Windows Analysis Report
http://drnavingupta.com

Overview

General Information

Sample URL:	http://drnavingupta.com
Analysis ID:	1417277

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Stores files to the Windows start menu directory

Classification

Signatures

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49760 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 7MB later: 30MB

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: nginx/1.23.4Content-Type: text/html; charset=UTF-8Content-Length: 14252Link: <http://drnavingupta.com/wp-json/>; rel="https://api.w.org/", <http://drnavingupta.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <http://drnavingupta.com/>; rel=shortlinkVary: Accept-EncodingContent-Encoding: gzipX-Server-Cache: trueX-Proxy-Cache: EXPIREDData Raw: 1f 8b 08 00 00 00 00 00 00 03 d5 72 ed 72 1b 47 96 e5 6f 31 a2 df 21 55 8e 96 c8 6e d4 07 00 12 fc 02 e0 91 49 c9 96 67 f4 b1 a2 3c 8e 5e db a1 48 54 5d 54 25 99 95 99 ce cc 02 08 ab 15 31 af 31 8f b0 af b1 8f b2 4f b2 37 b3 0a 20 08 82 14 45 c8 33 bb 08 12 a8 ca bc f7 9c 73 cf 3d fd c7 a7 6f 4e de ff e3 ed 73 52 d8 92 0f ff b2 d5 7f 1c 86 bf b0 31 79 f9 9c ec ff e6 de dd 39 49 39 35 66 10 30 20 0c f6 03 c2 a9 c8 07 01 88 f0 a7 b3 c0 f7 fc 02 22 63 e3 df c2 f0 3a c2 c1 7a 84 83 7b 22 3c de 76 2a 76 c8 3f eb a7 83 1d 42 7e 1b ba cb 05 ea 0d 98 30 5c 81 2a 80 66 ee b7 04 4b 49 5a 50 6d c0 0e 82 9f de bf 08 0f 82 c5 b9 a0 25 0c 82 09 83 a9 92 da 06 24 95 c2 82 c0 ba 29 cb 6c 31 c8 60 c2 52 08 fd 4b 8b 30 c1 2c a3 3c 34 29 e5 30 68 7b 14 ce c4 05 d1 c0 07 81 d2 72 cc 38 04 a4 d0 30 1e 04 85 b5 ea 28 8e f3 52 e5 91 d4 79 7c 39 16 71 fb 46 0f 13 f9 88 a6 17 2b 4d 99 16 74 82 57 95 b2 34 4a 65 19 5f 96 5c ab 34 52 85 0a 48 bc e4 13 b7 ce ec 43 6f b6 49 35 53 96 18 9d de 8e 33 55 61 33 61 6c 0b 28 c1 c4 0c df 59 1a 4a 01 f1 b9 89 9d b5 7b d1 b9 09 88 9d 29 34 c6 c2 a5 8d cf e9 84 d6 e0 c1 b0 1f d7 4f 37 37 67 99 e5 30 7c 5b d0 54 92 f7 9a a2 57 22 27 4f be 39 e8 b4 db c7 64 e5 f8 85 96 25 69 1f 1e 1e f4 e3 ba 6d 79 1b 4f b5 1c 49 6b 9e 2e 76 f1 b4 a4 97 21 2b 69 0e a1 d2 e0 76 75 c4 a9 ce e1 29 5a b1 64 e6 d3 4c 18 57 30 06 9b 16 4f 6b 43 9f c6 f1 18 51 4c 94 4b 99 73 a0 8a 19 e7 c3 4a 67 40 b9 05 b4 ca c2 7c 6e aa 14 67 29 b5 4c 8a 58 1b f3 77 f4 1f af 9c d4 41 b0 3a a2 a6 bf 57 f2 98 bc 00 c8 3e b7 c6 31 d6 c4 c1 9f 40 7e 22 cb 12 ad 32 f7 52 91 36 c5 4b 72 1e 3d 72 89 22 ef 0b 66 88 61 16 48 65 c0 10 8c 08 f9 de 1b 47 9e 09 ca 67 96 a5 86 8c 66 e4 95 14 06 35 bf 14 86 e5 05 92 2a 5e e5 4c 90 c9 41 d4 d9 8b 12 12 92 9f 8c 13 77 d5 63 35 66 dc 1d 85 c4 89 32 a8 6a 3a 9d 46 65 8d c3 1a 1c 2f 8e 60 9a e6 72 5e 4b 0b 47 37 d8 50 a2 90 96 a4 95 d6 38 05 9f b9 9c 8c 59 5e 69 c8 88 14 28 ba 99 21 c2 71 a0 9e 46 4e 05 68 22 70 5c d4 22 09 ad 70 32 61 9d c7 40 a6 cc 16 37 a7 64 c2 4f bf ca 6d c0 5a 9c 03 47 a6 02 78 d4 88 7d b4 d0 7b 35 69 2a 33 70 e5 8b 12 5f 11 df cb cf c6 02 93 6a a6 6c 13 0a 0b 97 36 3e a7 13 5a 9f 06 c3 ad f8 6f a4 ff f8 97 93 d3 67 ef 9f fd 42 fe 16 6f 4d 99 c8 e4 34 fa 30 55 50 ca 73 76 36 97 3a 20 1f 83 11 35 f0 93 e6 c1 51 50 fb ff 6b fc 6b 6c a2 69 24 75 fe 6b cc 4a 9a 83 f9 15 73 a1 e1 d7 d8 37 ff 1a b7 77 a3 24 4a 7e 8d f7 3b 97 fb 9d 5f e3 a0 15 a0 00 ec 8f 94 c8 f1 c5 4c f2 87 e1 61 a3 47 c3 df e7 35 20 3e b9 77 59 e9 14 82 a3 8f 01 ae d3 2d c6 b5 35 f8 1e 7e 35 c6 bf c6 53 15 32 91 f2 2a Data
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Wed, 08 Nov 2023 01:48:48 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4532Content-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 52 db 6e e3 38 b6 7d ee fe 0a 75 35 0a 90 d2 a6 5a 72 e2 24 c5 20 41 03 f3 13 73 26 1d 04 94 48 4b ec 50 24 87 a4 6f 11 ea df 87 ba d8 96 65 ca b2 53 85 aa 97 53 97 44 dc 97 b5 d7 5e 7b 85 7c 8e 81 22 0c 19 ba 24 a5 14 9a 1a 2a 38 dc 46 7e a3 85 14 ca 20 6e be 86 a0 2a 4d 84 31 a2 00 71 d9 7c 40 10 4e 67 8a 14 47 75 46 48 5b 64 7f ba 2a 76 05 51 5d 31 0d 5d 05 a9 60 40 1b a4 8c c5 c9 14 ad 03 8b 82 37 31 18 0f 97 df 38 ca 6f 86 cb 67 8e f2 d9 70 f9 ad a3 fc 76 b8 fc ce 51 7e e7 2a 27 1c 57 7a 74 ab 6d 08 c6 d1 60 f1 f5 71 f1 f5 50 f1 dd 51 ed 20 89 fb a3 d2 fb a1 d2 2f 47 a5 5f fa a5 4a ac 0e af b8 0b 1c 9f b0 48 c0 3d e4 c2 f8 cf da 6c 18 b9 7a 2c 90 ca 28 7f 09 ca e6 a3 35 1f 9c 3a dc 52 98 91 de da 68 ee c6 bf 9f ad f2 91 5c ff fd 32 8a d0 14 f6 31 aa c5 4a 4c b5 64 68 03 ab 47 bf 00 69 49 52 03 f4 7f 17 48 91 b2 7d 29 64 a8 80 f1 9f 47 3a e4 60 be 60 ac cc 09 cd 72 2b 53 14 7d ee 57 ac 9a 8a 15 c5 26 77 16 e8 5c 51 fe 06 a2 72 ce c8 ba 7d c1 23 2b 65 f6 18 4d 45 f5 75 7c 90 ed 75 35 88 a7 cd f5 0c 29 ec 92 86 b4 37 d7 50 11 49 90 f1 e3 e9 a4 a0 bc 40 6b 3f 9a c4 73 15 04 c3 50 23 48 67 01 59 b6 7a 6b a8 1d 50 15 dc f1 19 41 a1 b6 4b 83 94 70 43 54 89 18 cd 78 13 82 4d a8 5f 2e 96 44 cd 99 75 6e 4e 31 26 bc dc be 61 f3 3e 36 fd 82 63 82 cb 44 28 4c 94 3d 34 a6 0b 0d c3 e9 cc e1 3f 09 a2 03 d7 49 84 31 e5 99 b5 5d fb 75 7c 36 69 5d 38 d2 33 0d dd b3 a6 23 7d 03 6d 37 23 6d b1 b3 eb 7e 8c a4 ab 6b 3d a6 07 60 64 6e ba a2 3c 6c 13 8a 66 b9 71 c8 b5 1e e3 df 40 1e 2e d1 43 75 6e b8 1e 5b b1 01 9e 9e 02 76 8a b0 19 15 21 11 c6 88 c2 29 83 11 d2 21 c2 66 54 84 16 72 40 86 0a d5 29 c2 06 cc ce 04 0e a7 b3 13 d8 fd 6c 03 6f c8 da d4 2a 96 f5 17 62 34 e3 b0 7a 77 0a e1 2a 27 8a f8 50 09 61 82 12 80 aa 2f 95 4d ab b6 1a 85 f7 77 15 f4 c3 61 26 41 9a d4 1b f5 e2 05 b6 5c e2 a9 a3 83 65 30 65 a8 90 7e 1c de d6 f9 49 1c ce 6e 6e 1b 74 ef 0f 2f b2 2b 2c 57 36 58 07 82 5e f7 9a ed ba ef da e6 eb d9 97 9b a6 35 6e 5a a7 e1 b5 b3 37 5f 64 a4 ed 9e 86 db d1 76 f2 7d d3 3d 0d 67 51 14 d9 fe eb d0 d5 9d d1 0c b5 dd d7 6d f7 f4 80 f8 b4 99 7e 73 3c 5d 4b 94 56 17 5a ef 97 af 0c 3b b9 b3 e5 b7 0d 96 a3 7a b3 af be 19 af 5e 57 92 f7 b0 8f 16 d9 43 ef 8a af 7b c5 5f 6b 03 b4 f7 5f 25 00 71 5a 00 a3 10 d7 d4 50 c1 01 5e 28 54 7d c0 f8 26 8a 0a fd 30 5c 48 18 da c0 d9 c9 1a 82 74 45 67 be e0 69 8d 99 2e 12 9a 82 84 bc 53 a2 fc 28 bc 99 c4 93 28 bc 9d 4d e2 60 10 03 22 c6 bc 25 52 fe 28 e3 e0 74 59 8f cb 48 75 bd 5d f0 f5 af 82 60 8a 3c 5f 2a 32 27 4a 03 45 f0 22 25 18 14 a2 e6 d6 3c 83 32 ec a0 20 43 ca 0e 7d 2e 38 f9 8d 16 52 28 83 b8 f9 ba 43 2c d0 1a ac 28 36 39 bc bb 9f ca f5 45 18 bd d2 67 8c 0c b2 d4 a4 a5 dc c6 6c d7 cb 09 84 67 eb 0d ad af 1e 5b 9c 39 c2
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: ApacheLast-Modified: Sun, 03 Mar 2024 11:32:06 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 13471Content-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd b2 ff 72 e4 b6 d5 2d fa b7 54 a5 77 40 46 a5 7b 6c 7d 22 45 f6 2f 49 54 39 37 13 c7 73 3e d7 8d 93 1c 3b 39 a7 4e b9 5c 2e 90 d8 24 11 81 00 0d 80 6a f5 b8 e6 81 ee 6b dc 27 bb 1b 00 d9 cd ee 66 6b 66 e2 7c 87 94 ba 9b 9b 1b 6b af bd d6 ba bd be 38 ff 7b 0d 0d 90 bf d0 06 32 f2 6d a1 24 2f c8 5f 25 0c f5 7f 7c ff 6d 46 6a 6b 5b 93 dd de 5a 2c b9 86 b8 50 cd 2d f7 bd 91 92 70 7b 71 fe b6 b3 b5 d2 19 f9 7b df 31 54 4e 9f bf 38 ff 13 98 42 f3 d6 72 25 c7 93 09 37 84 92 56 43 c3 bb 86 fc d2 51 c1 ed 86 58 cf 66 cd 6d 4d 5a fe 02 82 b4 a0 4b 28 2c b1 9b 56 55 9a b6 f5 86 50 c9 88 06 d3 2a 69 f8 33 48 30 c6 97 10 2f ef b8 b0 a4 44 3e a6 05 60 3d 0e ad 20 3c 9a 42 69 20 aa 24 0f cb ff 88 f7 a8 34 ad c0 b9 d2 1a 24 a4 70 24 f9 e1 9b bf 12 a3 90 0e b5 64 a3 3a 4d b0 d9 62 03 42 0a 41 34 95 4f a4 e6 55 3d 0c c6 45 5b 6a 79 2e 7a ee 6f bf fd ab 43 70 6f ff b7 a2 c6 3a bc 1b f2 ad 25 0d 7d 82 ed 90 ce 78 36 7f c6 2d 48 d1 19 ab 1a fe 1e cb 7e 28 15 42 ad 8d 9b 4d ac 22 06 6c d7 3a 71 7a 81 b8 24 0d 97 9d 05 73 e3 5b 0a 2a 09 50 c3 c5 86 74 ad 50 94 f9 5e a1 2a 75 43 1a c5 78 e9 95 25 39 2d 9e 2a ad 3a a4 55 28 a1 f4 0d 6a a5 ac 1b 09 2f f6 06 17 2e 38 15 a4 01 c6 29 e9 b4 30 7e 19 d5 a1 fa aa 2b 6a 2e 2b dc 68 43 04 97 9e 77 a1 18 c4 6e a9 ce 72 81 cc 0d 11 14 19 59 f2 9f 7f ff ee cf 64 79 43 be fe e1 87 b9 d7 60 ad 34 43 a7 d1 28 89 2a e1 b6 65 27 0b 17 08 e3 cd 2a 34 60 19 d1 1d 47 ba 06 a3 9a 60 ab 57 42 28 f5 64 48 a5 14 23 0a b7 7c 06 bd 21 b9 46 71 40 c7 e4 87 ae 6d 95 b6 ce 83 52 03 dc 10 5a 14 e1 24 10 d3 bf ab 01 5d 77 d9 3c 8c 76 df 70 7b 43 be 87 1e c5 74 10 d2 54 62 60 9c 5c 04 19 4c 9d 1d de df c6 17 e7 ff 13 b4 f1 e9 9e c7 b3 8b f3 bf a3 04 18 36 e7 97 ca c8 2a 5e b8 e2 f7 f0 4b c7 b5 c3 c6 85 d0 29 9b 91 45 7c 37 aa ff ed 3f ff 96 91 65 3c 8b 17 17 e7 7f e6 05 48 03 19 f9 ef 7f f9 07 f9 ef 28 85 46 57 fe d6 e5 02 e3 da bf 23 cf 33 82 ca 39 c1 f5 f6 00 f9 c7 f7 df 66 03 db f5 7a 1d 57 b2 8b 95 ae 6e 45 78 6f 6e ab 56 44 b3 38 89 6b db 08 64 4a 2b 93 91 1c 63 72 83 d2 42 84 99 e8 1a 79 43 ec 5a f5 bf 31 5e 1a 63 6e 23 c3 19 e4 14 03 13 72 1a ed 92 b4 2d a1 67 dd f6 21 44 af ec 84 88 d6 9c d9 3a b2 d0 b4 8e 2d 02 5a 11 09 2a ab 8e 56 10 f5 16 dc 84 5c 47 aa f5 a9 d8 c2 f8 94 e2 63 29 e0 85 e7 02 a2 1a 28 03 a4 61 35 95 06 f1 b0 3b c2 f4 b0 cd 0d 91 b0 c6 4e b7 45 d3 80 2e 70 92 b1 bc 78 da 44 ad 32 38 a0 c4 8c 75 1a 58 c4 1b 1c 6c dc 44 77 10 0b fe 80 b4 c6 59 f7 62 c9 9f 54 43 39 9a c9 0b 67 76 84 c2 5c 9c 5f 9c ff 45 59 34 e4 5b 5f 23 7f 95 10 08 0f 19 33 a4 a8 b9 60 a1 18 02 14 36 88 0b 13 32 8e c8 68 01 7f 86 fe 05 7f ef c9 93 35 b7 b5 ea 2c 26 1a e8 13 97 95 4f ae 87 c1 60 7d eb 83 ad 21 30 44 ae 18 29 d2 19 d7 a0 f0 93 4b 4c 1a 65 44 95 a4 51 8c 97 1b 77 be 50 98 f6 92 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 06 Nov 2020 17:47:56 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 80Content-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 d3 d7 e2 e5 0a c9 48 cd 4d 55 f0 4b cc 4d b5 52 f0 4c ce cf cb 4c 56 f0 cf 4b e5 e5 72 2e 2d 2e c9 cf 55 70 0e 0e 56 08 49 cd 2d c8 49 2c 49 55 48 cb 2f 42 52 a3 c7 cb a5 a5 cf cb 05 00 ef 89 77 35 45 00 00 00 Data Ascii: HMUKMRLLVKr.-.UpVI-I,IUH/BRw5E
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Wed, 08 Nov 2023 01:48:48 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 839Content-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 9d 52 4d 8f db 36 10 bd f7 57 78 79 58 90 00 c5 3a 05 7a 91 a1 2c b6 ee 16 58 a0 db 1c d2 5b 51 2c 28 71 6c 13 4b 93 0e 39 b2 6b 28 fa ef 1d ca b2 57 09 8c 4d 90 1b 3f 66 e6 bd 79 ef 71 2e aa f7 dd 5e c7 99 ab 1a a7 53 ea 9a e0 13 c6 b6 c1 10 79 d7 38 0b 1e 1f 4d 09 52 29 e5 fb aa eb 45 87 1b 9b 54 d8 a1 a5 ca aa d3 0d da 3d 2c 73 6f c9 fc ca 14 87 ba d0 de 6e 35 82 29 ac 67 32 86 80 a5 6f 9d 1b 4e 4f 3a ae ad 2f d9 7c f7 1f 93 b8 89 90 36 c1 99 72 7e 9a df 87 3a 41 dc c3 83 83 2d 01 27 0e d2 57 43 2f 56 37 ef 44 67 57 fc 86 b3 47 8f 10 13 34 99 c1 87 53 43 64 d6 cf 0e d6 9b 70 10 22 02 b6 d1 2f 56 ad 1f 4a 66 9a 07 99 46 de cf db 16 75 7e 5d 6a e7 6a dd bc e4 3f e9 45 ef 00 67 b6 f2 70 98 5d 1b cf 4f cd 1b ed 8d 83 69 81 aa 09 74 f8 15 72 2a 8c 90 66 18 f6 34 c2 5d 06 e9 49 87 90 ed f5 a2 29 da 20 ed b9 62 da bc 00 b5 0a f1 41 37 1b 1e c8 c4 bc 40 aa c2 22 a8 c1 c8 3f 6d 42 45 66 a2 b6 3e f1 b3 33 11 f6 a0 5d 11 ed 7a 83 4c dc de 72 ea 50 3b 1d 49 ec 51 73 21 ad 1a 5d e0 79 27 aa 69 5f 1f 64 a7 11 a3 ad 5b 84 54 de cc e5 e5 f6 87 75 24 4a f9 0f 1b c0 d9 bf 3d 09 f0 43 6d a2 17 fd 15 9d 73 12 44 f7 ba 31 d2 c6 a8 6c 7a ad f1 6b a2 8a 0a 29 60 80 13 0d b4 39 09 76 76 46 4d 12 4b fb 9d 1b 3e b5 10 8f 1f c1 41 4e fe bd 73 9c a9 2f d3 cc c4 05 5c 13 b8 fe 5e 08 52 c2 ab d6 9f b5 38 03 4e 17 fd c2 62 0e d3 3d 3d 41 51 ea fd 9d c2 e3 0e aa aa 62 af 4a 32 31 98 8e 95 1f 67 2e f0 2d ef c7 3d 4c 61 3d 13 9f 3f 7f ad d1 d5 b2 3e 93 dc 8e cc 96 da b9 5a 37 2f d9 0b 49 a8 ad 73 53 aa fa 44 55 bf 41 d5 56 fa 42 f5 f6 16 a9 c6 2a ba dc 9f eb 38 33 1a 75 51 bb d0 bc 0c f1 bc fa 1d 61 e7 f4 71 24 4a bc 98 a0 41 99 cd d0 90 be a3 41 de cc 85 a4 c2 bf ed 16 42 8b 9c 8b cc 5d 45 d8 86 3d 7c 1b ae 97 bf ce 45 b6 d5 d8 44 32 7b ca 0c 17 83 56 fd c2 84 a6 dd 82 1f 34 7d d8 d3 21 0b 0c 1e 22 67 bf 7f 78 5a 92 29 f9 2d 68 03 86 c9 01 b7 e1 14 85 b7 fa 0e c1 1b 88 27 55 d2 cf 18 02 b9 40 d7 16 31 f8 82 ca 7f 74 d2 65 a3 a2 a1 1c ae f3 98 48 53 b2 51 50 c5 3b 65 80 02 e4 ee 28 27 96 a6 3c 9a 45 43 d9 24 80 55 eb 9b dc 36 6b 78 1c 53 70 ea b9 20 d7 c1 1c af 46 71 40 2e c0 58 0c b1 d8 e9 35 30 92 b1 f2 70 98 39 de c5 10 b0 84 bb cb 94 4f 2d c4 e3 47 70 24 6f 20 f2 ca 92 76 71 a5 1b 28 5e 4f e9 85 fe 49 87 e7 e7 e6 24 2d 13 65 a6 24 71 13 21 6d 82 33 a5 fa 85 38 7f 6d 76 26 8c d5 7d 8c fa a8 56 31 6c f9 05 95 02 f7 e0 20 1f d3 6f c7 65 de e1 2f bd a5 2c f8 95 29 0e f5 18 03 e2 2d 16 5e 85 3a 41 dc c3 b9 9e a3 8c 92 24 92 ef e6 39 0d 5c 2c 7e fa 1f 5f 40 72 fd 61 07 00 00 Data Ascii: RM6WxyX:z,X[Q,(qlK9k(WM?fyq.^Sy8MR)ET=,son5)g2oNO:/\|6r~:A-'W
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:50 GMTServer: ApacheLast-Modified: Sun, 21 Jan 2024 17:49:50 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1090Content-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 9d 52 4b 6f db 46 10 3e 93 bf 62 7c a2 22 58 74 ef 86 0a d8 8e d3 18 48 5d 20 31 d0 43 51 18 6b 72 28 6d bd dc 65 f7 21 45 68 fc df 3b b3 bb 7a b1 b6 e3 f4 62 8b 3b af ef 75 36 9d 96 30 85 0f 52 21 68 b1 92 0b e1 a5 d1 f5 5f ae a6 67 ae 7c 14 ba 55 e8 c0 9b c5 42 49 bd 00 bf 3c ec 84 1e 75 80 ce 58 70 bd 50 0a 5c 63 11 b5 03 9a 02 d4 e2 81 47 ef 2e 2e e1 11 37 bc ed 60 d0 85 61 30 d6 c7 d9 d6 9a a1 35 eb b4 2d 9e 3e 2b 27 d0 05 dd 70 eb e4 1d fc 53 16 8d d1 ce 83 93 1e 6f f7 4b e6 d0 9a 26 d0 94 af 17 e8 af 15 f2 cf cb cd 4d 3b 81 8a 5b 67 fb 83 15 bc 3b 2f cb e2 ec 0c 3e a3 0f 56 03 0a ab 36 20 bb 31 a3 d6 a0 d3 95 07 fc 2a 9d af cb 82 3a 26 70 32 be 1c 31 15 36 ae 3a 2f 8b a7 72 8b f0 21 78 1f 91 1d 0f 1c e0 73 97 9b 3b b1 b8 15 3d 12 ca d4 4e e0 fe 80 9f e0 cf 57 10 e6 bd cf a2 ab 82 6e b1 93 1a db 0a e6 f3 39 f8 cd 80 a6 db 8e bc 08 35 7a f7 56 a0 41 8d 40 7e 94 2d a6 15 31 1b 3b 84 84 28 be 4a 07 d8 0f 7e 13 b3 60 0f 18 7d 07 75 1c 4e 98 d3 c6 da f9 8d c2 ba 95 6e 50 62 43 80 2b 6d 34 56 e7 63 52 d9 28 9e af 1b 25 9c fb c4 12 11 55 2f a4 76 74 8f 4c 9e 71 95 88 e4 03 a3 5e d1 b6 c7 6d 79 33 b1 bd 4b 1c d9 89 3a f1 6d 21 0e 46 7a fc 2c ac 14 33 fc 3a d0 37 d5 56 42 05 24 be cd 12 bc ec f1 d0 42 12 a6 51 b2 79 c4 96 94 c8 14 e9 f2 f5 8a 24 67 18 a8 d1 12 8c d8 53 9d 42 17 74 c3 c6 4c 12 e4 91 5b 7b f0 09 15 0d 66 78 39 f0 49 96 7c 86 bc bd f0 de 4a fa e4 ce 23 c8 ac 0a db 50 79 1b b0 ca 02 ed 2c 78 6d f0 14 aa 4e 28 87 49 b0 e2 09 90 3e 7e 68 3c 9f 8c d3 24 79 42 4e aa 7f c6 de ac 5e 54 9d b6 8e 54 f7 06 22 12 58 2f 51 c7 b1 e0 d0 26 b9 1d 98 e0 1d 87 96 df f5 5e c2 b2 68 4d 13 38 f0 6f b2 01 90 3b b2 3e 94 2e e7 c9 d1 2b ee ba d1 71 fd 1c c6 1e ed 22 18 47 6b 2f 2c 19 71 68 cf c9 68 45 16 ff 45 af 6d d4 65 e4 f5 ff 74 eb 50 ef 5f 58 51 a5 a2 42 4a ea 47 72 12 59 18 07 6b e9 97 32 49 4a 0f 81 44 4b d4 b9 cb 11 e5 f8 48 ac ae f3 c0 e5 e6 4e 2c 6e 45 1f ef 57 6f 3c 00 cd 52 aa d6 92 75 af 9e fb 9d 8a 57 db ce 7c fa ef 80 76 f3 85 b6 35 de d8 0b a5 e8 6c cd 85 19 49 d8 cf 96 c2 cd 76 bb 7f 06 71 0a f5 20 16 78 cf c5 7b 2a de 1f 16 f7 68 ef a2 ba d0 51 3c 1c a0 68 96 e0 65 8f 20 e2 c9 84 5f ba 54 a6 f0 19 0b 0f 2a 58 8b 2d c1 ed e8 6b 02 7b d0 60 ba ac 55 f2 96 7f 3f 17 b7 b8 8c 3c 4a c6 7e e0 2f fa b0 01 93 5b 2f 8d f1 e1 17 a7 9e de cc e6 d8 04 8b 0d ca 15 77 78 13 a8 3d a5 f7 15 6e 47 c6 bc ce 33 6e 74 5e 58 3f 86 1d c3 b9 c7 3d 9d 96 05 4c e1 0b 52 46 e8 6e 4a be 83 3a d1 68 94 70 f4 ae 41 e8 6d 94 6a ee 3f 23 94 41 37 5e 52 e9 60 fb 24 81 92 1d e1 4f 6c fc 66 40 98 cf e7 5b e5 e1 db b7 ff 54 a2 b8 99 4f a1 28 c1 0e 55 47 c1 a3 88 3a 36 85 c5 fd 95 50 41 18 e8 cd 9a b0 58 c6 e4 0a dd a0 a3 38 3a 16 88 1f 1a 4e 87 ce a2 05 ed a5 82 35 c2 52 7a a8 b5 58 cd 72 d2 8b
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:50 GMTServer: ApacheLast-Modified: Thu, 02 Feb 2023 12:23:26 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 5344Content-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 52 6b 73 db 38 b2 fd 3e bf 42 e6 6e 29 c4 86 a2 f8 10 49 51 0e c7 95 38 f1 d6 d4 dd c9 4c ed e4 ce fd e0 68 6f 81 40 c3 66 96 22 75 f9 88 9d b1 f4 df 2f d0 d0 83 b2 e4 87 92 ec b8 ca 47 20 d0 7d ba fb f4 19 fe ed a4 f7 e1 3a ab 7b 22 cb a1 27 7f 69 db 94 83 2b 28 a0 a2 0d f0 de df 86 3f 0c 87 bd df ca b6 62 30 e9 dd cc 07 59 c1 f2 96 43 3d fc 54 0f 9b 1b 98 95 9f 32 7b 96 15 f6 a7 fa 87 cf b4 ea ad ae 12 d1 16 ac c9 ca c2 24 77 46 5b 43 af 6e aa 8c 35 c6 a9 8a 99 25 77 29 ad 61 62 5c 37 cd bc 9e 0c b7 3c f4 96 f1 c2 66 e5 6c f8 79 e8 8e 6c c7 f6 86 86 05 b7 cd c4 b0 e7 c5 95 61 d5 d9 1f 32 2d f2 6e 23 cf b0 58 4e eb fa 3d 9d c9 1b 4c 97 37 65 f1 19 aa 66 72 27 aa 72 76 5e 72 f8 b5 cc 8a 66 b2 e9 85 93 3b 9e 18 aa 15 49 96 24 cd 97 39 94 a2 c7 cf e6 b4 aa e1 a7 a2 31 b9 e5 86 64 c2 4f 33 61 f2 57 61 10 f8 21 a9 a0 69 ab a2 07 32 f9 74 73 0e 02 2f 0e 5f 9a 26 1f 24 3a ea c7 1f 5d 87 58 41 e8 7b ce 4b d3 75 3c bf cf 09 59 5a 4d b9 ed a2 5c 5a a5 54 b5 2a ab 49 47 9c 46 6a 6f cb fa 50 34 ef 65 68 bf 7f ef c2 ae 60 9e 53 06 e7 d7 59 ce cd 5b 13 9f 69 de 58 27 2e b1 d4 87 ac 82 ed 77 a6 b4 5a 72 d7 f6 fb c6 fa c6 38 59 8f da 2e 16 66 9b dc 31 9a e7 29 65 ff 9e b4 cb cd 50 33 9b 97 ef cb e6 57 c5 95 b4 9d 0f cb 3c a0 58 a7 18 25 77 2b 0a f5 d5 d5 5a ed ba b5 84 c5 12 6e 41 f2 5e 5e 59 69 42 ed 75 75 13 64 ae 92 5a 4e 9d 92 3b 51 56 a6 e8 65 45 8f 25 c6 ab 6c 76 d5 33 a4 11 0a 46 1b f3 05 6e 3a 31 5e 58 32 79 bd 74 eb 85 d1 7b 61 bd e0 15 bd ba a2 69 0e 89 21 68 5e 03 5e 4a 7d 54 34 97 31 f2 ab 57 57 4c 7d a6 ea 93 58 ad 6c 81 36 72 a2 b4 6d a0 96 2d 03 21 ad 7d 4d eb 5f 6e 8a 5f ab 72 2e 0d f4 c5 14 a4 df 77 4e 92 44 d8 59 c1 e1 f6 17 61 1a 52 47 79 39 70 93 24 61 db db 9e f1 52 bc 34 12 f5 64 32 f9 b0 6a 59 de cb c1 5f a8 b2 ed a5 98 ae b7 68 36 56 45 b0 0d 72 da 8d 1e fe 68 90 e5 4a 45 b6 24 cb 7b cb 54 42 4a 19 2d 90 33 50 4b 72 58 85 55 5a 99 55 5b 79 b2 8e ec 71 53 6a ad 63 31 52 2e 91 29 d3 28 17 d5 16 4d 52 3b 87 e2 aa b9 3e 55 42 9f d2 c1 e0 94 b0 24 bd a4 53 cb 97 23 99 20 db 29 64 e8 07 b9 62 72 26 ec 79 5b 5f 9b 8c 4c 5c a9 02 2c 16 46 79 23 cd fb db ef 7f 7f 97 c3 4c 7a d3 50 8b 5a 2c ae 6c a9 61 63 ea 54 b5 16 bb 29 ff 51 de 40 75 4e 6b 30 09 59 2c ba be ea f7 bb 5f 92 7d b1 e0 26 93 5d af 4d 28 96 72 e0 cb 29 b1 e6 49 be d3 ee 5c b5 8b 16 81 e4 c4 95 c3 f1 92 b5 aa 0f 9b 55 40 1b 78 bb fa bc 90 76 50 bf 26 91 13 e7 97 f3 a9 d5 c8 75 ab e6 7e a7 79 0b 56 95 38 a7 65 72 6d c3 2d 30 b3 21 92 53 fa cf ac 93 52 6f 94 c8 61 2b e9 46 9b ce e7 50 f0 73 a5 9f 79 6b 36 76 9d 67 72 7b 95 55 13 eb c4 21 c4 2a 93 f2 d2 99 5a 99 74 75 49 24 6b fd b2 5c f5 6b d5 4a f8 b5 c5 33 b9 3e 2b eb f7 6b dd 3c 93 fe 36 8b a4 80 9b de 4f 33 7a 05 c4 2e a5 aa 55 59 c9 9c d5 c9 2a ec

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/wp-plugin-hostgator/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.css?ver=0.1.8 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/style.css?ver=2.4 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/custom.css?ver=6.4.3 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/wp-plugin-hostgator/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.js?ver=0.1.8 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/facebook.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/instagram.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/linkedin.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/js/selectnav.js?ver=1.0 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/instagram.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/facebook.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/linkedin.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2020/01/phaco-training2-1-1536x672.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2020/01/phaco-training3.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/05/Hematology-Doctors-in-Dubai-1.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=6.4.3 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2020/01/phaco-training2-1-1536x672.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/05/Hematology-Doctors-in-Dubai-1.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2020/01/phaco-training3.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/05/cropped-Hematology-Doctors-in-Dubai-32x32.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/05/cropped-Hematology-Doctors-in-Dubai-32x32.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: drnavingupta.com

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49760 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@14/36@10/116

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://drnavingupta.com/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2004,i,8940572455797430262,5353063589015061432,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2004,i,8940572455797430262,5353063589015061432,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.251.16.100	unknown	United States	15169	GOOGLEUS	false
172.253.63.95	unknown	United States	15169	GOOGLEUS	false
207.241.237.3	web.archive.org	United States	7941	INTERNET-ARCHIVEUS	false
172.253.63.94	unknown	United States	15169	GOOGLEUS	false
192.185.52.89	drnavingupta.com	United States	46606	UNIFIEDLAYER-AS-1US	false
172.253.62.84	unknown	United States	15169	GOOGLEUS	false
142.251.16.113	unknown	United States	15169	GOOGLEUS	false
142.251.163.94	unknown	United States	15169	GOOGLEUS	false
142.251.16.106	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
drnavingupta.com	192.185.52.89	true
www.google.com	142.251.16.106	true
web.archive.org	207.241.237.3	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://drnavingupta.com/wp-content/plugins/wp-plugin-hostgator/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.js?ver=0.1.8	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/themes/iconic-one/style.css?ver=2.4	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/themes/iconic-one/js/selectnav.js?ver=1.0	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/plugins/wp-plugin-hostgator/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.css?ver=0.1.8	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/themes/iconic-one/img/linkedin.png	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/uploads/2020/01/phaco-training3.jpg	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/uploads/2017/05/cropped-Hematology-Doctors-in-Dubai-32x32.jpg	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/themes/iconic-one/img/facebook.png	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/themes/iconic-one/img/instagram.png	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/uploads/2017/05/Hematology-Doctors-in-Dubai-1.jpg	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/themes/iconic-one/custom.css?ver=6.4.3	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/wp-content/uploads/2020/01/phaco-training2-1-1536x672.jpg	false	Avira URL Cloud: safe	unknown
http://drnavingupta.com/	false		unknown
http://drnavingupta.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:44:50 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	DEA39F1A81B3B80D25705B09328194E2	A71987753BA6607C8BCFDFD75337024E9EABF6BB	CAC9D96250B6111F07740C2959FA8468F815945773126EA8F82B07979718DB3D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:44:50 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	08D19603A5BF6D539112DA4324B37480	13CB6F37D31FACA5A944E8F01EAD94F17D53E9FE	14ED10F0C707E4BC45B490A7D2A33C4C8AB88DF25E53116E7D0762E7C0E3C058
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	45DAF6D3BCF02E18DA5ACB8A6B423DDB	2BD662FAA5E72EEFEDDD2C057BF76DC3E07A331C	32E29F5817B1769E2DD289B0F79D93F1BB352CFD79D93BF004006E817F2B3A5C
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:44:50 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	558D318E488C2CAF429C901AC3DC7F18	EA16C4B5F3B4BF766F19D88A04C85299FFE387E1	3EB0AABFBD36AFFFB4AFB351A6FD7D0CAB78757215C52CF8A47AAF0E14EBF074
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:44:50 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	E6DCF9FD8B011DBC9E0F5B285E2F58A4	549DBDC6028DC80A75E671D9DC9BA48C77AD545C	3FE048416DF5C3FD669CD7E76BF23A49005AB39E2CFEA4BFCA2E74E43998D5AB
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Mar 28 18:44:50 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	A79A05910D6F279E9B486C2907928FEC	B376A1ECE7A1D551F6B44FD7C88673C95FB04C1E	87B47BC0FFA5F2A0F5E8F12F311B8820D6FFFBCE485F39D1DFBAFD5EA92FF8EC
Chrome Cache Entry: 100	ASCII text	31B6C2E46E8B7722255E403628B8B3FF	164A470E295DCBC8D580ECC4F4D9656457CBEEE0	0B161BFF030BB7D9D7128FD5902566AB087E590BC341FA81FF07205AE6D31B21
Chrome Cache Entry: 101	Web Open Font Format (Version 2), TrueType, length 34852, version 1.0	0E8EEFB4549A2EDF26C560CB9845952E	8D0B1718AACAD934FD0043C87CBC54AA091396BF	7F653B3CE9D3277457FC6DA4EDB246AE2F6C913F088C42DCB8CD2E96267AA21A
Chrome Cache Entry: 104	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, manufacturer=NIKON CORPORATION, model=NIKON D7000, orientation=upper-left, xresolution=200, yresolution=208, resolutionunit=2, software=Ver.1.03 , datetime=2018:01:14 15:25:25], baseline, precision 8, 1000x662, components 3	BE01809D0B7E24C39D0259B82CA7D25F	40D1AA108449C7205D32AB29505EE16F86D5001B	E5D5A04DED0CC8B6E5DDC84AF9B23164A71D27DC42F18E84C04C06F6E93830D1
Chrome Cache Entry: 105	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 32x32, components 3	54A0C5D18D99A0676BABA562ADFE535F	04216E5728419E4FAE744382E9ED24AF528DCEFE	9A687FCD24C4EAF83086A456BEBC2E7B2CBBFA9AC3FC2DBD946284D47893ED07
Chrome Cache Entry: 107	gzip compressed data, from Unix, original size modulo 2^32 69	040003CF65B6C4798553F4E36A891309	B713F52AD2DD551C96FFDA8BE8A8192C57451B25	4526687EC6B48055C82E8C501A70A055778F686E89B4788F146CFD34A0398DEB
Chrome Cache Entry: 108	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x506, components 3	A06935A5712204A9D70E60465786286E	87DFC451CDF48DE0944746515EB29DE168D5E220	F3BCF6DD74B0004FAE68E87CE53FB204A448A95A8B89949C97F445DA5FDC25D0
Chrome Cache Entry: 109	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	AAB011E91CC76FF9B9723A1A0BDEC9B9	6FA5D8AAC4768F26CD8CA41F22E061B122335118	20C1B9F092F05357D6995E44CABECA210911D1D01566F3A4477F10B06D0E224F
Chrome Cache Entry: 110	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3	0C152D2385D25C42CEA4BBB57822A737	02EBF00A1440F45C60C73E1A31316A15D3D3577F	7DA093BD77EE7C7DA62E83F9275C38AD3A1EEF1BC69DB78440603E07C081D99A
Chrome Cache Entry: 111	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 627x464, components 3	D0A1E7B9E6D40E39805F7C545F6DE331	0106A09F9FA69335EB419BB2456FC8670BAFA6B0	792FD24605A5D5E05FA44D9ECB35D5D12483B752F4E835F1FE8F4A8400F4DBFB
Chrome Cache Entry: 112	gzip compressed data, from Unix, original size modulo 2^32 1889	4D7747C0260088C1D1476D27BB4F3BBC	A366059DDB34563BF9B5E5EDE099B36D8F4849CC	6EDFFA3A9558AECE2FDABEEFF0CF4ADC986EDB586623741AFE624B63D1C25063
Chrome Cache Entry: 113	JPEG image data, JFIF standard 1.01, resolution (DPI), density 600x600, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=15], baseline, precision 8, 1536x672, components 1	373C1246538A5F425418D423B1635D22	9EE155CF270D856CC56122A9B8126108148C05A1	BE35A90ED0086593E41B1884E8F23270EED18F3BF084350C01D9F3308727A8B3
Chrome Cache Entry: 114	JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, manufacturer=Panasonic, model=DMC-FZ18, orientation=upper-left, xresolution=177, yresolution=185, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2009:07:12 06:51:02], baseline, precision 8, 800x644, components 3	7F9F465556EB5685692C3EDFE0D7DB3D	E9B898E635DE8405F5B180E9AEFC7A226711EA82	3FA6BFF43D9DF13605D5463AD7F4E3E40725ECAD048330E6117DE37E27963DB7
Chrome Cache Entry: 117	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	15A53ECC6B3B047ABB9CB52831D59E92	983F4F58FD3B554B19839A55CC5A2982687353F2	238DF31B63E4B492C6356685D5512CD213BCCFE62BBAC9DF04F52681079B12A8
Chrome Cache Entry: 119	JPEG image data, JFIF standard 1.01, resolution (DPI), density 180x180, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, description= , manufacturer=Canon, model=Canon PowerShot A3100 IS, datetime=2011:02:21 13:53:31], baseline, precision 8, 1024x534, components 3	3CBE8F9A33FE65FEB89961429F8288FB	37A0B93EA7B8BC7EE4CD8E751A8E15058DD51FD2	C6602851ED71E16B8AB65BFC373F90CD11E5D61F1BAF16F01E3F282F7630C098
Chrome Cache Entry: 120	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x462, components 3	51C3BA14E909A0C78AA121DB5BC41517	C2DE6C7E68E4D17889CCAA6A52046E098A8B040A	3ED721C139455F2B7F78E18C5FACD6E83F137D2E1A948B105E7F29F0576AFF84
Chrome Cache Entry: 122	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	44550D86D2C0C1C2967453C5D93C4CCE	C02345DFC50BE2F53EDD7A545E29BDC6FD7A1EB6	EC22A5DEC062ECB523B1ABBECC919625F574477DF73126A1561B73B91D21E4A5
Chrome Cache Entry: 123	gzip compressed data, from Unix, original size modulo 2^32 2979	9EE96EC4FD00560884B5E2D4FD1330BD	DBF782E64263D0EE86D0A481F56A9A6DA49E9B65	D52B700BA8D23F2DF881E28F21AB99C1ECFE55A41BECAA1179B5AD39234D6CD4
Chrome Cache Entry: 125	gzip compressed data, from Unix, original size modulo 2^32 49414	EA28940AB9BB9B275FB081FA71310E2D	952274C0F9F76202EB420F31EE0276A972751703	D0305D71DA51547DAFFD93BC80B6635221BD8D5F27E6B5E4711747BDB78F539D
Chrome Cache Entry: 126	Web Open Font Format (Version 2), TrueType, length 29752, version 1.0	AB1FC8621287E4EA9319A3136812CF80	FB4ED2E52E2A8D7AC50A7618A0C2EA5507A24EF3	7C00752CE82D6ABAED0B9766D35B906B16675FACDBE24115B410D1FAB975EFFA
Chrome Cache Entry: 127	gzip compressed data, from Unix, original size modulo 2^32 21462	10949C0170E1BAE9DF6AFB5C724344C8	B2EF6B4DC70A263DF9A73B40B9915DE467C7B055	BC7ED1905FCCAB141FFF50E76E172A3132FDDE7B2C5EFA404FCDBA3BE8CBBCFC
Chrome Cache Entry: 128	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1024x757, components 3	DF8D00C54680F973C6D28E4303DE3CE6	9E44B7E7FACB7E53D6C4FE06AE84D9DD0181B840	74F7D77502C084EB3D21B239FCCC7B8A0677A0B147BBAC7F56EF1A31278F9C45
Chrome Cache Entry: 83	gzip compressed data, from Unix, original size modulo 2^32 18692	5B746D0CD5584B8C5F3681F52E1CC25C	A385A8BAB45776CC493297A099DF45DB9852C15E	A99E7E9B42520FEAC7B6C1C16FCA81BDAA227CC891B4A76303709347AEE823E8
Chrome Cache Entry: 84	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x600, components 3	10365421D7FE962D83EDD67D617D7BBF	53C27FB18F815823AD9E1B59F142F0F6DB61E3A7	9EACB8411196AC8B05F00E2A33AC875C327BB85DFE475459E0B844D4BE264B19
Chrome Cache Entry: 87	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x533, components 3	356AD06F1B858E7455BCCF2381D1A56B	1989E313D18B47EDCB5212DA6A87ACE48E60B037	76F77DB86EB7E9F865C9F9F1ADA99C790CF097252372F82E3B58227C385049A1
Chrome Cache Entry: 88	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 685x392, components 3	BA4A92305ACC86F6132BADCEDA71EAFC	B92FF73157B2AE344F56AA389DFB494981C70897	C14331D8580F195BCDBD46367737A9A3F105F033A499805E0518AB21EEBC8DB6
Chrome Cache Entry: 93	ASCII text, with no line terminators	C78FC4C73991971736F95F00B7C09E4F	2BFE006346297E446B58308E3F37169A4BC29046	C70E533105E5FE64092A52295354E975F8D6DDF470DA3F7AE4A6D4F3FC915283
Chrome Cache Entry: 94	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 772x591, components 3	C9FB245C38E2C579635E6C749F5396DD	90239DBB2B6AD0A05A2ADC557D079D6EA79466ED	55AACA51CC94C313DE4152EB54F892371C8DCB6812223DD958B099CCBB4B67B4
Chrome Cache Entry: 96	gzip compressed data, from Unix, original size modulo 2^32 110147	293009C8850F87CC6663F06E92DB8DC8	AB16AE8B2217F2B0A469ED15138E9AC3BB076D8E	54084E189F75B97DFF3050B5EA81F875426DB63A2ABB25465E35577B34438891
Chrome Cache Entry: 97	gzip compressed data, from Unix, original size modulo 2^32 42220	A846D21C21651945F2DCBA2F52E12447	48EB321F448CD7F7C4A3072C2092326B02ACFD17	E2769E43FCFA6AC0FBDEAAAF1D34FEF97F9E42292107333E568A7A7B336FE132
Chrome Cache Entry: 99	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x674, components 3	1A32F546B01E563C54ADFEB83023BDC1	7614CF122AF1B2BECADBFE7C0A055488F93D1E88	31C9188537C927D7F8B9CC4A4625CF7285937B2F7D33DB6152116E80A2FD162B

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49760 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 7MB later: 30MB

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.21.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.50.2
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: nginx/1.23.4Content-Type: text/html; charset=UTF-8Content-Length: 14252Link: <http://drnavingupta.com/wp-json/>; rel="https://api.w.org/", <http://drnavingupta.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <http://drnavingupta.com/>; rel=shortlinkVary: Accept-EncodingContent-Encoding: gzipX-Server-Cache: trueX-Proxy-Cache: EXPIREDData Raw: 1f 8b 08 00 00 00 00 00 00 03 d5 72 ed 72 1b 47 96 e5 6f 31 a2 df 21 55 8e 96 c8 6e d4 07 00 12 fc 02 e0 91 49 c9 96 67 f4 b1 a2 3c 8e 5e db a1 48 54 5d 54 25 99 95 99 ce cc 02 08 ab 15 31 af 31 8f b0 af b1 8f b2 4f b2 37 b3 0a 20 08 82 14 45 c8 33 bb 08 12 a8 ca bc f7 9c 73 cf 3d fd c7 a7 6f 4e de ff e3 ed 73 52 d8 92 0f ff b2 d5 7f 1c 86 bf b0 31 79 f9 9c ec ff e6 de dd 39 49 39 35 66 10 30 20 0c f6 03 c2 a9 c8 07 01 88 f0 a7 b3 c0 f7 fc 02 22 63 e3 df c2 f0 3a c2 c1 7a 84 83 7b 22 3c de 76 2a 76 c8 3f eb a7 83 1d 42 7e 1b ba cb 05 ea 0d 98 30 5c 81 2a 80 66 ee b7 04 4b 49 5a 50 6d c0 0e 82 9f de bf 08 0f 82 c5 b9 a0 25 0c 82 09 83 a9 92 da 06 24 95 c2 82 c0 ba 29 cb 6c 31 c8 60 c2 52 08 fd 4b 8b 30 c1 2c a3 3c 34 29 e5 30 68 7b 14 ce c4 05 d1 c0 07 81 d2 72 cc 38 04 a4 d0 30 1e 04 85 b5 ea 28 8e f3 52 e5 91 d4 79 7c 39 16 71 fb 46 0f 13 f9 88 a6 17 2b 4d 99 16 74 82 57 95 b2 34 4a 65 19 5f 96 5c ab 34 52 85 0a 48 bc e4 13 b7 ce ec 43 6f b6 49 35 53 96 18 9d de 8e 33 55 61 33 61 6c 0b 28 c1 c4 0c df 59 1a 4a 01 f1 b9 89 9d b5 7b d1 b9 09 88 9d 29 34 c6 c2 a5 8d cf e9 84 d6 e0 c1 b0 1f d7 4f 37 37 67 99 e5 30 7c 5b d0 54 92 f7 9a a2 57 22 27 4f be 39 e8 b4 db c7 64 e5 f8 85 96 25 69 1f 1e 1e f4 e3 ba 6d 79 1b 4f b5 1c 49 6b 9e 2e 76 f1 b4 a4 97 21 2b 69 0e a1 d2 e0 76 75 c4 a9 ce e1 29 5a b1 64 e6 d3 4c 18 57 30 06 9b 16 4f 6b 43 9f c6 f1 18 51 4c 94 4b 99 73 a0 8a 19 e7 c3 4a 67 40 b9 05 b4 ca c2 7c 6e aa 14 67 29 b5 4c 8a 58 1b f3 77 f4 1f af 9c d4 41 b0 3a a2 a6 bf 57 f2 98 bc 00 c8 3e b7 c6 31 d6 c4 c1 9f 40 7e 22 cb 12 ad 32 f7 52 91 36 c5 4b 72 1e 3d 72 89 22 ef 0b 66 88 61 16 48 65 c0 10 8c 08 f9 de 1b 47 9e 09 ca 67 96 a5 86 8c 66 e4 95 14 06 35 bf 14 86 e5 05 92 2a 5e e5 4c 90 c9 41 d4 d9 8b 12 12 92 9f 8c 13 77 d5 63 35 66 dc 1d 85 c4 89 32 a8 6a 3a 9d 46 65 8d c3 1a 1c 2f 8e 60 9a e6 72 5e 4b 0b 47 37 d8 50 a2 90 96 a4 95 d6 38 05 9f b9 9c 8c 59 5e 69 c8 88 14 28 ba 99 21 c2 71 a0 9e 46 4e 05 68 22 70 5c d4 22 09 ad 70 32 61 9d c7 40 a6 cc 16 37 a7 64 c2 4f bf ca 6d c0 5a 9c 03 47 a6 02 78 d4 88 7d b4 d0 7b 35 69 2a 33 70 e5 8b 12 5f 11 df cb cf c6 02 93 6a a6 6c 13 0a 0b 97 36 3e a7 13 5a 9f 06 c3 ad f8 6f a4 ff f8 97 93 d3 67 ef 9f fd 42 fe 16 6f 4d 99 c8 e4 34 fa 30 55 50 ca 73 76 36 97 3a 20 1f 83 11 35 f0 93 e6 c1 51 50 fb ff 6b fc 6b 6c a2 69 24 75 fe 6b cc 4a 9a 83 f9 15 73 a1 e1 d7 d8 37 ff 1a b7 77 a3 24 4a 7e 8d f7 3b 97 fb 9d 5f e3 a0 15 a0 00 ec 8f 94 c8 f1 c5 4c f2 87 e1 61 a3 47 c3 df e7 35 20 3e b9 77 59 e9 14 82 a3 8f 01 ae d3 2d c6 b5 35 f8 1e 7e 35 c6 bf c6 53 15 32 91 f2 2a Data
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Wed, 08 Nov 2023 01:48:48 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4532Content-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 52 db 6e e3 38 b6 7d ee fe 0a 75 35 0a 90 d2 a6 5a 72 e2 24 c5 20 41 03 f3 13 73 26 1d 04 94 48 4b ec 50 24 87 a4 6f 11 ea df 87 ba d8 96 65 ca b2 53 85 aa 97 53 97 44 dc 97 b5 d7 5e 7b 85 7c 8e 81 22 0c 19 ba 24 a5 14 9a 1a 2a 38 dc 46 7e a3 85 14 ca 20 6e be 86 a0 2a 4d 84 31 a2 00 71 d9 7c 40 10 4e 67 8a 14 47 75 46 48 5b 64 7f ba 2a 76 05 51 5d 31 0d 5d 05 a9 60 40 1b a4 8c c5 c9 14 ad 03 8b 82 37 31 18 0f 97 df 38 ca 6f 86 cb 67 8e f2 d9 70 f9 ad a3 fc 76 b8 fc ce 51 7e e7 2a 27 1c 57 7a 74 ab 6d 08 c6 d1 60 f1 f5 71 f1 f5 50 f1 dd 51 ed 20 89 fb a3 d2 fb a1 d2 2f 47 a5 5f fa a5 4a ac 0e af b8 0b 1c 9f b0 48 c0 3d e4 c2 f8 cf da 6c 18 b9 7a 2c 90 ca 28 7f 09 ca e6 a3 35 1f 9c 3a dc 52 98 91 de da 68 ee c6 bf 9f ad f2 91 5c ff fd 32 8a d0 14 f6 31 aa c5 4a 4c b5 64 68 03 ab 47 bf 00 69 49 52 03 f4 7f 17 48 91 b2 7d 29 64 a8 80 f1 9f 47 3a e4 60 be 60 ac cc 09 cd 72 2b 53 14 7d ee 57 ac 9a 8a 15 c5 26 77 16 e8 5c 51 fe 06 a2 72 ce c8 ba 7d c1 23 2b 65 f6 18 4d 45 f5 75 7c 90 ed 75 35 88 a7 cd f5 0c 29 ec 92 86 b4 37 d7 50 11 49 90 f1 e3 e9 a4 a0 bc 40 6b 3f 9a c4 73 15 04 c3 50 23 48 67 01 59 b6 7a 6b a8 1d 50 15 dc f1 19 41 a1 b6 4b 83 94 70 43 54 89 18 cd 78 13 82 4d a8 5f 2e 96 44 cd 99 75 6e 4e 31 26 bc dc be 61 f3 3e 36 fd 82 63 82 cb 44 28 4c 94 3d 34 a6 0b 0d c3 e9 cc e1 3f 09 a2 03 d7 49 84 31 e5 99 b5 5d fb 75 7c 36 69 5d 38 d2 33 0d dd b3 a6 23 7d 03 6d 37 23 6d b1 b3 eb 7e 8c a4 ab 6b 3d a6 07 60 64 6e ba a2 3c 6c 13 8a 66 b9 71 c8 b5 1e e3 df 40 1e 2e d1 43 75 6e b8 1e 5b b1 01 9e 9e 02 76 8a b0 19 15 21 11 c6 88 c2 29 83 11 d2 21 c2 66 54 84 16 72 40 86 0a d5 29 c2 06 cc ce 04 0e a7 b3 13 d8 fd 6c 03 6f c8 da d4 2a 96 f5 17 62 34 e3 b0 7a 77 0a e1 2a 27 8a f8 50 09 61 82 12 80 aa 2f 95 4d ab b6 1a 85 f7 77 15 f4 c3 61 26 41 9a d4 1b f5 e2 05 b6 5c e2 a9 a3 83 65 30 65 a8 90 7e 1c de d6 f9 49 1c ce 6e 6e 1b 74 ef 0f 2f b2 2b 2c 57 36 58 07 82 5e f7 9a ed ba ef da e6 eb d9 97 9b a6 35 6e 5a a7 e1 b5 b3 37 5f 64 a4 ed 9e 86 db d1 76 f2 7d d3 3d 0d 67 51 14 d9 fe eb d0 d5 9d d1 0c b5 dd d7 6d f7 f4 80 f8 b4 99 7e 73 3c 5d 4b 94 56 17 5a ef 97 af 0c 3b b9 b3 e5 b7 0d 96 a3 7a b3 af be 19 af 5e 57 92 f7 b0 8f 16 d9 43 ef 8a af 7b c5 5f 6b 03 b4 f7 5f 25 00 71 5a 00 a3 10 d7 d4 50 c1 01 5e 28 54 7d c0 f8 26 8a 0a fd 30 5c 48 18 da c0 d9 c9 1a 82 74 45 67 be e0 69 8d 99 2e 12 9a 82 84 bc 53 a2 fc 28 bc 99 c4 93 28 bc 9d 4d e2 60 10 03 22 c6 bc 25 52 fe 28 e3 e0 74 59 8f cb 48 75 bd 5d f0 f5 af 82 60 8a 3c 5f 2a 32 27 4a 03 45 f0 22 25 18 14 a2 e6 d6 3c 83 32 ec a0 20 43 ca 0e 7d 2e 38 f9 8d 16 52 28 83 b8 f9 ba 43 2c d0 1a ac 28 36 39 bc bb 9f ca f5 45 18 bd d2 67 8c 0c b2 d4 a4 a5 dc c6 6c d7 cb 09 84 67 eb 0d ad af 1e 5b 9c 39 c2
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: ApacheLast-Modified: Sun, 03 Mar 2024 11:32:06 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 13471Content-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd b2 ff 72 e4 b6 d5 2d fa b7 54 a5 77 40 46 a5 7b 6c 7d 22 45 f6 2f 49 54 39 37 13 c7 73 3e d7 8d 93 1c 3b 39 a7 4e b9 5c 2e 90 d8 24 11 81 00 0d 80 6a f5 b8 e6 81 ee 6b dc 27 bb 1b 00 d9 cd ee 66 6b 66 e2 7c 87 94 ba 9b 9b 1b 6b af bd d6 ba bd be 38 ff 7b 0d 0d 90 bf d0 06 32 f2 6d a1 24 2f c8 5f 25 0c f5 7f 7c ff 6d 46 6a 6b 5b 93 dd de 5a 2c b9 86 b8 50 cd 2d f7 bd 91 92 70 7b 71 fe b6 b3 b5 d2 19 f9 7b df 31 54 4e 9f bf 38 ff 13 98 42 f3 d6 72 25 c7 93 09 37 84 92 56 43 c3 bb 86 fc d2 51 c1 ed 86 58 cf 66 cd 6d 4d 5a fe 02 82 b4 a0 4b 28 2c b1 9b 56 55 9a b6 f5 86 50 c9 88 06 d3 2a 69 f8 33 48 30 c6 97 10 2f ef b8 b0 a4 44 3e a6 05 60 3d 0e ad 20 3c 9a 42 69 20 aa 24 0f cb ff 88 f7 a8 34 ad c0 b9 d2 1a 24 a4 70 24 f9 e1 9b bf 12 a3 90 0e b5 64 a3 3a 4d b0 d9 62 03 42 0a 41 34 95 4f a4 e6 55 3d 0c c6 45 5b 6a 79 2e 7a ee 6f bf fd ab 43 70 6f ff b7 a2 c6 3a bc 1b f2 ad 25 0d 7d 82 ed 90 ce 78 36 7f c6 2d 48 d1 19 ab 1a fe 1e cb 7e 28 15 42 ad 8d 9b 4d ac 22 06 6c d7 3a 71 7a 81 b8 24 0d 97 9d 05 73 e3 5b 0a 2a 09 50 c3 c5 86 74 ad 50 94 f9 5e a1 2a 75 43 1a c5 78 e9 95 25 39 2d 9e 2a ad 3a a4 55 28 a1 f4 0d 6a a5 ac 1b 09 2f f6 06 17 2e 38 15 a4 01 c6 29 e9 b4 30 7e 19 d5 a1 fa aa 2b 6a 2e 2b dc 68 43 04 97 9e 77 a1 18 c4 6e a9 ce 72 81 cc 0d 11 14 19 59 f2 9f 7f ff ee cf 64 79 43 be fe e1 87 b9 d7 60 ad 34 43 a7 d1 28 89 2a e1 b6 65 27 0b 17 08 e3 cd 2a 34 60 19 d1 1d 47 ba 06 a3 9a 60 ab 57 42 28 f5 64 48 a5 14 23 0a b7 7c 06 bd 21 b9 46 71 40 c7 e4 87 ae 6d 95 b6 ce 83 52 03 dc 10 5a 14 e1 24 10 d3 bf ab 01 5d 77 d9 3c 8c 76 df 70 7b 43 be 87 1e c5 74 10 d2 54 62 60 9c 5c 04 19 4c 9d 1d de df c6 17 e7 ff 13 b4 f1 e9 9e c7 b3 8b f3 bf a3 04 18 36 e7 97 ca c8 2a 5e b8 e2 f7 f0 4b c7 b5 c3 c6 85 d0 29 9b 91 45 7c 37 aa ff ed 3f ff 96 91 65 3c 8b 17 17 e7 7f e6 05 48 03 19 f9 ef 7f f9 07 f9 ef 28 85 46 57 fe d6 e5 02 e3 da bf 23 cf 33 82 ca 39 c1 f5 f6 00 f9 c7 f7 df 66 03 db f5 7a 1d 57 b2 8b 95 ae 6e 45 78 6f 6e ab 56 44 b3 38 89 6b db 08 64 4a 2b 93 91 1c 63 72 83 d2 42 84 99 e8 1a 79 43 ec 5a f5 bf 31 5e 1a 63 6e 23 c3 19 e4 14 03 13 72 1a ed 92 b4 2d a1 67 dd f6 21 44 af ec 84 88 d6 9c d9 3a b2 d0 b4 8e 2d 02 5a 11 09 2a ab 8e 56 10 f5 16 dc 84 5c 47 aa f5 a9 d8 c2 f8 94 e2 63 29 e0 85 e7 02 a2 1a 28 03 a4 61 35 95 06 f1 b0 3b c2 f4 b0 cd 0d 91 b0 c6 4e b7 45 d3 80 2e 70 92 b1 bc 78 da 44 ad 32 38 a0 c4 8c 75 1a 58 c4 1b 1c 6c dc 44 77 10 0b fe 80 b4 c6 59 f7 62 c9 9f 54 43 39 9a c9 0b 67 76 84 c2 5c 9c 5f 9c ff 45 59 34 e4 5b 5f 23 7f 95 10 08 0f 19 33 a4 a8 b9 60 a1 18 02 14 36 88 0b 13 32 8e c8 68 01 7f 86 fe 05 7f ef c9 93 35 b7 b5 ea 2c 26 1a e8 13 97 95 4f ae 87 c1 60 7d eb 83 ad 21 30 44 ae 18 29 d2 19 d7 a0 f0 93 4b 4c 1a 65 44 95 a4 51 8c 97 1b 77 be 50 98 f6 92 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 06 Nov 2020 17:47:56 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 80Content-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 d3 d7 e2 e5 0a c9 48 cd 4d 55 f0 4b cc 4d b5 52 f0 4c ce cf cb 4c 56 f0 cf 4b e5 e5 72 2e 2d 2e c9 cf 55 70 0e 0e 56 08 49 cd 2d c8 49 2c 49 55 48 cb 2f 42 52 a3 c7 cb a5 a5 cf cb 05 00 ef 89 77 35 45 00 00 00 Data Ascii: HMUKMRLLVKr.-.UpVI-I,IUH/BRw5E
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:49 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Wed, 08 Nov 2023 01:48:48 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 839Content-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 9d 52 4d 8f db 36 10 bd f7 57 78 79 58 90 00 c5 3a 05 7a 91 a1 2c b6 ee 16 58 a0 db 1c d2 5b 51 2c 28 71 6c 13 4b 93 0e 39 b2 6b 28 fa ef 1d ca b2 57 09 8c 4d 90 1b 3f 66 e6 bd 79 ef 71 2e aa f7 dd 5e c7 99 ab 1a a7 53 ea 9a e0 13 c6 b6 c1 10 79 d7 38 0b 1e 1f 4d 09 52 29 e5 fb aa eb 45 87 1b 9b 54 d8 a1 a5 ca aa d3 0d da 3d 2c 73 6f c9 fc ca 14 87 ba d0 de 6e 35 82 29 ac 67 32 86 80 a5 6f 9d 1b 4e 4f 3a ae ad 2f d9 7c f7 1f 93 b8 89 90 36 c1 99 72 7e 9a df 87 3a 41 dc c3 83 83 2d 01 27 0e d2 57 43 2f 56 37 ef 44 67 57 fc 86 b3 47 8f 10 13 34 99 c1 87 53 43 64 d6 cf 0e d6 9b 70 10 22 02 b6 d1 2f 56 ad 1f 4a 66 9a 07 99 46 de cf db 16 75 7e 5d 6a e7 6a dd bc e4 3f e9 45 ef 00 67 b6 f2 70 98 5d 1b cf 4f cd 1b ed 8d 83 69 81 aa 09 74 f8 15 72 2a 8c 90 66 18 f6 34 c2 5d 06 e9 49 87 90 ed f5 a2 29 da 20 ed b9 62 da bc 00 b5 0a f1 41 37 1b 1e c8 c4 bc 40 aa c2 22 a8 c1 c8 3f 6d 42 45 66 a2 b6 3e f1 b3 33 11 f6 a0 5d 11 ed 7a 83 4c dc de 72 ea 50 3b 1d 49 ec 51 73 21 ad 1a 5d e0 79 27 aa 69 5f 1f 64 a7 11 a3 ad 5b 84 54 de cc e5 e5 f6 87 75 24 4a f9 0f 1b c0 d9 bf 3d 09 f0 43 6d a2 17 fd 15 9d 73 12 44 f7 ba 31 d2 c6 a8 6c 7a ad f1 6b a2 8a 0a 29 60 80 13 0d b4 39 09 76 76 46 4d 12 4b fb 9d 1b 3e b5 10 8f 1f c1 41 4e fe bd 73 9c a9 2f d3 cc c4 05 5c 13 b8 fe 5e 08 52 c2 ab d6 9f b5 38 03 4e 17 fd c2 62 0e d3 3d 3d 41 51 ea fd 9d c2 e3 0e aa aa 62 af 4a 32 31 98 8e 95 1f 67 2e f0 2d ef c7 3d 4c 61 3d 13 9f 3f 7f ad d1 d5 b2 3e 93 dc 8e cc 96 da b9 5a 37 2f d9 0b 49 a8 ad 73 53 aa fa 44 55 bf 41 d5 56 fa 42 f5 f6 16 a9 c6 2a ba dc 9f eb 38 33 1a 75 51 bb d0 bc 0c f1 bc fa 1d 61 e7 f4 71 24 4a bc 98 a0 41 99 cd d0 90 be a3 41 de cc 85 a4 c2 bf ed 16 42 8b 9c 8b cc 5d 45 d8 86 3d 7c 1b ae 97 bf ce 45 b6 d5 d8 44 32 7b ca 0c 17 83 56 fd c2 84 a6 dd 82 1f 34 7d d8 d3 21 0b 0c 1e 22 67 bf 7f 78 5a 92 29 f9 2d 68 03 86 c9 01 b7 e1 14 85 b7 fa 0e c1 1b 88 27 55 d2 cf 18 02 b9 40 d7 16 31 f8 82 ca 7f 74 d2 65 a3 a2 a1 1c ae f3 98 48 53 b2 51 50 c5 3b 65 80 02 e4 ee 28 27 96 a6 3c 9a 45 43 d9 24 80 55 eb 9b dc 36 6b 78 1c 53 70 ea b9 20 d7 c1 1c af 46 71 40 2e c0 58 0c b1 d8 e9 35 30 92 b1 f2 70 98 39 de c5 10 b0 84 bb cb 94 4f 2d c4 e3 47 70 24 6f 20 f2 ca 92 76 71 a5 1b 28 5e 4f e9 85 fe 49 87 e7 e7 e6 24 2d 13 65 a6 24 71 13 21 6d 82 33 a5 fa 85 38 7f 6d 76 26 8c d5 7d 8c fa a8 56 31 6c f9 05 95 02 f7 e0 20 1f d3 6f c7 65 de e1 2f bd a5 2c f8 95 29 0e f5 18 03 e2 2d 16 5e 85 3a 41 dc c3 b9 9e a3 8c 92 24 92 ef e6 39 0d 5c 2c 7e fa 1f 5f 40 72 fd 61 07 00 00 Data Ascii: RM6WxyX:z,X[Q,(qlK9k(WM?fyq.^Sy8MR)ET=,son5)g2oNO:/\|6r~:A-'W
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:50 GMTServer: ApacheLast-Modified: Sun, 21 Jan 2024 17:49:50 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1090Content-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 9d 52 4b 6f db 46 10 3e 93 bf 62 7c a2 22 58 74 ef 86 0a d8 8e d3 18 48 5d 20 31 d0 43 51 18 6b 72 28 6d bd dc 65 f7 21 45 68 fc df 3b b3 bb 7a b1 b6 e3 f4 62 8b 3b af ef 75 36 9d 96 30 85 0f 52 21 68 b1 92 0b e1 a5 d1 f5 5f ae a6 67 ae 7c 14 ba 55 e8 c0 9b c5 42 49 bd 00 bf 3c ec 84 1e 75 80 ce 58 70 bd 50 0a 5c 63 11 b5 03 9a 02 d4 e2 81 47 ef 2e 2e e1 11 37 bc ed 60 d0 85 61 30 d6 c7 d9 d6 9a a1 35 eb b4 2d 9e 3e 2b 27 d0 05 dd 70 eb e4 1d fc 53 16 8d d1 ce 83 93 1e 6f f7 4b e6 d0 9a 26 d0 94 af 17 e8 af 15 f2 cf cb cd 4d 3b 81 8a 5b 67 fb 83 15 bc 3b 2f cb e2 ec 0c 3e a3 0f 56 03 0a ab 36 20 bb 31 a3 d6 a0 d3 95 07 fc 2a 9d af cb 82 3a 26 70 32 be 1c 31 15 36 ae 3a 2f 8b a7 72 8b f0 21 78 1f 91 1d 0f 1c e0 73 97 9b 3b b1 b8 15 3d 12 ca d4 4e e0 fe 80 9f e0 cf 57 10 e6 bd cf a2 ab 82 6e b1 93 1a db 0a e6 f3 39 f8 cd 80 a6 db 8e bc 08 35 7a f7 56 a0 41 8d 40 7e 94 2d a6 15 31 1b 3b 84 84 28 be 4a 07 d8 0f 7e 13 b3 60 0f 18 7d 07 75 1c 4e 98 d3 c6 da f9 8d c2 ba 95 6e 50 62 43 80 2b 6d 34 56 e7 63 52 d9 28 9e af 1b 25 9c fb c4 12 11 55 2f a4 76 74 8f 4c 9e 71 95 88 e4 03 a3 5e d1 b6 c7 6d 79 33 b1 bd 4b 1c d9 89 3a f1 6d 21 0e 46 7a fc 2c ac 14 33 fc 3a d0 37 d5 56 42 05 24 be cd 12 bc ec f1 d0 42 12 a6 51 b2 79 c4 96 94 c8 14 e9 f2 f5 8a 24 67 18 a8 d1 12 8c d8 53 9d 42 17 74 c3 c6 4c 12 e4 91 5b 7b f0 09 15 0d 66 78 39 f0 49 96 7c 86 bc bd f0 de 4a fa e4 ce 23 c8 ac 0a db 50 79 1b b0 ca 02 ed 2c 78 6d f0 14 aa 4e 28 87 49 b0 e2 09 90 3e 7e 68 3c 9f 8c d3 24 79 42 4e aa 7f c6 de ac 5e 54 9d b6 8e 54 f7 06 22 12 58 2f 51 c7 b1 e0 d0 26 b9 1d 98 e0 1d 87 96 df f5 5e c2 b2 68 4d 13 38 f0 6f b2 01 90 3b b2 3e 94 2e e7 c9 d1 2b ee ba d1 71 fd 1c c6 1e ed 22 18 47 6b 2f 2c 19 71 68 cf c9 68 45 16 ff 45 af 6d d4 65 e4 f5 ff 74 eb 50 ef 5f 58 51 a5 a2 42 4a ea 47 72 12 59 18 07 6b e9 97 32 49 4a 0f 81 44 4b d4 b9 cb 11 e5 f8 48 ac ae f3 c0 e5 e6 4e 2c 6e 45 1f ef 57 6f 3c 00 cd 52 aa d6 92 75 af 9e fb 9d 8a 57 db ce 7c fa ef 80 76 f3 85 b6 35 de d8 0b a5 e8 6c cd 85 19 49 d8 cf 96 c2 cd 76 bb 7f 06 71 0a f5 20 16 78 cf c5 7b 2a de 1f 16 f7 68 ef a2 ba d0 51 3c 1c a0 68 96 e0 65 8f 20 e2 c9 84 5f ba 54 a6 f0 19 0b 0f 2a 58 8b 2d c1 ed e8 6b 02 7b d0 60 ba ac 55 f2 96 7f 3f 17 b7 b8 8c 3c 4a c6 7e e0 2f fa b0 01 93 5b 2f 8d f1 e1 17 a7 9e de cc e6 d8 04 8b 0d ca 15 77 78 13 a8 3d a5 f7 15 6e 47 c6 bc ce 33 6e 74 5e 58 3f 86 1d c3 b9 c7 3d 9d 96 05 4c e1 0b 52 46 e8 6e 4a be 83 3a d1 68 94 70 f4 ae 41 e8 6d 94 6a ee 3f 23 94 41 37 5e 52 e9 60 fb 24 81 92 1d e1 4f 6c fc 66 40 98 cf e7 5b e5 e1 db b7 ff 54 a2 b8 99 4f a1 28 c1 0e 55 47 c1 a3 88 3a 36 85 c5 fd 95 50 41 18 e8 cd 9a b0 58 c6 e4 0a dd a0 a3 38 3a 16 88 1f 1a 4e 87 ce a2 05 ed a5 82 35 c2 52 7a a8 b5 58 cd 72 d2 8b
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 28 Mar 2024 19:44:50 GMTServer: ApacheLast-Modified: Thu, 02 Feb 2023 12:23:26 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 5344Content-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 52 6b 73 db 38 b2 fd 3e bf 42 e6 6e 29 c4 86 a2 f8 10 49 51 0e c7 95 38 f1 d6 d4 dd c9 4c ed e4 ce fd e0 68 6f 81 40 c3 66 96 22 75 f9 88 9d b1 f4 df 2f d0 d0 83 b2 e4 87 92 ec b8 ca 47 20 d0 7d ba fb f4 19 fe ed a4 f7 e1 3a ab 7b 22 cb a1 27 7f 69 db 94 83 2b 28 a0 a2 0d f0 de df 86 3f 0c 87 bd df ca b6 62 30 e9 dd cc 07 59 c1 f2 96 43 3d fc 54 0f 9b 1b 98 95 9f 32 7b 96 15 f6 a7 fa 87 cf b4 ea ad ae 12 d1 16 ac c9 ca c2 24 77 46 5b 43 af 6e aa 8c 35 c6 a9 8a 99 25 77 29 ad 61 62 5c 37 cd bc 9e 0c b7 3c f4 96 f1 c2 66 e5 6c f8 79 e8 8e 6c c7 f6 86 86 05 b7 cd c4 b0 e7 c5 95 61 d5 d9 1f 32 2d f2 6e 23 cf b0 58 4e eb fa 3d 9d c9 1b 4c 97 37 65 f1 19 aa 66 72 27 aa 72 76 5e 72 f8 b5 cc 8a 66 b2 e9 85 93 3b 9e 18 aa 15 49 96 24 cd 97 39 94 a2 c7 cf e6 b4 aa e1 a7 a2 31 b9 e5 86 64 c2 4f 33 61 f2 57 61 10 f8 21 a9 a0 69 ab a2 07 32 f9 74 73 0e 02 2f 0e 5f 9a 26 1f 24 3a ea c7 1f 5d 87 58 41 e8 7b ce 4b d3 75 3c bf cf 09 59 5a 4d b9 ed a2 5c 5a a5 54 b5 2a ab 49 47 9c 46 6a 6f cb fa 50 34 ef 65 68 bf 7f ef c2 ae 60 9e 53 06 e7 d7 59 ce cd 5b 13 9f 69 de 58 27 2e b1 d4 87 ac 82 ed 77 a6 b4 5a 72 d7 f6 fb c6 fa c6 38 59 8f da 2e 16 66 9b dc 31 9a e7 29 65 ff 9e b4 cb cd 50 33 9b 97 ef cb e6 57 c5 95 b4 9d 0f cb 3c a0 58 a7 18 25 77 2b 0a f5 d5 d5 5a ed ba b5 84 c5 12 6e 41 f2 5e 5e 59 69 42 ed 75 75 13 64 ae 92 5a 4e 9d 92 3b 51 56 a6 e8 65 45 8f 25 c6 ab 6c 76 d5 33 a4 11 0a 46 1b f3 05 6e 3a 31 5e 58 32 79 bd 74 eb 85 d1 7b 61 bd e0 15 bd ba a2 69 0e 89 21 68 5e 03 5e 4a 7d 54 34 97 31 f2 ab 57 57 4c 7d a6 ea 93 58 ad 6c 81 36 72 a2 b4 6d a0 96 2d 03 21 ad 7d 4d eb 5f 6e 8a 5f ab 72 2e 0d f4 c5 14 a4 df 77 4e 92 44 d8 59 c1 e1 f6 17 61 1a 52 47 79 39 70 93 24 61 db db 9e f1 52 bc 34 12 f5 64 32 f9 b0 6a 59 de cb c1 5f a8 b2 ed a5 98 ae b7 68 36 56 45 b0 0d 72 da 8d 1e fe 68 90 e5 4a 45 b6 24 cb 7b cb 54 42 4a 19 2d 90 33 50 4b 72 58 85 55 5a 99 55 5b 79 b2 8e ec 71 53 6a ad 63 31 52 2e 91 29 d3 28 17 d5 16 4d 52 3b 87 e2 aa b9 3e 55 42 9f d2 c1 e0 94 b0 24 bd a4 53 cb 97 23 99 20 db 29 64 e8 07 b9 62 72 26 ec 79 5b 5f 9b 8c 4c 5c a9 02 2c 16 46 79 23 cd fb db ef 7f 7f 97 c3 4c 7a d3 50 8b 5a 2c ae 6c a9 61 63 ea 54 b5 16 bb 29 ff 51 de 40 75 4e 6b 30 09 59 2c ba be ea f7 bb 5f 92 7d b1 e0 26 93 5d af 4d 28 96 72 e0 cb 29 b1 e6 49 be d3 ee 5c b5 8b 16 81 e4 c4 95 c3 f1 92 b5 aa 0f 9b 55 40 1b 78 bb fa bc 90 76 50 bf 26 91 13 e7 97 f3 a9 d5 c8 75 ab e6 7e a7 79 0b 56 95 38 a7 65 72 6d c3 2d 30 b3 21 92 53 fa cf ac 93 52 6f 94 c8 61 2b e9 46 9b ce e7 50 f0 73 a5 9f 79 6b 36 76 9d 67 72 7b 95 55 13 eb c4 21 c4 2a 93 f2 d2 99 5a 99 74 75 49 24 6b fd b2 5c f5 6b d5 4a f8 b5 c5 33 b9 3e 2b eb f7 6b dd 3c 93 fe 36 8b a4 80 9b de 4f 33 7a 05 c4 2e a5 aa 55 59 c9 9c d5 c9 2a ec

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/wp-plugin-hostgator/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.css?ver=0.1.8 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/style.css?ver=2.4 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/custom.css?ver=6.4.3 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/wp-plugin-hostgator/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.js?ver=0.1.8 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/facebook.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/instagram.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/linkedin.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/js/selectnav.js?ver=1.0 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/instagram.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/facebook.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/iconic-one/img/linkedin.png HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2020/01/phaco-training2-1-1536x672.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2020/01/phaco-training3.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/05/Hematology-Doctors-in-Dubai-1.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=6.4.3 HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2020/01/phaco-training2-1-1536x672.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/05/Hematology-Doctors-in-Dubai-1.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2020/01/phaco-training3.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/05/cropped-Hematology-Doctors-in-Dubai-32x32.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://drnavingupta.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/05/cropped-Hematology-Doctors-in-Dubai-32x32.jpg HTTP/1.1Host: drnavingupta.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: drnavingupta.com

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.199.50.2:443 -> 192.168.2.16:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49760 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@14/36@10/116

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://drnavingupta.com/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2004,i,8940572455797430262,5353063589015061432,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2004,i,8940572455797430262,5353063589015061432,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

ID:	1417277
Product:	CloudBasic
Start time:	20:44:20
Start date:	28.03.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://drnavingupta.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://drnavingupta.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Software Vulnerabilities

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://drnavingupta.com