Windows Analysis Report
http://icartservice.com

Phishing

Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&cb=c5eivrwj482n
Source: https://www.bodis.com/takedown-request	HTTP Parser: Iframe src: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74

Source: http://ww1.icartservice.com/

HTTP Parser: Base64 decoded: {"uuid":"5ba563aa-2f00-4d05-ac08-134a3b0db2ad","page_time":1713858124,"page_url":"http://ww1.icartservice.com/","page_method":"GET","page_request":{},"page_headers":{},"host":"ww1.icartservice.com","ip":"89.187.171.132"}

Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2298147197369106&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies=0&format=r3&nocache=4851713858125717&num=0&output=afd_ads&domain_name=ww1.icartservice.com&v=3&bsl=8&pac=0&u_his=1&u_tz=120&dt=1713858125720&u_w=1280&u_h=1024&biw=1280&bih=907&psw=1280&psh=816&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=625314022&rurl=http%3A%2F%2Fww1.icartservice.com%2F	HTTP Parser: No favicon
Source: http://ww1.icartservice.com/legal	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DResidential%2BPainting%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREm0BlLqpj85G31fQC_eX0OZ1K3-a4OuiTf69i9hvcgwdKJvXpLoWWcXmE6_agIF8lgRjy0Qo5LP2xgfTZKRUkyEguFq3OH33d6-gTDHTZMRKzpBUEZlrZBAi2ClP0NSGhfLtEPzwEQBlkZro-tgR%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Residential%20Painting&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREm0BlLqpj85G31fQC_eX0OZ1K3-a4OuiTf69i9hvcgwdKJvXpLoWWcXmE6_agIF8lgRjy0Qo5LP2xgfTZKRUkyEguFq3OH33d6-gTDHTZMRKzpBUEZlrZBAi2ClP0NSGhfLtEPzwEQBlkZro-tgR&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies=0&f...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DResidential%2BPainting%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREm0BlLqpj85G31fQC_eX0OZ1K3-a4OuiTf69i9hvcgwdKJvXpLoWWcXmE6_agIF8lgRjy0Qo5LP2xgfTZKRUkyEguFq3OH33d6-gTDHTZMRKzpBUEZlrZBAi2ClP0NSGhfLtEPzwEQBlkZro-tgR%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Residential%20Painting&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREm0BlLqpj85G31fQC_eX0OZ1K3-a4OuiTf69i9hvcgwdKJvXpLoWWcXmE6_agIF8lgRjy0Qo5LP2xgfTZKRUkyEguFq3OH33d6-gTDHTZMRKzpBUEZlrZBAi2ClP0NSGhfLtEPzwEQBlkZro-tgR&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies=0&f...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DPublic%2BOnline%2BHigh%2BSchool%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Public%20Online%20High%20School&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DPublic%2BOnline%2BHigh%2BSchool%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Public%20Online%20High%20School&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DPublic%2BOnline%2BHigh%2BSchool%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Public%20Online%20High%20School&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DPublic%2BOnline%2BHigh%2BSchool%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Public%20Online%20High%20School&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DOnline%2BVirtual%2BSchool%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Online%20Virtual%20School&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DOnline%2BVirtual%2BSchool%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Online%20Virtual%20School&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DOnline%2BVirtual%2BSchool%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Online%20Virtual%20School&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies...	HTTP Parser: No favicon
Source: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=9042052004&pcsa=false&channel=pid-bodis-gcontrol203%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol307%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol430&client=dp-bodis30_3ph&r=m&sct=ID%3Da409b8deb4eed28a%3AT%3D1713858126%3ART%3D1713858126%3AS%3DALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg&sc_status=6&hl=en&rpbu=http%3A%2F%2Fww1.icartservice.com%2F%3Fcaf%3D1%26query%3DOnline%2BVirtual%2BSchool%26afdToken%3DChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU%26pcsa%3Dfalse%26nb%3D0&max_radlink_len=50&type=0&uiopt=false&swp=as-drid-2298147197369106&q=Online%20Virtual%20School&afdt=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436&client_gdprApplies...	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&cb=c5eivrwj482n	HTTP Parser: No favicon
Source: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74	HTTP Parser: No favicon

Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="author".. found

Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found
Source: https://www.bodis.com/takedown-request	HTTP Parser: No <meta name="copyright".. found

Compliance

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49740 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49725 version: TLS 1.2

Networking

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49740 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.46.214.6
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:04 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 2075cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:05 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 bd 57 c9 76 e2 4a 16 fc a0 da 68 40 ae c7 e2 2d 10 a0 a9 91 30 32 68 c8 9d 94 c2 48 22 13 d4 c5 a0 e1 eb 3b 32 b1 81 aa b6 cf 3b bd e9 05 c7 06 29 ef 18 37 6e e4 a6 b3 8a c8 6f 03 2b 68 03 a5 1d 96 b3 79 9f 47 db de e3 c4 1a 0f 24 f1 34 92 b8 d5 b2 f2 1a 3a 55 3a 7f aa f4 fe 6c 7e f6 d7 e9 39 18 fc 0b 89 fd 7e c1 d9 a5 b0 a3 3e e7 d6 c9 ad da 8a f0 f0 9d 6a 51 5f f0 a8 4f b4 b0 c4 33 25 8b 55 e6 d6 c7 2e 18 e6 f0 b0 19 f9 6b 57 5d 4c bd 36 8d 0b b6 d6 4d 3c 1f 5f 68 ef be c0 6f 5b c4 9e 47 a6 ee 8b cb c3 76 11 7b 57 62 b3 c1 1f cc 77 5f 37 8f d2 be 3d 3e a7 31 bb 6c 78 74 c8 92 40 a1 dc ba 14 f2 7d 6b 58 c4 61 9f c5 ab b3 5f bb 06 32 51 e0 cf 40 9c da 72 3d 6f 83 ca 3d b9 07 93 d1 43 70 15 b1 66 49 c3 c8 dc da 0b bf 04 df a9 b6 c1 73 8f 51 3d 3a 15 4e b0 12 b1 ad b8 35 90 08 b9 49 fb a5 52 38 93 97 64 3a a6 0b bd d0 fd 37 a3 49 35 ab c7 bb b0 49 f0 ff e6 92 6a e3 b3 88 31 8f ad 51 24 6a b2 e9 58 ce 0b 25 c3 f9 60 3d 39 b9 3c 38 a6 b1 81 ba b5 a2 a6 ad 88 35 e5 e3 7d 96 f8 67 a2 21 ae 43 d8 e7 5a 8b 1a fb 27 6a b3 fd 67 fe 8b b8 a8 73 cd 40 ae e3 d3 72 4d bf 7d e6 0f 13 7d e1 98 0d 99 aa 55 ae 85 0d ed d5 03 62 ba 14 8e 77 cd 67 73 d5 af ba ef 7c 2a 38 5b a1 27 bf 0a d4 c3 95 b5 0a 19 e5 ea 80 be 55 22 a7 34 0e 15 82 7a 8b ef b9 46 b8 f8 8d ea a1 91 db d1 ad 5f f5 be 0d 66 6e 1b ac dd d6 9f ad 84 ad 5b 0c 6a c8 f2 c4 3c a5 49 c8 56 71 77 ca f5 62 88 b9 5f 2d 91 6b 11 47 63 f9 9e 3d ae 33 1d bf b1 f3 4f f7 10 1a d4 de 88 fa f4 24 ee 04 7e f6 c0 53 49 51 3b 19 87 c8 c7 b6 9a 1c f8 12 b1 d0 83 2f 7c a9 d9 66 dc 16 36 3b 8b be ba 75 c3 d3 b8 1b c8 1b 7a 71 88 50 63 f9 ee f0 fe d6 3d db 2f 89 23 cf ca da 0a 4c 7d 60 bd 24 c0 ba f0 55 c4 ec 95 3a 61 93 c7 ec 85 bc 3d e1 84 1b 6a 1e 03 2b 95 fb e2 eb 6a 01 ff 43 e1 b0 13 49 90 03 7e 43 9f ae c5 d4 fc 99 d8 a3 9d 3b 55 ce c0 9c 9e a1 7e d9 ec b8 f3 d7 73 c5 77 cc d1 52 ed 2e ef 51 77 49 6c 43 d4 c9 58 4c cd 63 61 ab 27 d7 39 d3 bc 9a e0 9c c9 45 cf 17 31 29 e1 ff b4 5d 1f 77 54 b3 30 27 aa 98 cb 86 54 ed ce 53 2c e0 dd 3a 79 c3 fd cc 91 c4 ec 90 39 ab 17 77 36 6f fd e9 e6 23 86 c9 2e e5 56 9d 69 45 9f eb d1 05 f8 40 ce dd 95 d6 c7 9d 3b 78 Data Ascii: WvJh@-02hH";2;)7no+hyG$4:U:l~9~>jQ_O3%U.kW]L6M<_ho[Gv{Wbw_7=>1lxt@}kXa_2Q@r=o=CpfIsQ=:N5IR8d:7I5Ij1Q$jX%`=9<85}g!C
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:07 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 22cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:08 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 cb cf 06 00 47 dd dc 79 02 00 00 00 Data Ascii: Gy
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:26 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 2074cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:26 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 bd 57 c9 76 a3 c8 12 fd a0 5a 3c 40 92 db 2c de 42 80 98 5a 20 1b 4b 0c b9 23 41 c5 a0 04 eb 94 06 86 af ef 9b 89 2d ab aa 55 a7 ce db bc 85 4e 95 81 cc 88 b8 71 23 e2 c6 ae 37 f3 d0 eb 7c d3 ef 7c a9 1b 37 c6 6a a0 e1 7e 70 1b 62 aa 23 89 5d 85 c4 4e b5 a9 dc 63 a6 4b bd a7 4b 83 67 ac ce de 36 39 7b f5 ab bc 6e c2 da ab 16 47 da 06 2c 6b 16 25 d5 9d 93 d3 90 43 3c f3 59 d6 12 96 31 f5 90 c4 01 cb 2d 76 26 6f ce 93 b7 cd 7a 6f 2c 64 58 91 fc aa ab 32 cb 6c c9 4e ed f0 fe 4a 5b af da b4 a7 2a b3 c3 ea 2d 7a e5 36 0f 99 2e 57 54 09 8e d9 e8 75 f1 e8 77 a9 b8 3f b8 d2 c8 3c 52 e6 32 a2 b0 31 b7 dd 92 b6 e2 fb 32 1b e4 43 d6 b0 c3 7a eb 0c 9b 6d d1 fb 46 d6 6f b6 d9 e8 d7 87 de 33 92 6a ad bb 1d 62 1a a9 02 5f 2d f6 44 a2 40 23 36 ec 36 a4 a4 b6 cf f0 7e 20 b1 2f 53 3b 18 77 c2 37 b7 cc 94 30 cc 9a 8e fb f3 9e db 41 b7 61 dd 35 d6 d5 59 3e ae 2e 69 e4 97 59 1b 08 9c f0 7f b6 6e fc 2b 7d e3 18 c8 e5 de e4 98 c8 1e 89 16 6d 6e 15 d5 a6 de 75 b8 bf 4e 2d f3 42 9b f0 e4 d4 ef 88 1f be 46 ee 95 58 6c 5c 47 79 0d bf a4 ac 51 4f 5e bd 1c d7 b6 76 24 9f f1 0f 72 9b 28 ea 05 b1 5e a9 71 98 fd fe 1d 32 39 f4 5d 1a bd 9e 93 46 3d a4 b1 77 26 0a 7c 6a 83 81 2a 5d ef 6f 9d d3 ef 6c fa 86 d7 39 c8 49 3a cb 10 ab c3 b1 92 80 d5 39 1b 9c 27 a7 e2 31 99 87 dc 0a c7 5c c7 df 8d da 10 fe ac f5 a5 7d d4 b3 29 5f ce c2 33 5e c1 8f 1d 7e 4b 89 df 35 f9 e0 ef 48 24 77 d4 32 25 b2 33 4f d4 52 67 99 7c ac 9d fa 28 65 6d c8 be bf f1 ef fa 6b a2 9c 47 3c a3 e0 9e b4 8f 35 26 f0 01 4e 9c 3f 04 b9 49 62 60 27 f2 2f e2 29 d3 68 c1 b2 0a be b4 ee c8 6d e5 11 7b c9 ec e0 48 23 e4 15 5c 23 8d 79 ca 94 1d fc 5e c8 34 72 c5 b7 de 4c 3a dd df 9f 44 81 38 2b b0 b5 c0 a9 26 1c b8 dd 04 f8 79 3c 8f 6d 78 dc ce 34 29 8d e4 e3 be d9 dd f3 e4 92 47 72 25 6a a3 f6 d5 18 31 64 b3 60 41 81 0f 3f bf 69 91 a7 d9 6b b1 97 fb 8b a3 2f cf 6b 70 2e 57 18 f0 2b 9e 1c 63 05 5e 6a dd de 38 67 b4 95 33 ca fa 0b c7 69 ff d6 15 a9 1d 9c a9 ae fd 15 5b f3 02 e7 0a d2 20 e7 ba dc 24 b0 4f ed c3 93 63 fb e0 ba 77 06 27 87 34 4a 4e 8e 9e 6b e0 3b ea 2e bb 9d 49 ad f0 48 94 52 da 54 4b 70 7e c9 36 93 0f 85 63 b9 25 30 6e c1 2f 99 36 e0 87 a2 9e Data Ascii: WvZ<@,BZ K#A-UNq#7||7j~pb#]NcKKg69{nG,k%C<Y1-v&ozo,dX2lNJ[*-z6.WTuw?<R212CzmFo3jb_-D@#66~ /S;w70Aa5Y>.iYn+}mnuN-BFXl
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:28 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 22cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:28 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 cb cf 06 00 47 dd dc 79 02 00 00 00 Data Ascii: Gy
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:28 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 2075cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:29 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 bd 57 c9 76 e2 4a 16 fc a0 da 68 40 ae c7 e2 2d 10 a0 a9 91 30 32 68 c8 9d 94 c2 48 22 13 d4 c5 a0 e1 eb 3b 32 b1 81 aa b6 cf 3b bd e9 05 c7 06 29 ef 18 37 6e e4 a6 b3 8a c8 6f 03 2b 68 03 a5 1d 96 b3 79 9f 47 db de e3 c4 1a 0f 24 f1 34 92 b8 d5 b2 f2 1a 3a 55 3a 7f aa f4 fe 6c 7e f6 d7 e9 d9 1f 36 17 12 fb fd 82 b3 4b 61 47 7d ce ad 93 5b b5 15 e1 e1 3b d5 a2 be e0 51 9f 68 61 89 67 4a 16 ab cc ad 8f 5d 30 cc e1 61 33 f2 d7 2b 63 31 f5 da 34 2e d8 5a 37 f1 7c 7c a1 bd fb 02 bf 6d 11 7b 1e 99 ba 2f 2e 0f db 45 ec 5d 89 cd 06 7f 30 df 7d dd 3c 4a fb f6 f8 9c c6 ec b2 e1 d1 21 4b 02 85 72 eb 52 c8 f7 ad 61 11 87 7d 16 af ce 7e ed 1a c8 44 81 3f 23 18 7c 6d b9 9e b7 41 e5 9e dc 83 c9 e8 21 b8 8a 58 b3 a4 61 64 6e ed 85 5f 82 ef 54 db e0 b9 c7 a8 1e 9d 0a 27 58 89 d8 56 dc 1a 48 84 dc a4 fd 52 29 9c c9 4b 32 1d d3 85 5e e8 fe 9b d1 a4 9a d5 e3 5d d8 24 f8 7f 73 49 b5 f1 59 c4 98 c7 d6 28 12 35 d9 74 2c e7 85 92 e1 7c b0 9e 9c 5c 1e 1c d3 d8 40 dd 5a 51 d3 56 c4 9a f2 f1 3e 4b fc 33 d1 10 d7 21 ec 73 ad 45 8d fd 13 b5 d9 fe 33 ff 45 5c d4 b9 66 20 d7 f1 69 b9 a6 df 3e f3 87 89 be 70 cc 86 4c d5 2a d7 c2 86 f6 ea 01 31 5d 0a c7 bb e6 b3 b9 ea 57 dd 77 3e 15 9c ad d0 93 5f 05 ea e1 ca 5a 85 8c 72 75 40 df 2a 91 53 1a 87 0a 41 bd c5 f7 5c 23 5c fc 46 f5 d0 c8 ed e8 d6 af 7a df 06 33 b7 0d d6 6e eb cf 56 c2 d6 2d 06 35 64 79 62 9e d2 24 64 ab b8 3b e5 7a 31 c4 dc af 96 c8 b5 88 a3 b1 7c cf 1e d7 99 8e df d8 f9 a7 7b 08 0d 6a 6f 44 7d 7a 12 77 02 3f 7b e0 a9 a4 a8 9d 8c 43 e4 63 5b 4d 0e 7c 89 58 e8 c1 17 be d4 6c 33 6e 0b 9b 9d 45 5f dd ba e1 69 dc 0d e4 0d bd 38 44 a8 b1 7c 77 78 7f eb 9e ed 97 c4 91 67 65 6d 05 a6 3e b0 5e 12 60 5d f8 2a 62 f6 4a 9d b0 c9 63 f6 42 de 9e 70 c2 0d 35 8f 81 95 ca 7d f1 75 b5 80 ff a1 70 d8 89 24 c8 01 bf a1 4f d7 62 6a fe 4c ec d1 ce 9d 2a 67 60 4e cf 50 bf 6c 76 dc f9 eb b9 e2 3b e6 68 a9 76 97 f7 a8 bb 24 b6 21 ea 84 79 30 8f 85 ad 9e 5c e7 4c f3 6a 82 73 26 17 3d 5f c4 a4 84 ff d3 76 7d dc 51 cd c2 9c a8 62 2e 1b 52 b5 3b 4f b1 80 77 eb e4 0d f7 33 47 12 b3 43 e6 ac 5e dc d9 bc f5 a7 9b 8f 18 26 bb 94 5b 75 a6 15 7d ae 47 17 e0 03 39 77 57 5a 1f 77 ee e0 Data Ascii: WvJh@-02hH";2;)7no+hyG$4:U:l~6KaG}[;QhagJ]0a3+c14.Z7||m{/.E]0}<J!KrRa}~D?#|mA!Xadn_T'XVHR)K2^]$sIY(5t,|\@ZQV>K3!
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:30 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 22cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:30 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 cb cf 06 00 47 dd dc 79 02 00 00 00 Data Ascii: Gy
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:29 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 2075cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:30 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 bd 57 c9 76 e2 4a 16 fc a0 da 68 40 ae c7 e2 2d 10 a0 a9 91 30 32 68 c8 9d 94 c2 48 22 13 d4 c5 a0 e1 eb 3b 32 b1 81 aa b6 cf 3b bd e9 05 c7 06 29 ef 18 37 6e e4 a6 b3 8a c8 6f 03 2b 68 03 a5 1d 96 b3 79 9f 47 db de e3 c4 1a 0f 24 f1 34 92 b8 d5 b2 f2 1a 3a 55 3a 7f aa f4 fe 6c 7e f6 d7 e9 39 18 fc 0b 89 fd 7e c1 d9 a5 b0 a3 3e e7 d6 c9 ad da 8a f0 f0 9d 6a 51 5f f0 a8 4f b4 b0 c4 33 25 8b 55 e6 d6 c7 2e 18 e6 f0 b0 19 f9 eb 4d bb 98 7a 6d 1a 17 6c ad 9b 78 3e be d0 de 7d 81 df b6 88 3d 8f 4c dd 17 97 87 ed 22 f6 ae c4 66 83 3f 98 ef be 6e 1e a5 7d 7b 7c 4e 63 76 d9 f0 e8 90 25 81 42 b9 75 29 e4 fb d6 b0 88 c3 3e 8b 57 67 bf 76 0d 64 a2 c0 9f 81 38 b5 e5 7a de 06 95 7b 72 0f 26 a3 87 e0 2a 62 cd 92 86 91 b9 b5 17 7e 09 be 53 6d 83 e7 1e a3 7a 74 2a 9c 60 25 62 5b 71 6b 20 11 72 93 f6 4b a5 70 26 2f c9 74 4c 17 7a a1 fb 6f 46 93 6a 56 8f 77 61 93 e0 ff cd 25 d5 c6 67 11 63 1e 5b a3 48 d4 64 d3 b1 9c 17 4a 86 f3 c1 7a 72 72 79 70 4c 63 03 75 6b 45 4d 5b 11 6b ca c7 fb 2c f1 cf 44 43 5c 87 b0 cf b5 16 35 f6 4f d4 66 fb cf fc 17 71 51 e7 9a 81 5c c7 a7 e5 9a 7e fb cc 1f 26 fa c2 31 1b 32 55 ab 5c 0b 1b da ab 07 c4 74 29 1c ef 9a cf e6 aa 5f 75 df f9 54 70 b6 42 4f 7e 15 a8 87 2b 6b 15 32 ca d5 01 7d ab 44 4e 69 1c 2a 04 f5 16 df 73 8d 70 f1 1b d5 43 23 b7 a3 5b bf ea 7d 1b cc dc 36 58 bb ad 3f 5b 09 5b b7 18 d4 90 e5 89 79 4a 93 90 ad e2 ee 94 eb c5 10 73 bf 5a 22 d7 22 8e c6 f2 3d 7b 5c 67 3a 7e 63 e7 9f ee 21 34 a8 bd 11 f5 e9 49 dc 09 fc ec 81 a7 92 a2 76 32 0e 91 8f 6d 35 39 f0 25 62 a1 07 5f f8 52 b3 cd b8 2d 6c 76 16 7d 75 eb 86 a7 71 37 90 37 f4 e2 10 a1 c6 f2 dd e1 fd ad 7b b6 5f 12 47 9e 95 b5 15 98 fa c0 7a 49 80 75 e1 ab 88 d9 2b 75 c2 26 8f d9 0b 79 7b c2 09 37 d4 3c 06 56 2a f7 c5 d7 d5 02 fe 87 c2 61 27 92 20 07 fc 86 3e 5d 8b a9 f9 33 b1 47 3b 77 aa 9c 81 39 3d 43 fd b2 d9 71 e7 af e7 8a ef 98 a3 a5 da 5d de a3 ee 92 d8 86 a8 93 b1 98 9a c7 c2 56 4f ae 73 a6 79 35 c1 39 93 8b 9e 2f 62 52 c2 ff 69 bb 3e ee a8 66 61 4e 54 31 97 0d a9 da 9d a7 58 c0 bb 75 f2 86 fb 99 23 89 d9 21 73 56 2f ee 6c de fa d3 cd 47 0c 93 5d ca ad 3a d3 8a 3e d7 a3 0b f0 81 9c bb 2b ad 8f 3b 77 f0 Data Ascii: WvJh@-02hH";2;)7no+hyG$4:U:l~9~>jQ_O3%U.Mzmlx>}=L"f?n}{|Ncv%Bu)>Wgvd8z{r&*b~Smzt*`%b[qk rKp&/tLzoFjVwa%gc[HdJzrrypLcukEM[k,DC\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:33 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 22cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:33 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 cb cf 06 00 47 dd dc 79 02 00 00 00 Data Ascii: Gy
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKserver: openrestydate: Tue, 23 Apr 2024 07:42:33 GMTcontent-type: text/html; charset=UTF-8content-encoding: gzipcontent-length: 22cache-control: no-cachex-version: 2.118.0expires: Thu, 01 Jan 1970 00:00:01 GMTcache-control: no-store, must-revalidatecache-control: post-check=0, pre-check=0pragma: no-cacheset-cookie: parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; expires=Tue, 23 Apr 2024 07:57:33 GMT; Max-Age=900; path=/; httponlyData Raw: 1f 8b 08 00 00 00 00 00 04 03 cb cf 06 00 47 dd dc 79 02 00 00 00 Data Ascii: Gy

Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: http://ww1.icartservice.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.adsensecustomsearchads.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron_expand.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.adsensecustomsearchads.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron_expand.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/afs/snowman.png HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.adsensecustomsearchads.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/afs/snowman.png HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /takedown-request HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/app.css?id=c87e71429bf4f4d8f19a HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlDUGJkS1BEYWxoOHRETGlibnlzbGc9PSIsInZhbHVlIjoiaFFYMGI1eUJjV283S1UrWjk4VGRLZng5ZEkrcjgrSERkRWRIaVROeU5iN3RTeHJ5UFp1TXArTmpWOHJlVTZMTzRhOFgzQzZyZWRxVG4wQkRvRStyUzNLZ3VDakZJdUVHYWduWEVWWDVCdkFXL2ZJWUpOWldocGNZMDg5aDVvNHMiLCJtYWMiOiIxMjBiNGEzNTIxMDdlZTY0OGZkNTBjMzgyZGJlYzFiZGQ5ZmQ4N2I4OGVmZTJlYTQwYmUyY2QxNWYxODc3YTIyIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IkkrdlMxdlJLajUyNUlRSUhmRGdUSVE9PSIsInZhbHVlIjoicThNaFZwSXI0MTAwS0pxVHByVzR2Lzh3OHVmMmc2Q2puNi9Bck95N3RUYlhsZWtGTnQxNC9YWE4ybXB4UU03VkxTLzE4ZllORDY2T2VHQkJUOG1MbEZzSGo5K1pIcnZKb2d2eGlCWVBUMFhLTEo4YUNXVE8vZGZEcnNmRVQwNnYiLCJtYWMiOiIyMzhiM2Q4NWY1M2FmNDA3OGJmOWYzMGU1M2QzMTFkZWRkOTY0MTQ2ODU5OWJhMWQ0YmU5N2I4MzBhZWFhZmI1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /js/app.js?id=a6d102922d07b5b652c9 HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlDUGJkS1BEYWxoOHRETGlibnlzbGc9PSIsInZhbHVlIjoiaFFYMGI1eUJjV283S1UrWjk4VGRLZng5ZEkrcjgrSERkRWRIaVROeU5iN3RTeHJ5UFp1TXArTmpWOHJlVTZMTzRhOFgzQzZyZWRxVG4wQkRvRStyUzNLZ3VDakZJdUVHYWduWEVWWDVCdkFXL2ZJWUpOWldocGNZMDg5aDVvNHMiLCJtYWMiOiIxMjBiNGEzNTIxMDdlZTY0OGZkNTBjMzgyZGJlYzFiZGQ5ZmQ4N2I4OGVmZTJlYTQwYmUyY2QxNWYxODc3YTIyIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IkkrdlMxdlJLajUyNUlRSUhmRGdUSVE9PSIsInZhbHVlIjoicThNaFZwSXI0MTAwS0pxVHByVzR2Lzh3OHVmMmc2Q2puNi9Bck95N3RUYlhsZWtGTnQxNC9YWE4ybXB4UU03VkxTLzE4ZllORDY2T2VHQkJUOG1MbEZzSGo5K1pIcnZKb2d2eGlCWVBUMFhLTEo4YUNXVE8vZGZEcnNmRVQwNnYiLCJtYWMiOiIyMzhiM2Q4NWY1M2FmNDA3OGJmOWYzMGU1M2QzMTFkZWRkOTY0MTQ2ODU5OWJhMWQ0YmU5N2I4MzBhZWFhZmI1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /dfp.js HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlDUGJkS1BEYWxoOHRETGlibnlzbGc9PSIsInZhbHVlIjoiaFFYMGI1eUJjV283S1UrWjk4VGRLZng5ZEkrcjgrSERkRWRIaVROeU5iN3RTeHJ5UFp1TXArTmpWOHJlVTZMTzRhOFgzQzZyZWRxVG4wQkRvRStyUzNLZ3VDakZJdUVHYWduWEVWWDVCdkFXL2ZJWUpOWldocGNZMDg5aDVvNHMiLCJtYWMiOiIxMjBiNGEzNTIxMDdlZTY0OGZkNTBjMzgyZGJlYzFiZGQ5ZmQ4N2I4OGVmZTJlYTQwYmUyY2QxNWYxODc3YTIyIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IkkrdlMxdlJLajUyNUlRSUhmRGdUSVE9PSIsInZhbHVlIjoicThNaFZwSXI0MTAwS0pxVHByVzR2Lzh3OHVmMmc2Q2puNi9Bck95N3RUYlhsZWtGTnQxNC9YWE4ybXB4UU03VkxTLzE4ZllORDY2T2VHQkJUOG1MbEZzSGo5K1pIcnZKb2d2eGlCWVBUMFhLTEo4YUNXVE8vZGZEcnNmRVQwNnYiLCJtYWMiOiIyMzhiM2Q4NWY1M2FmNDA3OGJmOWYzMGU1M2QzMTFkZWRkOTY0MTQ2ODU5OWJhMWQ0YmU5N2I4MzBhZWFhZmI1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /api/account HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, */*X-XSRF-TOKEN: eyJpdiI6IjlDUGJkS1BEYWxoOHRETGlibnlzbGc9PSIsInZhbHVlIjoiaFFYMGI1eUJjV283S1UrWjk4VGRLZng5ZEkrcjgrSERkRWRIaVROeU5iN3RTeHJ5UFp1TXArTmpWOHJlVTZMTzRhOFgzQzZyZWRxVG4wQkRvRStyUzNLZ3VDakZJdUVHYWduWEVWWDVCdkFXL2ZJWUpOWldocGNZMDg5aDVvNHMiLCJtYWMiOiIxMjBiNGEzNTIxMDdlZTY0OGZkNTBjMzgyZGJlYzFiZGQ5ZmQ4N2I4OGVmZTJlYTQwYmUyY2QxNWYxODc3YTIyIiwidGFnIjoiIn0=X-CSRF-TOKEN: hdBYEgWRP49Fk5dt7mvrmIcCM7eUDhZ1GYCFFCtDsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlDUGJkS1BEYWxoOHRETGlibnlzbGc9PSIsInZhbHVlIjoiaFFYMGI1eUJjV283S1UrWjk4VGRLZng5ZEkrcjgrSERkRWRIaVROeU5iN3RTeHJ5UFp1TXArTmpWOHJlVTZMTzRhOFgzQzZyZWRxVG4wQkRvRStyUzNLZ3VDakZJdUVHYWduWEVWWDVCdkFXL2ZJWUpOWldocGNZMDg5aDVvNHMiLCJtYWMiOiIxMjBiNGEzNTIxMDdlZTY0OGZkNTBjMzgyZGJlYzFiZGQ5ZmQ4N2I4OGVmZTJlYTQwYmUyY2QxNWYxODc3YTIyIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IkkrdlMxdlJLajUyNUlRSUhmRGdUSVE9PSIsInZhbHVlIjoicThNaFZwSXI0MTAwS0pxVHByVzR2Lzh3OHVmMmc2Q2puNi9Bck95N3RUYlhsZWtGTnQxNC9YWE4ybXB4UU03VkxTLzE4ZllORDY2T2VHQkJUOG1MbEZzSGo5K1pIcnZKb2d2eGlCWVBUMFhLTEo4YUNXVE8vZGZEcnNmRVQwNnYiLCJtYWMiOiIyMzhiM2Q4NWY1M2FmNDA3OGJmOWYzMGU1M2QzMTFkZWRkOTY0MTQ2ODU5OWJhMWQ0YmU5N2I4MzBhZWFhZmI1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/script.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/reamaze.js HTTP/1.1Host: cdn.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /svg/logo.svg HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjlDUGJkS1BEYWxoOHRETGlibnlzbGc9PSIsInZhbHVlIjoiaFFYMGI1eUJjV283S1UrWjk4VGRLZng5ZEkrcjgrSERkRWRIaVROeU5iN3RTeHJ5UFp1TXArTmpWOHJlVTZMTzRhOFgzQzZyZWRxVG4wQkRvRStyUzNLZ3VDakZJdUVHYWduWEVWWDVCdkFXL2ZJWUpOWldocGNZMDg5aDVvNHMiLCJtYWMiOiIxMjBiNGEzNTIxMDdlZTY0OGZkNTBjMzgyZGJlYzFiZGQ5ZmQ4N2I4OGVmZTJlYTQwYmUyY2QxNWYxODc3YTIyIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IkkrdlMxdlJLajUyNUlRSUhmRGdUSVE9PSIsInZhbHVlIjoicThNaFZwSXI0MTAwS0pxVHByVzR2Lzh3OHVmMmc2Q2puNi9Bck95N3RUYlhsZWtGTnQxNC9YWE4ybXB4UU03VkxTLzE4ZllORDY2T2VHQkJUOG1MbEZzSGo5K1pIcnZKb2d2eGlCWVBUMFhLTEo4YUNXVE8vZGZEcnNmRVQwNnYiLCJtYWMiOiIyMzhiM2Q4NWY1M2FmNDA3OGJmOWYzMGU1M2QzMTFkZWRkOTY0MTQ2ODU5OWJhMWQ0YmU5N2I4MzBhZWFhZmI1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /js/chunks/14.3a7973fff8110300ff48.js HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjczS2xkTjNJTkx5SFl6ZkxsVW1IZXc9PSIsInZhbHVlIjoidmllZUpWL0c2bzNQVDdRZ3JSVTZqTFhpZTZZanhVb24zNk1nOG5RRUpOR3lBV0dnd0lJaWNyTDJodGdZVEJ5NXpQN1I1UDBVMDdVMDJ5d3FqK1lsTWI4NDE3bVFWM0QwKzAzUkN4bnlMREtWZ0prb0w4VU1uWEZMQkZqTm9JTVYiLCJtYWMiOiI1ZmJlYmY0MjUwM2E1Y2IyYzc3ODhkMWFmZjQ3OGUwOWU4MzZhN2MxNDUzNmRjOTJmMDNlZWExOGJkYmQ2MWRmIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IldDNFA3bVRtenNBZFJKWjFIZG5CNkE9PSIsInZhbHVlIjoiQ3NKTHFIa3VOalkwZkVZbDNseEhyRmpwNmp1SThna1pZMnlDTzF4WjZXZlRlR1B2ZVV0MEkwNGVjbDlwSFVkbThMT0Q5dm9DeGpwUHNQTFlrUytWeEIxRkxvSXozNXYybnJXbzgwZkp2UjJMeTJUWDdzeUdZSFJsd0xkMUZKU0EiLCJtYWMiOiI3YzU4ODZlZWIzYmY0ZTAzODJjZGVmOWNkYmQwZGQwNTNjZTA1YmNhZTlkZGIyOTVkYmE3NGZiM2YwNDU0MmEwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /svg/logo.svg HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjczS2xkTjNJTkx5SFl6ZkxsVW1IZXc9PSIsInZhbHVlIjoidmllZUpWL0c2bzNQVDdRZ3JSVTZqTFhpZTZZanhVb24zNk1nOG5RRUpOR3lBV0dnd0lJaWNyTDJodGdZVEJ5NXpQN1I1UDBVMDdVMDJ5d3FqK1lsTWI4NDE3bVFWM0QwKzAzUkN4bnlMREtWZ0prb0w4VU1uWEZMQkZqTm9JTVYiLCJtYWMiOiI1ZmJlYmY0MjUwM2E1Y2IyYzc3ODhkMWFmZjQ3OGUwOWU4MzZhN2MxNDUzNmRjOTJmMDNlZWExOGJkYmQ2MWRmIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IldDNFA3bVRtenNBZFJKWjFIZG5CNkE9PSIsInZhbHVlIjoiQ3NKTHFIa3VOalkwZkVZbDNseEhyRmpwNmp1SThna1pZMnlDTzF4WjZXZlRlR1B2ZVV0MEkwNGVjbDlwSFVkbThMT0Q5dm9DeGpwUHNQTFlrUytWeEIxRkxvSXozNXYybnJXbzgwZkp2UjJMeTJUWDdzeUdZSFJsd0xkMUZKU0EiLCJtYWMiOiI3YzU4ODZlZWIzYmY0ZTAzODJjZGVmOWNkYmQwZGQwNTNjZTA1YmNhZTlkZGIyOTVkYmE3NGZiM2YwNDU0MmEwIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/banner.js HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, */*X-XSRF-TOKEN: eyJpdiI6IjczS2xkTjNJTkx5SFl6ZkxsVW1IZXc9PSIsInZhbHVlIjoidmllZUpWL0c2bzNQVDdRZ3JSVTZqTFhpZTZZanhVb24zNk1nOG5RRUpOR3lBV0dnd0lJaWNyTDJodGdZVEJ5NXpQN1I1UDBVMDdVMDJ5d3FqK1lsTWI4NDE3bVFWM0QwKzAzUkN4bnlMREtWZ0prb0w4VU1uWEZMQkZqTm9JTVYiLCJtYWMiOiI1ZmJlYmY0MjUwM2E1Y2IyYzc3ODhkMWFmZjQ3OGUwOWU4MzZhN2MxNDUzNmRjOTJmMDNlZWExOGJkYmQ2MWRmIiwidGFnIjoiIn0=X-CSRF-TOKEN: hdBYEgWRP49Fk5dt7mvrmIcCM7eUDhZ1GYCFFCtDsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjczS2xkTjNJTkx5SFl6ZkxsVW1IZXc9PSIsInZhbHVlIjoidmllZUpWL0c2bzNQVDdRZ3JSVTZqTFhpZTZZanhVb24zNk1nOG5RRUpOR3lBV0dnd0lJaWNyTDJodGdZVEJ5NXpQN1I1UDBVMDdVMDJ5d3FqK1lsTWI4NDE3bVFWM0QwKzAzUkN4bnlMREtWZ0prb0w4VU1uWEZMQkZqTm9JTVYiLCJtYWMiOiI1ZmJlYmY0MjUwM2E1Y2IyYzc3ODhkMWFmZjQ3OGUwOWU4MzZhN2MxNDUzNmRjOTJmMDNlZWExOGJkYmQ2MWRmIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IldDNFA3bVRtenNBZFJKWjFIZG5CNkE9PSIsInZhbHVlIjoiQ3NKTHFIa3VOalkwZkVZbDNseEhyRmpwNmp1SThna1pZMnlDTzF4WjZXZlRlR1B2ZVV0MEkwNGVjbDlwSFVkbThMT0Q5dm9DeGpwUHNQTFlrUytWeEIxRkxvSXozNXYybnJXbzgwZkp2UjJMeTJUWDdzeUdZSFJsd0xkMUZKU0EiLCJtYWMiOiI3YzU4ODZlZWIzYmY0ZTAzODJjZGVmOWNkYmQwZGQwNTNjZTA1YmNhZTlkZGIyOTVkYmE3NGZiM2YwNDU0MmEwIiwidGFnIjoiIn0%3D; cookieyes-consent=consentid:cm56eWZ2UzdsNE51b3dzbFh0Qk1HY1hzOURESVVxUWk,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/brands/bodis/ping HTTP/1.1Host: cdn.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: */*sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:cm56eWZ2UzdsNE51b3dzbFh0Qk1HY1hzOURESVVxUWk,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1713858172.1.0.1713858172.60.0.0; _ga=GA1.1.1379586991.1713858172; XSRF-TOKEN=eyJpdiI6Im9IWlB6V1J0cWZRY09sMG95bHExOXc9PSIsInZhbHVlIjoiZklpcGhxZzlkZy9SK2hvc09VR25HUzBycHpja1F1Z3p4Mk91WHQwVEpFc0dpc3BXRXZkT2VtSlo0WCtGOHBPd2REbjE1a1Rpem8rQVJ0L2w0ZDJTZjA4aEgzN0FUenRJcXo3SjVlT1VsUERDZWVUSXJXbEUyTzdPQjd3Wm5wSEIiLCJtYWMiOiIyYjgyY2ViOGNlOGQ1MmFlM2ZjZGFjNjIxMDBlMTRlOGE3OGI4ZTkyMWQ2NGNhYzVjNjRjYjk1ZTgxYzc1MDI5IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IjRvYU14T3ZXbU5pZjFjd05hZlBKZ0E9PSIsInZhbHVlIjoidmV1QWQzMHB3Rkp1eHFLa1NFZExJN0I4ZkRhUnRJY2ZrWkxaZVEzcVBHTGJ6Y2FxZ3A1MGZPc2pxZE9kZWRaTE5aR21BTGZFOUVCeGM3OHpaeUtWZTliaDRvY2J1czlHU0FxcU52aEZ4dTV2N3NSR1Vsd2J4YndST0lleHJQOVQiLCJtYWMiOiJjMDgwNWM1NzQ0ZGQ4ODJiYTgwN2QyNGM3MmNkNzYwZDI0ZjUxZGQ5YWUyN2ZhMDM4MzdkZGU2Y2VmYWI2YmIzIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, */*X-XSRF-TOKEN: eyJpdiI6IjczS2xkTjNJTkx5SFl6ZkxsVW1IZXc9PSIsInZhbHVlIjoidmllZUpWL0c2bzNQVDdRZ3JSVTZqTFhpZTZZanhVb24zNk1nOG5RRUpOR3lBV0dnd0lJaWNyTDJodGdZVEJ5NXpQN1I1UDBVMDdVMDJ5d3FqK1lsTWI4NDE3bVFWM0QwKzAzUkN4bnlMREtWZ0prb0w4VU1uWEZMQkZqTm9JTVYiLCJtYWMiOiI1ZmJlYmY0MjUwM2E1Y2IyYzc3ODhkMWFmZjQ3OGUwOWU4MzZhN2MxNDUzNmRjOTJmMDNlZWExOGJkYmQ2MWRmIiwidGFnIjoiIn0=X-CSRF-TOKEN: hdBYEgWRP49Fk5dt7mvrmIcCM7eUDhZ1GYCFFCtDsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjczS2xkTjNJTkx5SFl6ZkxsVW1IZXc9PSIsInZhbHVlIjoidmllZUpWL0c2bzNQVDdRZ3JSVTZqTFhpZTZZanhVb24zNk1nOG5RRUpOR3lBV0dnd0lJaWNyTDJodGdZVEJ5NXpQN1I1UDBVMDdVMDJ5d3FqK1lsTWI4NDE3bVFWM0QwKzAzUkN4bnlMREtWZ0prb0w4VU1uWEZMQkZqTm9JTVYiLCJtYWMiOiI1ZmJlYmY0MjUwM2E1Y2IyYzc3ODhkMWFmZjQ3OGUwOWU4MzZhN2MxNDUzNmRjOTJmMDNlZWExOGJkYmQ2MWRmIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IldDNFA3bVRtenNBZFJKWjFIZG5CNkE9PSIsInZhbHVlIjoiQ3NKTHFIa3VOalkwZkVZbDNseEhyRmpwNmp1SThna1pZMnlDTzF4WjZXZlRlR1B2ZVV0MEkwNGVjbDlwSFVkbThMT0Q5dm9DeGpwUHNQTFlrUytWeEIxRkxvSXozNXYybnJXbzgwZkp2UjJMeTJUWDdzeUdZSFJsd0xkMUZKU0EiLCJtYWMiOiI3YzU4ODZlZWIzYmY0ZTAzODJjZGVmOWNkYmQwZGQwNTNjZTA1YmNhZTlkZGIyOTVkYmE3NGZiM2YwNDU0MmEwIiwidGFnIjoiIn0%3D; cookieyes-consent=consentid:cm56eWZ2UzdsNE51b3dzbFh0Qk1HY1hzOURESVVxUWk,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
Source: global traffic	HTTP traffic detected: GET /ajax/libs/pusher/7.0.1/pusher.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/reamaze-push.js HTTP/1.1Host: push.reamaze.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/brands/bodis/ping HTTP/1.1Host: cdn.reamaze.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 5AcUhEstlNdfnCShnF5j/w==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /api/countries HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:cm56eWZ2UzdsNE51b3dzbFh0Qk1HY1hzOURESVVxUWk,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1713858172.1.0.1713858172.60.0.0; _ga=GA1.1.1379586991.1713858172; XSRF-TOKEN=eyJpdiI6InJKTWU3dTJvSVZudE5wdk5uSklsN1E9PSIsInZhbHVlIjoiM1NyVmFMODhmaTJCc1Z4Sno0ZWNxbWd3VzlJelUwQ1hDUWpNZWlheERpREtDYUVSYzQzMGVubEY4eC8yS3NHMGJNQjE5Tmp3TEZQODNWSGc3WGtlUTIrdGtoSFc5ZHI5alpycjhvbzFxcWNVRyt1MmZyYnV4bjhwdVJGdGplRE0iLCJtYWMiOiI4MjhjZDVjNGVkYzliYjBkMmI3MjA2NzU4OWI2ODU3NTcwNmIwOTAzYzE0YWMxZTM3ODFiZjM1NzkzYWVkZTMyIiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IitNV1BUVmpueC9mTURxUm13anVCNUE9PSIsInZhbHVlIjoiZC9CVjZEZGJ2dEMrNi9rTWtrWExRRWd6VDFBMXYzYzBCazNZSWwvd2pLSnlhQVJaWit5bXhzOHY3dWdHRW1BbmxrZnU4dXZzVE5MMjVReUhJeWF0ZDRZUWhPY2hOeHRycUkzdjE1R09hOTlRY2dJMmZuOHlaT2NqRVd1enF5RUoiLCJtYWMiOiI2OWYxYTVmMjYyNjJhYjQzMDdhMmEzZTZhNThmMGIxYWExM2VkZDI2ODIzMGNiNTUwMzhhNTQ3YjNlNTE0ZDRmIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&cb=c5eivrwj482n HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74&co=aHR0cHM6Ly93d3cuYm9kaXMuY29tOjQ0Mw..&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&cb=c5eivrwj482nAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlaHLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.recaptcha.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/gZm2ypof.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LfzTxMTAAAAAAHIvRILb-jIu7t-RzWErSMfee74 HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: www.bodis.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bodis.com/takedown-requestAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:cm56eWZ2UzdsNE51b3dzbFh0Qk1HY1hzOURESVVxUWk,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1713858172.1.0.1713858172.60.0.0; _ga=GA1.1.1379586991.1713858172; XSRF-TOKEN=eyJpdiI6IjJ4YTg1aGVzeXpMMnMzeHgxTi9mNlE9PSIsInZhbHVlIjoiRkFPZW1LdUpyQ2NHMnRzVllhOHdUY1NXbEU0WmlGSEs5Y1pOWWZlQzRNaUgyWWdBc2V0YS9WRnZUSnVZQi8rUDFGd3E0RDdmTW9mMEFoU2trV2h0cTRPMlpNRXg2aExMYjNlYmlEM0pqMFdsK09rRmVkVTFLQWdIajdvc25SSGgiLCJtYWMiOiI5OTY4ZDM0MTY1Njk2YjUxOTgzMTMyNmI0YTRmNWM2Nzc0Njk1ZTNlNWEzMDE1YjQxYzJkMmRiMzBkOTdjNGU3IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlVEckRGSEd0Tk9lNTZHUXZPRjZtZ0E9PSIsInZhbHVlIjoiYWVmdk1Ybjl1cStBV2NsVEpjWmtwMlU4OE4yWktPdnVjcmhTQmU3OEh5SjhyZWIzRUxvUzBuZEpHVnZWa1RpY3Q2a3YwWkplN29kZWk1cXVuSDdDaCtKM3FIL1ZOUHJjV0VkVUpxMWpsZjJFRFN5NkZKOUpPRGRGdzh6R1UrTlkiLCJtYWMiOiI0Mzk3YmRjZmQ5ZmJjZDE1ODA0MTY4NjgzNzNkNjQ5Mzc3NmFlZDY1OTQzMTgyNGNiMzgyY2NlMGYzNzA5MDc2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/gZm2ypof.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: www.bodis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cookieyes-consent=consentid:cm56eWZ2UzdsNE51b3dzbFh0Qk1HY1hzOURESVVxUWk,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:; _ga_L32F1DFB3K=GS1.1.1713858172.1.0.1713858172.60.0.0; _ga=GA1.1.1379586991.1713858172; XSRF-TOKEN=eyJpdiI6IjJ4YTg1aGVzeXpMMnMzeHgxTi9mNlE9PSIsInZhbHVlIjoiRkFPZW1LdUpyQ2NHMnRzVllhOHdUY1NXbEU0WmlGSEs5Y1pOWWZlQzRNaUgyWWdBc2V0YS9WRnZUSnVZQi8rUDFGd3E0RDdmTW9mMEFoU2trV2h0cTRPMlpNRXg2aExMYjNlYmlEM0pqMFdsK09rRmVkVTFLQWdIajdvc25SSGgiLCJtYWMiOiI5OTY4ZDM0MTY1Njk2YjUxOTgzMTMyNmI0YTRmNWM2Nzc0Njk1ZTNlNWEzMDE1YjQxYzJkMmRiMzBkOTdjNGU3IiwidGFnIjoiIn0%3D; bodis_session=eyJpdiI6IlVEckRGSEd0Tk9lNTZHUXZPRjZtZ0E9PSIsInZhbHVlIjoiYWVmdk1Ybjl1cStBV2NsVEpjWmtwMlU4OE4yWktPdnVjcmhTQmU3OEh5SjhyZWIzRUxvUzBuZEpHVnZWa1RpY3Q2a3YwWkplN29kZWk1cXVuSDdDaCtKM3FIL1ZOUHJjV0VkVUpxMWpsZjJFRFN5NkZKOUpPRGRGdzh6R1UrTlkiLCJtYWMiOiI0Mzk3YmRjZmQ5ZmJjZDE1ODA0MTY4NjgzNzNkNjQ5Mzc3NmFlZDY1OTQzMTgyNGNiMzgyY2NlMGYzNzA5MDc2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /api/v1/ip HTTP/1.1Host: directory.cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/audit-table/jYoNmHK1.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.bodis.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.bodis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/ip HTTP/1.1Host: directory.cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client_data/3155f51cab94cfafe4b265a7/audit-table/jYoNmHK1.json HTTP/1.1Host: cdn-cookieyes.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: fuTMJHA487kH4drMJvnxPw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: RdbYPB6O+YLTC1YuIxJkOA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /app/?EIO=3&transport=websocket HTTP/1.1Host: ws.reamaze.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.bodis.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: qnwR31AaRQBEwNBX7dMnMw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f
Source: global traffic	HTTP traffic detected: GET /bMtzPZXpI.js HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://ww1.icartservice.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad
Source: global traffic	HTTP traffic detected: GET /_fd HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad
Source: global traffic	HTTP traffic detected: GET /_tr HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://ww1.icartservice.com/legalAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /?caf=1&query=Residential+Painting&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREm0BlLqpj85G31fQC_eX0OZ1K3-a4OuiTf69i9hvcgwdKJvXpLoWWcXmE6_agIF8lgRjy0Qo5LP2xgfTZKRUkyEguFq3OH33d6-gTDHTZMRKzpBUEZlrZBAi2ClP0NSGhfLtEPzwEQBlkZro-tgR&pcsa=false&nb=0 HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /blIRRVeVB.js HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://ww1.icartservice.com/?caf=1&query=Residential+Painting&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREm0BlLqpj85G31fQC_eX0OZ1K3-a4OuiTf69i9hvcgwdKJvXpLoWWcXmE6_agIF8lgRjy0Qo5LP2xgfTZKRUkyEguFq3OH33d6-gTDHTZMRKzpBUEZlrZBAi2ClP0NSGhfLtEPzwEQBlkZro-tgR&pcsa=false&nb=0Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /_fd?caf=1&query=Residential+Painting&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREm0BlLqpj85G31fQC_eX0OZ1K3-a4OuiTf69i9hvcgwdKJvXpLoWWcXmE6_agIF8lgRjy0Qo5LP2xgfTZKRUkyEguFq3OH33d6-gTDHTZMRKzpBUEZlrZBAi2ClP0NSGhfLtEPzwEQBlkZro-tgR&pcsa=false&nb=0 HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /_fd?caf=1&query=Residential+Painting&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREm0BlLqpj85G31fQC_eX0OZ1K3-a4OuiTf69i9hvcgwdKJvXpLoWWcXmE6_agIF8lgRjy0Qo5LP2xgfTZKRUkyEguFq3OH33d6-gTDHTZMRKzpBUEZlrZBAi2ClP0NSGhfLtEPzwEQBlkZro-tgR&pcsa=false&nb=0 HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /_tr HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /?caf=1&query=Public+Online+High+School&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw&pcsa=false&nb=0 HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /bKLzejCZh.js HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://ww1.icartservice.com/?caf=1&query=Public+Online+High+School&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw&pcsa=false&nb=0Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /_fd?caf=1&query=Public+Online+High+School&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj5ChLdQmlm3hGhEGZ9fB9fWxBdR4asXU5Tinx_BkmmMtx_k8epg4Yv3Awlyy89h7ugm6YX2UG5c2wh2YQBpTFSpLpUYwac74qfmqtnHcjDrpdh_R4lx9-biSL-LXhyFqZc_ocKipgaw&pcsa=false&nb=0 HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /?caf=1&query=Online+Virtual+School&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU&pcsa=false&nb=0 HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /bEMFyhlDA.js HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Referer: http://ww1.icartservice.com/?caf=1&query=Online+Virtual+School&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU&pcsa=false&nb=0Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /_tr HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /_fd?caf=1&query=Online+Virtual+School&afdToken=ChMIqtHrhuvXhQMVkZCJBB0lbwBREmwBlLqpj8IRoaLYZ22EDSGqHbN-qoQ_blA2mzFsjfbKRA5ScAnQrjHST9MPR_oMQeKpFSOYHmRnasogCk82bXBtiJmRKw40K3Ns5FSskyCQw5AJNiV-cN0fS54ciX9CATS3eVH7K799YgYRJsU&pcsa=false&nb=0 HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /_tr HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://ww1.icartservice.com/legalAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /legal HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://ww1.icartservice.com/legalAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ww1.icartservice.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: sid=fa166cca-0144-11ef-95ca-423deebcb72f; parking_session=5ba563aa-2f00-4d05-ac08-134a3b0db2ad; __gsas=ID=a409b8deb4eed28a:T=1713858126:RT=1713858126:S=ALNI_MZX3TQld0PkLFpeqbp0XBa4rNyEFg

Source: chromecache_162.1.dr

String found in binary or memory: return b}vC.H="internal.enableAutoEventOnTimer";var dc=ia(["data-gtm-yt-inspected-"]),xC=["www.youtube.com","www.youtube-nocookie.com"],yC,zC=!1; equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: www.google.com

Source: unknown

HTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHContent-type: text/xmlX-Agent-DeviceId: 01000A410900D492X-BM-CBT: 1696428841X-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x984X-BM-DeviceDimensionsLogical: 784x984X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A410900D492X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticshX-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comContent-Length: 2484Connection: Keep-AliveCache-Control: no-cacheCookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1713858104943&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF

Source: chromecache_128.1.dr	String found in binary or memory: http://www.domainname.com/page.html
Source: chromecache_162.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_162.1.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_148.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwQBOr4dOBZcxG4ZyukO-zXGf3xvW
Source: chromecache_108.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwQUCVca6BXihhlIAYEg9U9j8I6NU
Source: chromecache_148.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwQgn256pT_VGf8u8_Yqb3Uy8n5wd
Source: chromecache_147.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwQuALCosq94pi-nvzJHSC6NsXXTY
Source: chromecache_147.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwQy-61a-vwtB2-jepbT6F3-RxaeA
Source: chromecache_108.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwRDkJHafZEY_19Xyh8n925DOn7r9
Source: chromecache_108.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwRt4qQDVDY8Y_Oj8kpSizFojJbsn
Source: chromecache_148.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwRzWLPflHXaY-D-voX48iWgilZ6r
Source: chromecache_147.1.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AX0YUwT4IM1EazSyiYiOfFn_28Maj7eWE
Source: chromecache_142.1.dr	String found in binary or memory: https://bodis.medium.com/
Source: chromecache_147.1.dr	String found in binary or memory: https://business.google.com/hernandez
Source: chromecache_162.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_136.1.dr	String found in binary or memory: https://easylist-downloads.adblockplus.org/easylist.txt
Source: chromecache_144.1.dr, chromecache_125.1.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_104.1.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:300
Source: chromecache_121.1.dr, chromecache_161.1.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:400
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xEIzIFKw.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xFIzIFKw.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xLIzIFKw.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCRc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCBc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCRc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu72xKOzY.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2)
Source: chromecache_155.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7mxKOzY.woff2)
Source: chromecache_160.1.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_160.1.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.22.5/LICENSE
Source: chromecache_148.1.dr, chromecache_108.1.dr	String found in binary or memory: https://learn.connectionsacademy.com/
Source: chromecache_162.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_144.1.dr, chromecache_162.1.dr, chromecache_125.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_144.1.dr, chromecache_125.1.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_151.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_118.1.dr	String found in binary or memory: https://pusher.com/
Source: chromecache_151.1.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_162.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_162.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_151.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_144.1.dr, chromecache_125.1.dr	String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_162.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_143.1.dr	String found in binary or memory: https://www.bodis.com/dfp.js
Source: chromecache_143.1.dr	String found in binary or memory: https://www.bodis.com/favicon-32x32.png
Source: chromecache_128.1.dr	String found in binary or memory: https://www.bodis.com/takedown-request
Source: chromecache_128.1.dr	String found in binary or memory: https://www.bodis.com/terms/infringement-notification-policy
Source: chromecache_148.1.dr	String found in binary or memory: https://www.davidjohnstongis.com/products/locatemy
Source: chromecache_108.1.dr	String found in binary or memory: https://www.georgiacyber.org/
Source: chromecache_162.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_108.1.dr	String found in binary or memory: https://www.google.com/images/afs/snowman.png
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_162.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_148.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwik2tiR69eFAxU5XUcBHW-YDhAYABAAGgJxdQ
Source: chromecache_148.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwik2tiR69eFAxU5XUcBHW-YDhAYABABGgJxdQ
Source: chromecache_148.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwik2tiR69eFAxU5XUcBHW-YDhAYABACGgJxdQ
Source: chromecache_108.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwinjr-S69eFAxVXaEcBHYUMBGMYABAAGgJxdQ
Source: chromecache_108.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwinjr-S69eFAxVXaEcBHYUMBGMYABABGgJxdQ
Source: chromecache_108.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwinjr-S69eFAxVXaEcBHYUMBGMYABACGgJxdQ
Source: chromecache_147.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjJlsiQ69eFAxWxa0cBHaXHDhYYABAAGgJxdQ
Source: chromecache_147.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjJlsiQ69eFAxWxa0cBHaXHDhYYABABGgJxdQ
Source: chromecache_147.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjJlsiQ69eFAxWxa0cBHaXHDhYYABACGgJxdQ
Source: chromecache_162.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_122.1.dr, chromecache_151.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__.
Source: chromecache_106.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js
Source: chromecache_108.1.dr	String found in binary or memory: https://www.lavnercampsandprograms.com/
Source: chromecache_148.1.dr	String found in binary or memory: https://www.learnwellcollective.org/discover/learnwell
Source: chromecache_162.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_106.1.dr	String found in binary or memory: https://www.recaptcha.net/recaptcha/api2/
Source: chromecache_147.1.dr	String found in binary or memory: https://www.swifthomerenovations.com/
Source: chromecache_121.1.dr, chromecache_161.1.dr	String found in binary or memory: https://www2.bodis.com/svg/logo.svg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443

Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.46.214.6:443 -> 192.168.2.5:49725 version: TLS 1.2

System Summary

Source: classification engine

Classification label: clean2.win@25/113@56/23

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 --field-trial-handle=2272,i,11281871909517473848,17655367729308081419,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://icartservice.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 --field-trial-handle=2272,i,11281871909517473848,17655367729308081419,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next

Source: Window Recorder

Window detected: More than 3 window changes detected

Boot Survival

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk			Jump to behavior