F0B3B036E66	695BCD07565A83117E56FE384126D53CB925B94207EAF2433107E8A08ACCB498

Compliance

Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.6.254:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.213.254:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.53.160.47:443 -> 192.168.2.16:49735 version: TLS 1.2

Networking

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknown	TCP traffic detected without corresponding DNS query: 40.68.123.157

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 3182X-Amz-Version-Id: WeoPV8OPw8UQocVJiZwVeWZ26II363jNAccess-Control-Allow-Methods: GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 833671748 813886745X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchNBn2MtOPUTRHWbmfU+cVH,aVxMblM8KFG3we5NLvyVc5WyJlrbJlAbjNZAUPlAP/8fbJaKSXYQ/lskq2jK6SGPAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1710879469.3291841655125671678243Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Tue, 19 Mar 2024 20:17:49 GMTCache-Control: public, max-age=7776000, immutableAge: 774246Last-Modified: Tue, 17 Apr 2018 11:38:08 GMTETag: W/"338855569759ca44a0734ec4435bcbd0"Content-Type: text/cssVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-12baf686Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5b 5b 6f 9b c7 11 7d d7 af f8 e0 bc 24 86 57 da fb c5 79 68 d1 1b 1a 34 49 8b a6 45 d0 c7 bd cc 58 44 29 51 25 3f 59 55 8b fe f7 9e 25 9d 56 49 44 72 69 13 89 fd 40 d8 d6 7a be e5 9e 99 39 e7 cc 7e be 7a 39 f1 ea 76 de 4c d7 b4 7c 4b f3 a2 e6 e9 e5 d5 c5 c5 d5 cb e9 8f eb c5 9b c5 6d 5e 4e ab 65 7b b7 a6 ff e4 97 fd b7 82 73 a5 e9 df 17 13 7e bd fb f3 cd 62 f9 f8 7a 7a f1 fb ff 85 f9 9a ee e9 c5 e7 db 25 9b 75 7d 3d dd af 97 9f be f8 5d 8f 73 55 82 4f 26 47 23 4a f4 4a d8 9c bd 88 8e a4 48 54 d9 07 5f aa 6d fe 92 56 f3 2f 3e 59 10 2f fe f9 e2 33 3c 64 7d 93 e7 4f 5f d0 4d a1 d6 a8 89 d5 1d dd ce 8f 77 f4 e2 b3 57 db 47 3c 8d 5e d9 59 63 8d 68 d2 18 61 15 91 28 a5 05 a1 4b 08 8d 0d 53 28 f9 f2 61 c5 fc 24 ee ee 8f Data Ascii: [[o}$Wyh4IEXD)Q%?YU%VIDri@z9~z9vL|Km^Ne{s~bzz%u}=]sUO&G#JJHT_mV/>Y/3<d}O_MwWG<^Ycha(KS(a$
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 3182X-Amz-Replication-Status: COMPLETEDX-Amz-Server-Side-Encryption: AES256X-Amz-Version-Id: uNy49GgjqM4oM7dZd5is9haAgpWOjcA3Access-Control-Allow-Methods: GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 791577270 398374267X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchFrGVShJoPlK53+9NxW1kXWIHlCalF7YnfvOr2cMPpyw==,aVxMblM8KFG3we5NLvyVc2z9EvBCMut9vb7n4CTOBv0ghGES6Jsix+7j8qfOfk1LAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711586538.958115349586938901835Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Thu, 28 Mar 2024 00:42:18 GMTCache-Control: public, max-age=7776000, immutableAge: 89535Last-Modified: Thu, 11 Jan 2024 08:10:27 GMTETag: W/"2ac31066cd3a47ddff3d73f964191357"Content-Type: text/css; charset=utf-8Vary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-12baf686Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 1b 6b af ab b8 f1 af a4 5a 55 7b af 64 72 79 84 3c d5 55 d5 d5 b6 fd d0 f6 43 5b a9 1f aa aa 32 60 12 df 43 30 17 cc 79 dc 28 ff bd 63 63 c0 80 21 24 7b ae ba 95 aa 9c 07 f1 63 3c 2f cf 8c 67 0c 46 38 08 72 84 c3 9c a5 6f 67 84 a3 28 27 45 81 70 96 25 84 23 9c 73 1a 26 04 e1 82 46 f0 b7 8c 28 43 01 0a e8 11 05 09 0b 9f be 94 8c 13 14 b0 e8 0d 85 38 7d c6 05 fc cb 38 65 29 0a 49 ca 49 Data Ascii: kZU{dry<UC[2`C0y(cc!${c</gF8rog('Ep%#s&F(C8}8e)II
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 29312X-Amz-Version-Id: lUzvgAVIkMfC7WkprXuYi7GAU3SremQ_Access-Control-Allow-Methods: GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 780149899 551558374X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgcO5nwQP/PLP6r6amqJdTd,aVxMblM8KFG3we5NLvyVc4XOEB6lEFVlCCNdmy/LrEQghGES6Jsix+7j8qfOfk1LAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711586529.624115612681551861738Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Thu, 28 Mar 2024 00:42:09 GMTCache-Control: public, max-age=7776000, immutableAge: 73214Last-Modified: Wed, 26 Jul 2017 07:04:55 GMTETag: W/"2f0cbb7f0c5a3c00476a1e7f9500fd9f-1"Content-Type: application/x-javascriptVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-991dec68Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cc 7d 7b 77 db c6 b5 ef ff e7 53 88 a8 0f 03 98 23 8a b2 d3 de 53 30 10 6f 62 3b 4d 5a 3b 76 63 a7 49 4a d1 59 10 09 49 88 49 80 06 40 4b 8a c8 7e f6 bb 7f 7b cf 0c 06 20 68 a7 e7 dc bb d6 6d 6a 11 8f c1 3c f7 ec d7 ec c7 c9 c3 de d1 af 7f df 24 c5 dd d1 87 47 c3 d1 f0 f1 d1 f6 c8 9f 07 47 8f 46 a3 3f 2a fa 7b fa d8 bc fe 3a df 64 8b b8 4a f3 4c 1d 7d 9b cd 87 54 f0 d7 f7 78 33 cc 8b ab 93 65 3a 4f b2 32 f9 8f 93 93 ff 7d 54 e6 9b 62 9e bc 88 d7 eb 34 bb fa e1 fb e7 91 2e b7 4a b3 e1 2a 5e ff c7 c3 93 ff f0 2f 37 d9 1c 75 f9 89 a2 6a 93 cb 34 4b 16 c1 fd 87 b8 38 aa 54 a6 8a a8 ba 5b 27 f9 e5 91 7d a7 d2 28 19 2e f3 b9 74 20 a7 9b 45 3e df ac 92 ac 52 65 94 db 9b 67 Data Ascii: }{wS#S0ob;MZ;vcIJYII@K~{ hmj<$GGF?*{:dJL}Tx3e:O2}Tb4.J*^/7uj4K8T['}(.t E>Reg
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 866X-Amz-Version-Id: IeAD7WAYSU8sPS1PorNuCByw2miVzwg4Access-Control-Allow-Methods: GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 209572290 1050899814X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciHgFHgWV8QcCQihqlkMQT/,aVxMblM8KFG3we5NLvyVc/BkWtiB5goMIMj1/gzEluEghGES6Jsix+7j8qfOfk1LAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711586537.893115495703948795352Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Thu, 28 Mar 2024 00:42:17 GMTCache-Control: public, max-age=7776000, immutableAge: 94057Last-Modified: Wed, 26 Jul 2017 06:27:26 GMTETag: W/"3c405f66126816b065d7d4680a6a5105-1"Content-Type: application/x-javascriptVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-12baf686Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 56 db 6e 9b 40 10 7d f7 57 8c 50 1a e3 96 b8 76 db 27 5b 51 e5 3a 38 17 05 63 61 d2 c8 6d a3 68 63 16 1b 09 16 6b 61 49 d2 94 7f ef 2c 17 87 75 1c b5 95 6a 29 0a 73 ce 5c cf 02 43 5b 24 14 92 94 07 cb b4 3d 6c 11 b6 12 21 e1 dd 28 f6 44 48 75 8d ad 2e e3 25 09 a9 66 c0 f7 1b fc d3 0e 36 3c ce 02 4f 02 be 60 cb 34 88 99 5e 63 1d 78 6a 65 84 c3 ec f2 ca 19 5d de 8e 47 ae 79 6a 3b 0b 38 86 a7 6f a6 63 0f 40 fb 49 79 8c 91 f6 d4 44 23 66 32 8b 7b 2d 89 f4 5e e2 13 f3 1a af 7d 7a 8f d7 d6 68 ba 40 23 22 ec 51 46 b8 67 a6 23 63 d2 35 e5 5a 3e 6c d5 c5 61 45 d3 13 ba 0c 22 12 26 3a 93 1d 00 30 ac c8 e0 1d b4 71 20 00 d9 51 20 91 6e c0 3c fa 60 fb 7a bb db ee 48 86 d3 54 70 Data Ascii: Vn@}WPv'[Q:8camhckaI,uj)s\C[$=l!(DHu.%f6<O`4^cxje]Gyj;8oc@IyD#f2{-^}zh@#"QFg#c5Z>laE"&:0q Q n<`zHTp
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 39996X-Amz-Version-Id: Oe.sBBO8HV4DqwAb0sd4TbV82Y5.otAeAccess-Control-Allow-Methods: GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 157818950 38572221X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciKxFU9qNTbx/wnSkqqAmp9,aVxMblM8KFG3we5NLvyVc+rffjTX6sjb3mg81EGkmDwQXT2AyjWfyxKagyd4/pDDAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711305715.8185345623452388753Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Sun, 24 Mar 2024 18:41:55 GMTCache-Control: public, max-age=7776000, immutableAge: 348000Last-Modified: Wed, 26 Jul 2017 06:27:16 GMTETag: W/"f06188602d585283a5e17900d9d76b2f-1"Content-Type: application/x-javascriptVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-12baf686Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b4 bd 79 7f db 46 92 3f fc 3f 5f 85 84 d5 32 40 d8 a2 24 27 9b 9d 01 04 73 25 59 b2 65 5b 96 63 c9 4e 32 14 e3 5f e3 e0 11 92 20 c5 43 47 44 be f7 a7 be d5 dd 40 83 a4 9c 99 d9 7d e2 7c 44 a0 d1 68 f4 51 5d 5d 77 ed 7d 5f d9 3a ca 3a f3 81 9c bc bd da ba 3b a8 bf a8 bf f8 5b 65 cb 8d bd ad 17 fb 07 fb bb f4 e7 c7 ad d7 a3 51 67 90 8a ad f3 2c ae 6f 75 67 b3 b1 bf b7 27 d5 4b 7f 4c eb a3 49 a7 b2 f5 be 17 a7 d9 34 f5 b7 2e ce af 2b df ef 55 dc f6 3c 8b 67 bd 51 e6 fe 22 7e 15 73 ef e9 bb f9 34 dd 9a ce 26 bd 78 f6 5d 60 1e 6e fd e9 46 de d3 24 9d cd 27 d9 56 fe 86 f7 74 27 27 5b 32 94 93 ce 7c 98 66 b3 69 73 bf 25 62 21 43 a7 e9 d4 dc a8 11 d5 1c 9f fe 39 5e 4d d6 9c 96 e9 Data Ascii: yF??_2@$'s%Ye[cN2_ CGD@}|DhQ]]w}_::;[eQg,oug'KLI4.+U<gQ"~s4&x]`nF$'Vt''[2|fis%b!C9^M
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 2345X-Amz-Replication-Status: COMPLETEDX-Amz-Server-Side-Encryption: AES256X-Amz-Version-Id: roli2dcfCklU3Fm6kwqiR4WQPOfNS75aAccess-Control-Allow-Methods: GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 300858421 91351494X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGPAccept-Ranges: bytesServer: Pepyaka/1.19.0X-Wix-Request-Id: 1709575838.393710854554317540Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Mon, 04 Mar 2024 18:10:38 GMTCache-Control: public, max-age=7776000, immutableAge: 2077877Last-Modified: Thu, 11 Jan 2024 08:07:31 GMTETag: W/"a4d0977836ca8a1c8b6001c029a89b9b"Content-Type: application/x-javascriptVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-12baf686Data Raw: 1f 8b 08 00 00 00 00 00 00 03 a5 59 6d 73 db b8 11 fe 2b 14 c7 a3 00 63 0c cf 77 1f c5 61 54 27 75 ae 99 73 93 4c 9c b6 d3 51 d5 0c 08 82 2f 12 45 c8 04 e5 57 e9 bf 77 97 e0 bb 2c c9 be 7e 48 4c 82 d8 c5 ee 62 f7 d9 07 10 cf a2 4d ca 73 67 a5 82 4d 2a 89 bd e6 5a f0 74 9d 4b 11 17 4e 91 f3 4c a7 bc 90 36 9b d9 59 64 cf a9 93 6f 32 32 b3 cf 3a 5f c2 4d 26 8a 44 65 84 d3 e7 3b 9e 5b be c7 1d 5d a8 9c 47 f2 0f f9 48 28 13 ed 00 a1 ae 98 0a 27 92 05 f1 e9 94 3b 1b 2d 35 a9 df e9 84 57 c6 24 fa Data Ascii: Yms+cwaT'usLQ/EWw,~HLbMsgM*ZtKNL6Ydo22:_M&De;[]GH(';-5W$
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 1991X-Amz-Replication-Status: COMPLETEDX-Amz-Server-Side-Encryption: AES256X-Amz-Version-Id: ILrmhNbqq2hBSPCUVAlafemjRPhhxsHFAccess-Control-Allow-Methods: GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 825004559 714990906X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcg1HuJEe35AYwQVw0AY8Ukj,aVxMblM8KFG3we5NLvyVczMRsXdcDB2rjYGDqVQ0VtUfbJaKSXYQ/lskq2jK6SGPAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711305715.84653560782142586103Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Sun, 24 Mar 2024 18:41:55 GMTCache-Control: public, max-age=7776000, immutableAge: 348000Last-Modified: Thu, 11 Jan 2024 08:10:27 GMTETag: W/"aa8216ef8220a1311703c93fa6e63207"Content-Type: application/javascriptVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-12baf686Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 58 ff 6e e3 36 12 7e 15 46 38 6c 62 40 71 7b bd bb 7f bc d9 2c 9c 6c d2 a4 4d 77 83 c6 41 b0 28 0a 83 96 68 8b 8d 44 ea 48 ca 8e ce 30 70 af 71 af 77 4f 72 df 90 92 ad d8 ce 26 05 0e 58 ac 45 72 f8 71 38 f3 cd 0f 26 aa ac 60 d6 19 99 b8 e8 bd 33 f5 92 ab 59 95 73 d3 2f 74 5a e5 e2 28 5a c8 a7 91 e1 ca e6 dc 49 ad 6c d4 5b 25 dc 25 d9 91 e8 bd 2a 1a ff 16 95 dc 26 3c 2f 8d 48 32 d7 77 cd a2 88 7e ef ad 5e 3d a7 9f 68 35 95 b3 a3 df a2 bf ac 37 de 1a 3d 97 a9 Data Ascii: Xn6~F8lb@q{,lMwA(hDH0pqwOr&XErq8&`3Ys/tZ(ZIl[%%*&</H2w~^=h57=
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 5932X-Amz-Replication-Status: COMPLETEDX-Amz-Version-Id: 1MZynDtWN.6K_yc1mcTzBaXTOkdCqZYLAccess-Control-Allow-Methods: GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *X-Amz-Server-Side-Encryption: AES256Content-Encoding: gzipX-Varnish: 154823770 36110421X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchNBn2MtOPUTRHWbmfU+cVH,aVxMblM8KFG3we5NLvyVc+rffjTX6sjb3mg81EGkmDwQXT2AyjWfyxKagyd4/pDDAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711305715.80152934119692667271Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Sun, 24 Mar 2024 18:41:55 GMTCache-Control: public, max-age=7776000, immutableAge: 348000Last-Modified: Thu, 11 Jan 2024 08:10:27 GMTETag: "79be6f7dffa8e49b2ce5b0c87e84ff0c"Content-Type: application/javascriptVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-12baf686Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 3c 8b 72 9b c8 96 bf 42 a8 29 4b ba 06 04 08 3d 2c 87 71 65 72 73 6b b2 35 99 49 8d 93 5b b5 e5 f1 aa 1a 68 49 24 08 74 01 d9 71 6c fd fb 9e d3 dd bc 04 48 f2 d8 ce 6e 25 46 40 9f 57 9f 57 9f 7e 48 f2 26 a1 52 92 c6 be 9b ca e7 b7 7e e8 45 b7 5a 10 11 ef dd b7 35 8d fd 15 0d d3 4b 37 5a d3 cb bb d0 b5 e7 9b d0 4d fd 28 ec 92 de fd 0d 89 25 c7 96 fb fd db db 5b ed d6 ff a6 b9 d1 aa 3f 23 6b bf 0f 0f 6a 40 9c 28 26 69 14 df a9 09 8d 6f 68 dc 2f de f4 dd 28 f4 36 6e fa Data Ascii: <rB)K=,qersk5I[hI$tqlHn%F@WW~H&R~EZ5K7ZM(%[?#kj@(&ioh/(6n
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 41658X-Amz-Version-Id: W5svUYdYeE8Wa5N08G9xYp0mppomYy9NAccess-Control-Allow-Methods: GET,GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 447696940 263198139X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchNBn2MtOPUTRHWbmfU+cVH,aVxMblM8KFG3we5NLvyVc+/YfOABMhigzhBfrSfQTVQQXT2AyjWfyxKagyd4/pDDAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711120535.3482205968965251678244Via: 1.1 varnish (Varnish/6.0), 1.1 googleAccess-Control-Max-Age: 3000Date: Fri, 22 Mar 2024 15:15:35 GMTCache-Control: public, max-age=7776000, immutableAge: 533181Last-Modified: Tue, 17 Apr 2018 11:11:07 GMTETag: W/"30bfa073c86da82d47b52b7a0b6ad7cd-1"Content-Type: application/x-font-woffVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-991dec68Data Raw: 1f 8b 08 00 00 00 00 00 00 03 64 b5 63 70 66 4f b4 3d fc c4 9a d8 b6 6d 67 62 db b6 6d 73 e2 89 6d db b6 6d db 99 d8 36 df fc ee bd 1f fe 55 6f d7 da 7d 7a ad da e8 3e 75 4e 6f 37 39 51 51 00 10 e0 67 14 b4 02 90 7e 1e 40 e6 b1 ff cb ff ff 43 5a 59 49 fc c7 21 f1 67 19 fc 63 7b ab 95 81 7b 72 4a f4 4c 00 00 30 ce 0f 57 fd 31 7d 93 df 88 e9 aa c2 32 ea 3f 9a 33 00 00 62 08 00 80 ed da 1f ba 1b 18 d9 18 d8 ff ac 57 7f 7c 86 7e ec 61 39 ea 05 de c8 d5 99 00 00 00 cf fd e1 a2 ff 19 a8 15 ac 9c a9 bd 99 cd 8f 76 f2 c3 3f 7f 6a 19 32 c9 38 99 9a 19 38 fd c4 42 fc a7 21 fc 8f a1 01 a0 cc ac 3d 4c 7f Data Ascii: dcpfO=mgbmsmm6Uo}z>uNo79QQg~@CZYI!gc{{rJL0W1}2?3bW|~a9v?j288B!=L
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 47380Access-Control-Allow-Methods: GET,GET, OPTIONS, POSTAccess-Control-Max-Age: 3000X-Amz-Version-Id: OJ0Lr8qVb_gYiF2kqr6nkCtktnmxiEqEAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 187107628 31825481X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchNBn2MtOPUTRHWbmfU+cVH,aVxMblM8KFG3we5NLvyVc5WyJlrbJlAbjNZAUPlAP/8fbJaKSXYQ/lskq2jK6SGPAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711120534.4742205869771471678245Via: 1.1 varnish (Varnish/6.0), 1.1 googleDate: Fri, 22 Mar 2024 15:15:34 GMTCache-Control: public, max-age=7776000, immutableAge: 533182Last-Modified: Tue, 17 Apr 2018 11:11:07 GMTETag: W/"e8c5c50fa92b6d838601de8f617f61e0-1"Content-Type: application/x-font-woffVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-991dec68Data Raw: 1f 8b 08 00 00 00 00 00 00 03 6c b7 03 94 27 4d f0 2d f8 6b db b6 6d 4f 6b da b6 ed 69 db b6 dd d3 b6 3d 6d db b6 6d db e6 f6 f7 7f 6f df d9 3d bb 75 6e 64 dd 1b 95 51 89 53 99 51 e9 2a 27 2a 0a 00 02 fc 5c 6d 41 00 e4 9f 1b 50 46 c3 ff d2 ff df 4b 5a 59 49 fc a7 42 e2 0f f5 fb b1 bd b0 67 3d 53 39 25 06 66 00 00 18 f5 47 ab fe 98 be f1 2f a4 38 55 61 19 f5 1f 9f 15 00 00 62 0a 00 80 ed 38 64 78 90 1a 59 1b d8 fd f0 85 9f 3a 83 3f f6 b0 14 fd 82 60 e4 e2 44 08 00 80 67 fe 68 d1 ff 0c 44 08 fe d8 c4 ce d4 fa c7 77 f0 a3 3f 7f da 32 64 96 71 34 31 35 70 fc 89 85 f8 cf 87 f8 3f 86 05 80 32 b5 72 37 Data Ascii: l'M-kmOki=mmo=undQSQ*'*\mAPFKZYIBg=S9%fG/8Uab8dxY:?`DghDw?2dq415p?2r7
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 55573X-Amz-Version-Id: KX3EvSnMd16QTK9t_TPMsrktWEqBXWBhAccess-Control-Allow-Methods: GET,GET, OPTIONS, POSTAccess-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*Timing-Allow-Origin: *Access-Control-Allow-Origin: *Content-Encoding: gzipX-Varnish: 423263349 279958195X-Cache-Status: HITX-Seen-By: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjaMN8m4g6DSmmGg8hxkvR+,aVxMblM8KFG3we5NLvyVc2Vurfrb0bjwTH53EUtny+IQXT2AyjWfyxKagyd4/pDDAccept-Ranges: bytesServer: Pepyaka/1.21.6X-Wix-Request-Id: 1711121688.5062218325658301679266Via: 1.1 varnish (Varnish/6.0), 1.1 googleAccess-Control-Max-Age: 3000Date: Fri, 22 Mar 2024 15:34:48 GMTCache-Control: public, max-age=7776000, immutableAge: 532028Last-Modified: Tue, 17 Apr 2018 11:11:06 GMTETag: W/"6105cf48793c0b601fc2e9796657a77b-1"Content-Type: application/x-font-woffVary: Accept-Encodingx-cache: hitglb-x-seen-by: qhk2IXhXaFW+ScoHjRxEUvX1Zxk6j9wOS6tQMkUbOP0=x-gcp-cdn-pop: LGA-991dec68Data Raw: 1f 8b 08 00 00 00 00 00 00 03 94 ba 03 74 25 5d b7 ef bd 63 a3 63 db b6 9d 8e d9 b1 6d db 76 c7 1d ec 18 1d db b6 3a b6 9d 74 6c 9b 37 cf fb 9e 73 cf b9 e7 de 31 be f1 d5 f8 cd 55 73 fe d7 5c b5 6a d7 a8 5a ab 56 8d ed ae 20 2e 0e 00 01 7c 6d 1b b9 00 94 af 1d c8 9d c7 bf e3 ff 7b 93 55 51 96 fc 4a 48 fa 72 83 bf 6c 67 45 86 b5 44 41 99 91 05 00 00 c5 fa 8a d5 be cc c0 94 0b 29 4a ed bb 9c c6 97 e6 00 00 80 59 01 00 10 db 4e 1c 9e fd c6 b6 86 5f 31 c4 fa 57 ce 9f 2f bb 5b 8c 79 42 32 76 73 21 02 00 20 0b be 62 91 7f 0c 4c 01 6e ca cc c1 dc f6 4b 3b fa 8a df bf fa 32 62 91 73 36 33 37 74 fe 6a Data Ascii: t%]ccmv:tl7s1Us\jZV .|m{UQJHrlgEDA)JYN_1W/[yB2vs! bLnK;2bs637tj
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 2816Content-Type: image/x-iconLast-Modified: Thu, 07 Sep 2023 20:06:11 GMTETag: "64fa2d33-d95"Strict-Transport-Security: max-age=31536000Server: PepyakaX-Content-Type-Options: nosniffExpires: Thu, 04 Apr 2024 14:53:52 GMTCache-Control: max-age=604800Content-Encoding: gzipAccept-Ranges: bytesDate: Thu, 28 Mar 2024 19:21:56 GMTAge: 16084X-Served-By: cache-iad-kcgs7200031-IADX-Cache: HITVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_gX-Wix-Request-Id: 1711653716.404945444500695402X-Seen-By: yvSunuo/8ld62ehjr5B7kA==Via: 1.1 googleglb-x-seen-by: bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 97 f9 3b d4 eb 1b c7 9f 31 65 2c d9 d7 50 76 21 ca 12 a2 8c 49 d6 a1 d1 19 4e 22 32 12 92 31 ca 90 c2 e8 93 28 24 8c 5d 11 23 73 6c 63 6b 2c 47 a4 e9 50 54 1a b2 0c b2 3b 8e 25 4b 1b 19 63 fb 4e df ff e1 fb fd e9 5c cf 75 3f f7 75 bd af f7 f5 7a ee e7 fe e5 be ee 84 b3 18 5b 21 01 39 01 00 80 90 bd 9d 15 96 9b 19 bf 82 8f 97 7b 63 47 f1 08 6e 82 11 b1 b6 96 a0 8a a9 b0 c0 35 39 d9 5b 9d 72 b9 79 71 39 3f a1 72 e0 b8 6c dc 69 04 6a ef 57 39 5c 19 28 05 57 c0 cd bd 35 46 0c 2c 70 80 a7 50 41 16 2f 24 c0 3d c2 85 31 4d 4f 89 d4 24 4b 8d 84 ee 2f c7 13 aa 99 b5 c7 e4 28 d9 8f d9 5e c8 cd ad 1b 59 ce cd 63 84 c1 3f 87 e1 8f 0e 0e e5 1b 80 47 e4 c6 81 48 11 59 70 28 a6 0e b1 0f 0a 65 07 b5 c0 ae 09 db 45 32 80 dd fd 89 37 f2 60 0e fa 57 fe df ca 5b 66 20 cf e2 76 eb c6 da e2 e0 ed 15 24 89 13 4a fc e7 5d e6 2c 67 6d f1 43 e5 85 46 69 c1 b6 02 8b db 8f 8e 7a b5 1e 53 b4 88 1e dd 7d 19 34 c7 cc 0f 3c e2 f1 67 cd 4b 24 a7 d6 a5 6d 6d a2 e5 56 5f 14 fb 2b 65 63 67 3b f2 ee ed 46 a1 c1 e8 dd 1d d2 f7 de f9 f5 f4 43 4e 3b eb 91 ec d5 8e 14 c5 bb 2f 77 b7 37 c3 89 a1 a1 ab 83 6b 1c 84 0a ef 7c db 8b c8 f5 47 0f 64 8e 6a 6c fe 36 0d 0d 56 7b 7d d9 fe b8 6e bd 3b 1a be 32 1a 80 c1 60 d0 1e 06 61 c9 61 00 3a a5 17 5d aa 0c f3 7a 11 31 a0 a4 e5 d0 90 7d d4 cb 38 45 d1 e2 89 23 8f 87 c8 e0 f6 d6 06 f1 db a2 6a a7 09 61 94 2d b8 55 45 3a 7a b1 65 e8 d0 84 cb e9 e9 b6 7b 14 e3 bd 20 19 e1 61 12 3c 5e ec 91 18 78 32 62 35 de cc 78 ae 90 fb 89 95 4d 9e 82 62 b9 25 ce ea 82 f3 b7 9b 49 1e e1 07 40 6a d2 fa 97 09 c5 fa 17 a1 e2 18 98 09 2b 21 cd 1e 42 71 5f 0b 13 47 a2 4c 8c 36 8b a3 b2 78 70 8d 23 cb e9 c2 74 91 3e f4 a7 89 17 07 fd 9e be cf 3e 9a 22 bc 67 cc c7 29 df ac 5e 71 5f b6 cb 5e Data Ascii: ;1e,Pv!IN"21($]#slck,GPT;%KcN\u?uz[!9{cGn59[ryq9?rlijW9\(W5F,pPA/$=1MO$K/(^Yc?GHYp(eE27`W[f v$J],gmCFizS}4<gK$mmV_+ecg;FCN;/w7k|Gdjl6V{}n;2`aa:]z1}8E#ja-UE:ze{ a<^x2b5xMb%I@j+!Bq_GL6
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Length: 2816Content-Type: image/x-iconLast-Modified: Thu, 07 Sep 2023 20:06:11 GMTETag: "64fa2d33-d95"Strict-Transport-Security: max-age=31536000Server: PepyakaX-Content-Type-Options: nosniffExpires: Thu, 04 Apr 2024 14:53:52 GMTCache-Control: max-age=604800Content-Encoding: gzipAccept-Ranges: bytesDate: Thu, 28 Mar 2024 19:21:56 GMTAge: 16084X-Served-By: cache-iad-kjyo7100179-IADX-Cache: HITVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_gX-Wix-Request-Id: 1711653716.924088797307474220X-Seen-By: yvSunuo/8ld62ehjr5B7kA==Via: 1.1 googleglb-x-seen-by: bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 97 f9 3b d4 eb 1b c7 9f 31 65 2c d9 d7 50 76 21 ca 12 a2 8c 49 d6 a1 d1 19 4e 22 32 12 92 31 ca 90 c2 e8 93 28 24 8c 5d 11 23 73 6c 63 6b 2c 47 a4 e9 50 54 1a b2 0c b2 3b 8e 25 4b 1b 19 63 fb 4e df ff e1 fb fd e9 5c cf 75 3f f7 75 bd af f7 f5 7a ee e7 fe e5 be ee 84 b3 18 5b 21 01 39 01 00 80 90 bd 9d 15 96 9b 19 bf 82 8f 97 7b 63 47 f1 08 6e 82 11 b1 b6 96 a0 8a a9 b0 c0 35 39 d9 5b 9d 72 b9 79 71 39 3f a1 72 e0 b8 6c dc 69 04 6a ef 57 39 5c 19 28 05 57 c0 cd bd 35 46 0c 2c 70 80 a7 50 41 16 2f 24 c0 3d c2 85 31 4d 4f 89 d4 24 4b 8d 84 ee 2f c7 13 aa 99 b5 c7 e4 28 d9 8f d9 5e c8 cd ad 1b 59 ce cd 63 84 c1 3f 87 e1 8f 0e 0e e5 1b 80 47 e4 c6 81 48 11 59 70 28 a6 0e b1 0f 0a 65 07 b5 c0 ae 09 db 45 32 80 dd fd 89 37 f2 60 0e fa 57 fe df ca 5b 66 20 cf e2 76 eb c6 da e2 e0 ed 15 24 89 13 4a fc e7 5d e6 2c 67 6d f1 43 e5 85 46 69 c1 b6 02 8b db 8f 8e 7a b5 1e 53 b4 88 1e dd 7d 19 34 c7 cc 0f 3c e2 f1 67 cd 4b 24 a7 d6 a5 6d 6d a2 e5 56 5f 14 fb 2b 65 63 67 3b f2 ee ed 46 a1 c1 e8 dd 1d d2 f7 de f9 f5 f4 43 4e 3b eb 91 ec d5 8e 14 c5 bb 2f 77 b7 37 c3 89 a1 a1 ab 83 6b 1c 84 0a ef 7c db 8b c8 f5 47 0f 64 8e 6a 6c fe 36 0d 0d 56 7b 7d d9 fe b8 6e bd 3b 1a be 32 1a 80 c1 60 d0 1e 06 61 c9 61 00 3a a5 17 5d aa 0c f3 7a 11 31 a0 a4 e5 d0 90 7d d4 cb 38 45 d1 e2 89 23 8f 87 c8 e0 f6 d6 06 f1 db a2 6a a7 09 61 94 2d b8 55 45 3a 7a b1 65 e8 d0 84 cb e9 e9 b6 7b 14 e3 bd 20 19 e1 61 12 3c 5e ec 91 18 78 32 62 35 de cc 78 ae 90 fb 89 95 4d 9e 82 62 b9 25 ce ea 82 f3 b7 9b 49 1e e1 07 40 6a d2 fa 97 09 c5 fa 17 a1 e2 18 98 09 2b 21 cd 1e 42 71 5f 0b 13 47 a2 4c 8c 36 8b a3 b2 78 70 8d 23 cb e9 c2 74 91 3e f4 a7 89 17 07 fd 9e be cf 3e 9a 22 bc 67 cc c7 29 df ac 5e 71 5f b6 cb 5e Data Ascii: ;1e,Pv!IN"21($]#slck,GPT;%KcN\u?uz[!9{cGn59[ryq9?rlijW9\(W5F,pPA/$=1MO$K/(^Yc?GHYp(eE27`W[f v$J],gmCFizS}4<gK$mmV_+ecg;FCN;/w7k|Gdjl6V{}n;2`aa:]z1}8E#ja-UE:ze{ a<^x2b5xMb%I@j+!Bq_GL6

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: togetherdating.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/third-party/fonts/Helvetica/fontFace.css HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/styles/error-pages/styles.css HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/third-party/jquery/2.0.3/jquery.min.js HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/third-party/angularjs/1.2.28/angular.min.js HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/third-party/angularjs/1.2.28/i18n/angular-locale_en.js HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/third-party/angular-translate/1.1.1/angular-translate.min.js HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/scripts/error-pages/locale/messages_en.js HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/scripts/error-pages/app.js HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_api/wix-laboratory-server/laboratory/conductAllInScope?scope=error-pages&accept=jsonp&callback=setExperimentsSync HTTP/1.1Host: www.wix.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"Accept: */*Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/images/error-pages/logo.png HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/images/error-pages/link-arrow.png HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://static.parastorage.com/services/wix-public/1.719.0/styles/error-pages/styles.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/images/error-pages/cable-spaghetti-bg.jpg HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://static.parastorage.com/services/wix-public/1.719.0/styles/error-pages/styles.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/third-party/fonts/Helvetica/Fonts/60be5c39-863e-40cb-9434-6ebafb62ab2b.woff HTTP/1.1Host: static.parastorage.comConnection: keep-aliveOrigin: http://togetherdating.coUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://static.parastorage.com/services/third-party/fonts/Helvetica/fontFace.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/third-party/fonts/Helvetica/Fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff HTTP/1.1Host: static.parastorage.comConnection: keep-aliveOrigin: http://togetherdating.coUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://static.parastorage.com/services/third-party/fonts/Helvetica/fontFace.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/third-party/fonts/Helvetica/Fonts/530dee22-e3c1-4e9f-bf62-c31d510d9656.woff HTTP/1.1Host: static.parastorage.comConnection: keep-aliveOrigin: http://togetherdating.coUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://static.parastorage.com/services/third-party/fonts/Helvetica/fontFace.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/images/error-pages/logo.png HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/images/error-pages/link-arrow.png HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /services/wix-public/1.719.0/images/error-pages/cable-spaghetti-bg.jpg HTTP/1.1Host: static.parastorage.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.wix.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://togetherdating.co/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.wix.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: togetherdating.co

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 28 Mar 2024 19:21:54 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1711653714.844366431591117625Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsNSikLMYkJJqXV1PzQmZDtGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRaluKPbL6SXoMxuyaR1ydai1GbbG7q5aSLDDQLPykQAgDKhLVOmbA4AgthqopP458CUg==,2UNV7KOq4oGjA5+PKsX47CaOPCbndCqdyYrCBy15MBQfbJaKSXYQ/lskq2jK6SGP,RrVNT7yXPqz6EbhZ/RjN/iaTDUqVJBOGg7yDsG/E810=,TSdO8Ig67iG+3afP/OqlAFBZQQYcwY+pEx2OV/KXaSY=,updaSF0YDozocDRTgMoSRzvV0rSx+mdgRXF42Ohi9ZGORSejP4NS4A5pP4YeNT4wNqsoCX0kf8FpzV29vF0KKg==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 5b 6f db 36 14 7e cf af 60 f4 a2 16 08 c5 c8 71 ae 93 02 74 59 8a e5 65 28 3a 14 d8 50 14 05 2d 1d 5b 4c 28 52 25 a9 d8 46 d7 ff be 73 24 d9 73 e2 60 8d 13 3f d8 e6 21 cf e5 3b 77 c6 b2 7d ce 19 e3 fc 72 6f 2f db 2f 6d 11 96 0d b0 2a d4 fa 12 cf 9c ef 31 fc d0 6d 46 34 66 66 5c 36 4d 1e cd d5 e2 da 39 eb 3e c8 19 f8 77 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 98 37 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 50 46 05 25 35 f7 85 d4 90 a7 07 ac 96 0b 55 b7 f5 7f 84 d6 83 eb 4e 72 82 2f 8c 45 7d 2b 45 45 25 9d 07 14 dc 86 29 3f db b8 a8 42 68 38 7c 6b d5 7d 1e fd c5 3f bd e3 57 b6 6e 64 50 28 61 c3 9c 9b eb 1c ca 19 f4 7c 41 05 0d 04 72 a2 4c 99 47 71 83 f0 be 76 c4 98 fd c3 82 93 c6 6b 19 f0 71 26 3a ea 63 b8 25 f8 c2 a9 26 28 6b 36 54 6c d8 b4 83 57 b6 b8 9c 9d d8 e0 37 e4 1a 8b 56 c2 e2 80 19 3b b5 5a db 79 cf b2 0e 28 85 2e d3 ca dc 31 0a 6a 1e a9 1a e1 88 c6 cc 22 56 39 98 e6 91 10 f3 f9 3c c1 58 26 85 ad c5 54 62 48 ac 49 f0 2b 62 0e 74 1e f9 0a 43 57 b4 81 11 7d 4b 78 2f 7a 25 c9 07 74 6d 91 34 d2 49 1f ac 43 4d 9d 50 8c 1b 05 da 8b 50 29 57 72 bc 0e 4b 31 c5 5c f0 e2 77 d0 f7 80 3c b2 3b bf 97 05 72 78 c4 d7 ab 0e 4b 0d be 02 c0 d4 e9 ad 0f b0 08 a2 7b 20 3a b7 6f c0 ec 2d d9 e2 7b ae 69 e8 00 de b4 13 ad 0a 91 26 a7 e9 79 72 28 7c a7 5e 00 e5 38 1a 8d 49 3e 90 3a 13 1f ea cf 44 9f f9 d9 c4 96 4b a6 a5 99 e5 11 60 fc 31 8d Data Ascii: 442V[o6~`qtYe(:P-[L(R%Fs$s`?!;w}ro//m*1mF4ff\6M9>wM%jYC+70XP%xw8PF%5UNr/E}+EE%)?Bh8|k}?WndP(a|ArLGqvkq&:c%&(k6TlW7V;Zy(.1j"V9<X&TbHI+btCW}Kx/z%tm4ICMPP)WrK1\w<;rxK{ :o-{i&yr(|^8I>:DK`1

Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.6.254:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.213.254:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.53.160.47:443 -> 192.168.2.16:49735 version: TLS 1.2

System Summary

Source: classification engine

Classification label: clean0.win@13/23@12/60

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://togetherdating.co/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1876,i,565024120139352158,7778608482785491264,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1876,i,565024120139352158,7778608482785491264,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Boot Survival

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk