Edit tour

Windows Analysis Report
http://www.finelandip.com/

Overview

General Information

Sample URL:	http://www.finelandip.com/
Analysis ID:	1430570
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

Stores files to the Windows start menu directory

Classification

Analysis Advice

Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis

Some HTTP requests failed (404). It is likely that the sample will exhibit less behavior.

Process Tree

System is w10x64_ra

chrome.exe (PID: 7112 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://www.finelandip.com/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6312 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1996,i,5213520194969364071,12256133364474928176,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: http://www.finelandip.com/	HTTP Parser: No favicon
Source: http://www.finelandip.com/en/index.php	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49743 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	TCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:25 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 4394Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5c eb 53 13 d9 b6 ff 4e 95 ff 43 4f ce 17 ad 9a 90 ce a3 f3 10 e4 96 33 e3 07 ea ce a8 e5 f1 d6 ad 7b 4f 9d b2 3a dd 3b a4 35 af 93 34 22 73 e7 56 45 14 e4 29 a0 80 40 82 88 c3 43 67 24 e8 80 12 12 c0 ff 45 7b 77 27 b7 ce 29 fe 85 bb 76 77 1e 1d 92 f0 0c 41 1d 9d 01 ba 7b ef 5e af fd db 7b af b5 f6 de dd fc cd 0f 57 be bf fe 5f 57 2f 51 5e d1 ef 6b 69 68 26 7f 28 1f 1b 68 bb 60 f8 d9 6b fc fe b2 a1 a5 a1 81 82 7f cd 5e c4 f2 2d ea 25 f9 b7 93 7e df ec 47 22 4b 71 5e 36 1c 41 e2 05 43 bb e8 31 3a a1 b6 f6 38 c0 fa d1 05 c3 6d 01 75 84 82 61 d1 40 71 c1 80 88 02 50 ad 43 e0 45 ef 05 1e dd 16 38 64 54 6f be a5 84 80 20 0a ac cf 18 e1 58 1f ba 60 fe 96 f2 b3 77 04 7f bb bf f8 a0 3d 82 c2 ea 1d eb 86 07 b4 c1 54 ca e7 16 ea ec 08 86 f9 88 8e cf 2e 49 78 14 e1 c2 42 48 14 82 81 ea 95 c2 28 c0 a3 30 0a eb c5 45 ee 5b 82 f8 8b 80 8c 5c d0 1f 22 7f 23 22 1b e0 c9 8b a2 20 fa 50 d1 22 52 f2 31 ee 7d a9 8c ad 66 56 d6 77 36 07 f1 78 8f fc ec 81 bc fa 02 f7 0c c2 ad 32 bb 90 59 e9 91 52 4b f2 cc 3d 29 fd ab 32 d2 f3 21 3a 86 07 9f 48 a9 57 f2 c4 06 8e f7 e0 c9 3e 65 71 bb bc 9a 1c ef cb 4e 8d e0 ee 57 78 38 f9 31 3a 82 13 93 ca d6 e8 c7 e8 68 b3 29 c7 7f 7f 2d cb d9 c8 93 2b 20 ae 94 9c 96 d2 0f a5 d4 40 39 57 28 c2 fd 73 ca f4 7d 79 75 1c 6f 0f c8 f1 21 b8 95 e3 29 f9 e9 7d 50 46 2b 95 92 e9 cc e2 5d f9 5d 1f 1e ee d7 94 ff 18 bd ab a9 0d 17 4a 5f 2f 50 83 8b cc e8 13 69 2b 0e d7 40 0d cf a6 94 b9 a8 66 23 fc 68 50 4f 5c 59 ee 03 49 70 22 fe 31 da 75 a6 e1 4c 83 5e dc cc 83 df 32 ef 63 b8 7b a1 5c d0 cc 1c 91 86 18 38 3d 9c 79 ff 00 cf 4f e3 8d 35 c2 69 78 14 bf 19 27 ed b0 fe 07 14 c9 03 0b 60 48 52 3a 32 a4 89 98 d3 33 95 02 39 a4 64 54 ee db c8 8e bf 97 e3 b3 e5 16 51 d2 6b 9a f4 9a c9 40 62 9c ec 05 ca bb 24 94 7b 47 94 df 07 a4 f4 82 3c b3 00 04 95 d8 9a 94 7c 28 25 27 94 f1 c1 52 6a f7 95 f4 83 9d cd de ff 6c bd 7a 65 67 b3 8f 88 b5 d2 83 7b 1f 00 83 cc dd 31 65 35 0d 06 50 62 09 dc 37 04 ad 84 63 5b d9 a9 6e e9 fd 8c dc 3f af a7 82 87 86 a5 cd 69 f8 1f 8f 4e 02 ad 8b ad 57 af b6 02 31 d2 00 ea 1b 9a 8e fa 5a 67 5b 2f 5f bf 78 0e 2a 48 c9 65 a8 53 22 d2 b3 31 e5 e5 3b 3d bd ef 5b af fe 55 25 d7 85 b7 1e 83 24 1f a2 71 bd b6 1f a2 33 44 b7 d4 b4 bc f6 07 50 94 5f 2d 69 17 ca f6 43 b8 80 96 34 db 9d 52 f2 37 60 83 13 ef 48 63 80 dd e1 42 2f bf 6a 44 d2 e0 00 ab be 68 66 7b 1b cc 87 47 7a 01 29 d2 e6 94 b4 b9 86 bb 57 35 53 18 f6 ed e9 b9 9e a6 a2 48 05 27 81 a2 06 51 82 0b 15 87 85 d2 f2 be b0 ab 25 f5 52 12 de 3e 21 70 8b 0a 23 df 05 43 44 ec f4 a1 88 17 21 18 ce bc 61 e4 b9 60 30 75 b2 7c 50 44 fe 90 7a 61 82 91 41 14 38 13 17 89 98 60 b0 f0 07 03 8d 70 a9 0e 55 47 24 12 89 1c 93 82 07 6c 64 64 3b 50 24 e8 47 c7 24 15 e9 10 42 28 dc e8 17 8a 5a 69 63 0d 25 76 86 a0 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:25 GMTServer: ApacheLast-Modified: Wed, 30 Aug 2023 05:59:52 GMTETag: "43a78-5434-6041da2cfe3cb"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 3498Keep-Alive: timeout=15, max=299Connection: Keep-AliveContent-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 5c dd 8b e4 c6 11 7f df bf a2 19 73 dc ec 31 9a 9d 2f ed ed cd 80 b1 5f 02 07 09 79 c8 8b 6d 02 a6 67 d4 33 23 9f 46 1a 24 cd 7e 9c b8 47 07 92 3c 38 21 24 2f 49 de 02 31 09 b1 1d 42 c0 76 70 f2 cf 78 cf f1 7f 91 ea 6e 7d b5 d4 5f 9a dd 3b 9b dc 72 ec 4a 5d 55 5d 5d fd ab ea aa 96 5a 8f b2 1d 8e 37 7e 38 1f 2d d0 1e 7b 9e 1f 6e e8 9f 81 9f a4 4e 92 de 04 64 8e c2 28 24 0b e7 8a 2c 9f f9 a9 b3 8e 42 68 d8 45 51 ba a5 a4 38 4c 7d 1c f8 38 21 de 42 d3 94 92 eb d4 89 49 e8 91 98 36 45 fb d4 df f9 cf c9 0f c9 c6 5f fa 81 9f de 2c 5e 9c 2c 23 ef 06 65 4c c8 1a ef fc e0 66 de bb fd f7 27 ff fd ea d3 6f 7f ff e1 b7 ff fa 75 6f b0 25 c1 25 49 fd 15 1e f4 e0 fa eb af 7e d3 1b e0 18 ba 18 5c 92 d8 c3 21 1e 24 38 4c 9c 04 ba 58 2f 02 3f 24 ce 96 f8 9b 6d 3a 47 e3 e1 f9 62 e7 87 c5 f5 78 34 7a f0 ca c7 c3 99 e1 de 7c 7c be bf 5e ac a2 20 8a e7 6f 4c 26 13 18 e9 d9 23 f4 f2 f3 0f bf f9 d5 cf 5e fe f3 93 db 5f 7c 8c 1e 9d 9d 0c 57 01 c1 f1 da bf 9e e3 75 4a 62 94 5d fa 49 2e 6a be f5 3d 8f 84 0b cf 4f f6 01 be 99 2f 83 68 f5 ac 26 7f 04 c2 c3 94 84 e9 bc 87 7a 0b 26 67 be 04 9d 17 f9 70 47 d0 63 29 1e 65 cf a3 68 37 1f d3 7b 7b bc 21 57 be 97 6e 33 c4 7e 81 a1 26 8f 47 a0 2c ca 21 81 46 08 1f d2 08 68 71 86 d8 90 3d b2 8a 62 9c fa 51 98 c3 02 9a e6 db 08 26 40 42 70 a0 e6 a1 13 01 54 fe 6e 93 a1 65 14 c3 9d 39 63 44 c5 70 10 1f 0f cc ff 21 4d a3 70 40 c5 e0 98 e0 ac 98 21 bc df 83 ee 38 5c 15 50 e4 62 9c 18 7b fe 21 01 25 17 d1 21 a5 dd 94 2a 6d c7 83 ed 64 b0 9d 0e b6 b3 c1 d6 1d 6c cf 07 fb 81 e7 5f 66 22 28 28 0a 5e 9c bc 95 03 6e 45 50 76 82 e0 5f 1d 80 a8 b7 21 d1 8e a4 51 d2 5b b0 c6 24 5e c1 b8 e2 a0 df 1b 0e cf 28 e5 59 41 30 bc 8a d6 eb 49 ef 14 f8 e3 1d 4e fb bd fc 7a c0 f8 d4 2c 0d 0e 3d 43 9a d6 e9 d3 f8 40 d2 9b 3d d1 f3 90 28 ad f1 90 dd 92 00 9a 3c 27 da 03 62 8c cc c9 e5 a6 c6 cc ae 16 95 95 ae 72 53 86 b4 3d a8 35 94 81 83 df 7f 71 72 c2 bc 7b b0 4d 77 41 86 84 19 40 00 c4 2d c1 1e 45 50 d1 e0 ce 28 08 f3 68 e4 a4 d1 1e 68 2f ea b7 00 de 29 a0 38 bf 5b 4a 40 c3 20 da 44 d9 3a 88 30 48 09 c8 3a 5d a0 66 2b 62 48 14 7b aa 91 ac c1 e5 70 40 32 94 0b 89 29 1d 0d 87 35 e4 88 ea c5 fc e6 8c 39 ce 3e 4a 7c 0e fe 98 04 e0 06 97 14 8e 4d e1 dc c5 b3 c2 6b 51 af 57 67 c4 cb 24 0a 0e 29 59 e4 82 27 4c 70 cd 08 85 af d2 bf 0b 95 38 d1 12 af 9e 6d e2 08 fc 6e 8e de f0 3c af dd 35 02 47 e6 a1 08 bd 31 9d 4e 17 a8 0a 23 68 dc b4 45 80 c3 cd 01 62 44 d3 18 e2 c4 4c 14 5c 28 6b ba b8 a0 de 7a bd 2e 02 14 9a 8e 54 32 30 52 05 9e fa 28 9a 83 68 f4 2b 74 23 cc 24 bb 23 eb f7 10 a0 ac 0c 82 8b 62 5d 84 3f 5b eb a2 82 3b f0 87 ab 43 0c 2b 44 ea ec 48 78 70 fc 94 ec 60 2c 95 09 9c 62 00 30 4f 52 21
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:25 GMTServer: ApacheLast-Modified: Fri, 29 Nov 2019 01:27:52 GMTETag: "43a79-50d3-5987223733600"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 2910Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5c cd 8e e3 b8 11 be cf 53 30 db 18 a0 dd 88 dd 96 2c b9 dd ee 4b 1e 22 f7 01 2d d1 b6 32 b2 24 48 ea 9f 5d 63 1f 20 c8 61 4e c9 29 b9 05 d8 20 41 90 5d e4 b2 bb 97 bc 4c 7a f2 1a e1 af 4c 8a 14 29 d9 ee 99 4e 30 db 58 cc b4 6c 16 ab 58 55 5f 15 ab 4a 33 59 c1 2c 43 e5 1e 6c 51 b2 d9 d6 4b 10 cc a7 c5 d3 1d f8 f6 cd 84 7d 02 26 d5 63 52 a0 72 5c a5 49 8c 40 fb 8b fa f7 56 f7 75 9d 67 e3 a2 44 0f fb c7 24 ae b7 4b e0 2d 8a a7 5f 24 bb 22 2f 6b 98 d5 77 0d 89 d9 54 7d be 82 d1 fb 4d 99 df 67 f1 b8 4a be 41 6c a1 f6 ad 1d 2c 37 49 36 ae f3 62 09 c6 33 2b 13 19 7a aa 3f 3b 13 f4 24 40 8a d6 7c 33 07 bb a0 3c f0 85 bf fa 66 b2 83 49 b6 07 05 8c e3 24 db b0 1d e9 67 cd a3 55 8e 57 ef b0 46 84 e6 c8 0a 30 21 3b ee 01 97 7e b6 a0 1f ae d3 1c 62 da e4 a3 46 06 be 5f c0 59 63 8b 23 94 d5 c4 2c f8 f2 60 1a 0e 5a 4e 1f 5a 57 e7 0f a8 c4 0f 1e 97 60 9b c4 31 ca 5a 8c 83 ad 8f 6d 6d 9d 67 35 d7 82 1f 50 12 e4 c1 23 d7 dc 2a 4f e3 3b 90 26 19 1a cb ca 94 55 b8 04 f7 65 7a 39 99 5c 27 bb cd 75 12 e5 d9 bb 0c 3d 56 93 df 14 9b 11 c8 f2 71 89 0a 04 6b c0 84 e5 8c 35 c7 2a 69 4c c8 2a 4e da 0b b5 93 26 0c 57 05 c4 9a 8a f2 34 2f 97 e0 62 b1 58 dc c9 12 78 ba 04 59 5e ee 60 da 9c 0c 3d 35 33 59 00 5b 84 d5 6f dd a7 f8 1c c0 5e 33 09 cf c7 7b ae f2 32 26 46 c6 9f 5d a0 00 85 08 82 2a c7 1e 0d 3c c2 94 6a 5d 74 91 89 7e 61 11 ce 37 1c d3 4d 07 9d ed 4c 16 67 36 9b a9 a4 e6 9d e7 54 63 07 19 c7 28 ca 4b 58 27 79 46 3e c8 90 f9 2c c8 1e cb 2d b1 b2 c3 4e 70 3e f5 a7 5e db c8 5f cc d4 e0 2a bf af 4f b6 35 5f b5 b5 03 cf 67 b6 36 95 70 b7 bd f1 ef 4d a8 74 ef b0 9c 35 7e b0 6f 4e 25 a0 06 a5 79 37 17 54 b8 8e 7c 6c 17 68 bd 9e ae 03 fb 06 00 9f 6a 83 e4 d3 e9 5b b3 4b 3a 68 14 fb 38 a9 8a 14 7e 2d 0c 87 da 53 92 61 06 31 eb 3e da 19 55 ac 99 a6 6c b8 ae 1d 97 59 bd 1d 47 db 24 8d 2f fd d1 61 fb 55 9a 47 ef 5b 70 f9 62 76 18 c1 0a 9d db 0c 1b 8e cf 6c 85 0a dd 6e 23 64 5f e3 e1 f3 d7 70 75 38 d9 1a ae 52 ac 59 6e 2a e1 d4 08 df 4a f8 64 98 a7 87 2f 89 3c 3e f1 6e bc f2 29 35 d0 70 90 64 54 3f 9c 11 35 4a b2 e4 aa c8 ab 84 e1 57 89 52 8c 64 0f 07 86 bd a9 8b 91 25 5c d3 c8 7c 20 02 57 18 ca ef 6b 4c 84 ef 32 66 2c 71 23 5c 82 af be c2 a6 4e 33 15 ea 9c 62 2b f2 77 61 45 be 66 45 17 51 14 59 4e 1c 73 32 81 11 e1 5d c3 57 eb a2 65 0a ab 9a 79 84 90 a4 e5 94 1d cb c7 44 1c fc 58 4b 49 19 de 43 89 0e f3 2e e3 31 0b 79 17 8a 09 30 bb f7 42 62 e3 5a 08 0d 8f 09 a1 26 6f e9 29 88 88 5a 1d c1 ee 48 aa 14 40 8d 46 c3 84 a7 e7 21 f1 2e 8c 84 25 95 ea b1 1d c9 c1 76 76 54 d0 37 3a ef 91 2c e0 0c 46 01 4f 6f 32 27 a8 af 21 96 60 73 3e 9f 9f a4 45 45 66 bb 7b f4 24 28 e5 60 41 10 10 62 f8 8a 10 23 bc 32 7d d7 be cb f9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:25 GMTServer: ApacheLast-Modified: Mon, 10 Jun 2019 13:11:00 GMTETag: "43a7a-91b8-58af7e9588100"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 7345Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 d5 5d 5d 8f e3 b8 95 7d 9f 5f 61 cc 20 3b 3d 41 b9 a6 24 db e5 aa 0e b2 49 16 c1 02 fb b0 40 1e 36 c0 3e ec 0b 25 51 16 a7 24 51 4d 49 e5 72 2f e6 bf ef a5 64 9b 47 b2 ef 55 23 99 97 6d 24 3d 6d e9 90 22 c5 cb cb fb 71 48 fd 39 b7 75 b7 ce 55 aa 57 ff fb dd 6a 75 fe 55 99 f2 f4 79 f5 e3 bf d3 af bf 1c 75 6b 2b fd e3 1f e8 6e eb d2 cf ab de 95 9f 7e 2c ba ae f9 fc f3 cf 5f 4c 6d fa c7 5c d7 87 ac af 94 7d 4c eb 9f 7d 0d 6a 2c b3 3e ea c4 ff 7c d4 b6 fb d3 fb 1f b7 8f fb c7 a7 1f 7f fa 67 2b fa c1 e8 dc 7c fc cb b5 3e 6a b3 ab 54 f7 e9 47 5d 25 3a cb 74 b6 b6 8d ae bb 53 a3 7f fc e9 e1 1f 79 c8 d1 e6 79 fc a7 db fa 87 eb ff 44 9d 4c 95 ff 60 8d 5d 77 af c2 ce f5 fa 9f e8 7a fb 7e b8 54 fa 03 dc 77 fa d0 97 ca c1 73 08 38 8e e4 20 30 47 6d 0e 45 f7 79 55 fb bb e5 f5 72 db 9d 4a 1d ae fe fa dd 63 ae 06 29 cb 4c db 94 8a 24 cc d4 a5 a9 f5 3a 29 6d fa 76 29 76 29 30 fb 4f b4 6d 3e 7e 8e 56 20 92 e1 39 e6 ab f6 75 15 da 99 ce 5f ed f4 47 b7 76 ba ce e8 42 7d f8 bc 52 7d 67 fd 75 df cf 37 43 02 3e 94 aa ac ed 8a f1 7e dd 19 55 1a d5 ea 6c 80 55 f6 eb da b6 1f 37 b8 83 53 a7 36 55 a5 f6 9d f9 f9 f7 ab 4a bd e9 76 d5 15 7a 68 c7 6a b3 f9 dd 8a 5e d3 41 bb 95 d3 a5 ea cc bb 5e 75 76 b8 6f 52 5b af 52 ff 46 a9 bf 6e f5 fb 9f fd bb 58 97 87 30 e9 c6 4e 44 8f 9b f3 1f 5d f9 a6 0c af a7 38 bf de a7 c7 fd 6e bc fc ae 5d 67 a8 21 6b 6a f5 a1 fe bc 5a 47 bb df 9d 5f f0 3a fe 98 57 1a fb 42 e3 cd cd cd cd 4d b8 b9 bd b9 b9 0d 37 77 37 37 77 e1 66 7e 1c 6e 1e 4d d6 15 be 13 f1 cb 6e 1f 6d e3 d7 b1 b5 c3 70 9c 5b 9a d2 d4 d4 ee 52 ae 2f 87 72 8d ca 32 7a c1 eb 52 e7 be 9b be 4c 45 ef d1 d4 e7 2b f1 23 55 36 54 79 79 2b ed 59 ba d6 5e d8 bd c4 d4 1a ea fc 57 42 8c 15 db d6 74 c6 d2 73 2f 03 72 41 dd 00 54 d2 da b2 ef 06 a9 1a 9f ba 9e 3f f6 dc bd f9 e5 ce 36 7e 6c 66 17 d9 3e 97 06 86 fe fc a4 e8 71 7c 61 2f cf e1 9d 26 d6 91 fc e2 fb f9 bc 7a a4 a1 a4 bf 76 fe ef e8 2c 0b 23 ee f3 8a 9a 6f 32 6a c7 d3 0b dd fd 41 0f 7f c2 fd b5 53 99 e9 5b aa 22 0a 8f 68 fa b2 1c 5e f1 38 b4 a5 55 d4 18 ff 7b 02 70 5e fa 10 31 5c 38 43 6e ab 39 8f 9c 1b 65 f6 31 c8 d7 9d 0a 27 a3 7c 81 d2 c4 fa ab 6e 9c 4e 55 a7 b3 95 6a 57 36 5f 6d 1f b7 8f 4f c3 b4 59 6a d2 52 9f 1e bf b5 b5 df d2 54 df a5 b6 31 f5 80 b8 68 17 55 1b d2 91 83 50 5d 6e c7 2d a9 a7 9c 74 70 a7 87 29 ad 9c 1f 99 6f 04 5e 87 a2 d5 4b cf 89 a0 78 db e9 a6 fd f4 f2 13 f3 a4 fb d0 5f bf fb f3 a5 fa 37 7d ca 9d aa 48 c1 61 27 9f 7e 37 fc 27 b4 a2 73 aa 6e fd b2 40 83 60 3b 1a b2 4f 4f 99 3e 0c 4f a5 59 c0 df fc 95 fe 1f 3d 7d 43 75 9b dd ab 54 21 dc fe d5 37 ff ff 67 b3 fd 08 8f 77 d6 af 4f e3 28 57 ed 3a 37 65 e7 a7 f6 f7 8d b3 07 93 7d fe eb 7f ff 47 a5 0e
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:25 GMTServer: ApacheLast-Modified: Mon, 10 Jun 2019 13:11:00 GMTETag: "43a7b-4342-58af7e9588100"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 2759Keep-Alive: timeout=15, max=298Connection: Keep-AliveContent-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 1c 6b 6f db 38 f2 fb fe 0a a1 8b a0 71 d7 72 64 39 ce 43 c6 2d b6 d7 bd 02 87 6b bf ec 2d ee 3b 2d 51 36 11 59 14 48 3a 4e 62 e4 bf df 90 d4 5b a4 2c 3b 09 b6 c5 b6 6d 22 79 66 38 1c ce 0c 67 86 0f f7 e2 c3 87 9f 9c 0f ce 7f 77 24 c3 cc 99 4d 66 93 a9 fc fc 95 72 e1 6c 68 84 59 0a 8f 25 49 b0 23 e8 36 5c 3b 3c 21 00 74 50 1a 39 31 43 1b bc a3 ec ce d9 11 b1 76 d6 88 45 3b c4 b0 83 c2 10 27 98 21 81 23 47 30 94 72 22 08 4d b9 64 2b 7f d6 42 64 c1 c5 c5 6e b7 9b 90 08 a5 2b cc e8 64 cb 2f b8 92 e0 a2 a0 fa 44 b3 47 46 56 6b e1 f8 de f4 6a ec fc 2f 41 11 d9 10 e6 fc 07 fa 49 d0 26 23 11 91 74 7f ae b1 43 7e 2f d9 f4 74 50 70 fe 42 42 9c 72 90 6d 9b ca 91 7c fd f7 9f 05 e6 0f 10 1b 49 0c 4d 03 e7 33 5e b2 2d 62 8f ce f5 58 89 00 04 17 3f 4d b4 94 6e 48 53 81 48 8a d9 7e 83 d8 8a a4 81 e7 a0 ad a0 8b 8c ea c1 06 0c 27 48 90 7b bc a0 f7 98 c5 09 dd 05 6b 12 45 38 5d 3c b9 04 ba 7d 08 a6 cf 1d 5e 6e 4a dd 38 c1 0f 4b fa e0 14 48 a5 ee 3d 30 40 22 48 70 2c 0c ad a0 03 41 42 94 fc 5a a0 76 0c 65 f0 dc bb 3b bc bc 23 c2 05 7e 2e 65 04 a7 22 28 68 17 ee 86 3e 59 10 5c 09 e1 46 84 e1 50 8d 25 a4 c9 76 93 2e 0a 76 66 ac 11 fa dc 16 a9 ab 9f 1d 89 c4 3a 98 7a de d9 62 8d a5 bd f5 7b a9 a6 45 44 78 96 a0 c7 a0 36 9a 0a 96 8f a2 06 e0 85 0a 3b 0d 25 bc 04 aa 0f 05 a6 72 52 37 63 14 e4 14 55 2b 85 8b 29 db 68 95 19 49 4b 84 a6 a3 66 2a da e0 c5 2d ac 78 8d ca 44 51 e3 51 33 2f 27 4f 24 5d 05 d2 29 c0 9a 4a 25 a5 85 0d 38 33 d8 e0 5b 30 cd 19 25 51 d3 1d c7 36 47 2b 65 d3 52 82 85 f1 2c 3a f7 c6 f0 77 b4 68 6a c9 48 41 4d f8 f3 bc 35 ef 6f dc 87 34 0c 6c b3 4d 04 61 74 d7 3b 69 12 20 e5 81 22 cd 12 5c 69 b4 03 cf a7 8c e4 11 c8 5f cd b9 52 81 9b 1f 0d 62 c5 0c 63 57 86 5d ab 5c 35 9f 10 10 0f d3 95 1b 6f 53 3d e7 64 ec 72 e9 56 74 3c b5 87 90 0f a3 a3 83 c8 86 d0 34 e2 e5 73 33 cc 35 b4 c6 d7 8c a4 77 81 57 aa 17 da e4 51 b6 89 b7 44 90 4e a8 31 b9 37 70 d3 6d c6 7d c8 56 34 ce 7b 69 0c a0 b7 99 c9 b7 50 42 56 69 c0 05 62 a2 72 a0 06 30 27 56 30 97 08 bc e1 81 1e b8 42 5b c0 47 85 b4 b1 96 f3 5b 8b 6c b9 58 5d dd 96 0a 4d a9 20 31 a4 2b c9 a0 ca 29 68 c9 21 eb 08 bc 90 89 12 1c 43 d0 0c 7e 67 94 40 84 63 2e be 87 30 c7 83 94 a6 90 94 33 14 12 e8 d2 2b f3 8c 0b 3e e3 55 e9 2a bb 71 d7 90 19 9f 64 cf c9 5e c9 2e ab 1f 17 69 6f ce 50 ea 3e 2e ba a0 06 83 22 a5 9a 9b 3f 74 9b 57 01 78 b9 15 02 54 93 e2 87 ca 31 73 58 c6 f0 bd 61 c8 72 ac 73 f0 7a 3d 19 fc eb ec a1 98 0c 97 97 f0 ae 67 9d 2b a9 5c df 07 40 99 5f bd 45 b8 65 9c b2 20 d7 53 1e e5 50 78 b7 62 14 2a 24 99 27 b0 62 e8 28 4e a5 0f 5b 29 06 61 ca 11 40 2d 26 7b ad a1 18 ce 30 54 3b 50 0c e9 37 93 56 5a 20 c8 ea 68 99 e0 c8 a4 2c 0b e9 be f0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:25 GMTServer: ApacheLast-Modified: Thu, 19 Apr 2018 22:22:10 GMTETag: "43ab3-1538f-56a3b00a54880"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 30307Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd bd 79 7b db 46 b2 2f fc ff fd 14 22 c6 47 03 98 2d 4a 72 32 73 ef 80 86 f9 38 b6 93 38 fb c4 ce 76 28 26 0f 44 42 12 62 0a 60 00 50 4b 44 ce 67 7f eb 57 d5 dd e8 06 41 27 33 e7 de 37 33 16 b1 34 7a ad ae ae bd 8e 1f 0f 0e 7e fd e7 3a ab ee 0f 6e 3e 18 7d 30 3a 3d d8 1c 84 f3 e8 e0 b3 37 07 1f 97 eb 62 91 36 79 59 1c a4 c5 e2 a0 6c ae b2 ea 60 5e 16 4d 95 9f af 9b b2 aa a9 e8 af bf e1 d3 51 59 5d 1e 2f f3 79 56 d4 d9 c1 e3 e3 ff 35 b8 58 17 73 7c 18 66 aa 89 1e 82 35 3d ae e9 b3 79 13 8c 83 f2 fc d7 8c 2e 92 a4 b9 5f 65 e5 c5 c1 75 b9 58 2f b3 c3 c3 3d 2f 46 d9 dd aa ac 9a 7a e2 df 26 d9 68 51 ce d7 d7 59 d1 4c 1a 6a 66 70 12 c5 6d ab d1 43 7e 11 0e da 22 51 73 55 95 b7 07 45 76 7b f0 aa aa ca 2a 0c f4 98 ab ec b7 75 5e 65 f5 41 7a 70 9b 17 0b 2a 73 9b 37 57 74 67 be 0c a2 71 95 35 eb aa 38 a0 56 a2 6d cc 7f c3 80 66 26 bb c8 8b 6c 11 0c 4c 77 e5 fb 89 fc c4 cd 55 5e ab f7 4c c3 4d 5a 1d 14 c9 74 a6 2a 67 24 2a 4f be e6 49 18 5d 66 cd 37 55 d9 94 a8 fb eb 0b 55 26 c5 a8 c6 04 ab 94 ae 68 0d e6 69 a3 6a ba 5c ad eb 2b b5 a6 0b 6a 35 bb a3 92 cb e4 61 ab e6 c9 72 d4 94 6f a8 a9 e2 52 5d d0 cd 55 5a 7f 7d 5b 50 8d ab ac 6a ee d5 2a b9 68 df 2f 92 d5 68 9e 2e 97 a1 34 1d a9 2b 54 71 99 98 ce 1f 64 21 75 5e 26 21 30 0f db 55 6a 68 e5 8a f5 f5 79 56 b5 53 d1 8c 8a 72 91 bd a5 9b ad ba ef ad e8 a0 58 2f 97 54 fe f0 b0 49 a8 aa 91 cc da 56 dd 24 0f a8 23 1e 9c a8 ba 9a e3 a7 28 bf e4 85 a7 eb ed d8 56 75 8d 29 55 45 f4 80 79 cc 69 7e c2 26 69 36 9b 2a 1a cd ab 2c 6d b2 57 cb 0c 13 1a 06 f5 bc ca 57 58 45 02 88 72 d4 64 77 4d 92 d1 77 17 04 03 f9 41 5e 1c dc 44 c5 34 9f 1d 1e 86 25 fd 24 b8 8e c6 cd e8 2a 4b 17 a3 74 b5 ca 8a c5 8b ab 7c b9 08 cb 68 b4 4a 2b aa f1 2b 1a d8 a8 ca ae cb 9b cc bc d9 da 5e dd 01 f2 9c 01 26 49 36 c9 86 41 10 ef c0 76 b6 d9 f4 cc 65 36 59 4e e7 b2 18 59 34 a3 22 fa b3 d8 bc df 62 b8 e7 49 c0 3b 35 50 b7 89 0f 61 a6 69 02 f3 db d1 05 80 22 6f f8 cd 56 bd 4d 8e 7f 9e 9e d5 67 eb 8f 5f 7d fc f1 d9 dd f3 93 d9 70 d3 b9 7f 74 7c 39 c6 67 c9 ed 68 65 60 2f 79 90 1d 1e 9b 26 09 f6 08 84 d7 73 da ff f1 ad 5a 66 c5 65 73 15 9f a8 a6 7c 5e 55 e9 7d bb 05 6d 67 4a 19 0f f6 03 75 83 e0 da db a6 9d c9 72 0b c7 d9 d3 93 09 ae a6 d9 10 3f 23 69 6c 16 cb b3 d9 56 01 f8 df 34 e9 fc 9d 57 25 a6 a8 a1 31 5c 67 d5 65 c6 55 8d 9c 4e 87 91 ca da 2d 4d 03 cd 6e 04 ee 13 de b1 cd 56 65 e9 fc aa af 8f b7 23 bc e1 0a a9 8a ad ba 4e 57 7d c5 b8 41 db b3 90 fa 91 ae 42 1f 1b 30 e0 ea e2 99 1e b1 2a b0 4c 11 d5 cb fb bc 67 22 3b 15 97 80 cf e5 bd 54 9d 56 97 8c 40 6a 54 70 91 57 75 b3 af 82 ec b7 f0 84 ca 2c d3 f7 16 39 3a a5 32 d9 6f 3d f3 ea ac 84 2a 92 61 36 0c 79 99 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:25 GMTServer: ApacheLast-Modified: Fri, 15 Aug 2014 09:28:16 GMTETag: "43ab5-23d6-500a7a4160c00"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 4041Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 a5 5a 5d 73 e3 b8 b1 7d cf af a0 30 5b 1a 22 82 69 79 92 cd ad 50 83 55 c6 f3 b1 49 6a 27 93 ba 33 5b f7 41 ab 4d 81 24 28 52 a2 48 9a a4 6c cb a6 f2 db 73 1a fc 10 25 db 7b 6f d5 7d b0 44 12 4d a0 d1 e8 3e 7d ba e5 cb df 5b 9f b3 40 17 69 fc 50 58 6f 9c 3f 39 6f 2c fb fd ae ac b2 ad 75 bd 8b 93 80 5b b5 f5 f9 6f df ac b1 75 fd f5 c3 ef ac df 37 4f 5d 2b aa aa dc bd bc dc 76 ef 3a 7e b6 bd 0c b2 bb 34 c9 54 70 f9 ea c2 2f 4b 95 c6 5b 55 c5 59 5a d2 5d 55 a8 b4 8c 9b db 2a db f9 d1 45 19 c5 b7 34 e2 27 aa 2c 75 79 91 17 3a 8c ef 75 70 51 e9 b2 2a ab 7d 82 67 74 99 17 59 6e 2e 54 92 d0 75 2f 59 5e 04 d9 b6 bf a6 85 a1 e0 e5 ef 66 77 71 0a 4d 9c 7e 5f 32 dc a5 3e ad 6c 2b e1 09 9f 3f 76 f7 d6 83 ad f8 e3 da 81 12 df f4 7d 25 d5 a1 1f 79 47 b2 fc b1 d0 d5 ae 20 b9 ad b3 ce 62 4c 30 61 33 c6 27 b6 57 d7 8c 71 7e 94 bf 3e 91 af f6 b9 ce 42 4b 49 29 bd a3 cc fb a1 cc 68 f4 6f 9b b1 89 e2 0e b4 d5 f7 5f 42 db 1b 4c f7 a1 11 0d b3 c2 be 55 85 15 58 71 6a 41 55 ba d6 52 2d 82 e5 2c 0e ed d1 7b 5b 0b 76 c1 f8 78 bc 5e e8 e5 48 4a 9f b7 0a 78 52 b2 3c bc 67 73 ed 8e a6 87 76 c5 ab e3 fc 1f 8d 29 82 e3 0a 7a b0 42 28 bd 85 c2 84 66 91 70 38 6d 80 0d 8d ae e6 34 e8 5e db a1 60 dd 84 8c cf 43 c7 c3 4e ec a0 ae 3d ee 86 cf ac f9 a9 33 bf d9 91 54 8e 1f a9 e2 5d 65 4f b9 53 65 3f e7 b9 2e de ab 52 db 7c a2 9c 32 89 7d 6d 5f 71 a1 25 99 dc 62 93 ac b1 7f 40 37 7c 12 70 a7 cc 93 b8 b2 e9 6e d6 2a 77 6d 7b 82 c1 cf e2 74 c5 78 5d 9b db 1d 6c 1b c6 a9 0e a0 e0 07 58 0b aa d9 fd 9c f9 cb 73 8a 8f 24 0c 65 f9 a1 d1 96 99 d8 60 50 e8 f1 20 42 39 9a 8a 95 f4 9c 20 f3 77 5b 9d 56 1f 13 4d 5f 22 92 ac 8f 08 26 62 48 f8 85 56 95 6e c7 ed 88 8b b5 8c 1d e3 dc 62 23 12 4c 86 bd 7f 35 3a 8b ad 64 d6 c5 9d f6 36 71 75 61 5d 6c b3 07 7c 66 74 55 5e 58 6c a8 5b 2a d9 ff 18 31 84 ee 83 f5 c5 da 96 4c 64 32 1d 8a e4 b8 ad b2 9f b2 bb ce a8 c3 c1 1b da 43 41 1f 25 7d 54 72 b1 14 3b 59 35 56 17 b7 e2 6e 18 30 be 08 84 6e fd 42 c4 62 6d d4 3e df 17 0b e2 5b 4c bc c5 80 97 05 7b 68 b8 85 1b 9c 0b d1 10 8e 0b 4e 95 ab a2 d4 7f c3 b3 40 5c 4d 39 bf 8b e2 44 db c1 c5 05 5f bf 34 f5 da 89 03 a9 e7 1a ae ef 46 13 9c 19 9c 23 71 14 bc 26 0d de e3 f5 c0 5e f7 8e 10 ca 05 1b bf ba fa af 3f cc 98 78 fd d6 18 db c2 db ac 7c 2d 22 f1 9a fd f0 5a 28 c1 de 5e 9a 81 1f d8 b2 f1 02 84 33 26 84 58 24 ec ed 3c 71 53 0a cc 54 17 7f fd f6 f9 a7 89 0c 45 7a b2 58 82 cd d6 b5 9d 36 47 e9 78 ca df ac 8a 0c de 26 19 13 dd d3 ec 56 17 61 92 dd 49 16 c5 41 a0 53 26 36 72 75 36 26 ce 1f 1c 85 57 27 2b a6 9c c3 a1 7c 3b 11 0a 6b cf 13 07 36 84 7d fe 01 77 73 0a bd c5 eb 9d 66 2e d4 7a 61 30 e5 4f d7 db 70 31 1a c5 07 71 4f ce 18 a9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:25 GMTServer: ApacheLast-Modified: Fri, 15 Aug 2014 09:28:16 GMTETag: "43ab2-17bf-500a7a4160c00"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 1767Keep-Alive: timeout=15, max=299Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 58 eb 6f db 36 10 ff 6c ff 15 5c 60 40 72 eb 28 c9 f6 2d 46 06 04 5d 0b 0c 68 f6 40 0b ec 43 51 04 8c 44 db 6c 64 52 13 a9 b8 69 eb ff 7d 77 7c 89 7a d8 4d 3b 34 40 a2 88 bc 3b de fd ee 29 9e 3d 7b 36 25 cf c8 87 7f 1b 56 3f 66 45 b9 65 a2 c9 3e 28 f2 70 91 9d 67 e7 b8 b5 d1 ba ba 3c 3b db ed 76 59 2e 8b 5a 56 0a 9e 5b d8 c1 cd d7 3c 67 42 b1 82 34 a2 60 35 d1 1b 46 6e 7e 7f 4b 4a bb 9c f5 f8 65 05 ab b2 a9 73 96 c9 7a 7d e6 a8 d4 d9 96 eb 53 cf 52 6d 2a e4 c2 df 17 b2 7a ac f9 7a a3 c9 cf e7 17 bf 2c e0 dd 1c 7f 54 a9 b3 e9 32 25 ab 46 e4 9a 4b 91 92 d9 82 ec b8 28 e4 6e 61 34 5c 71 01 ba ce c9 e7 e9 74 92 34 8a 11 a5 6b 9e eb 64 09 ef 67 67 64 5d ca 3b 5a 4e 27 0f b4 26 37 12 0c 12 fc 53 4d ae 9c 88 2c 2c 2d c8 ec 4e 16 8f b0 33 4b 49 82 ff 26 64 8e 32 66 d9 6f af 6f 00 41 d8 69 75 90 15 3e d5 82 b0 92 01 bc da 9c 3f 99 e8 0d 57 d9 8c 95 56 4a d8 5b fa ad 5b 2e b8 0e dc 66 63 ef f4 44 98 dd 7a 7b 66 06 e6 d1 a6 d4 0a 04 a2 7c a0 cb 4b aa 00 5f b2 92 d6 35 54 f0 2d 45 36 c2 56 2b 96 6b e0 9e 84 b5 17 8e f8 92 7c 26 5c c0 23 29 ca 53 bb cb 4e b9 38 bd 48 16 44 36 ba b7 01 2b b0 43 f6 4e b9 a0 4c 55 4b 2d f5 63 c5 9c 36 c6 1a e0 1d c0 e2 bc 61 f4 0d 36 39 08 3c 09 20 94 b1 8f 9a 89 22 25 ba 6e d8 82 7c de 83 0f fa 86 2f 3a 60 59 04 68 0e 76 2b b9 65 1e 61 05 28 14 04 b5 e1 b4 e4 9f dc 26 78 9c d3 bb 92 b5 67 df e6 52 ac f8 3a b5 a2 f0 17 a3 02 cd 7e 29 8a 97 0f 20 e9 0f ba 65 1e 6c f8 49 fe 61 77 f7 5c 5f 7b 3c 13 44 6a d7 5d 03 d6 64 e1 c8 ff ec 52 ca 51 a2 ad ea 52 dd bc 19 25 a3 1d a2 f0 06 80 25 86 62 6f 09 75 4d 85 3a ae fe 5b 24 e1 3d fd db c5 f8 d0 1b f9 a9 47 ad c3 2b 8b 0d ed 51 c9 71 71 5b d5 a3 bb 79 33 4e a8 8f 1d 6a cd f5 ee 8f 02 1e 9c ce d0 6c 22 c0 ee e0 e5 be 3f 01 8f 81 8b df b5 b5 00 c2 1a 6a c8 47 06 71 18 63 3e 27 ef c9 73 92 b8 f2 99 f8 d3 5b cd 0e 1d 3f 70 08 9c 3f 74 d2 01 05 62 1c 7a 1a 2c 9c 06 aa a9 2a 59 6b 53 00 72 a5 5a 3c 6c 16 e0 52 2b a5 8d 7d c7 76 dd 52 5f 45 2a 00 57 2b 67 d1 67 6a 7d 36 e0 8a 8e 5a 4e db 44 c3 5c 34 c6 aa d4 14 51 1b ad 2e ff e2 92 61 eb a6 2f 0d 4c 60 95 a5 a5 62 cb b0 3a 83 72 be 5e 33 ac d9 be bc 66 f9 86 97 45 cd 04 56 ea 46 6b 83 56 c4 b1 b5 e5 7a 8c bc 29 01 cf 53 03 e8 80 85 6b b6 55 81 cf 74 4d 68 2e e8 96 92 5f 0a a9 53 64 bd a3 f9 fd bc cb 8b 4b 07 d8 3c 87 63 b0 28 b4 e0 f4 91 f0 25 49 b1 72 e5 24 46 a8 7a 24 32 2c b5 49 0e dd f5 3e 04 c7 00 51 53 de 26 7c 95 1a 61 16 5b bf 35 31 4b b7 79 29 15 c3 6a eb 0a e2 64 4f cc 83 01 fe 5d 4a e4 8e 09 6d 23 82 f3 b9 58 9b 62 bb db b0 1a cb 31 30 6e e9 3d d4 20 6c 4d c6 0d e6 10 cb 64 1a 6c 26 57 2b af 3d a0 f2 34 5b 46 34 26 4e 93 3d f1 3a 59 13 cc df 9a e9 a6
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:26 GMTServer: ApacheLast-Modified: Thu, 09 Mar 2017 21:08:04 GMTETag: "43ab6-178a3-54a52a4127500"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 23609Keep-Alive: timeout=15, max=299Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 e5 bd 6b 7b db c8 91 28 fc 3d bf 42 c2 9e d5 00 26 48 91 f6 64 93 90 82 f8 f8 36 19 3f b1 63 9f 91 36 b1 56 d1 d9 07 12 21 09 19 12 60 00 50 b2 46 e2 f9 ed 6f 55 f5 ad ba d1 a0 28 cf 4c 76 f7 3d 9b 1d 8b e8 7b 57 57 57 57 57 d7 65 ff d9 b3 df ec 3c db 39 ba cd 97 59 b5 f3 62 f0 ed e0 39 7e 7f 28 eb 66 67 51 ce b2 aa 80 3f e7 f9 3c db 69 ca d5 c5 f5 4e 3d cf 21 71 27 2d 66 3b 97 55 ba c8 6e cb ea c7 9d db bc b9 de b9 4e ab d9 6d 5a 65 3b e9 c5 45 36 cf aa b4 c9 66 3b 4d 95 16 75 de e4 65 51 63 b3 f8 df 75 d3 2c c7 fb fb b7 b7 b7 83 7c 96 16 57 59 55 0e 56 f5 7e 4d 23 d8 57 a5 5e 97 cb bb 2a bf ba 6e 76 9e 0f 47 bf 8b 77 fe 32 4f 67 f9 22 af 76 fe 04 fd cc d3 c5 32 9f e5 58 ee f8 3a db c9 df e8 66 36 74 a0 5a 7e 9f 5f 64 45 0d 63 5b 15 38 93 0f ef 8e 55 ce 0f 30 ec 14 73 ca 62 bc f3 21 ad 60 ba a3 61 4c 03 80 ec fd df ec 5e ae 8a 0b 9c 4b 18 dd 07 ab 3a db a9 9b 2a bf 68 82 c9 4d 5a ed 64 71 9a e8 fc 3a ce a3 7b f5 b5 53 85 59 74 5f 65 cd 0a 80 f9 21 6d ae 07 97 f3 b2 c4 c4 b5 2e 82 4d 52 2b c9 f1 60 99 02 60 eb 41 ba 6a ca e5 3c bd 83 76 8f 07 04 f6 7a 90 fd 23 3c 1e a4 50 e5 26 7b 07 a3 ff 12 4d d2 41 da 34 55 18 cc d2 26 ed 0b 18 f6 55 cd 20 da db 0b b3 64 73 91 87 87 56 8f 51 7c ac 7f 1f e7 8b ac 5c 35 ef 66 49 9d 35 f2 23 64 70 d0 95 61 4a cb 29 8c ee 32 ff f2 1e 7e 86 d8 c8 7f d2 b0 ff 9c 7d 69 e8 33 5b e4 4d 18 94 c5 4b d5 79 7c 1c 45 e3 e3 41 5e bf 2d 66 d3 5c f7 79 04 7f 3e 16 ef d3 ba 99 c2 cc e1 43 55 08 a3 71 a8 5a 3d 2e c3 61 77 a3 e1 76 9d af 63 be 08 65 98 c6 8d 58 87 3a c9 c2 74 d0 a4 d5 55 d6 44 93 fc 32 dc ad 61 98 61 13 45 f0 3b c0 75 2f ae 82 24 69 ee 96 59 79 b9 d3 44 75 52 23 20 b2 a2 c1 42 93 6c 0e d8 01 25 9b 41 01 7b e8 18 4a 89 66 f3 89 44 03 53 3a 1a 64 e9 c5 b5 01 29 e0 51 74 9f 26 d0 36 2c 5e 9e 34 d1 3a 8a f3 69 33 be 29 f3 d9 ce 70 0d 8d 0e 77 13 e8 6d 9e 15 57 cd 75 a4 da 3b 1d 9e 99 89 cc 55 2b e9 c3 c3 fd 9a d0 b3 49 6e f3 62 56 de 0e 3e ac 9a 14 0b 7d 3c af b3 ea 26 ab 1e 1e 64 c6 5f b3 f3 1f f3 c6 cd 8e eb a4 c8 6e 77 d8 9a c3 54 b2 c1 65 59 bd b5 87 8d a8 50 16 3f 64 75 fe 53 16 ee 5a 4b a3 da fa f7 25 a0 60 06 80 47 a8 c3 ff 26 f5 a0 14 59 30 de 7b 44 d2 fc 7c d5 64 b5 9c 2b c0 40 a0 ae 48 7d 78 e0 5f f1 c5 75 3e 9f bd cf eb 86 97 d6 89 58 58 7f 40 59 c0 d1 8b 26 ab de c0 16 b0 cb b3 0c 51 87 25 ac 71 12 72 84 15 ac d8 aa be 0e 6b 86 2f 4b 01 8b 12 e8 54 5e a4 f3 b7 37 b0 a0 b4 e3 9c b4 88 56 20 85 e4 1f b3 bb d7 80 10 0f 0f 19 f5 84 bf 09 b9 cc 16 9c cf cb 5b 22 c6 c7 25 a2 2e 34 87 fb e3 7b 68 ef a7 b2 68 d2 79 08 7b fa c5 1f 70 f0 0f 0f bb ed ac 6f 69 5e 91 44 8b dd 51 77 eb 9f aa ec c6 df fa ef 3a 5b 7f f1 7b 4f eb 61 36 a8 a
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:26 GMTServer: ApacheLast-Modified: Thu, 05 Sep 2019 15:43:18 GMTETag: "43ab7-56d-591d02e34f180"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 775Keep-Alive: timeout=15, max=299Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 9d 94 df 4f da 50 14 c7 df f9 2b 6e c8 12 0a 92 d6 97 bd 68 f6 e4 1e 5c b2 1f 0f fa 0f 94 72 91 3a 68 59 5b 60 c9 62 42 d8 2a 28 22 9a 89 a2 71 0a c6 39 e6 12 70 89 51 a0 30 ff 98 f5 de d2 27 ff 85 dd db 62 69 e2 5e b6 3e d0 de c3 f7 9c 7b ce e7 7b 5b 2e 02 80 9a 17 33 50 01 76 61 c3 6e f5 51 b5 85 4a 23 5c bf 02 a8 56 24 b7 71 f7 1a 37 b6 03 44 e6 5c 72 6c 15 00 74 a7 13 f1 fd 70 0b 75 87 e3 f2 25 2a 1f 8c 5b 6d 4f e2 96 7b 13 5b 9d 9b 0a 17 97 5f bd 44 fa 47 eb ba 89 cb fb e3 82 ae 6a 8a 28 ad 58 3f 0d 74 52 21 7f 2f 39 29 a8 d3 47 87 6d eb e8 93 a0 aa 24 0d 57 be 93 a5 57 56 48 f1 aa fa 9a 4f 43 5f 59 34 fa 8c 36 aa b8 79 8b 86 35 92 47 eb ed 54 bd 0c 98 48 40 41 bb 1f 1e a1 5a 77 a2 2f 97 70 f5 0c d7 cb f8 e4 98 2c 6d a3 31 ee 9c 9b bd 41 50 4d 89 71 18 a4 8a 5a 77 dc f9 65 8d 3a 34 9a e0 e3 90 c4 84 6c cc b9 c9 39 a8 24 52 72 9e 3c 27 52 62 26 f8 bb 50 f4 f6 42 fa 8d 69 ec bb c8 c8 af dd d0 51 a7 61 8d 76 41 52 d3 32 73 1c 97 cf e7 59 17 0c 2b c8 69 56 90 48 66 84 0b 24 b2 92 a0 89 b2 04 34 3e a6 32 04 6e d4 a3 17 f5 06 0e 83 0f 01 ba 47 8e 57 a8 ce 85 05 9e 01 09 e6 81 bb 60 a6 59 13 ed 74 7e 30 07 42 ce 78 a1 28 c7 f9 01 78 3a 35 03 61 9c c8 9e ce ce 46 01 c7 61 63 17 6d b6 ed c2 29 1a 5c 50 22 d5 ba 39 aa a6 55 4f ce 67 35 79 11 8a 2b 49 6d 0e 68 4a 16 d2 1c 60 ff 68 10 b9 7d 54 43 eb 3a f5 b1 d6 40 5b fb 5e 8a 2c 2d d1 0e 16 92 bc b4 02 97 34 5e a1 5d 3d cc ce 84 7d 3d d3 eb 09 05 31 13 64 83 33 53 04 ac 02 d3 84 ff 02 0d 30 d3 f0 3c e0 22 f8 78 c3 3d 07 ae fd e4 1c a0 72 d3 3e 3c 77 97 51 cb 38 34 7b 15 b3 57 30 7b 97 f8 d6 40 9b 4d bf 9a 78 f0 68 eb 30 0b df 31 1e 68 96 27 5d e6 e0 0b 29 0e df 87 59 3e 1e 7f d4 03 17 f1 49 70 a3 3b be 2b e1 5e 0b ed 6c 93 56 1c f2 d6 f5 19 1a d6 7d 5b ad 39 4f 6b e1 79 e7 4e f0 e1 76 0b 57 4e ad 62 1f 95 0c 73 50 31 8d 1b 4a fe a2 48 6c 22 05 ad 6f 06 d2 bf 4e e3 57 eb 69 39 ab c2 b8 9c 97 00 de eb 93 a3 0a 9c 00 94 34 a8 04 7c 73 10 b8 21 4d ce 0a 49 d5 61 ee 65 85 a2 53 fa d0 8f 1f b2 19 05 e6 48 9d e7 30 c1 67 53 1a 43 a7 c3 3d 9d e0 9c bc 2c 4e 13 be 51 fe c5 2c 5f 92 96 14 d5 bf d3 24 8e ba 1c 5c 9b dc 4f 0c 1d 93 9e 29 df fb ee eb 61 ea 95 83 7b 59 66 1e 36 10 a9 25 4c d8 99 c2 39 d6 a8 7c 85 ba 7d 34 d8 23 de d0 c8 97 83 49 9d 07 33 26 e4 84 94 28 bc 65 fe 13 92 df 47 5f f9 b5 3f 69 11 31 27 6d 05 00 00 Data Ascii: OP+nh\r:hY[`bB("q9pQ0'bi^>{{[.3PvanQJ#\V$q7D\rltpu%[mO{[_DGj(X?tR!/9)Gm$WWVHOC_Y46y5GTH@AZw/p,m1APMqZwe:4l9$Rr<'Rb&PBi
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:28 GMTServer: ApacheLast-Modified: Thu, 05 Sep 2019 15:44:32 GMTETag: "43ab1-535-591d0329e1800"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 511Keep-Alive: timeout=15, max=295Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 a5 53 4d 4f db 40 10 bd fb 57 ac 00 c9 b6 e4 38 0e 04 8a 8c da 03 b9 57 95 8a 7a ad d6 f6 10 56 ac 77 dd dd 75 42 15 45 6a d5 1e 68 a5 9e ca 01 b5 52 d5 de 2a 2e dc 38 81 f8 33 84 8f 7f d1 5d 3b 34 ce 57 49 85 7d d9 9d 79 6f e6 cd f3 b8 83 05 92 5d 92 81 40 4f 11 83 2e 7a 59 5c 1c db 8f 30 63 3a ea 97 d9 5a cc 99 c2 44 47 6c 0f f5 2c 34 7c 32 dc 26 0c 2b c2 59 88 a6 28 a3 a4 ed cd 60 b4 28 89 f7 71 44 21 44 4a e4 30 82 30 38 50 db b9 52 33 8b 46 45 a2 66 30 d5 aa 02 3a 0f 51 0c a6 42 91 19 8e 61 1b 54 17 40 93 d6 82 22 d1 77 b7 2c ab 33 d7 13 c2 12 38 78 1d 73 ae af c5 0c ff b0 67 dc 9a f9 cc 29 97 24 25 09 c8 17 20 5e 11 e8 86 68 d3 b3 16 f0 6d 7c 9a d5 f5 89 52 2d 4e f3 d4 24 ca 78 24 00 ef 67 9c 30 25 c3 ca d7 34 4f 23 58 6d 4e c6 66 a8 5a f7 a6 11 13 12 c6 00 fd 71 fc 93 8d cd 87 9b 34 1f d7 63 a3 19 2c 30 c8 23 9b 34 1b 8b b8 b5 f6 bf 4d ac d1 a9 58 49 6b c5 d9 cd 59 5c 2c 8e e3 16 0d eb f5 72 81 76 70 84 ae 8f 4f af 2e 7e 0e 4e cf 6f 0f 4f 6e be 7d 8c 29 96 f2 39 4e c1 c3 9a d2 81 61 fa e2 eb e0 d3 97 9b cf 67 d7 ef de 57 41 45 af 15 bd dd 82 b4 f7 d4 fd 5e 9a b2 cf 10 25 b6 eb c3 1b 27 70 7d 9c 24 2d 43 71 ec b2 a8 ad 75 19 a6 c2 91 9c 4b f6 26 12 d5 ff a4 52 a7 9c d1 aa d7 d1 ed e5 d1 e0 fb 8f bb 5f 67 77 1f 7e eb a1 97 96 db 7c 47 bf d9 92 eb c7 66 ef ff da e0 b8 bd 7b e1 11 4f de 7a 7b 2a a5 5a 2b 66 24 c5 0a 9c 9e 8c 05 a7 54 33 c3 a0 ef 35 82 20 18 ca 15 a0 72 c1 d0 2e a6 12 b6 a6 cc 1d 55 45 f6 72 42 6b 29 b0 dc 46 ae 9f 50 73 72 86 52 ff 00 88 04 59 d4 35 05 00 00 Data Ascii: SMO@W8WzVwuBEjhR.83];4WI}yo]@O.zY\0c:ZDGl,4\|2&+Y(`(qD!DJ008PR3FEf0:QBaT@"w,38xsg)$% ^hm\|R-N$x$g0%4O#XmNfZq4c,0#4MXIkY\,rvpO.~NoOn})9NagWAE^%'p}$-CquK&R_gw~\|Gf{Oz{Z+f$T35 r.UErBk)FPsrRY5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:35 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 3673Keep-Alive: timeout=15, max=294Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5c 4b 6f 1b c9 11 3e c7 80 ff 43 2f 03 04 bb 08 c9 79 71 f8 90 29 01 b2 6c af b5 b0 65 c3 52 90 6c 2e 46 cf 4c 0f a7 e5 e1 cc 6c 77 8f 28 1a 7b d8 5b 7e 40 90 0d 02 2c 82 bd e4 12 64 73 4a 80 5c 72 d9 9f 12 04 9b 20 48 fe 43 aa bb 87 e4 f0 25 51 22 65 71 bd 32 6c 73 d8 ec ae ae ae fa aa ba aa 1f d3 fd e0 d1 8b 83 93 4f 5f 3e 46 91 e8 c7 7b f7 ba f2 03 c5 38 e9 ed 56 de 46 b5 83 a3 ca de bd 7b 08 fe 74 23 82 83 3d f5 a8 be f6 89 c0 c8 8f 30 e3 44 ec 56 72 11 d6 da 95 bd fb f7 74 79 82 fb 64 b7 72 46 c9 20 4b 99 a8 20 3f 4d 04 49 a0 de 80 06 22 da 0d c8 19 f5 49 4d 7d a9 22 9a 50 41 71 5c e3 3e 8e c9 ae 55 45 7d 7c 4e fb 79 7f 52 90 73 c2 d4 37 ec 41 81 59 31 66 3a 7a 43 86 83 94 05 bc d4 d1 2c 2f 01 e1 3e a3 99 a0 69 72 41 2d 46 92 80 30 c2 ca 1c 13 ef 0d 15 9f 53 52 f3 d3 7e 26 3f b9 c0 49 a0 5a 0a 2a 62 b2 f7 12 cb 9a 68 3f cb 62 ea 63 d9 43 15 9d 30 1c 90 3e 66 6f d0 2b d2 a3 5c b0 a2 fc 10 a8 c6 31 f1 45 8e 63 f4 92 a5 19 61 62 88 f6 7b 24 f1 87 b5 87 84 9e d2 a4 87 9e d0 84 80 06 02 74 f8 12 9e 59 bf 6b e8 8e 56 19 d1 32 1a 88 72 84 51 4c 7a d0 2f 48 53 ca 1f a5 ac 87 13 fa 56 b1 86 78 46 7c d0 02 7d 4b 02 d0 08 fc 2d 31 9a 8d 18 c5 8a 51 e4 e5 1c c8 73 5e 45 83 88 fa 11 28 8c 26 f1 10 da 9c a5 f1 19 e1 48 44 04 79 98 53 1f e1 89 50 50 1a a2 4c 89 aa 8a c4 48 3c 55 e0 3c 1b 32 da 8b a0 34 a6 82 30 cc 86 a5 fe 60 00 50 4a 7b 8a 42 7d 56 5d 0b f4 3e 11 fc 71 31 ca cf 51 a1 a0 87 05 d7 50 32 a1 29 95 20 60 98 f2 f1 73 74 30 62 66 d4 9a ab 2e 63 9a bc 41 8c c4 bb 15 2e 86 31 e1 11 21 00 ea 88 91 70 b7 62 90 c4 18 e2 00 88 f4 33 f5 60 00 3e 04 f5 0d 9f 73 03 20 d3 07 be e1 51 63 f6 fa 84 38 df 00 95 10 a4 54 c3 03 c2 d3 3e d9 00 39 3e a0 a0 a6 7a 9f 96 46 a8 31 89 c4 30 03 fd 08 72 2e 8c 53 7c 86 75 69 05 71 e6 5f 40 f3 94 1b a7 9f e5 84 0d 15 c9 53 90 7d d7 d0 2d 37 40 b9 9f 82 65 03 da 59 dd cf b9 48 fb 9b a6 5f 70 1e c4 7d 92 e4 d3 c4 b5 ff 34 b4 03 bd d7 f5 d2 60 28 3f 03 7a 86 fc 18 73 be 5b 91 3f 81 d7 29 6a 96 7e c8 c0 e2 94 9b 84 02 82 59 48 cf 2b 25 1f 5c aa 18 a7 bd 14 ba a4 fd de 25 ac 42 0d 43 56 ae 9f 66 bd 0a c2 b1 f2 82 5d 03 48 2d 21 0c 53 41 0e 5c 94 fa 55 55 f2 78 ba 40 15 c6 74 d4 8c 82 45 02 5d 5c e0 a8 b2 f7 ac a0 83 ba e3 3a 21 46 21 ae f9 98 11 51 0b d2 81 ac 6f 50 f8 87 e7 29 2f ed b2 d4 f5 a4 b7 48 88 6c c7 30 06 83 41 3d 2c fc 20 cd ea 60 8c 06 05 ff 7e 5e cf a2 ac b2 f7 af 3f 7f f1 cf bf ff fa 9f 7f fb e6 bb 2f 7f 25 fb ec 1a 40 62 5d fa 20 f5 52 17 8f 93 5e 4c 79 74 23 d4 f5 53 f1 bf e0 c6 1b c3 aa cb b9 bb b2 f7 dd 6f ff f0 dd 57 7f fa f7 1f 7f ff 8e fa b5 8b 7e ff f7 9b af fe f3 d7 6f fe fb e5 5f 2e ee b7 6b 2c 84 ce 5c fd e9 7a 05 42 27 df 3f a8 d5 26 55 4b 78 0d 69 0c d3 18 a9 ac 35 2e d0 1a 0c 4d a4 19 0d 0c d3 90 f3 57 60 d8 a3 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:34 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 4394Keep-Alive: timeout=15, max=296Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5c eb 53 13 d9 b6 ff 4e 95 ff 43 4f ce 17 ad 9a 90 ce a3 f3 10 e4 96 33 e3 07 ea ce a8 e5 f1 d6 ad 7b 4f 9d b2 3a dd 3b a4 35 af 93 34 22 73 e7 56 45 14 e4 29 a0 80 40 82 88 c3 43 67 24 e8 80 12 12 c0 ff 45 7b 77 27 b7 ce 29 fe 85 bb 76 77 1e 1d 92 f0 0c 41 1d 9d 01 ba 7b ef 5e af fd db 7b af b5 f6 de dd fc cd 0f 57 be bf fe 5f 57 2f 51 5e d1 ef 6b 69 68 26 7f 28 1f 1b 68 bb 60 f8 d9 6b fc fe b2 a1 a5 a1 81 82 7f cd 5e c4 f2 2d ea 25 f9 b7 93 7e df ec 47 22 4b 71 5e 36 1c 41 e2 05 43 bb e8 31 3a a1 b6 f6 38 c0 fa d1 05 c3 6d 01 75 84 82 61 d1 40 71 c1 80 88 02 50 ad 43 e0 45 ef 05 1e dd 16 38 64 54 6f be a5 84 80 20 0a ac cf 18 e1 58 1f ba 60 fe 96 f2 b3 77 04 7f bb bf f8 a0 3d 82 c2 ea 1d eb 86 07 b4 c1 54 ca e7 16 ea ec 08 86 f9 88 8e cf 2e 49 78 14 e1 c2 42 48 14 82 81 ea 95 c2 28 c0 a3 30 0a eb c5 45 ee 5b 82 f8 8b 80 8c 5c d0 1f 22 7f 23 22 1b e0 c9 8b a2 20 fa 50 d1 22 52 f2 31 ee 7d a9 8c ad 66 56 d6 77 36 07 f1 78 8f fc ec 81 bc fa 02 f7 0c c2 ad 32 bb 90 59 e9 91 52 4b f2 cc 3d 29 fd ab 32 d2 f3 21 3a 86 07 9f 48 a9 57 f2 c4 06 8e f7 e0 c9 3e 65 71 bb bc 9a 1c ef cb 4e 8d e0 ee 57 78 38 f9 31 3a 82 13 93 ca d6 e8 c7 e8 68 b3 29 c7 7f 7f 2d cb d9 c8 93 2b 20 ae 94 9c 96 d2 0f a5 d4 40 39 57 28 c2 fd 73 ca f4 7d 79 75 1c 6f 0f c8 f1 21 b8 95 e3 29 f9 e9 7d 50 46 2b 95 92 e9 cc e2 5d f9 5d 1f 1e ee d7 94 ff 18 bd ab a9 0d 17 4a 5f 2f 50 83 8b cc e8 13 69 2b 0e d7 40 0d cf a6 94 b9 a8 66 23 fc 68 50 4f 5c 59 ee 03 49 70 22 fe 31 da 75 a6 e1 4c 83 5e dc cc 83 df 32 ef 63 b8 7b a1 5c d0 cc 1c 91 86 18 38 3d 9c 79 ff 00 cf 4f e3 8d 35 c2 69 78 14 bf 19 27 ed b0 fe 07 14 c9 03 0b 60 48 52 3a 32 a4 89 98 d3 33 95 02 39 a4 64 54 ee db c8 8e bf 97 e3 b3 e5 16 51 d2 6b 9a f4 9a c9 40 62 9c ec 05 ca bb 24 94 7b 47 94 df 07 a4 f4 82 3c b3 00 04 95 d8 9a 94 7c 28 25 27 94 f1 c1 52 6a f7 95 f4 83 9d cd de ff 6c bd 7a 65 67 b3 8f 88 b5 d2 83 7b 1f 00 83 cc dd 31 65 35 0d 06 50 62 09 dc 37 04 ad 84 63 5b d9 a9 6e e9 fd 8c dc 3f af a7 82 87 86 a5 cd 69 f8 1f 8f 4e 02 ad 8b ad 57 af b6 02 31 d2 00 ea 1b 9a 8e fa 5a 67 5b 2f 5f bf 78 0e 2a 48 c9 65 a8 53 22 d2 b3 31 e5 e5 3b 3d bd ef 5b af fe 55 25 d7 85 b7 1e 83 24 1f a2 71 bd b6 1f a2 33 44 b7 d4 b4 bc f6 07 50 94 5f 2d 69 17 ca f6 43 b8 80 96 34 db 9d 52 f2 37 60 83 13 ef 48 63 80 dd e1 42 2f bf 6a 44 d2 e0 00 ab be 68 66 7b 1b cc 87 47 7a 01 29 d2 e6 94 b4 b9 86 bb 57 35 53 18 f6 ed e9 b9 9e a6 a2 48 05 27 81 a2 06 51 82 0b 15 87 85 d2 f2 be b0 ab 25 f5 52 12 de 3e 21 70 8b 0a 23 df 05 43 44 ec f4 a1 88 17 21 18 ce bc 61 e4 b9 60 30 75 b2 7c 50 44 fe 90 7a 61 82 91 41 14 38 13 17 89 98 60 b0 f0 07 03 8d 70 a9 0e 55 47 24 12 89 1c 93 82 07 6c 64 64 3b 50 24 e8 47 c7 24 15 e9 10 42 28 dc e8 17 8a 5a 69 63 0d 25 76 86 a0 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:50 GMTServer: ApacheLast-Modified: Thu, 28 Nov 2019 02:22:06 GMTETag: "18b6-539c-5985ec78fef80"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 3480Keep-Alive: timeout=15, max=299Connection: Keep-AliveContent-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 5c dd 8b e4 c6 11 7f df bf a2 19 73 dc ee 31 9a d5 7c 68 ef 6e 06 8c fd 12 38 48 c8 43 5e 6c 13 30 3d a3 9e 19 f9 34 d2 20 69 f6 e3 84 1f 1d 48 f2 e0 84 90 bc 24 79 0b c4 24 c4 76 08 01 db c1 c9 3f e3 3d c7 ff 45 aa bb f5 d5 52 7f 69 76 ef 9c 5b 8e 5d a9 ab aa ab ab 7f 55 5d d5 52 eb 51 be c3 c9 26 88 e6 ee 02 ed b1 ef 07 d1 86 fe 19 06 69 e6 a4 d9 4d 48 e6 28 8a 23 b2 70 ae c8 f2 79 90 39 eb 38 82 86 5d 1c 67 5b 4a 8a a3 2c c0 61 80 53 e2 2f 34 4d 19 b9 ce 9c 84 44 3e 49 68 53 bc cf 82 5d f0 82 fc 90 6c 82 65 10 06 d9 cd e2 c3 93 65 ec df a0 9c 09 59 e3 5d 10 de cc 07 b7 ff fe f4 bf 5f 7f f6 dd ef 3f fa ee 5f bf 1e 0c b7 24 bc 24 59 b0 c2 c3 01 5c 7f f3 f5 6f 06 43 9c 40 17 c3 4b 92 f8 38 c2 c3 14 47 a9 93 42 17 eb 45 18 44 c4 d9 92 60 b3 cd e6 68 3c ba 58 ec 82 a8 bc 1e bb ee 83 57 3e 1e ce 0c f7 e6 e3 8b fd f5 62 15 87 71 32 7f 63 32 99 c0 48 cf 1f a1 97 5f 7c f4 ed af 7e f6 f2 9f 9f de fe e2 13 f4 e8 fc 64 b4 0a 09 4e d6 c1 f5 1c af 33 92 a0 fc 32 48 0b 51 f3 6d e0 fb 24 5a f8 41 ba 0f f1 cd 7c 19 c6 ab e7 0d f9 2e 08 8f 32 12 65 f3 01 1a 2c 98 9c f9 12 74 5e 14 c3 75 a1 c7 4a 3c ca 5f c4 f1 6e 3e a6 f7 f6 78 43 ae 02 3f db e6 88 fd 02 43 4d 1e bb a0 2c 2a 20 81 5c 84 0f 59 0c b4 38 47 6c c8 3e 59 c5 09 ce 82 38 2a 60 01 4d f3 6d 0c 13 20 21 38 50 f3 d0 89 00 aa 60 b7 c9 d1 32 4e e0 ce 9c 31 a2 72 38 88 8f 07 e6 ff 90 65 71 34 a4 62 70 42 70 5e ce 10 de ef 41 77 1c ad 4a 28 72 31 4e 82 fd e0 90 82 92 8b f8 90 d1 6e 2a 95 b6 e3 e1 76 32 dc 4e 87 db d9 70 eb 0d b7 17 c3 fd d0 0f 2e 73 11 14 14 05 1f 9e bc 55 00 6e 45 50 7e 82 e0 5f 13 80 68 b0 21 f1 8e 64 71 3a 58 b0 c6 34 59 c1 b8 92 f0 74 30 1a 9d 53 ca f3 92 60 74 15 af d7 93 c1 19 f0 27 3b 9c 9d 0e 8a eb 21 e3 53 b3 b4 38 f4 0c 59 d6 a4 cf 92 03 c9 6e f6 44 cf 43 e2 ac c1 43 76 4b 02 68 f2 9d 78 0f 88 31 32 a7 97 9b 06 33 bb 5a d4 56 ba 2a 4c 19 d1 f6 b0 d1 50 05 0e 7e ff c3 93 13 e6 dd c3 6d b6 0b 73 24 cc 00 02 20 6e 09 f6 29 82 ca 06 6f 46 41 58 44 23 27 8b f7 40 fb a4 79 0b e0 9d 01 8a 8b bb 95 04 34 0a e3 4d 9c af c3 18 83 94 90 ac b3 05 6a b7 22 86 44 b1 a7 06 c9 1a 5c 0e 87 24 47 85 90 84 d2 d1 70 d8 40 8e a8 5e c2 6f ce 98 e3 ec e3 34 e0 e0 4f 48 08 6e 70 49 e1 d8 16 ce 5d 3c 2f bd 16 0d 06 4d 46 bc 4c e3 f0 90 91 45 21 78 c2 04 37 8c 50 fa 2a fd bb 54 89 13 2d f1 ea f9 26 89 c1 ef e6 e8 0d df f7 bb 5d 23 70 64 1e 8a d0 1b d3 e9 74 81 ea 30 82 c6 6d 5b 84 38 da 1c 20 46 b4 8d 21 4e cc 44 c1 85 f2 b6 8b 0b ea ad d7 eb 32 40 a1 a9 ab 92 81 91 2a f0 34 47 d1 1e 44 ab 5f a1 1b 61 26 d9 1d 59 bf 87 10 e5 55 10 5c 94 eb 22 fc d9 59 17 15 dc 61 30 5a 1d 12 58 21 32 67 47 a2 83 13 64 64 07 63 a9 4d e0 94 03 80 79 92 0a 79
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:50 GMTServer: ApacheLast-Modified: Fri, 29 Nov 2019 01:27:14 GMTETag: "18b7-5052-59872212f6080"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 2877Keep-Alive: timeout=15, max=293Connection: Keep-AliveContent-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5c cd 8e e3 b8 11 be cf 53 30 db 18 a0 bb 11 bb 2d 59 76 bb dd 97 3c 44 ee 03 5a a2 6d 65 64 49 90 d4 3f bb c6 3e 40 90 c3 9c 92 53 72 0b 90 20 41 90 5d e4 b2 bb 97 bc 4c 7a f2 1a e1 af 4c 8a 14 29 ba dd 33 bd c1 8c 31 98 6e 59 2c 16 8b 55 5f 15 ab 8a 33 5e c1 3c 47 d5 1e 6c 51 ba d9 36 4b 10 cd 27 e5 e3 2d f8 f6 cd 98 7d 03 c6 f5 43 5a a2 6a 54 67 69 82 40 f7 45 fd bd d5 5d d3 14 f9 a8 ac d0 fd fe 21 4d 9a ed 12 04 8b f2 f1 17 e9 ae 2c aa 06 e6 cd 6d 4b 62 3a 51 9f af 60 fc 7e 53 15 77 79 32 aa d3 6f 10 1b a8 bd b5 83 d5 26 cd 47 4d 51 2e c1 68 6a 65 22 47 8f cd 67 67 82 4a 02 64 68 cd 27 73 b0 0b aa 03 5f f8 d5 37 e3 1d 4c f3 3d 28 61 92 a4 f9 86 cd 48 bf 6b 1f ad 0a 3c 7a 87 77 44 ec 1c 19 01 c6 64 c6 3d e0 ab 9f 2e e8 97 eb ac 80 98 36 f9 aa 5d 03 9f 2f e2 ac b1 c1 31 ca 1b a2 16 7c 78 34 99 79 0d a7 0f ad a3 8b 7b 54 e1 07 0f 4b b0 4d 93 04 e5 1d c6 c1 36 c4 ba b6 2e f2 86 ef 42 18 51 12 e4 c1 03 df b9 55 91 25 b7 20 4b 73 34 92 37 53 de c2 25 b8 ab b2 f3 f1 f8 2a dd 6d ae d2 b8 c8 df e5 e8 a1 1e ff a6 dc 5c 80 bc 18 55 a8 44 b0 01 6c b1 9c b1 56 ac d2 8e 89 b5 0a 49 07 33 4d d2 84 e1 ba 84 78 a7 e2 22 2b aa 25 38 5b 2c 16 b7 f2 0a 02 7d 05 79 51 ed 60 d6 4a 86 4a cd 4c 16 c0 0e 61 f5 ad bb 0c cb 01 ec 35 95 08 42 3c e7 aa a8 12 a2 64 fc d9 19 8a d0 0c 41 50 17 d8 a2 41 40 98 52 b5 8b 0e 32 d1 2f 2d 8b 0b 0d 62 ba ee a1 b3 9d ca cb 99 4e a7 43 e5 d4 60 03 19 25 28 2e 2a d8 a4 45 4e be c8 91 59 16 64 8e e5 96 68 d9 61 26 38 9f 84 93 a0 ab e4 2f a6 6a 70 55 dc 35 cf d6 b5 50 d5 b5 03 cf 27 d6 36 95 70 bf be f1 f7 c6 74 75 ef f0 3a 1b fc 60 df 4a 25 a2 ec 6a d6 cd 17 2a 4c 47 16 db 19 5a af 27 eb c8 3e 01 c0 52 6d 91 7c 32 79 6b 36 49 07 0d ac bf ca 16 06 e3 39 da 19 a4 26 6b a6 0a 69 2f a6 2b 31 ac d1 a9 55 a5 e5 f8 c4 9a a2 d0 ed 57 14 f6 1a 77 71 bf 86 ab 7d 92 d6 65 06 bf 5e 82 06 ae 32 6c b6 7c 3b 67 13 23 c4 2a 2e 8e e1 92 ee 62 24 f2 58 e2 2e 4c 01 2d 07 69 4e f7 87 33 a2 7a b2 19 9b b9 a8 53 86 31 15 ca 30 da dc 1f 18 0e 9c 8c 2c e1 9a 7a cf 03 11 b8 c2 70 7b d7 60 22 7c 96 51 38 61 aa 46 55 73 09 be fa 0a c3 1b 8d 26 28 22 8b a9 c8 cf 42 8b 42 4d 8b ce e2 38 b6 48 1c 73 32 86 31 e1 5d c3 40 eb a0 65 06 eb 66 14 6f d3 2c 11 2b 69 25 c7 10 b7 67 f8 88 2c 07 3f d6 c2 46 86 c9 50 a2 b3 ca 8a f8 bd 59 cc 62 bd 0b 45 05 98 de 07 33 a2 e3 9a 9b 9b 1d e3 e6 4c d6 32 70 21 c2 b3 f4 38 a4 23 a9 52 90 33 2a 0d 5b 3c 95 87 c4 bb 50 12 16 f8 a9 62 3b 92 83 ed f4 28 c7 6c 34 de 23 59 d0 51 3a ea a2 f4 54 46 e9 f9 7c fe ac 5d 54 d6 6c 37 8f 81 04 a5 38 29 8a 22 42 0c 87 f1 09 c2 23 b3 77 dd f3 56 38 b7 f9 06 36 88 8d 31 bb 07 c3 81 25 26 4c d0 25 28 73 82 71 09 37 88 ea cc de 6a 77
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:50 GMTServer: ApacheLast-Modified: Mon, 10 Jun 2019 13:11:00 GMTETag: "18b8-91b8-58af7e9588100"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 7345Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 d5 5d 5d 8f e3 b8 95 7d 9f 5f 61 cc 20 3b 3d 41 b9 a6 24 db e5 aa 0e b2 49 16 c1 02 fb b0 40 1e 36 c0 3e ec 0b 25 51 16 a7 24 51 4d 49 e5 72 2f e6 bf ef a5 64 9b 47 b2 ef 55 23 99 97 6d 24 3d 6d e9 90 22 c5 cb cb fb 71 48 fd 39 b7 75 b7 ce 55 aa 57 ff fb dd 6a 75 fe 55 99 f2 f4 79 f5 e3 bf d3 af bf 1c 75 6b 2b fd e3 1f e8 6e eb d2 cf ab de 95 9f 7e 2c ba ae f9 fc f3 cf 5f 4c 6d fa c7 5c d7 87 ac af 94 7d 4c eb 9f 7d 0d 6a 2c b3 3e ea c4 ff 7c d4 b6 fb d3 fb 1f b7 8f fb c7 a7 1f 7f fa 67 2b fa c1 e8 dc 7c fc cb b5 3e 6a b3 ab 54 f7 e9 47 5d 25 3a cb 74 b6 b6 8d ae bb 53 a3 7f fc e9 e1 1f 79 c8 d1 e6 79 fc a7 db fa 87 eb ff 44 9d 4c 95 ff 60 8d 5d 77 af c2 ce f5 fa 9f e8 7a fb 7e b8 54 fa 03 dc 77 fa d0 97 ca c1 73 08 38 8e e4 20 30 47 6d 0e 45 f7 79 55 fb bb e5 f5 72 db 9d 4a 1d ae fe fa dd 63 ae 06 29 cb 4c db 94 8a 24 cc d4 a5 a9 f5 3a 29 6d fa 76 29 76 29 30 fb 4f b4 6d 3e 7e 8e 56 20 92 e1 39 e6 ab f6 75 15 da 99 ce 5f ed f4 47 b7 76 ba ce e8 42 7d f8 bc 52 7d 67 fd 75 df cf 37 43 02 3e 94 aa ac ed 8a f1 7e dd 19 55 1a d5 ea 6c 80 55 f6 eb da b6 1f 37 b8 83 53 a7 36 55 a5 f6 9d f9 f9 f7 ab 4a bd e9 76 d5 15 7a 68 c7 6a b3 f9 dd 8a 5e d3 41 bb 95 d3 a5 ea cc bb 5e 75 76 b8 6f 52 5b af 52 ff 46 a9 bf 6e f5 fb 9f fd bb 58 97 87 30 e9 c6 4e 44 8f 9b f3 1f 5d f9 a6 0c af a7 38 bf de a7 c7 fd 6e bc fc ae 5d 67 a8 21 6b 6a f5 a1 fe bc 5a 47 bb df 9d 5f f0 3a fe 98 57 1a fb 42 e3 cd cd cd cd 4d b8 b9 bd b9 b9 0d 37 77 37 37 77 e1 66 7e 1c 6e 1e 4d d6 15 be 13 f1 cb 6e 1f 6d e3 d7 b1 b5 c3 70 9c 5b 9a d2 d4 d4 ee 52 ae 2f 87 72 8d ca 32 7a c1 eb 52 e7 be 9b be 4c 45 ef d1 d4 e7 2b f1 23 55 36 54 79 79 2b ed 59 ba d6 5e d8 bd c4 d4 1a ea fc 57 42 8c 15 db d6 74 c6 d2 73 2f 03 72 41 dd 00 54 d2 da b2 ef 06 a9 1a 9f ba 9e 3f f6 dc bd f9 e5 ce 36 7e 6c 66 17 d9 3e 97 06 86 fe fc a4 e8 71 7c 61 2f cf e1 9d 26 d6 91 fc e2 fb f9 bc 7a a4 a1 a4 bf 76 fe ef e8 2c 0b 23 ee f3 8a 9a 6f 32 6a c7 d3 0b dd fd 41 0f 7f c2 fd b5 53 99 e9 5b aa 22 0a 8f 68 fa b2 1c 5e f1 38 b4 a5 55 d4 18 ff 7b 02 70 5e fa 10 31 5c 38 43 6e ab 39 8f 9c 1b 65 f6 31 c8 d7 9d 0a 27 a3 7c 81 d2 c4 fa ab 6e 9c 4e 55 a7 b3 95 6a 57 36 5f 6d 1f b7 8f 4f c3 b4 59 6a d2 52 9f 1e bf b5 b5 df d2 54 df a5 b6 31 f5 80 b8 68 17 55 1b d2 91 83 50 5d 6e c7 2d a9 a7 9c 74 70 a7 87 29 ad 9c 1f 99 6f 04 5e 87 a2 d5 4b cf 89 a0 78 db e9 a6 fd f4 f2 13 f3 a4 fb d0 5f bf fb f3 a5 fa 37 7d ca 9d aa 48 c1 61 27 9f 7e 37 fc 27 b4 a2 73 aa 6e fd b2 40 83 60 3b 1a b2 4f 4f 99 3e 0c 4f a5 59 c0 df fc 95 fe 1f 3d 7d 43 75 9b dd ab 54 21 dc fe d5 37 ff ff 67 b3 fd 08 8f 77 d6 af 4f e3 28 57 ed 3a 37 65 e7 a7 f6 f7 8d b3 07 93 7d fe eb 7f ff 47 a5 0e
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:50 GMTServer: ApacheLast-Modified: Mon, 10 Jun 2019 13:11:00 GMTETag: "18b9-4342-58af7e9588100"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 2759Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 1c 6b 6f db 38 f2 fb fe 0a a1 8b a0 71 d7 72 64 39 ce 43 c6 2d b6 d7 bd 02 87 6b bf ec 2d ee 3b 2d 51 36 11 59 14 48 3a 4e 62 e4 bf df 90 d4 5b a4 2c 3b 09 b6 c5 b6 6d 22 79 66 38 1c ce 0c 67 86 0f f7 e2 c3 87 9f 9c 0f ce 7f 77 24 c3 cc 99 4d 66 93 a9 fc fc 95 72 e1 6c 68 84 59 0a 8f 25 49 b0 23 e8 36 5c 3b 3c 21 00 74 50 1a 39 31 43 1b bc a3 ec ce d9 11 b1 76 d6 88 45 3b c4 b0 83 c2 10 27 98 21 81 23 47 30 94 72 22 08 4d b9 64 2b 7f d6 42 64 c1 c5 c5 6e b7 9b 90 08 a5 2b cc e8 64 cb 2f b8 92 e0 a2 a0 fa 44 b3 47 46 56 6b e1 f8 de f4 6a ec fc 2f 41 11 d9 10 e6 fc 07 fa 49 d0 26 23 11 91 74 7f ae b1 43 7e 2f d9 f4 74 50 70 fe 42 42 9c 72 90 6d 9b ca 91 7c fd f7 9f 05 e6 0f 10 1b 49 0c 4d 03 e7 33 5e b2 2d 62 8f ce f5 58 89 00 04 17 3f 4d b4 94 6e 48 53 81 48 8a d9 7e 83 d8 8a a4 81 e7 a0 ad a0 8b 8c ea c1 06 0c 27 48 90 7b bc a0 f7 98 c5 09 dd 05 6b 12 45 38 5d 3c b9 04 ba 7d 08 a6 cf 1d 5e 6e 4a dd 38 c1 0f 4b fa e0 14 48 a5 ee 3d 30 40 22 48 70 2c 0c ad a0 03 41 42 94 fc 5a a0 76 0c 65 f0 dc bb 3b bc bc 23 c2 05 7e 2e 65 04 a7 22 28 68 17 ee 86 3e 59 10 5c 09 e1 46 84 e1 50 8d 25 a4 c9 76 93 2e 0a 76 66 ac 11 fa dc 16 a9 ab 9f 1d 89 c4 3a 98 7a de d9 62 8d a5 bd f5 7b a9 a6 45 44 78 96 a0 c7 a0 36 9a 0a 96 8f a2 06 e0 85 0a 3b 0d 25 bc 04 aa 0f 05 a6 72 52 37 63 14 e4 14 55 2b 85 8b 29 db 68 95 19 49 4b 84 a6 a3 66 2a da e0 c5 2d ac 78 8d ca 44 51 e3 51 33 2f 27 4f 24 5d 05 d2 29 c0 9a 4a 25 a5 85 0d 38 33 d8 e0 5b 30 cd 19 25 51 d3 1d c7 36 47 2b 65 d3 52 82 85 f1 2c 3a f7 c6 f0 77 b4 68 6a c9 48 41 4d f8 f3 bc 35 ef 6f dc 87 34 0c 6c b3 4d 04 61 74 d7 3b 69 12 20 e5 81 22 cd 12 5c 69 b4 03 cf a7 8c e4 11 c8 5f cd b9 52 81 9b 1f 0d 62 c5 0c 63 57 86 5d ab 5c 35 9f 10 10 0f d3 95 1b 6f 53 3d e7 64 ec 72 e9 56 74 3c b5 87 90 0f a3 a3 83 c8 86 d0 34 e2 e5 73 33 cc 35 b4 c6 d7 8c a4 77 81 57 aa 17 da e4 51 b6 89 b7 44 90 4e a8 31 b9 37 70 d3 6d c6 7d c8 56 34 ce 7b 69 0c a0 b7 99 c9 b7 50 42 56 69 c0 05 62 a2 72 a0 06 30 27 56 30 97 08 bc e1 81 1e b8 42 5b c0 47 85 b4 b1 96 f3 5b 8b 6c b9 58 5d dd 96 0a 4d a9 20 31 a4 2b c9 a0 ca 29 68 c9 21 eb 08 bc 90 89 12 1c 43 d0 0c 7e 67 94 40 84 63 2e be 87 30 c7 83 94 a6 90 94 33 14 12 e8 d2 2b f3 8c 0b 3e e3 55 e9 2a bb 71 d7 90 19 9f 64 cf c9 5e c9 2e ab 1f 17 69 6f ce 50 ea 3e 2e ba a0 06 83 22 a5 9a 9b 3f 74 9b 57 01 78 b9 15 02 54 93 e2 87 ca 31 73 58 c6 f0 bd 61 c8 72 ac 73 f0 7a 3d 19 fc eb ec a1 98 0c 97 97 f0 ae 67 9d 2b a9 5c df 07 40 99 5f bd 45 b8 65 9c b2 20 d7 53 1e e5 50 78 b7 62 14 2a 24 99 27 b0 62 e8 28 4e a5 0f 5b 29 06 61 ca 11 40 2d 26 7b ad a1 18 ce 30 54 3b 50 0c e9 37 93 56 5a 20 c8 ea 68 99 e0 c8 a4 2c 0b e9 be f0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:50 GMTServer: ApacheLast-Modified: Thu, 19 Apr 2018 22:22:10 GMTETag: "18f1-1538f-56a3b00a54880"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 30307Keep-Alive: timeout=15, max=298Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 bd bd 79 7b db 46 b2 2f fc ff fd 14 22 c6 47 03 98 2d 4a 72 32 73 ef 80 86 f9 38 b6 93 38 fb c4 ce 76 28 26 0f 44 42 12 62 0a 60 00 50 4b 44 ce 67 7f eb 57 d5 dd e8 06 41 27 33 e7 de 37 33 16 b1 34 7a ad ae ae bd 8e 1f 0f 0e 7e fd e7 3a ab ee 0f 6e 3e 18 7d 30 3a 3d d8 1c 84 f3 e8 e0 b3 37 07 1f 97 eb 62 91 36 79 59 1c a4 c5 e2 a0 6c ae b2 ea 60 5e 16 4d 95 9f af 9b b2 aa a9 e8 af bf e1 d3 51 59 5d 1e 2f f3 79 56 d4 d9 c1 e3 e3 ff 35 b8 58 17 73 7c 18 66 aa 89 1e 82 35 3d ae e9 b3 79 13 8c 83 f2 fc d7 8c 2e 92 a4 b9 5f 65 e5 c5 c1 75 b9 58 2f b3 c3 c3 3d 2f 46 d9 dd aa ac 9a 7a e2 df 26 d9 68 51 ce d7 d7 59 d1 4c 1a 6a 66 70 12 c5 6d ab d1 43 7e 11 0e da 22 51 73 55 95 b7 07 45 76 7b f0 aa aa ca 2a 0c f4 98 ab ec b7 75 5e 65 f5 41 7a 70 9b 17 0b 2a 73 9b 37 57 74 67 be 0c a2 71 95 35 eb aa 38 a0 56 a2 6d cc 7f c3 80 66 26 bb c8 8b 6c 11 0c 4c 77 e5 fb 89 fc c4 cd 55 5e ab f7 4c c3 4d 5a 1d 14 c9 74 a6 2a 67 24 2a 4f be e6 49 18 5d 66 cd 37 55 d9 94 a8 fb eb 0b 55 26 c5 a8 c6 04 ab 94 ae 68 0d e6 69 a3 6a ba 5c ad eb 2b b5 a6 0b 6a 35 bb a3 92 cb e4 61 ab e6 c9 72 d4 94 6f a8 a9 e2 52 5d d0 cd 55 5a 7f 7d 5b 50 8d ab ac 6a ee d5 2a b9 68 df 2f 92 d5 68 9e 2e 97 a1 34 1d a9 2b 54 71 99 98 ce 1f 64 21 75 5e 26 21 30 0f db 55 6a 68 e5 8a f5 f5 79 56 b5 53 d1 8c 8a 72 91 bd a5 9b ad ba ef ad e8 a0 58 2f 97 54 fe f0 b0 49 a8 aa 91 cc da 56 dd 24 0f a8 23 1e 9c a8 ba 9a e3 a7 28 bf e4 85 a7 eb ed d8 56 75 8d 29 55 45 f4 80 79 cc 69 7e c2 26 69 36 9b 2a 1a cd ab 2c 6d b2 57 cb 0c 13 1a 06 f5 bc ca 57 58 45 02 88 72 d4 64 77 4d 92 d1 77 17 04 03 f9 41 5e 1c dc 44 c5 34 9f 1d 1e 86 25 fd 24 b8 8e c6 cd e8 2a 4b 17 a3 74 b5 ca 8a c5 8b ab 7c b9 08 cb 68 b4 4a 2b aa f1 2b 1a d8 a8 ca ae cb 9b cc bc d9 da 5e dd 01 f2 9c 01 26 49 36 c9 86 41 10 ef c0 76 b6 d9 f4 cc 65 36 59 4e e7 b2 18 59 34 a3 22 fa b3 d8 bc df 62 b8 e7 49 c0 3b 35 50 b7 89 0f 61 a6 69 02 f3 db d1 05 80 22 6f f8 cd 56 bd 4d 8e 7f 9e 9e d5 67 eb 8f 5f 7d fc f1 d9 dd f3 93 d9 70 d3 b9 7f 74 7c 39 c6 67 c9 ed 68 65 60 2f 79 90 1d 1e 9b 26 09 f6 08 84 d7 73 da ff f1 ad 5a 66 c5 65 73 15 9f a8 a6 7c 5e 55 e9 7d bb 05 6d 67 4a 19 0f f6 03 75 83 e0 da db a6 9d c9 72 0b c7 d9 d3 93 09 ae a6 d9 10 3f 23 69 6c 16 cb b3 d9 56 01 f8 df 34 e9 fc 9d 57 25 a6 a8 a1 31 5c 67 d5 65 c6 55 8d 9c 4e 87 91 ca da 2d 4d 03 cd 6e 04 ee 13 de b1 cd 56 65 e9 fc aa af 8f b7 23 bc e1 0a a9 8a ad ba 4e 57 7d c5 b8 41 db b3 90 fa 91 ae 42 1f 1b 30 e0 ea e2 99 1e b1 2a b0 4c 11 d5 cb fb bc 67 22 3b 15 97 80 cf e5 bd 54 9d 56 97 8c 40 6a 54 70 91 57 75 b3 af 82 ec b7 f0 84 ca 2c d3 f7 16 39 3a a5 32 d9 6f 3d f3 ea ac 84 2a 92 61 36 0c 79 99 e2
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:50 GMTServer: ApacheLast-Modified: Fri, 15 Aug 2014 09:28:16 GMTETag: "18f3-23d6-500a7a4160c00"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 4041Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 a5 5a 5d 73 e3 b8 b1 7d cf af a0 30 5b 1a 22 82 69 79 92 cd ad 50 83 55 c6 f3 b1 49 6a 27 93 ba 33 5b f7 41 ab 4d 81 24 28 52 a2 48 9a a4 6c cb a6 f2 db 73 1a fc 10 25 db 7b 6f d5 7d b0 44 12 4d a0 d1 e8 3e 7d ba e5 cb df 5b 9f b3 40 17 69 fc 50 58 6f 9c 3f 39 6f 2c fb fd ae ac b2 ad 75 bd 8b 93 80 5b b5 f5 f9 6f df ac b1 75 fd f5 c3 ef ac df 37 4f 5d 2b aa aa dc bd bc dc 76 ef 3a 7e b6 bd 0c b2 bb 34 c9 54 70 f9 ea c2 2f 4b 95 c6 5b 55 c5 59 5a d2 5d 55 a8 b4 8c 9b db 2a db f9 d1 45 19 c5 b7 34 e2 27 aa 2c 75 79 91 17 3a 8c ef 75 70 51 e9 b2 2a ab 7d 82 67 74 99 17 59 6e 2e 54 92 d0 75 2f 59 5e 04 d9 b6 bf a6 85 a1 e0 e5 ef 66 77 71 0a 4d 9c 7e 5f 32 dc a5 3e ad 6c 2b e1 09 9f 3f 76 f7 d6 83 ad f8 e3 da 81 12 df f4 7d 25 d5 a1 1f 79 47 b2 fc b1 d0 d5 ae 20 b9 ad b3 ce 62 4c 30 61 33 c6 27 b6 57 d7 8c 71 7e 94 bf 3e 91 af f6 b9 ce 42 4b 49 29 bd a3 cc fb a1 cc 68 f4 6f 9b b1 89 e2 0e b4 d5 f7 5f 42 db 1b 4c f7 a1 11 0d b3 c2 be 55 85 15 58 71 6a 41 55 ba d6 52 2d 82 e5 2c 0e ed d1 7b 5b 0b 76 c1 f8 78 bc 5e e8 e5 48 4a 9f b7 0a 78 52 b2 3c bc 67 73 ed 8e a6 87 76 c5 ab e3 fc 1f 8d 29 82 e3 0a 7a b0 42 28 bd 85 c2 84 66 91 70 38 6d 80 0d 8d ae e6 34 e8 5e db a1 60 dd 84 8c cf 43 c7 c3 4e ec a0 ae 3d ee 86 cf ac f9 a9 33 bf d9 91 54 8e 1f a9 e2 5d 65 4f b9 53 65 3f e7 b9 2e de ab 52 db 7c a2 9c 32 89 7d 6d 5f 71 a1 25 99 dc 62 93 ac b1 7f 40 37 7c 12 70 a7 cc 93 b8 b2 e9 6e d6 2a 77 6d 7b 82 c1 cf e2 74 c5 78 5d 9b db 1d 6c 1b c6 a9 0e a0 e0 07 58 0b aa d9 fd 9c f9 cb 73 8a 8f 24 0c 65 f9 a1 d1 96 99 d8 60 50 e8 f1 20 42 39 9a 8a 95 f4 9c 20 f3 77 5b 9d 56 1f 13 4d 5f 22 92 ac 8f 08 26 62 48 f8 85 56 95 6e c7 ed 88 8b b5 8c 1d e3 dc 62 23 12 4c 86 bd 7f 35 3a 8b ad 64 d6 c5 9d f6 36 71 75 61 5d 6c b3 07 7c 66 74 55 5e 58 6c a8 5b 2a d9 ff 18 31 84 ee 83 f5 c5 da 96 4c 64 32 1d 8a e4 b8 ad b2 9f b2 bb ce a8 c3 c1 1b da 43 41 1f 25 7d 54 72 b1 14 3b 59 35 56 17 b7 e2 6e 18 30 be 08 84 6e fd 42 c4 62 6d d4 3e df 17 0b e2 5b 4c bc c5 80 97 05 7b 68 b8 85 1b 9c 0b d1 10 8e 0b 4e 95 ab a2 d4 7f c3 b3 40 5c 4d 39 bf 8b e2 44 db c1 c5 05 5f bf 34 f5 da 89 03 a9 e7 1a ae ef 46 13 9c 19 9c 23 71 14 bc 26 0d de e3 f5 c0 5e f7 8e 10 ca 05 1b bf ba fa af 3f cc 98 78 fd d6 18 db c2 db ac 7c 2d 22 f1 9a fd f0 5a 28 c1 de 5e 9a 81 1f d8 b2 f1 02 84 33 26 84 58 24 ec ed 3c 71 53 0a cc 54 17 7f fd f6 f9 a7 89 0c 45 7a b2 58 82 cd d6 b5 9d 36 47 e9 78 ca df ac 8a 0c de 26 19 13 dd d3 ec 56 17 61 92 dd 49 16 c5 41 a0 53 26 36 72 75 36 26 ce 1f 1c 85 57 27 2b a6 9c c3 a1 7c 3b 11 0a 6b cf 13 07 36 84 7d fe 01 77 73 0a bd c5 eb 9d 66 2e d4 7a 61 30 e5 4f d7 db 70 31 1a c5 07 71 4f ce 18 a9 f
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:50 GMTServer: ApacheLast-Modified: Fri, 15 Aug 2014 09:28:16 GMTETag: "18f0-17bf-500a7a4160c00"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 1767Keep-Alive: timeout=15, max=292Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 58 eb 6f db 36 10 ff 6c ff 15 5c 60 40 72 eb 28 c9 f6 2d 46 06 04 5d 0b 0c 68 f6 40 0b ec 43 51 04 8c 44 db 6c 64 52 13 a9 b8 69 eb ff 7d 77 7c 89 7a d8 4d 3b 34 40 a2 88 bc 3b de fd ee 29 9e 3d 7b 36 25 cf c8 87 7f 1b 56 3f 66 45 b9 65 a2 c9 3e 28 f2 70 91 9d 67 e7 b8 b5 d1 ba ba 3c 3b db ed 76 59 2e 8b 5a 56 0a 9e 5b d8 c1 cd d7 3c 67 42 b1 82 34 a2 60 35 d1 1b 46 6e 7e 7f 4b 4a bb 9c f5 f8 65 05 ab b2 a9 73 96 c9 7a 7d e6 a8 d4 d9 96 eb 53 cf 52 6d 2a e4 c2 df 17 b2 7a ac f9 7a a3 c9 cf e7 17 bf 2c e0 dd 1c 7f 54 a9 b3 e9 32 25 ab 46 e4 9a 4b 91 92 d9 82 ec b8 28 e4 6e 61 34 5c 71 01 ba ce c9 e7 e9 74 92 34 8a 11 a5 6b 9e eb 64 09 ef 67 67 64 5d ca 3b 5a 4e 27 0f b4 26 37 12 0c 12 fc 53 4d ae 9c 88 2c 2c 2d c8 ec 4e 16 8f b0 33 4b 49 82 ff 26 64 8e 32 66 d9 6f af 6f 00 41 d8 69 75 90 15 3e d5 82 b0 92 01 bc da 9c 3f 99 e8 0d 57 d9 8c 95 56 4a d8 5b fa ad 5b 2e b8 0e dc 66 63 ef f4 44 98 dd 7a 7b 66 06 e6 d1 a6 d4 0a 04 a2 7c a0 cb 4b aa 00 5f b2 92 d6 35 54 f0 2d 45 36 c2 56 2b 96 6b e0 9e 84 b5 17 8e f8 92 7c 26 5c c0 23 29 ca 53 bb cb 4e b9 38 bd 48 16 44 36 ba b7 01 2b b0 43 f6 4e b9 a0 4c 55 4b 2d f5 63 c5 9c 36 c6 1a e0 1d c0 e2 bc 61 f4 0d 36 39 08 3c 09 20 94 b1 8f 9a 89 22 25 ba 6e d8 82 7c de 83 0f fa 86 2f 3a 60 59 04 68 0e 76 2b b9 65 1e 61 05 28 14 04 b5 e1 b4 e4 9f dc 26 78 9c d3 bb 92 b5 67 df e6 52 ac f8 3a b5 a2 f0 17 a3 02 cd 7e 29 8a 97 0f 20 e9 0f ba 65 1e 6c f8 49 fe 61 77 f7 5c 5f 7b 3c 13 44 6a d7 5d 03 d6 64 e1 c8 ff ec 52 ca 51 a2 ad ea 52 dd bc 19 25 a3 1d a2 f0 06 80 25 86 62 6f 09 75 4d 85 3a ae fe 5b 24 e1 3d fd db c5 f8 d0 1b f9 a9 47 ad c3 2b 8b 0d ed 51 c9 71 71 5b d5 a3 bb 79 33 4e a8 8f 1d 6a cd f5 ee 8f 02 1e 9c ce d0 6c 22 c0 ee e0 e5 be 3f 01 8f 81 8b df b5 b5 00 c2 1a 6a c8 47 06 71 18 63 3e 27 ef c9 73 92 b8 f2 99 f8 d3 5b cd 0e 1d 3f 70 08 9c 3f 74 d2 01 05 62 1c 7a 1a 2c 9c 06 aa a9 2a 59 6b 53 00 72 a5 5a 3c 6c 16 e0 52 2b a5 8d 7d c7 76 dd 52 5f 45 2a 00 57 2b 67 d1 67 6a 7d 36 e0 8a 8e 5a 4e db 44 c3 5c 34 c6 aa d4 14 51 1b ad 2e ff e2 92 61 eb a6 2f 0d 4c 60 95 a5 a5 62 cb b0 3a 83 72 be 5e 33 ac d9 be bc 66 f9 86 97 45 cd 04 56 ea 46 6b 83 56 c4 b1 b5 e5 7a 8c bc 29 01 cf 53 03 e8 80 85 6b b6 55 81 cf 74 4d 68 2e e8 96 92 5f 0a a9 53 64 bd a3 f9 fd bc cb 8b 4b 07 d8 3c 87 63 b0 28 b4 e0 f4 91 f0 25 49 b1 72 e5 24 46 a8 7a 24 32 2c b5 49 0e dd f5 3e 04 c7 00 51 53 de 26 7c 95 1a 61 16 5b bf 35 31 4b b7 79 29 15 c3 6a eb 0a e2 64 4f cc 83 01 fe 5d 4a e4 8e 09 6d 23 82 f3 b9 58 9b 62 bb db b0 1a cb 31 30 6e e9 3d d4 20 6c 4d c6 0d e6 10 cb 64 1a 6c 26 57 2b af 3d a0 f2 34 5b 46 34 26 4e 93 3d f1 3a 59 13 cc df 9a e9 a6 1
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:51 GMTServer: ApacheLast-Modified: Thu, 09 Mar 2017 21:08:04 GMTETag: "18f4-178a3-54a52a4127500"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 23609Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 e5 bd 6b 7b db c8 91 28 fc 3d bf 42 c2 9e d5 00 26 48 91 f6 64 93 90 82 f8 f8 36 19 3f b1 63 9f 91 36 b1 56 d1 d9 07 12 21 09 19 12 60 00 50 b2 46 e2 f9 ed 6f 55 f5 ad ba d1 a0 28 cf 4c 76 f7 3d 9b 1d 8b e8 7b 57 57 57 57 57 d7 65 ff d9 b3 df ec 3c db 39 ba cd 97 59 b5 f3 62 f0 ed e0 39 7e 7f 28 eb 66 67 51 ce b2 aa 80 3f e7 f9 3c db 69 ca d5 c5 f5 4e 3d cf 21 71 27 2d 66 3b 97 55 ba c8 6e cb ea c7 9d db bc b9 de b9 4e ab d9 6d 5a 65 3b e9 c5 45 36 cf aa b4 c9 66 3b 4d 95 16 75 de e4 65 51 63 b3 f8 df 75 d3 2c c7 fb fb b7 b7 b7 83 7c 96 16 57 59 55 0e 56 f5 7e 4d 23 d8 57 a5 5e 97 cb bb 2a bf ba 6e 76 9e 0f 47 bf 8b 77 fe 32 4f 67 f9 22 af 76 fe 04 fd cc d3 c5 32 9f e5 58 ee f8 3a db c9 df e8 66 36 74 a0 5a 7e 9f 5f 64 45 0d 63 5b 15 38 93 0f ef 8e 55 ce 0f 30 ec 14 73 ca 62 bc f3 21 ad 60 ba a3 61 4c 03 80 ec fd df ec 5e ae 8a 0b 9c 4b 18 dd 07 ab 3a db a9 9b 2a bf 68 82 c9 4d 5a ed 64 71 9a e8 fc 3a ce a3 7b f5 b5 53 85 59 74 5f 65 cd 0a 80 f9 21 6d ae 07 97 f3 b2 c4 c4 b5 2e 82 4d 52 2b c9 f1 60 99 02 60 eb 41 ba 6a ca e5 3c bd 83 76 8f 07 04 f6 7a 90 fd 23 3c 1e a4 50 e5 26 7b 07 a3 ff 12 4d d2 41 da 34 55 18 cc d2 26 ed 0b 18 f6 55 cd 20 da db 0b b3 64 73 91 87 87 56 8f 51 7c ac 7f 1f e7 8b ac 5c 35 ef 66 49 9d 35 f2 23 64 70 d0 95 61 4a cb 29 8c ee 32 ff f2 1e 7e 86 d8 c8 7f d2 b0 ff 9c 7d 69 e8 33 5b e4 4d 18 94 c5 4b d5 79 7c 1c 45 e3 e3 41 5e bf 2d 66 d3 5c f7 79 04 7f 3e 16 ef d3 ba 99 c2 cc e1 43 55 08 a3 71 a8 5a 3d 2e c3 61 77 a3 e1 76 9d af 63 be 08 65 98 c6 8d 58 87 3a c9 c2 74 d0 a4 d5 55 d6 44 93 fc 32 dc ad 61 98 61 13 45 f0 3b c0 75 2f ae 82 24 69 ee 96 59 79 b9 d3 44 75 52 23 20 b2 a2 c1 42 93 6c 0e d8 01 25 9b 41 01 7b e8 18 4a 89 66 f3 89 44 03 53 3a 1a 64 e9 c5 b5 01 29 e0 51 74 9f 26 d0 36 2c 5e 9e 34 d1 3a 8a f3 69 33 be 29 f3 d9 ce 70 0d 8d 0e 77 13 e8 6d 9e 15 57 cd 75 a4 da 3b 1d 9e 99 89 cc 55 2b e9 c3 c3 fd 9a d0 b3 49 6e f3 62 56 de 0e 3e ac 9a 14 0b 7d 3c af b3 ea 26 ab 1e 1e 64 c6 5f b3 f3 1f f3 c6 cd 8e eb a4 c8 6e 77 d8 9a c3 54 b2 c1 65 59 bd b5 87 8d a8 50 16 3f 64 75 fe 53 16 ee 5a 4b a3 da fa f7 25 a0 60 06 80 47 a8 c3 ff 26 f5 a0 14 59 30 de 7b 44 d2 fc 7c d5 64 b5 9c 2b c0 40 a0 ae 48 7d 78 e0 5f f1 c5 75 3e 9f bd cf eb 86 97 d6 89 58 58 7f 40 59 c0 d1 8b 26 ab de c0 16 b0 cb b3 0c 51 87 25 ac 71 12 72 84 15 ac d8 aa be 0e 6b 86 2f 4b 01 8b 12 e8 54 5e a4 f3 b7 37 b0 a0 b4 e3 9c b4 88 56 20 85 e4 1f b3 bb d7 80 10 0f 0f 19 f5 84 bf 09 b9 cc 16 9c cf cb 5b 22 c6 c7 25 a2 2e 34 87 fb e3 7b 68 ef a7 b2 68 d2 79 08 7b fa c5 1f 70 f0 0f 0f bb ed ac 6f 69 5e 91 44 8b dd 51 77 eb 9f aa ec c6 df fa ef 3a 5b 7f f1 7b 4f eb 61 36 a8 af
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:52 GMTServer: ApacheLast-Modified: Thu, 05 Sep 2019 15:43:18 GMTETag: "18f5-56d-591d02e34f180"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 775Keep-Alive: timeout=15, max=296Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 9d 94 df 4f da 50 14 c7 df f9 2b 6e c8 12 0a 92 d6 97 bd 68 f6 e4 1e 5c b2 1f 0f fa 0f 94 72 91 3a 68 59 5b 60 c9 62 42 d8 2a 28 22 9a 89 a2 71 0a c6 39 e6 12 70 89 51 a0 30 ff 98 f5 de d2 27 ff 85 dd db 62 69 e2 5e b6 3e d0 de c3 f7 9c 7b ce e7 7b 5b 2e 02 80 9a 17 33 50 01 76 61 c3 6e f5 51 b5 85 4a 23 5c bf 02 a8 56 24 b7 71 f7 1a 37 b6 03 44 e6 5c 72 6c 15 00 74 a7 13 f1 fd 70 0b 75 87 e3 f2 25 2a 1f 8c 5b 6d 4f e2 96 7b 13 5b 9d 9b 0a 17 97 5f bd 44 fa 47 eb ba 89 cb fb e3 82 ae 6a 8a 28 ad 58 3f 0d 74 52 21 7f 2f 39 29 a8 d3 47 87 6d eb e8 93 a0 aa 24 0d 57 be 93 a5 57 56 48 f1 aa fa 9a 4f 43 5f 59 34 fa 8c 36 aa b8 79 8b 86 35 92 47 eb ed 54 bd 0c 98 48 40 41 bb 1f 1e a1 5a 77 a2 2f 97 70 f5 0c d7 cb f8 e4 98 2c 6d a3 31 ee 9c 9b bd 41 50 4d 89 71 18 a4 8a 5a 77 dc f9 65 8d 3a 34 9a e0 e3 90 c4 84 6c cc b9 c9 39 a8 24 52 72 9e 3c 27 52 62 26 f8 bb 50 f4 f6 42 fa 8d 69 ec bb c8 c8 af dd d0 51 a7 61 8d 76 41 52 d3 32 73 1c 97 cf e7 59 17 0c 2b c8 69 56 90 48 66 84 0b 24 b2 92 a0 89 b2 04 34 3e a6 32 04 6e d4 a3 17 f5 06 0e 83 0f 01 ba 47 8e 57 a8 ce 85 05 9e 01 09 e6 81 bb 60 a6 59 13 ed 74 7e 30 07 42 ce 78 a1 28 c7 f9 01 78 3a 35 03 61 9c c8 9e ce ce 46 01 c7 61 63 17 6d b6 ed c2 29 1a 5c 50 22 d5 ba 39 aa a6 55 4f ce 67 35 79 11 8a 2b 49 6d 0e 68 4a 16 d2 1c 60 ff 68 10 b9 7d 54 43 eb 3a f5 b1 d6 40 5b fb 5e 8a 2c 2d d1 0e 16 92 bc b4 02 97 34 5e a1 5d 3d cc ce 84 7d 3d d3 eb 09 05 31 13 64 83 33 53 04 ac 02 d3 84 ff 02 0d 30 d3 f0 3c e0 22 f8 78 c3 3d 07 ae fd e4 1c a0 72 d3 3e 3c 77 97 51 cb 38 34 7b 15 b3 57 30 7b 97 f8 d6 40 9b 4d bf 9a 78 f0 68 eb 30 0b df 31 1e 68 96 27 5d e6 e0 0b 29 0e df 87 59 3e 1e 7f d4 03 17 f1 49 70 a3 3b be 2b e1 5e 0b ed 6c 93 56 1c f2 d6 f5 19 1a d6 7d 5b ad 39 4f 6b e1 79 e7 4e f0 e1 76 0b 57 4e ad 62 1f 95 0c 73 50 31 8d 1b 4a fe a2 48 6c 22 05 ad 6f 06 d2 bf 4e e3 57 eb 69 39 ab c2 b8 9c 97 00 de eb 93 a3 0a 9c 00 94 34 a8 04 7c 73 10 b8 21 4d ce 0a 49 d5 61 ee 65 85 a2 53 fa d0 8f 1f b2 19 05 e6 48 9d e7 30 c1 67 53 1a 43 a7 c3 3d 9d e0 9c bc 2c 4e 13 be 51 fe c5 2c 5f 92 96 14 d5 bf d3 24 8e ba 1c 5c 9b dc 4f 0c 1d 93 9e 29 df fb ee eb 61 ea 95 83 7b 59 66 1e 36 10 a9 25 4c d8 99 c2 39 d6 a8 7c 85 ba 7d 34 d8 23 de d0 c8 97 83 49 9d 07 33 26 e4 84 94 28 bc 65 fe 13 92 df 47 5f f9 b5 3f 69 11 31 27 6d 05 00 00 Data Ascii: OP+nh\r:hY[`bB("q9pQ0'bi^>{{[.3PvanQJ#\V$q7D\rltpu%[mO{[_DGj(X?tR!/9)Gm$WWVHOC_Y46y5GTH@AZw/p,m1APMqZwe:4l9$Rr<'Rb&PBi
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 23 Apr 2024 20:11:53 GMTServer: ApacheLast-Modified: Thu, 05 Sep 2019 15:44:32 GMTETag: "18ef-535-591d0329e1800"Accept-Ranges: bytesVary: Accept-Encoding,User-AgentContent-Encoding: gzipContent-Length: 511Keep-Alive: timeout=15, max=298Connection: Keep-AliveContent-Type: application/javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 a5 53 4d 4f db 40 10 bd fb 57 ac 00 c9 b6 e4 38 0e 04 8a 8c da 03 b9 57 95 8a 7a ad d6 f6 10 56 ac 77 dd dd 75 42 15 45 6a d5 1e 68 a5 9e ca 01 b5 52 d5 de 2a 2e dc 38 81 f8 33 84 8f 7f d1 5d 3b 34 ce 57 49 85 7d d9 9d 79 6f e6 cd f3 b8 83 05 92 5d 92 81 40 4f 11 83 2e 7a 59 5c 1c db 8f 30 63 3a ea 97 d9 5a cc 99 c2 44 47 6c 0f f5 2c 34 7c 32 dc 26 0c 2b c2 59 88 a6 28 a3 a4 ed cd 60 b4 28 89 f7 71 44 21 44 4a e4 30 82 30 38 50 db b9 52 33 8b 46 45 a2 66 30 d5 aa 02 3a 0f 51 0c a6 42 91 19 8e 61 1b 54 17 40 93 d6 82 22 d1 77 b7 2c ab 33 d7 13 c2 12 38 78 1d 73 ae af c5 0c ff b0 67 dc 9a f9 cc 29 97 24 25 09 c8 17 20 5e 11 e8 86 68 d3 b3 16 f0 6d 7c 9a d5 f5 89 52 2d 4e f3 d4 24 ca 78 24 00 ef 67 9c 30 25 c3 ca d7 34 4f 23 58 6d 4e c6 66 a8 5a f7 a6 11 13 12 c6 00 fd 71 fc 93 8d cd 87 9b 34 1f d7 63 a3 19 2c 30 c8 23 9b 34 1b 8b b8 b5 f6 bf 4d ac d1 a9 58 49 6b c5 d9 cd 59 5c 2c 8e e3 16 0d eb f5 72 81 76 70 84 ae 8f 4f af 2e 7e 0e 4e cf 6f 0f 4f 6e be 7d 8c 29 96 f2 39 4e c1 c3 9a d2 81 61 fa e2 eb e0 d3 97 9b cf 67 d7 ef de 57 41 45 af 15 bd dd 82 b4 f7 d4 fd 5e 9a b2 cf 10 25 b6 eb c3 1b 27 70 7d 9c 24 2d 43 71 ec b2 a8 ad 75 19 a6 c2 91 9c 4b f6 26 12 d5 ff a4 52 a7 9c d1 aa d7 d1 ed e5 d1 e0 fb 8f bb 5f 67 77 1f 7e eb a1 97 96 db 7c 47 bf d9 92 eb c7 66 ef ff da e0 b8 bd 7b e1 11 4f de 7a 7b 2a a5 5a 2b 66 24 c5 0a 9c 9e 8c 05 a7 54 33 c3 a0 ef 35 82 20 18 ca 15 a0 72 c1 d0 2e a6 12 b6 a6 cc 1d 55 45 f6 72 42 6b 29 b0 dc 46 ae 9f 50 73 72 86 52 ff 00 88 04 59 d4 35 05 00 00 Data Ascii: SMO@W8WzVwuBEjhR.83];4WI}yo]@O.zY\0c:ZDGl,4\|2&+Y(`(qD!DJ008PR3FEf0:QBaT@"w,38xsg)$% ^hm\|R-N$x$g0%4O#XmNfZq4c,0#4MXIkY\,rvpO.~NoOn})9NagWAE^%'p}$-CquK&R_gw~\|Gf{Oz{Z+f$T35 r.UErBk)FPsrRY5

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/css/common.css HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/css/css.css HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/css/font-awesome.css HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/css/swiper.min.css HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/js/jquery.min.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/js/modernizr.custom.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/js/jquery.dlmenu.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/logo.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20230906/507adc233d2062684bec205a4f7d1675.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20200506/e840f462a48fabde886960789d4f7d73.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20200506/a958d3497833bbb1364962ae99f4d4b9.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20190919/f8d2d305fcc559d17128a53a72f5888e.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/js/swiper.min.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/js/swiperTab.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/icon_language.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/yadotemp/yado/static/css/common.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20230525/d71031f83676d089056d16aeb903ecca.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/icon_case.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/yadotemp/yado/static/css/css.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/icon_about.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/yadotemp/yado/static/css/css.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/icon_news.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/yadotemp/yado/static/css/css.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20190919/f8d2d305fcc559d17128a53a72f5888e.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20200506/e840f462a48fabde886960789d4f7d73.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20200506/a958d3497833bbb1364962ae99f4d4b9.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20240415/974c118570054ff748f4224fba5316ed.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20240415/53eb77b45613be8230160a2eb16c4f8a.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/icon_language.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/js/common.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/logo.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/icon_case.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/icon_about.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/icon_news.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/20240415/974c118570054ff748f4224fba5316ed.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20240109/6660bc2bf6d36513ebec0a959b1568f5.png HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20240415/53eb77b45613be8230160a2eb16c4f8a.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20231109/09acdd6a4ce2c96a6a2da584c6a620a9.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20240109/6660bc2bf6d36513ebec0a959b1568f5.png HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/index.php HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20231109/9a969ac668dd6fc5fdad18f603bbd1f6.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20230525/d71031f83676d089056d16aeb903ecca.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20220324/5bfe625138e40887b465e7f08bac8c5b.png HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/footer_logo.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20231109/9a969ac668dd6fc5fdad18f603bbd1f6.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /yadotemp/yado/static/img/footer_logo.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/css/common.css HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/css/css.css HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/css/font-awesome.css HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/css/swiper.min.css HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/js/jquery.min.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/js/modernizr.custom.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/js/jquery.dlmenu.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/logo.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en//uploads/20230906/065f4623bbfee2cd9334bb51191eb008.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20230907/dbe044291520b2bb7ede3d9739395585.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20230907/272b7a32ed1206dd807eae744099d749.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20230907/6e5e88a8fb3e1fd1dfc17e7628292499.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/js/swiper.min.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/js/swiperTab.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20220715/0615753db414cf8aa4e3cfb2bc076e9e.png HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/uploads/20191113/19004cc505114a0d927f30eb7be8f9ad.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/icon_about.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/yadotemp/yado/static/css/css.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/icon_case.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/yadotemp/yado/static/css/css.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/icon_news.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/yadotemp/yado/static/css/css.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/icon_language.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/yadotemp/yado/static/css/common.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/icon_about.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20230907/bd1d68f5a243f1571cb8c705650aea46.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/js/common.js HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/icon_case.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/logo.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/icon_news.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20220623/36a072e4f020fdbf0a450a1b174b867b.png HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20190919/bd48f759269beb00190cd946d1dfdad8.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/icon_language.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20190919/55d943c3526fd62ae450a925ae86434f.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20190919/bd48f759269beb00190cd946d1dfdad8.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/footer_logo.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/yadotemp/yado/static/img/footer_logo.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en/uploads/20191113/19004cc505114a0d927f30eb7be8f9ad.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /uploads/20190919/55d943c3526fd62ae450a925ae86434f.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /en//uploads/20230906/065f4623bbfee2cd9334bb51191eb008.jpg HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.finelandip.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.finelandip.com/en/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: Hm_lvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090; Hm_lpvt_78c5e7556f3d3e95005150f5a8bae6e5=1713903090

Source: unknown

DNS traffic detected: queries for: www.finelandip.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 20:11:51 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 1998Keep-Alive: timeout=15, max=297Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 59 5b 8f db c6 15 7e 2f d0 ff 30 65 60 24 0d 44 5d 57 5a 49 d6 0a 75 5d 27 0e 10 a7 0b c4 35 10 14 2d 30 24 47 cb e9 92 1c 62 38 ba c5 30 e0 22 69 81 3e 04 85 5f 5a f7 0a 18 7d a8 81 a0 ee 4b 51 38 6d 9d 5f 63 ad ed 7f d1 33 14 c9 e5 65 86 e2 16 79 28 05 ac 56 33 73 ce 9c eb 77 ce 0c 67 df f9 c1 0f 6f de fd e4 f4 16 72 85 ef cd bf fd ad 59 f6 4d b0 03 df 08 9e 99 4f 04 46 b6 8b 79 44 c4 89 f1 a3 bb ef 99 63 23 9d 13 54 78 64 fe f1 36 12 c4 47 b7 38 67 7c d6 d9 8f e5 89 03 ec 93 13 83 33 8b 89 c8 40 36 0b 04 09 80 55 c0 68 e0 90 4d 2b 60 0b e6 79 6c 6d a0 8e 82 6c 45 c9 3a 64 5c e4 08 d7 d4 11 ee 89 43 56 d4 26 66 fc a3 85 68 40 05 c5 9e 19 d9 d8 23 27 bd 16 5a 46 84 c7 bf b0 05 03 01 cb 64 8e c4 36 93 4f 3e 9d 77 d1 f7 71 44 d0 bb 9d cb 31 8b 39 5b 74 ff f2 b7 7c 6c e6 31 3e 45 6f 0d 06 83 eb c5 99 05 08 36 45 bd a3 70 83 ee 11 ee e0 00 b7 90 71 9b 78 2b 22 a8 8d d1 47 64 49 8c 16 72 d3 81 16 ba c1 41 d4 16 7a fb 0e b5 39 8b d8 42 a0 4f f0 6d 42 df 6e a1 08 07 91 09 92 d3 45 69 0f 1f f3 33 1a 4c 51 b7 34 1e 62 c7 a1 c1 19 4c a0 7e 17 04 90 7f 4a 4b d6 8c 3b a6 c5 09 3e 9f a2 f8 cb 94 23 b9 45 0f 2e ff 75 7b f7 d5 fb f6 24 f3 6e 65 7b a9 ba 19 d1 4f c9 14 f5 c7 95 9d e3 d9 35 a1 67 2e d8 67 d8 2d 13 7b 34 20 a6 9b 4c 0f fa 05 f2 bc 4c 7d 8d 27 8e fa e3 b1 4d ea f6 3c aa ec 99 d9 6b 24 f5 d1 18 79 74 48 d7 5e 55 57 0b 6c 0a 11 07 31 2e 98 0f 2b 80 45 c4 3c ea a0 b7 08 21 1a c5 06 ed 68 69 c9 5c 03 89 74 e1 a6 54 b2 81 a0 6a 13 14 76 d7 b9 ba af 76 64 a2 fa a8 de cd 16 f3 34 b1 85 2d 8b 97 95 5c f2 48 6a 09 b9 11 96 98 0a b2 11 a6 43 6c c6 b1 a0 0c c4 5a 02 58 70 19 32 f5 0b cd 38 bf a7 c8 01 47 10 9d 24 1a 5b 8f 47 f2 73 5d 2d 63 08 70 25 08 d7 70 9c ba 6c 45 ca ea 35 d2 21 c7 a5 1d 67 04 91 38 5a e2 64 61 fb fc 8c 33 a0 07 31 17 63 db b2 ad 22 8b 1c 13 62 bb 0c 09 09 7b e5 98 8a b1 52 e6 72 f7 5a 3d 75 c8 2b b4 59 e2 28 02 40 aa be 00 04 9f 22 bc 14 4c 1f 3b e3 e1 b5 d2 64 01 02 7a ed a3 61 39 ab 32 bd cd d4 49 8b 63 f9 51 66 5f 15 1e 93 ac e4 90 62 cb 08 40 46 1d bb 0b ec 53 6f 3b 45 37 59 00 39 8b 23 80 ef 0f a9 45 f6 5e 43 77 18 54 8f 16 ba 43 02 8f b5 60 cd 92 53 c2 5b c8 87 e1 28 c4 36 39 6c ca 79 ad 41 75 28 a4 c9 5b a8 57 1f e2 2d 5b 8a 42 c5 6a 83 79 4c df 31 07 1a 9f f7 87 d7 34 31 97 10 4e 34 84 c7 3a c2 1f db 60 a9 e8 a7 27 46 c2 c0 f8 49 99 03 84 04 06 b7 7a 64 21 74 7b 7b 04 f3 05 dd 54 c0 4f 8e 4f 01 4b 5d 35 e1 f7 7c e2 50 8c 58 e0 6d 51 64 73 42 02 94 cb c5 c0 41 ef f8 34 30 f3 1d 02 02 e7 1f 0f c3 cd 77 2b 0b f1 a6 bc 70 34 3a 96 0b ef a3 a2 50 99 89 5b ea f1 8a 05 73 56 2c a5 5c 49 9d a2 77 6f 6d 6c 12 c6 91 f7 41 b0 60 45 2f 93 6c 4e 09 de a6 60 e1 b4 dc 03 3c 50 d2 b7 7d 12 45 f8 8c 68 d3 bc 5a 05 d2 24 cb d5 36 c7 71 d4 19 97 d6 c1 2e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 20:11:51 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 1998Keep-Alive: timeout=15, max=299Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 59 5b 8f dc b6 15 7e 2f d0 ff c0 28 30 92 06 a3 b9 ed ee ec ec 78 76 50 d7 71 e2 00 71 ba 40 5c 03 41 d0 02 94 44 ad d8 d5 88 02 45 cd 25 86 01 07 49 0b f4 21 28 fc d2 ba 57 c0 c8 43 0c 04 71 5f 8a c2 69 eb fc 1a cf da fe 17 3d d4 48 5a 5d 48 8d b6 c8 43 34 c0 ce 0e c9 73 78 ae df 39 a4 a6 af bd fd f3 eb b7 3f 3a b9 81 3c 31 f7 67 3f fe d1 34 ff 26 d8 81 6f 04 cf 74 4e 04 46 b6 87 79 44 c4 b1 f1 8b db ef 98 63 23 9b 13 54 f8 64 f6 e1 3a 12 64 8e 6e 70 ce f8 b4 b7 1d 2b 12 07 78 4e 8e 0d ce 2c 26 22 03 d9 2c 10 24 00 56 01 a3 81 43 56 9d 80 b9 cc f7 d9 d2 40 3d 05 d9 82 92 65 c8 b8 28 10 2e a9 23 bc 63 87 2c a8 4d cc e4 47 07 d1 80 0a 8a 7d 33 b2 b1 4f 8e 07 1d 14 47 84 27 bf b0 05 03 01 cb 65 8e c4 3a 97 4f 3e bd b7 d0 cf 70 44 d0 5b bd 8b 31 8b 39 6b 74 f7 e2 b7 7c 6c e6 33 3e 41 af ef ed ed 5d 2d cf b8 20 d8 04 0d f6 c3 15 ba 43 b8 83 03 dc 41 c6 4d e2 2f 88 a0 36 46 1f 90 98 18 1d e4 65 03 1d 74 8d 83 a8 1d f4 c6 2d 6a 73 16 31 57 a0 8f f0 4d 42 df e8 a0 08 07 91 09 92 53 b7 b2 c7 1c f3 53 1a 4c 50 bf 32 1e 62 c7 a1 c1 29 4c a0 61 1f 04 90 7f 2a 4b 96 8c 3b a6 c5 09 3e 9b a0 e4 cb 94 23 85 45 f7 2e fe f5 06 77 d5 fb 0e 24 f3 7e 6d 7b a9 ba 19 d1 4f c8 04 0d c7 b5 9d 93 d9 25 a1 a7 1e d8 e7 a0 5f 25 f6 69 40 4c 2f 9d de 1b 96 c8 8b 32 0d 35 9e d8 1f 8e c7 36 69 da 73 bf b6 67 6e af 91 d4 47 63 e4 d1 2e 5d 07 75 5d 2d b0 29 44 1c c4 b8 60 73 58 01 2c 22 e6 53 07 bd 4e 08 d1 28 b6 d7 8d 62 4b e6 1a 48 a4 0b 37 a5 92 2d 04 55 9b a0 b4 bb ce d5 43 b5 23 53 d5 47 cd 6e b6 98 af 89 2d 6c 59 bc aa 64 cc 23 a9 25 e4 46 58 61 2a c8 4a 98 0e b1 19 c7 82 32 10 2b 06 b0 e0 32 64 9a 17 9a 49 7e 4f 90 03 8e 20 3a 49 34 b6 1e 8f e4 e7 aa 5a c6 10 e0 4a 10 ae e1 38 f1 d8 82 54 d5 6b a5 43 81 4b 37 c9 08 22 71 b4 c2 c9 c2 f6 d9 29 67 40 0f 62 ba 63 db b2 ad 32 8b 02 13 62 7b 0c 09 09 7b d5 98 4a b0 52 e6 72 ff 4a 33 75 c8 6b b4 79 e2 28 02 40 aa ee 02 82 4f 10 8e 05 d3 c7 ce f8 e0 4a 65 b2 04 01 83 ee fe 41 35 ab 72 bd cd cc 49 ee a1 fc 28 b3 af 0e 8f 69 56 72 48 b1 38 02 90 51 c7 ae 8b e7 d4 5f 4f d0 75 16 40 ce e2 08 e0 fb 7d 6a 91 ad d7 d0 2d 06 d5 a3 83 6e 91 c0 67 1d 58 13 73 4a 78 07 cd 61 38 0a b1 4d 76 9b 72 d6 68 50 1d 0a 69 f2 16 ea d5 fb 78 cd 62 51 aa 58 5d 30 8f 39 77 cc 3d 8d cf 87 07 57 34 31 97 12 1e 69 08 0f 75 84 1f db 60 a9 e8 57 c7 46 ca c0 f8 65 95 03 84 04 06 b7 fa c4 15 ba bd 7d 82 b9 4b 57 35 f0 93 e3 13 c0 52 4f 4d f8 d3 39 71 28 46 2c f0 d7 28 b2 39 21 01 2a e4 62 e0 a0 37 e7 34 30 8b 1d 02 02 e7 1f 1e 84 ab 9f d4 16 e2 55 75 e1 68 74 28 17 de 45 65 a1 72 13 77 d4 e3 35 0b 16 ac 58 49 b9 8a 3a 65 ef de 58 d9 24 4c 22 ef bd c0 65 65 2f 93 7c 4e 09 de a6 60 e1 a4 da 03 dc 53 d2 77 e7 24 8a f0 29 d1 a6 79 bd 0a 64 49 56 a8 6d 8e e3 a8 33 2e ab 83
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 20:11:51 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 1999Keep-Alive: timeout=15, max=291Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 59 5b 8b dc c8 15 7e 0f e4 3f 54 b4 98 dd 2c ad be cd 4c 77 8f dc d3 c4 71 bc eb 85 f5 66 60 1d c3 12 12 28 49 d5 d3 95 91 54 a2 54 ea cb 1a 83 c3 6e 02 79 58 82 5f 12 e7 0a 26 0f 31 2c 71 5e 42 f0 26 f1 fe 1a f7 d8 fe 17 39 a5 96 34 ba 54 a9 35 61 1f a2 86 e9 e9 aa 3a a7 ce f5 3b a7 4a d3 ef fc e0 87 37 ef 7e 72 7a 0b 2d 84 ef cd be fd ad 69 fe 4d b0 0b df 08 9e a9 4f 04 46 ce 02 f3 88 88 13 e3 47 77 df 33 27 46 36 27 a8 f0 c8 ec e3 4d 24 88 8f 6e 71 ce f8 b4 b7 1b 2b 12 07 d8 27 27 06 67 36 13 91 81 1c 16 08 12 00 ab 80 d1 c0 25 eb 4e c0 e6 cc f3 d8 ca 40 3d 05 d9 92 92 55 c8 b8 28 10 ae a8 2b 16 27 2e 59 52 87 98 c9 8f 0e a2 01 15 14 7b 66 e4 60 8f 9c 0c 3a 28 8e 08 4f 7e 61 1b 06 02 96 cb 1c 89 4d 2e 9f 7c 7a ef a2 ef e3 88 a0 77 7b 97 63 36 73 37 e8 fe e5 6f f9 38 cc 63 dc 42 6f 1d 1c 1c 5c 2f cf cc 41 30 0b 0d 0e c3 35 ba 47 b8 8b 03 dc 41 c6 6d e2 2d 89 a0 0e 46 1f 91 98 18 1d b4 c8 06 3a e8 06 07 51 3b e8 ed 3b d4 e1 2c 62 73 81 3e c1 b7 09 7d bb 83 22 1c 44 26 48 4e e7 95 3d 7c cc cf 68 60 a1 7e 65 3c c4 ae 4b 83 33 98 40 c3 3e 08 20 ff 54 96 ac 18 77 4d 9b 13 7c 6e a1 e4 cb 94 23 85 45 0f 2e ff 5d 0c ee ab f7 1d 48 e6 fd da f6 52 75 33 a2 9f 12 0b 0d 27 b5 9d 93 d9 15 a1 67 0b b0 cf 51 bf 4a ec d1 80 98 8b 74 fa 60 58 22 2f ca 34 d4 78 e2 70 38 99 38 a4 69 cf c3 da 9e b9 bd 46 52 1f 8d 91 47 fb 74 1d d4 75 b5 c1 a6 10 71 10 e3 82 f9 b0 02 58 44 cc a3 2e 7a 8b 10 a2 51 ec a0 1b c5 b6 cc 35 90 48 17 6e 4a 25 5b 08 aa 36 41 69 77 9d ab 87 6a 47 a6 aa 8f 9a dd 6c 33 4f 13 5b d8 b6 79 55 c9 98 47 52 4b c8 8d b0 c2 54 90 b5 30 5d e2 30 8e 05 65 20 56 0c 60 c1 65 c8 34 2f 34 93 fc b6 90 0b 8e 20 3a 49 34 b6 9e 8c e4 e7 ba 5a c6 10 e0 4a 10 ae e1 68 2d d8 92 54 d5 6b a5 43 81 4b 37 c9 08 22 71 b4 c2 c9 c6 ce f9 19 67 40 0f 62 ce 27 8e ed d8 65 16 05 26 c4 59 30 24 24 ec 55 63 2a c1 4a 99 cb fd 6b cd d4 21 af d1 e6 89 a3 08 00 a9 fa 1c 10 dc 42 38 16 4c 1f 3b 93 a3 6b 95 c9 12 04 0c ba 87 47 d5 ac ca f5 36 33 27 cd c7 f2 a3 cc be 3a 3c a6 59 c9 21 c5 e2 08 40 46 1d bb 73 ec 53 6f 63 a1 9b 2c 80 9c c5 11 c0 f7 87 d4 26 3b af a1 3b 0c aa 47 07 dd 21 81 c7 3a b0 26 e6 94 f0 0e f2 61 38 0a b1 43 f6 9b 72 d6 68 50 1d 0a 69 f2 16 ea d5 87 78 c3 62 51 aa 58 5d 30 8f e9 bb e6 81 c6 e7 c3 a3 6b 9a 98 4b 09 8f 35 84 63 1d e1 8f 1d b0 54 f4 d3 13 23 65 60 fc a4 ca 01 42 02 83 5b 3d 32 17 ba bd 3d 82 f9 9c ae 6b e0 27 c7 2d c0 d2 85 9a f0 7b 3e 71 29 46 2c f0 36 28 72 38 21 01 2a e4 62 e0 a2 77 7c 1a 98 c5 0e 01 81 f3 c7 47 e1 fa bb b5 85 78 5d 5d 38 1a 8d e5 c2 fb a8 2c 54 6e e2 8e 7a bc 66 c1 82 15 2b 29 57 51 a7 ec dd 5b 6b 87 84 49 e4 7d 10 cc 59 d9 cb 24 9f 53 82 b7 29 58 68 55 7b 80 07 4a fa ae 4f a2 08 9f 11 6d 9a d7 ab 40 96 64 85 da e6 ba ae 3a e3 b2 3a d8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 20:11:52 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 1997Keep-Alive: timeout=15, max=298Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 59 5b 8b 1c c7 15 7e 0f f8 3f 94 db 08 5f 98 9e cb ce ee ec 6c 6b 76 88 ac 28 96 c1 72 16 ac 08 4c 70 a0 ba ba 66 a7 d8 9e ae a6 ba e6 66 21 50 c8 05 f2 60 8c 5e 12 c5 76 02 22 0f 11 18 2b 2f 21 c8 49 e4 5f a3 59 49 ff 22 a7 7a ba 7b fb 52 d5 d3 6b fc e0 1e d8 d9 a9 aa 73 ea 5c bf 73 aa 7a f4 fa cf 7e 71 fd f6 c7 27 37 d0 54 ce fc f1 6b 3f 19 65 df 14 7b f0 8d e0 19 cd a8 c4 88 4c b1 88 a8 3c b6 7e 79 fb e7 f6 d0 4a e7 24 93 3e 1d 7f b4 8e 24 9d a1 1b 42 70 31 ea 6c c7 f2 c4 01 9e d1 63 4b 70 97 cb c8 42 84 07 92 06 c0 2a e0 2c f0 e8 aa 15 f0 09 f7 7d be b4 50 47 43 b6 60 74 19 72 21 73 84 4b e6 c9 e9 b1 47 17 8c 50 3b fe d1 42 2c 60 92 61 df 8e 08 f6 e9 71 af 85 e6 11 15 f1 2f ec c2 40 c0 33 99 23 b9 ce e4 53 4f e7 1d f4 2e 8e 28 7a a7 73 31 e6 72 6f 8d ee 5e fc 56 0f e1 3e 17 0e 7a a3 df ef 5f 2d ce 4c 40 30 07 f5 f6 c3 15 ba 43 85 87 03 dc 42 d6 4d ea 2f a8 64 04 a3 0f e9 9c 5a 2d 34 4d 07 5a e8 9a 00 51 5b e8 cd 5b 8c 08 1e f1 89 44 1f e3 9b 94 bd d9 42 11 0e 22 1b 24 67 93 d2 1e 33 2c 4e 59 e0 a0 6e 69 3c c4 9e c7 82 53 98 40 7b 5d 10 40 fd 29 2d 59 72 e1 d9 ae a0 f8 cc 41 f1 97 ad 46 72 8b ee 5d fc 3b ed dd d5 ef db 53 cc bb 95 ed 95 ea 76 c4 3e a5 0e da 1b 56 76 8e 67 97 94 9d 4e c1 3e 07 dd 32 b1 cf 02 6a 4f 93 e9 fe 5e 81 3c 2f d3 9e c1 13 fb 7b c3 21 a1 75 7b ee 57 f6 cc ec 35 50 fa 18 8c 3c d8 a5 6b af aa ab 0b 36 85 88 83 18 97 7c 06 2b 80 45 c4 7d e6 a1 37 28 a5 06 c5 fa ed 68 ee aa 5c 03 89 4c e1 a6 55 b2 81 a0 7a 13 14 76 37 b9 7a 4f ef c8 44 f5 41 bd 9b 5d ee 1b 62 0b bb ae 28 2b 39 17 91 d2 12 72 23 2c 31 95 74 25 6d 8f 12 2e b0 64 1c c4 9a 03 58 08 15 32 f5 0b ed 38 bf 1d e4 81 23 a8 49 12 83 ad 87 03 f5 b9 aa 97 31 04 b8 92 54 18 38 3a 53 be a0 65 f5 1a e9 90 e3 d2 8e 33 82 2a 1c 2d 71 72 31 39 3b 15 1c e8 41 cc c9 90 b8 c4 2d b2 c8 31 a1 64 ca 91 54 b0 57 8e a9 18 2b 55 2e 77 af d4 53 87 a2 42 9b 25 8e 26 00 94 ea 13 40 70 07 e1 b9 e4 e6 d8 19 1e 5c 29 4d 16 20 a0 d7 de 3f 28 67 55 a6 b7 9d 3a 69 72 a8 3e da ec ab c2 63 92 95 02 52 6c 1e 01 c8 e8 63 77 82 67 cc 5f 3b e8 3a 0f 20 67 71 04 f0 fd 01 73 e9 d6 6b e8 16 87 ea d1 42 b7 68 e0 f3 16 ac 99 0b 46 45 0b cd 60 38 0a 31 a1 bb 4d 39 ae 35 a8 09 85 0c 79 0b f5 ea 03 bc e6 73 59 a8 58 6d 30 8f 3d f3 ec be c1 e7 7b 07 57 0c 31 97 10 1e 19 08 0f 4d 84 bf 22 60 a9 e8 d7 c7 56 c2 c0 fa a4 cc 01 42 02 83 5b 7d 3a 91 a6 bd 7d 8a c5 84 ad 2a e0 a7 c6 1d c0 d2 a9 9e f0 a7 33 ea 31 8c 78 e0 af 51 44 04 a5 01 ca e5 62 e0 a1 b7 66 2c b0 f3 1d 02 02 e7 1f 1e 84 ab b7 2b 0b f1 aa bc 70 30 38 54 0b ef a2 a2 50 99 89 5b fa f1 8a 05 73 56 2c a5 5c 49 9d a2 77 6f ac 08 0d e3 c8 7b 3f 98 f0 a2 97 69 36 a7 05 6f 5b f2 d0 29 f7 00 f7 b4 f4 ed 19 8d 22 7c 4a 8d 69 5e ad 02 69 92 e5 6a 9b e7 79 fa 8c 4b eb
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 20:11:53 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 1998Keep-Alive: timeout=15, max=296Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 59 5b 8f dc b6 15 7e 2f d0 ff c0 28 30 92 06 a3 b9 ec ee cc ce ca b3 83 ba 8e 13 07 88 d3 05 e2 1a 08 82 16 a0 24 6a c5 ae 46 14 28 ce 2d 86 01 07 49 0b f4 21 28 fc d2 ba 57 c0 c8 43 0c 04 71 5f 8a c2 69 eb fc 1a cf da fe 17 3d d4 48 5a 5d 48 8d b6 c8 43 34 c0 ce 0e c9 73 78 ae df 39 a4 26 af bd fd f3 eb b7 3f 3a b9 81 7c 31 0b a6 3f fe d1 24 ff 26 d8 85 6f 04 cf 64 46 04 46 8e 8f 79 4c c4 b1 f1 8b db ef 98 63 23 9b 13 54 04 64 fa e1 3a 16 64 86 6e 70 ce f8 a4 b7 1d 2b 12 87 78 46 8e 0d ce 6c 26 62 03 39 2c 14 24 04 56 21 a3 a1 4b 56 9d 90 79 2c 08 d8 d2 40 3d 05 d9 82 92 65 c4 b8 28 10 2e a9 2b fc 63 97 2c a8 43 cc e4 47 07 d1 90 0a 8a 03 33 76 70 40 8e 07 1d 34 8f 09 4f 7e 61 1b 06 42 96 cb 1c 8b 75 2e 9f 7c 7a 6f a1 9f e1 98 a0 b7 7a 17 63 36 73 d7 e8 ee c5 6f f9 38 2c 60 dc 42 af ef ef ef 5f 2d cf 78 20 98 85 06 07 d1 0a dd 21 dc c5 21 ee 20 e3 26 09 16 44 50 07 a3 0f c8 9c 18 1d e4 67 03 1d 74 8d 83 a8 1d f4 c6 2d ea 70 16 33 4f a0 8f f0 4d 42 df e8 a0 18 87 b1 09 92 53 af b2 c7 0c f3 53 1a 5a a8 5f 19 8f b0 eb d2 f0 14 26 d0 5e 1f 04 90 7f 2a 4b 96 8c bb a6 cd 09 3e b3 50 f2 65 ca 91 c2 a2 7b 17 ff fa 83 bb ea 7d 07 92 79 bf b6 bd 54 dd 8c e9 27 c4 42 7b e3 da ce c9 ec 92 d0 53 1f ec 33 ec 57 89 03 1a 12 d3 4f a7 f7 f7 4a e4 45 99 f6 34 9e 38 d8 1b 8f 1d d2 b4 e7 41 6d cf dc 5e 23 a9 8f c6 c8 a3 5d ba 0e ea ba da 60 53 88 38 88 71 c1 66 b0 02 58 c4 2c a0 2e 7a 9d 10 a2 51 6c bf 1b cf 6d 99 6b 20 91 2e dc 94 4a b6 10 54 6d 82 d2 ee 3a 57 ef a9 1d 99 aa 3e 6a 76 b3 cd 02 4d 6c 61 db e6 55 25 e7 3c 96 5a 42 6e 44 15 a6 82 ac 84 e9 12 87 71 2c 28 03 b1 e6 00 16 5c 86 4c f3 42 33 c9 6f 0b b9 e0 08 a2 93 44 63 eb f1 48 7e ae aa 65 8c 00 ae 04 e1 1a 8e 96 cf 16 a4 aa 5e 2b 1d 0a 5c ba 49 46 10 89 a3 15 4e 36 76 ce 4e 39 03 7a 10 d3 1b 3b b6 63 97 59 14 98 10 c7 67 48 48 d8 ab c6 54 82 95 32 97 fb 57 9a a9 23 5e a3 cd 13 47 11 00 52 75 0f 10 dc 42 78 2e 98 3e 76 c6 c3 2b 95 c9 12 04 0c ba 07 c3 6a 56 e5 7a 9b 99 93 bc 43 f9 51 66 5f 1d 1e d3 ac e4 90 62 f3 18 40 46 1d bb 1e 9e d1 60 6d a1 eb 2c 84 9c c5 31 c0 f7 fb d4 26 5b af a1 5b 0c aa 47 07 dd 22 61 c0 3a b0 66 ce 29 e1 1d 34 83 e1 38 c2 0e d9 6d ca 69 a3 41 75 28 a4 c9 5b a8 57 ef e3 35 9b 8b 52 c5 ea 82 79 cc 99 6b ee 6b 7c be 37 bc a2 89 b9 94 f0 48 43 78 a8 23 fc d8 01 4b c5 bf 3a 36 52 06 c6 2f ab 1c 20 24 30 b8 35 20 9e d0 ed 1d 10 cc 3d ba aa 81 9f 1c b7 00 4b 7d 35 e1 4f 67 c4 a5 18 b1 30 58 a3 d8 e1 84 84 a8 90 8b a1 8b de 9c d1 d0 2c 76 08 08 9c 7f 38 8c 56 3f a9 2d c4 ab ea c2 d1 e8 50 2e bc 8b ca 42 e5 26 ee a8 c7 6b 16 2c 58 b1 92 72 15 75 ca de bd b1 72 48 94 44 de 7b a1 c7 ca 5e 26 f9 9c 12 bc 4d c1 22 ab da 03 dc 53 d2 77 67 24 8e f1 29 d1 a6 79 bd 0a 64 49 56 a8 6d ae eb aa 33 2e ab 83
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 20:11:54 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 1998Keep-Alive: timeout=15, max=297Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 59 5b 8f db c6 15 7e 2f 90 ff 30 61 60 e4 02 51 a2 b4 bb 5a ad ac 15 ea b8 6e 1c 20 4e 17 88 6b 20 28 52 60 48 0e 57 83 25 39 c4 70 74 8b 61 c0 45 2f 40 1f 82 c0 2f ad 9b a4 05 8c 3e d4 40 10 f7 a5 28 9c b6 ce af b1 d6 f6 bf e8 19 8a e4 f2 32 43 71 83 3c 84 02 56 ab 99 39 67 ce f5 3b 67 86 93 d7 7f f6 8b eb b7 3f 3e b9 81 66 22 f0 a7 af fd 64 92 7f 13 ec c2 37 82 67 12 10 81 91 33 c3 3c 26 e2 d8 f8 e5 ed 9f 9b 23 23 9b 13 54 f8 64 fa d1 3a 16 24 40 37 38 67 7c d2 db 8e 15 89 43 1c 90 63 83 33 9b 89 d8 40 0e 0b 05 09 81 55 c8 68 e8 92 55 27 64 1e f3 7d b6 34 50 4f 41 b6 a0 64 19 31 2e 0a 84 4b ea 8a d9 b1 4b 16 d4 21 66 f2 a3 83 68 48 05 c5 be 19 3b d8 27 c7 fd 0e 9a c7 84 27 bf b0 0d 03 21 cb 65 8e c5 3a 97 4f 3e bd 77 d0 bb 38 26 e8 9d de c5 98 cd dc 35 ba 7b f1 5b 3e 0e f3 19 1f a3 37 f6 f6 f6 ae 96 67 3c 10 6c 8c fa fb d1 0a dd 21 dc c5 21 ee 20 e3 26 f1 17 44 50 07 a3 0f c9 9c 18 1d 34 cb 06 3a e8 1a 07 51 3b e8 cd 5b d4 e1 2c 66 9e 40 1f e3 9b 84 be d9 41 31 0e 63 13 24 a7 5e 65 8f 00 f3 53 1a 8e 91 55 19 8f b0 eb d2 f0 14 26 d0 c0 02 01 e4 9f ca 92 25 e3 ae 69 73 82 cf c6 28 f9 32 e5 48 61 d1 bd 8b 7f 67 fd bb ea 7d fb 92 b9 55 db 5e aa 6e c6 f4 53 32 46 83 51 6d e7 64 76 49 e8 e9 0c ec 73 60 55 89 7d 1a 12 73 96 4e ef 0d 4a e4 45 99 06 1a 4f ec 0f 46 23 87 34 ed b9 5f db 33 b7 d7 50 ea a3 31 f2 70 97 ae fd ba ae 36 d8 14 22 0e 62 5c b0 00 56 00 8b 98 f9 d4 45 6f 10 42 34 8a ed 75 e3 b9 2d 73 0d 24 d2 85 9b 52 c9 16 82 aa 4d 50 da 5d e7 ea 81 da 91 a9 ea c3 66 37 db cc d7 c4 16 b6 6d 5e 55 72 ce 63 a9 25 e4 46 54 61 2a c8 4a 98 2e 71 18 c7 82 32 10 6b 0e 60 c1 65 c8 34 2f 34 93 fc 1e 23 17 1c 41 74 92 68 6c 3d 1a ca cf 55 b5 8c 11 c0 95 20 5c c3 71 3c 63 0b 52 55 af 95 0e 05 2e dd 24 23 88 c4 d1 0a 27 1b 3b 67 a7 9c 01 3d 88 e9 8d 1c db b1 cb 2c 0a 4c 88 33 63 48 48 d8 ab c6 54 82 95 32 97 ad 2b cd d4 11 af d1 e6 89 a3 08 00 a9 ba 07 08 3e 46 78 2e 98 3e 76 46 07 57 2a 93 25 08 e8 77 f7 0f aa 59 95 eb 6d 66 4e f2 0e e5 47 99 7d 75 78 4c b3 92 43 8a cd 63 00 19 75 ec 7a 38 a0 fe 7a 8c ae b3 10 72 16 c7 00 df 1f 50 9b 6c bd 86 6e 31 a8 1e 1d 74 8b 84 3e eb c0 9a 39 a7 84 77 50 00 c3 71 84 1d b2 db 94 d3 46 83 ea 50 48 93 b7 50 af 3e c0 6b 36 17 a5 8a d5 05 f3 98 81 6b ee 69 7c 3e 38 b8 a2 89 b9 94 f0 48 43 78 a8 23 fc 95 03 96 8a 7f 7d 6c a4 0c 8c 4f aa 1c 20 24 30 b8 d5 27 9e d0 ed ed 13 cc 3d ba aa 81 9f 1c 1f 03 96 ce d4 84 3f 0d 88 4b 31 62 a1 bf 46 b1 c3 09 09 51 21 17 43 17 bd 15 d0 d0 2c 76 08 08 9c 7f 78 10 ad de ae 2d c4 ab ea c2 e1 f0 50 2e bc 8b ca 42 e5 26 ee a8 c7 6b 16 2c 58 b1 92 72 15 75 ca de bd b1 72 48 94 44 de fb a1 c7 ca 5e 26 f9 9c 12 bc 4d c1 a2 71 b5 07 b8 a7 a4 ef 06 24 8e f1 29 d1 a6 79 bd 0a 64 49 56 a8 6d ae eb aa 33 2e ab
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 23 Apr 2024 20:12:16 GMTServer: ApacheVary: User-Agent,Accept-EncodingContent-Encoding: gzipContent-Length: 1975Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: text/html; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 cd 59 5b 8f dc b6 15 7e 2f 90 ff c0 2a 30 d2 06 a3 b9 ec 65 3c 2b cf 0e ea b8 6e 1c 20 4e 17 88 6b 20 28 5a 80 92 38 2b 62 25 51 a0 a8 b9 c4 30 e0 a2 49 81 3e 04 85 5f 1a e7 d2 02 46 1f 6a 20 a8 fb 52 14 4e 5b e7 d7 78 d6 f6 bf e8 a1 46 d2 ea 42 6a b4 45 1e aa 01 76 76 48 9e c3 73 fd ce 21 35 fd e1 4f 7f 7e e3 ce 47 27 37 91 27 02 7f f6 c6 0f a6 c5 37 c1 2e 7c 23 78 a6 01 11 18 39 1e e6 31 11 c7 c6 2f ee fc cc 9c 18 f9 9c a0 c2 27 b3 0f d7 b1 20 01 ba c9 39 e3 d3 c1 76 ac 4c 1c e2 80 1c 1b 9c d9 4c c4 06 72 58 28 48 08 ac 42 46 43 97 ac 7a 21 9b 33 df 67 4b 03 0d 14 64 0b 4a 96 11 e3 a2 44 b8 a4 ae f0 8e 5d b2 a0 0e 31 d3 1f 3d 44 43 2a 28 f6 cd d8 c1 3e 39 1e f5 50 12 13 9e fe c2 36 0c 84 ac 90 39 16 eb 42 3e f9 0c de 46 ef e0 98 a0 b7 07 17 63 36 73 d7 e8 de c5 6f f9 38 cc 67 dc 42 6f ee ef ef 5f ab ce cc 41 30 0b 8d 0e a2 15 ba 4b b8 8b 43 dc 43 c6 2d e2 2f 88 a0 0e 46 1f 90 84 18 3d e4 e5 03 3d 74 9d 83 a8 3d f4 d6 6d ea 70 16 b3 b9 40 1f e1 5b 84 be d5 43 31 0e 63 13 24 a7 f3 da 1e 01 e6 a7 34 b4 d0 b0 36 1e 61 d7 a5 e1 29 4c a0 bd 21 08 20 ff d4 96 2c 19 77 4d 9b 13 7c 66 a1 f4 cb 94 23 a5 45 f7 2f fe f5 46 f7 d4 fb 8e 24 f3 61 63 7b a9 ba 19 d3 8f 89 85 f6 26 8d 9d d3 d9 25 a1 a7 1e d8 e7 70 58 27 f6 69 48 4c 2f 9b de df ab 90 97 65 da d3 78 e2 60 6f 32 71 48 db 9e 07 8d 3d 0b 7b 8d a5 3e 1a 23 8f 77 e9 3a 6a ea 6a 83 4d 21 e2 20 c6 05 0b 60 05 b0 88 99 4f 5d f4 26 21 44 a3 d8 7e 3f 4e 6c 99 6b 20 91 2e dc 94 4a 76 10 54 6d 82 ca ee 3a 57 ef a9 1d 99 a9 3e 6e 77 b3 cd 7c 4d 6c 61 db e6 75 25 13 1e 4b 2d 21 37 a2 1a 53 41 56 c2 74 89 c3 38 16 94 81 58 09 80 05 97 21 d3 be d0 4c f3 db 42 2e 38 82 e8 24 d1 d8 7a 32 96 9f 6b 6a 19 23 80 2b 41 b8 86 a3 e5 b1 05 a9 ab d7 49 87 12 97 7e 9a 11 44 e2 68 8d 93 8d 9d b3 53 ce 80 1e c4 9c 4f 1c db b1 ab 2c 4a 4c 88 e3 31 24 24 ec d5 63 2a c5 4a 99 cb c3 2b ed d4 11 6f d0 16 89 a3 08 00 a9 fa 1c 10 dc 42 38 11 4c 1f 3b 93 c3 2b b5 c9 0a 04 8c fa 07 87 f5 ac 2a f4 36 73 27 cd af ca 8f 32 fb 9a f0 98 65 25 87 14 4b 62 00 19 75 ec ce 71 40 fd b5 85 6e b0 10 72 16 c7 00 df ef 53 9b 6c bd 86 6e 33 a8 1e 3d 74 9b 84 3e eb c1 9a 84 53 c2 7b 28 80 e1 38 c2 0e d9 6d ca 59 ab 41 75 28 a4 c9 5b a8 57 ef e3 35 4b 44 a5 62 f5 c1 3c 66 e0 9a fb 1a 9f ef 1d 5e d1 c4 5c 46 78 a4 21 bc aa 23 fc a5 03 96 8a 7f 7d 6c 64 0c 8c 5f d5 39 40 48 60 70 ab 4f e6 42 b7 b7 4f 30 9f d3 55 03 fc e4 b8 05 58 ea a9 09 7f 12 10 97 62 c4 42 7f 8d 62 87 13 12 a2 52 2e 86 2e fa 51 40 43 b3 dc 21 20 70 fe d5 c3 68 f5 e3 c6 42 bc aa 2f 1c 8f af ca 85 f7 50 55 a8 c2 c4 3d f5 78 c3 82 25 2b d6 52 ae a6 4e d5 bb 37 57 0e 89 d2 c8 7b 2f 9c b3 aa 97 49 31 a7 04 6f 53 b0 c8 aa f7 00 f7 95 f4 fd 80 c4 31 3e 25 da 34 6f 56 81 3c c9 4a b5 cd 75 5d 75 c6 e5 75

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734

Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.16:49743 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@14/48@18/97

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://www.finelandip.com/
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1996,i,5213520194969364071,12256133364474928176,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1996,i,5213520194969364071,12256133364474928176,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	2 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	4 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://www.finelandip.com/	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
http://www.finelandip.com/yadotemp/yado/static/img/icon_about.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/img/logo.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/css/font-awesome.css	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/js/modernizr.custom.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/index.php	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/css/css.css	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/js/jquery.min.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20200506/e840f462a48fabde886960789d4f7d73.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20240415/53eb77b45613be8230160a2eb16c4f8a.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/js/swiper.min.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/css/swiper.min.css	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/js/jquery.dlmenu.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20230525/d71031f83676d089056d16aeb903ecca.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/img/icon_language.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/css/common.css	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20231109/09acdd6a4ce2c96a6a2da584c6a620a9.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20240415/974c118570054ff748f4224fba5316ed.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20240109/6660bc2bf6d36513ebec0a959b1568f5.png	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20190919/f8d2d305fcc559d17128a53a72f5888e.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20230906/507adc233d2062684bec205a4f7d1675.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/js/swiperTab.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/img/icon_case.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/js/common.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20200506/a958d3497833bbb1364962ae99f4d4b9.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/img/icon_news.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/css/swiper.min.css	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/js/swiperTab.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20230907/272b7a32ed1206dd807eae744099d749.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20220324/5bfe625138e40887b465e7f08bac8c5b.png	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/js/swiper.min.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/js/jquery.dlmenu.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/img/logo.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/img/icon_about.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20231109/9a969ac668dd6fc5fdad18f603bbd1f6.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/css/css.css	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/js/modernizr.custom.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20220715/0615753db414cf8aa4e3cfb2bc076e9e.png	0%	Avira URL Cloud	safe
http://www.finelandip.com/en//uploads/20230906/065f4623bbfee2cd9334bb51191eb008.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/uploads/20191113/19004cc505114a0d927f30eb7be8f9ad.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/css/common.css	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/css/font-awesome.css	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/js/jquery.min.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/yadotemp/yado/static/img/footer_logo.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20230907/6e5e88a8fb3e1fd1dfc17e7628292499.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20230907/dbe044291520b2bb7ede3d9739395585.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20190919/55d943c3526fd62ae450a925ae86434f.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/img/icon_language.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/img/icon_case.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20190919/bd48f759269beb00190cd946d1dfdad8.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/img/footer_logo.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20230907/bd1d68f5a243f1571cb8c705650aea46.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/img/icon_news.jpg	0%	Avira URL Cloud	safe
http://www.finelandip.com/uploads/20220623/36a072e4f020fdbf0a450a1b174b867b.png	0%	Avira URL Cloud	safe
http://www.finelandip.com/en/yadotemp/yado/static/js/common.js	0%	Avira URL Cloud	safe
http://www.finelandip.com/favicon.ico	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.finelandip.com	47.89.47.240	true	false	unknown
www.google.com	74.125.136.103	true	false	high
hm.e.shifen.com	183.240.98.228	true	false	unknown
qiniu.fengdumao.cn	unknown	unknown	false	unknown
hm.baidu.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://www.finelandip.com/uploads/20200506/e840f462a48fabde886960789d4f7d73.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/js/jquery.min.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20190919/55d943c3526fd62ae450a925ae86434f.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/css/swiper.min.css	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/js/swiperTab.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20220324/5bfe625138e40887b465e7f08bac8c5b.png	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/img/logo.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20240415/53eb77b45613be8230160a2eb16c4f8a.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/css/css.css	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/index.php	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/css/swiper.min.css	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20230525/d71031f83676d089056d16aeb903ecca.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20231109/9a969ac668dd6fc5fdad18f603bbd1f6.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/img/icon_news.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20240415/974c118570054ff748f4224fba5316ed.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/img/icon_language.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/img/icon_about.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en//uploads/20230906/065f4623bbfee2cd9334bb51191eb008.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20230907/bd1d68f5a243f1571cb8c705650aea46.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/js/modernizr.custom.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/uploads/20191113/19004cc505114a0d927f30eb7be8f9ad.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/css/font-awesome.css	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20230907/6e5e88a8fb3e1fd1dfc17e7628292499.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20230907/dbe044291520b2bb7ede3d9739395585.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/img/footer_logo.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/img/icon_case.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20200506/a958d3497833bbb1364962ae99f4d4b9.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/css/font-awesome.css	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/js/swiper.min.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/js/modernizr.custom.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20220623/36a072e4f020fdbf0a450a1b174b867b.png	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/js/common.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/img/icon_about.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/js/swiper.min.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/js/jquery.dlmenu.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/	false		unknown
http://www.finelandip.com/uploads/20230907/272b7a32ed1206dd807eae744099d749.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/js/jquery.dlmenu.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/img/logo.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20190919/f8d2d305fcc559d17128a53a72f5888e.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/css/common.css	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20231109/09acdd6a4ce2c96a6a2da584c6a620a9.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/css/css.css	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20190919/bd48f759269beb00190cd946d1dfdad8.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20220715/0615753db414cf8aa4e3cfb2bc076e9e.png	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20240109/6660bc2bf6d36513ebec0a959b1568f5.png	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/img/icon_language.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/uploads/20230906/507adc233d2062684bec205a4f7d1675.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/css/common.css	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/js/swiperTab.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/en/yadotemp/yado/static/js/jquery.min.js	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/favicon.ico	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/img/icon_case.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/img/footer_logo.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/img/icon_news.jpg	false	Avira URL Cloud: safe	unknown
http://www.finelandip.com/yadotemp/yado/static/js/common.js	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
64.233.185.100	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.105.84	unknown	United States	15169	GOOGLEUS	false
183.240.98.228	hm.e.shifen.com	China	56040	CMNET-GUANGDONG-APChinaMobilecommunicationscorporation	false
64.233.185.94	unknown	United States	15169	GOOGLEUS	false
47.89.47.240	www.finelandip.com	United States	45102	CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC	false
172.217.215.94	unknown	United States	15169	GOOGLEUS	false
74.125.136.103	www.google.com	United States	15169	GOOGLEUS	false
142.250.105.138	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1430570
Start date and time:	2024-04-23 22:10:53 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	http://www.finelandip.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled
Analysis Mode:	stream
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@14/48@18/97

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.215.94, 64.233.185.100, 64.233.185.113, 64.233.185.101, 64.233.185.102, 64.233.185.138, 64.233.185.139, 142.250.105.84, 34.104.35.123, 23.221.242.90
Excluded domains from analysis (whitelisted): clients2.google.com, fs.microsoft.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, e16604.g.akamaiedge.net, clientservices.googleapis.com, clients.l.google.com, prod.fs.microsoft.com.akadns.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com
HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: http://www.finelandip.com/

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 19:11:25 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.980655826063955
Encrypted:	false
SSDEEP:
MD5:	D1794F3080D3C1237E5D873ACF73E005
SHA1:	EBFD6C2A2E81C0FD896C4F118D89A409AD00E728
SHA-256:	3D192EE2863338F6C0B78733A056A9A4078627F43059025634CCBF59661C43A3
SHA-512:	D16C5C8A8FA8FC14C86B0A7F5103F12D8A8D7DD69F95241DFD437F625542B817BC2C3753A9F131F627FFD23D57A241248AC97D9E0054485BD199D489D3AB09B6
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......rk....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xc.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xl.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xl.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xl............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xm............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 19:11:25 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.000606553769013
Encrypted:	false
SSDEEP:
MD5:	16587110B0EBE04CFFAAEEA5FE2F4190
SHA1:	75F3E9BAAF575805B25AEDBE8235FB415C92A829
SHA-256:	58B139749C9A10E896B1D99F6E45B14F06DDBBA9BD0B0CDDE79D389058B2F65E
SHA-512:	9119D1F5F5AFD83B1521359233993299CAF3BBE96316F6710E2785B2585215A7F516DC8B227BC14A4EFED1BE2F816018640414EBC290BB20AD5B0CA2498A6008
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......gk....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xc.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xl.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xl.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xl............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xm............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.009357442325717
Encrypted:	false
SSDEEP:
MD5:	526A103783A7FBEA00D148AEDB43069E
SHA1:	85501D9E0512F03157EC376D190A4363C6F33619
SHA-256:	0F203EA6EE76AE45A84A8DC3FBAD55DC5FBA3E9FFDB5DBA91943245FAA44442C
SHA-512:	6A76D758BA839D1025E2EAD5BFA5DA779E90FEAA699B87C049F15BF0C59DA8F65AA06E6C73E0320AAB2F8ACEED11168F1B2379EF39AC0DC209B4F0EAB2467D03
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xc.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xl.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xl.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xl............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 19:11:25 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.999178184088236
Encrypted:	false
SSDEEP:
MD5:	B8CBC9B18AFC28F1815FCCDF0617828A
SHA1:	22BB4A5136507F582C4F9C910B719CBC5BD6B3E0
SHA-256:	D0F37659AAEF57033AB09F4ABF9E805F796724FD8FC9C96A4D9FEBACF38F5E05
SHA-512:	1347F6B160596A98D16156749AA8F5528A916EA5C809855FF73E226D4DC5DC058262FCB9312A9B7FC518FBB679A770E9A5DD915A97DF36E70FAFA9EA0CFCE9B5
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,.....^ak....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xc.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xl.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xl.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xl............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xm............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 19:11:25 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9870062822205075
Encrypted:	false
SSDEEP:
MD5:	AAE61F49CF9F603DDDF262D179009E51
SHA1:	C37761BBAD5DD0D16A4317D3A12BA3F65150EBD1
SHA-256:	C19662F2FD234A147FAB00EA730A54B452B50A3599C3FC3D0CF919B89ED4DED4
SHA-512:	2DDF951CA7067A221A85C8678CC804652D375115E368558FC90CEF7727F491977270D0833FF018C86AF5177616F792F9CFEF0413E5E1D95F55C2EE96F16AEF28
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,....}.lk....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xc.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xl.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xl.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xl............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xm............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 19:11:25 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.997540398593479
Encrypted:	false
SSDEEP:
MD5:	FB4047847A4964F36013C216791BB34B
SHA1:	95847AE3454AA06E8E4C4B4089CFC7DF9B26E0A7
SHA-256:	C3AF2F2F240F7E6CE49DC65E7BEC2BE21E615C1D0B9EDF04EB814D286DB04DC0
SHA-512:	384573D1F966FBF74D93328D928087C66BD7F93EB15387630E55C7427912E73293E11D004BAB73B26D6E07E5395067FEBDEB58E572E5550D535570E4BEBFE357
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ...$+.,......Wk....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xc.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Xl.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.Xl.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.Xl............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.Xm............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............9......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 7603
Category:	downloaded
Size (bytes):	1998
Entropy (8bit):	7.900234309567391
Encrypted:	false
SSDEEP:
MD5:	529F0A009176DA818C8F75AD10393D6B
SHA1:	049FAD46BE3343F0CAFA1D89D32C5606A599CBE0
SHA-256:	B814A79D7959124A5D1C99A6D341BB939C402A1EB1239F9373B51AAE1044C855
SHA-512:	286771A9E13EF056CFB58037BA68F9867C7430910D09E83C33082B6970B59E825EE99249A963890C97A9DE585B4A34DFED8E43BB15954805C1EDD8776D5AC440
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20230907/6e5e88a8fb3e1fd1dfc17e7628292499.jpg
Preview:	...........Y[...~/...(0........xvP.q..q.@\.A...D....E.%...I..!(..W..C..q_..i.......=.HZ]H...C4....sx..9.......?:..<1.g?..4.&.o..tN.F..yD....c#..T.d..:.d.np.....+..xN...,&"..,.$.V...CV.......@=...e.(...#.c.,.M..G....}3..O....G.'......e..:.O>....pD.[..1.9kt..\|l.3>A....]-. .......C....A.M./..6F......e..t......-js.1W...MB.......S.....S.LP.2.b..)L.a....K..;...>....#.E.....w...$.~m{....O.......%....._%.i@L/.....2.5.....6i.s..gn...Gc...].u]-.)D..`sX.,".S..N..(..bK..H..7..-.U......C.#S.G.n....-lY..d.#.%.FXa.J.....2.+...2d...I~O... :I4.....Z...J...8..T.k.C.K7.."q......)g@.b.c..2...b{...{.J.R.r.J3u.k.y.(.@....O........Je......A5.r...I..(....iVrH.8..Q...._O.u.@.....}j....-...n..g.X.sJx..a8..Mv.r.hP..i.....x.bQ.X]0.9w.=...W41...i..u...`..W.F...e...........}..KW5....ROM..9q(F,..(.9!.*.b.7.40.............Uu.ht(..Ee.r.w..5...XI..:e..X.$L"..ee/.\|N..`....S.w.$..).y..dIV.m..3...}...d..^.7$....t.......~.J..jX...:.d..y..'/...._~..?..=.\..fN...<.OR@.OO..lR)?..A.U7.

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 37304
Category:	downloaded
Size (bytes):	7345
Entropy (8bit):	7.962709590065169
Encrypted:	false
SSDEEP:
MD5:	984F6B84537DBEEB7D9E0A9E454F5597
SHA1:	40DE969AB17293ADF200ABF54CAB4AAD9B31E7B2
SHA-256:	8A8A1BBE2AA38B4E72FA5DC5C6B484D93113C0C9E3BA95A22274D1BB6CE7E7B4
SHA-512:	A956FE41708A55C4FEE81A2926C1A2890A012A30F3C0A634B668E21E8AD2CB276340480666BB3203DCD5CBCAF254F7C7D5871796FF0BAF3DC8555B7034EA1766
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/css/font-awesome.css
Preview:	...........]]..}._a. ;=A..$....I.....@.6.>..%Q..$QMI.r/..d.G..U#..m$=m."....qH.9.u..U.W...ju.U...y.....uk+....n.....~,......_Lm..\....}L.}.j,.>...\|............g+....\|..>j..T..G]%:.t.....S......y...y.......D.L..`.]w.......z.~.T...w....s.8.. 0Gm.E.yU....r.J.....c..).L..$....:)m.v)v)0.O.m>~.V ..9..u..._..G.v...B}..R}g.u..7C.>.....~..U...l.U....7..S.6U.......J..v..zh.j...^.A.....^uv.oR[.R.F..n.....X..0..ND....].....8....n...]g.!kj....ZG.._.:..W..B.....M......7w77w.f~.n.M......n.m....p.[.....R./.r..2z..R..LE....+.#U6Tyy+.Y..^......WB....t..s/.rA..T.........?.....6~lf..>.......q\|a/..&......z....v...,.#..o2j.....A.....S..[."..h...^.8..U...{.p^..1\8Cn.9...e.1...'.\|.....n.NU...jW6_m...O.Yj.R.......T..1...h.U...P]n.-...tp..)....o.^...K..x........._....7}..H.a'.~7.'..s.n..@.`;..OO.>.O.Y......=}Cu..T!...7..g....w.O.(W.:7e.......}....G......=..I.mm.=..jM:..4.Cc....q.m..[.i.}.....o..x...,....nN......o..O......y..M...3_..Q.V.xzXU.9..Y...O..a.....

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 7603
Category:	downloaded
Size (bytes):	1998
Entropy (8bit):	7.905140867036679
Encrypted:	false
SSDEEP:
MD5:	5D8CD62AA618ED543CFC1643C255CF45
SHA1:	94D3C43AD0353066E30FF53F54CF92388421573F
SHA-256:	4753EBDA01F8FF16F6C6B5CB763DEB507E6ECF781C04114EBA8A21B53DA0E29E
SHA-512:	6D429213688B76ACE7F244C2F10FB96E12393A59D6897576A696D21F59B15A8C35DC23A075C4D6CFEF997F76D1A93DB3308D0D9D7DF20D93BACA7560F953271A
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20230907/bd1d68f5a243f1571cb8c705650aea46.jpg
Preview:	...........Y[...~/...(0.......................$j.F.(.-...I..!(..W..C..q_..i.......=.HZ]H...C4....sx..9.&.....?:..\|1..?..$.&.o..dF.F..yL....c#..T.d..:.d.np.....+..xF...l&b.9,.$.V!..KV..y,...@=...e.(...+.c.,.C..G.....3vp@...4..O~a..B....u..\|zo....z.c6s....o.8,`.B...._-.x .......!..!. .&..DP.......g..t......-.p.3O...MB.......S.....S.Z._.......&.^....*K......>.P.e..{......}..y...T..'.B{......S..3.W.....O...J.E..4.8......Am..^#....]....`S.8.q.f..X.,..z...Ql...m.k ...J..Tm...:W....>jv...Mla..U%.<.ZBnD........q,(.....\.L.B3.o......Dc..H~..e............^+..\.IF....N6v.N9.z...;.c.Y....gHH..T..2..W..#^...G..Ru...Bx..>v..+........jV.z....C.Qf_....b..@F.....`m..,...1....&[..[..G.."a.:.f.)..4..8...m.i.Au(..[.W..5..R..y.k.k\|.7......HCx.#...K.:6R../.. $0.5 ......=.......K}5.Og...0X...........,v....8.V?.-.....P....B.&..k.,X..r.u...rH.D.{...^&....M."....S.wg$..).y..dIV.m..3...}...d..^.7$....t.......A.J..jX...:.d..y..'/...._~..?..=.\..an...<.OR@p@O...R)?..A.S7.

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 20691
Category:	downloaded
Size (bytes):	2910
Entropy (8bit):	7.943591648429958
Encrypted:	false
SSDEEP:
MD5:	162B32DC3359282ABE43BCC220D41D97
SHA1:	CBDCF7958736595528A9BB4CD6608467BF6AFD50
SHA-256:	33C0616E751B7259DB8F6C6CDDA39092B79037C0B6F28BBAB77238BADEA5A113
SHA-512:	0E3759AF4F891104F805E8518164154D8E31B1790AED06966693706D4165D1062CF8846F84DBAA37C96D6EE4C44805AA442DCC00C88787C57C006CE21F616F50
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/yadotemp/yado/static/css/css.css
Preview:	...........\.....S0.....,...K."..-.2.$H.]c. .aN.)... A.]...Lz...L..)..N0.X.l..XU_..J3Y.,C..lQ...K........}.&.cR.r\.I.@....V.u.g.D...$..K.-.._$."/k..w...T}....M..g.J.Al....,7I6..b..3+..z.?;..$@..\|3...<....f..I.....$...g.U.W.F....0!;...~......b..F.._.Yc.#...,..`..ZN.ZW.......`..1.Z....mm.g5..P...#..O.;.&....U...ez9.\'..u....=V.......q...k...5.iL.N....&.W....4/..b.X...x..Y^.`..=53Y.[..o....^3...{..2&F.]........<.j]t..~a..7..M...L.g6.....Tc...(.KX'yF>..,...-...Np>..^.._.....O.5_....g.6.p....M.t.5~.oN%...y7.T..\|l.h........j....[.K:h..8...~-...S.a.1.>..U...l....Y..G.$./..a.U.G.[p.bv.........l...n#d_....pu8...R.Yn....J.d.../.<>.n..)5.p.dT?..5J.....W.R.d.......%\..\| .W...kL..2f,q#\....N3..b+.waE.fE.Q.YN.s2...].W.e...y.......D..XKI..C.....1.y...0..Bb.Z.....&o.)..Z...H..@.F...!....%.....vvT.7:.,..F.Oo2'..!.`s>...EEf.{.$(.`A..b...#.2}...s[l`...sx0\."...A..L..A.f.V..,.....4Ta..T...4.d<........O..uB3.d/....8..Q..F.E&......9......;..4..j.U..D$".

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1117 x 1028, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	141491
Entropy (8bit):	7.975307193270886
Encrypted:	false
SSDEEP:
MD5:	944F58ACD778B327B7554C9E1066C959
SHA1:	5CA08195EE15D612C18488922570FA247E937C40
SHA-256:	C33CA043E5C8B947BAED2A9C5242FBD2DB8B7BD9B0C2583D09E99ED331724F9C
SHA-512:	FD67606A4FB98D24A4F9E9EE1D71880A49729A8650D87A778C1145B34F1E96C39496567B73AC4F01B5704BBE749AC1AC94CABD28D3CC9C202676FFB1F40929CE
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20220324/5bfe625138e40887b465e7f08bac8c5b.png
Preview:	.PNG........IHDR...]..........fdm....pHYs.................gAMA....\|.Q.... cHRM..z%..............u0...`..:....o._.F...IDATx...w.\e.?..SN.z{*!.PBH.U. .(.............U.....vQ,..".T..IK ..BzOnn.;...8g.$..\|.W^7..3g.93.g...e.Z.B.!..B.!..W..]@.!..B.!......B.!..B.!d.P.B.!..B.!..2.(t!..B.!..B......B.!..B.!....].!..B.!..BF.....B.!..B.!..B.B.!..B.!..Q@..!..B.!..B.(...B.!..B.!d.P.B.!..B.!..2.(t!..B.!..B......B.!..B.!....].!..B.!..BF.....B.!..B.!..B.B.!..B.!..Q@..!..B.!..B.(...B.!..B.!d.P.B.!..B.!..2.(t!..B.!..B......B.!..B.!....].!..B.!..BF.....B.!..B.!..B.B.!..B.!..Q@..!..B.!..B.(...B.!..B.!d.P.B.!..B.!..2.(t!..B.!..B......B.!..B.!....].!..B.!..BF.....B.!..B.!..B.B.!..B.!..Q@..!..B.!..B.(...B.!..B.!d.P.B.!..B.!..2.(t!..B.!..B......B.!..B.!....].!..B.!..BF.....B.!..B.!..B.B.!..B.!..Q@..!..B.!..B.(...B.!..B.!d.P.B.!..B.!..2.(t!..B.!..B......B.!..B.!....].!..B.!..BF.....B.!..B.!..B.B.!..B.!..Q@..!..B.!..B.(...B.!..B.!d.P.B.!..B.!..2.(t!..B.!..B......B.!..B.!....].!..B.!..BF.....B.

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 566x236, components 3
Category:	dropped
Size (bytes):	15480
Entropy (8bit):	7.937067939609303
Encrypted:	false
SSDEEP:
MD5:	304336B7A473F74854FFF568F270F019
SHA1:	18FEE39351E1F621759E2734D73E9301E27F0229
SHA-256:	AC72803ABFB6E98DBD6F97497B08BD7E0EF542B7525569B1AD8C5046BD3FF62C
SHA-512:	358CEAA2B4D2CFD9951F90FAF3C1DD51451792581F2A9FFE85BF107D2B8D5C8EA3D72E44CCF912B9797B4B226FA9C43B0F3EFA5254E236BAB92B34D5587CEDC3
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.............C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((........6..".........................................N.........................!..1AQ."aq......#2BR..r...$3CSb....4d..cst..%&6D...................................1.........................!1"AQ..2...#aq.....B.R............?..(..""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ..I.[K..<:.x..JJ{9........W...U.=.5=6...w{Y>'O..v..&qs..x.&?t\|...m..XF...#]...-.YR. ?.u.v{.L;.....0.....^......46v._...4.....W.$""....*s....VF.......2`lv..9..jY.P.dV...g.%]<...R5.W(." ...""...1j.0.6....@.... (c....S:.....0/...#.q+H.my&'....nm......W..E}\|.{.#e.k....F...$.ySh.[4.).R7U..J.o>@..[z..H&d...H..5.6-=AS7a..\.x...J.#...i./......."....DD....i>'AO7eQ[K.....k].%pOh.....g,N`.0.e[.y...V...<y(.4..+..i$....q.'.Kd6~..Q...X.oV8;.U.....1...:.'........G.....s..,..cq. ...V..

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 1389
Category:	downloaded
Size (bytes):	775
Entropy (8bit):	7.684937752646308
Encrypted:	false
SSDEEP:
MD5:	3CC197DA8DA1138FDE43E81358F46C8C
SHA1:	6DEB0C9EA0727A011253104360B02B433BCBDF58
SHA-256:	8CC7C2E08D27B715D88D6032EECFC305C020CDEB263147EB882FC95925E1CA21
SHA-512:	86107CD8963CA8B374290AB684E8C8347D943AC790942218CBCA26A760F78C8FD32F75ECBFC24679EA9249C839690647AFA0F816490F5B9E133A8918ECC37259
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/js/swiperTab.js
Preview:	.............O.P....+n......h...\......r.:hY[`.bB.("...q..9..p.Q.0.....'....bi.^.>.....{..{[.....3P.va.n.Q..J#\...V$.q..7..D.\rl..t....p.u...%..[mO.{.[....._.D.G....j.(.X?.tR!./9)..G.m...$.W...WVH...OC_Y4..6..y..5.G..T...H@A....Zw./.p......,m.1..APM.q...Zw..e.:4....l..9.$Rr.<'Rb&..P..B..i.....Q.a.vAR.2s....Y..+.iV.Hf..$......4>.2.n.........G.W.......`.Y..t~0.B.x.(...x:5.a....F..ac.m...).\P".9..UO.g5y..+Im.hJ...`.h..}TC.:...@[.^.,-........4^.]=..}=....1.d.3S.......0..<.".x.=......r.><w.Q.84{..W0{...@.M..x.h.0..1.h.']...)..Y>......Ip.;.+.^..l.V.......}[.9Ok.y.N..v.WN.b...sP1..J..Hl"..o..N.W.i9...........4..\|s..!M..I.a.e..S.......H..0.gS.C..=....,N..Q..,_.....$...\..O....)....a.{Yf.6..%L..9.\|..}4.#....I..3&.(.e....G_..?i.1'm...

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 20x20, components 3
Category:	downloaded
Size (bytes):	1575
Entropy (8bit):	6.690761278181338
Encrypted:	false
SSDEEP:
MD5:	CC4F6AC34E820C1D596FC919646F0D6B
SHA1:	C2CFF981A293C5E280208D0D2BBDC162E8432E8D
SHA-256:	0392867D939A81042839F55A397A22EC4AD6C746CD3C389BC9590519F3F78AB2
SHA-512:	BE2E5363A23F81C2AD7E10FD21CA3390EA6893CF6881DF2884310D39C6B5860FF36E0057CE5A30193D9F1E7E0A49F948F7D7738C94DA53F977BEF6EE7D626821
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/img/icon_language.jpg
Preview:	......Exif..II*.................Ducky.......d.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c140 79.160451, 2017/05/06-01:08:21 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)" xmpMM:InstanceID="xmp.iid:4AC885ADC80B11E9A55CBB7EAAA1FBD3" xmpMM:DocumentID="xmp.did:4AC885AEC80B11E9A55CBB7EAAA1FBD3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:4AC885ABC80B11E9A55CBB7EAAA1FBD3" stRef:documentID="xmp.did:4AC885ACC80B11E9A55CBB7EAAA1FBD3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=2160, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3840], progressive, precision 8, 3840x2160, components 3
Category:	downloaded
Size (bytes):	654510
Entropy (8bit):	7.954543072047707
Encrypted:	false
SSDEEP:
MD5:	5680C939278A4BAA7B57E1B48D2F13CA
SHA1:	C85015CD52FACD5C6B4400B98EC3DE0FD2CF7EC0
SHA-256:	E26D704B3625595A8B6C32173C786B2E82B99E7A5ADE502006496A67651856B7
SHA-512:	4FC6B1725B23D7ACCFEB309EAAF8F47C35A1705BB4A92D876A174AD19BECC13F16234561019D95831BC308CC5816B6404B86E66EF9430868E1361BC9DFE7B7A0
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20230906/507adc233d2062684bec205a4f7d1675.jpg
Preview:	......Exif..MM.*...........................p...........................................................................(...........1...........2.....................i.....................-....'..-....'.Adobe Photoshop CS6 (Windows).2023:09:06 11:15:33.....................................................................0221...................................p...........................................&.(.................................}.......H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 475x361, components 3
Category:	dropped
Size (bytes):	16319
Entropy (8bit):	7.913347464412192
Encrypted:	false
SSDEEP:
MD5:	54069BA64BCF85DB6F91B0C6C667CB98
SHA1:	C087653C7533A2C7C433C38239D342A409BA5DB9
SHA-256:	89047BDB55B2A58A1D4CECF3B01EBF5F7FFED6CD1CDA1056CB6F0D0EBC04B93F
SHA-512:	C83B7C3FA3F8EDEE4306471C53615B35B1F0441232668F9A7E02860615B654A89EA51A75AE63A3CB49071C87C57F7880EAA91986EDF7568C0BFAF45C0EB75AA6
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.....H.H.....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......i...."........................................R..........................!1A.Qaq..."2.....#3BRr.Cb..$Dcs....S.....%4..5ETd....................................7........................!.1A."2QaqB...3......#R.$%Sb.............?...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...""...." ..."/..2P.QauL,...w......5P.....-q[J.V... Y...e....(.H..""...." ...""...." ...""...." ...""...." ...""...." ...""...." ...!.$..2....Q.;....K4.c..y...O..).N.Gn..9I6..4\|.s..x.=.Z..q.6k.< ..Drn..z.\.......v..a2;...+.W..72\|..G....7.7(..7.T.}.....:......q"...N.8F=.P5:..1;......?..Nr..*.........W...&~X..k.T......?E../...z............5Lw\|M...-kw......Z}.W._...........z?)...$.v..%...+%..2......c>..F

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 86927
Category:	downloaded
Size (bytes):	30307
Entropy (8bit):	7.990036758541308
Encrypted:	true
SSDEEP:
MD5:	FB0E6981C97FBA54D76F9B2BCA152299
SHA1:	7C26673F6D5DD46220CA13F2197A5F5E70D06335
SHA-256:	09B221854D59BD9FB7DCD7042F9FCEE8B6B8F958D932096A9CA307E2D63813D0
SHA-512:	BEAFA70F582E2E2D2A8DE30FA22AA2F9AB384FCEA0EC7F016B30392E3001ED98CA105874F64F62A5D065D90EBC0912CEF566CB37333C3903F6DCB1D3E1D4EB51
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/js/jquery.min.js
Preview:	............y{.F./....".G..-Jr2s..8..8...v(&.DB.b.`.PKD.g..W....A'3..73..4z........~..:...n>.}0:=......7....b.6yY....l...`^.M..........QY]./.yV......5.X.s\|.f....5=..y.........._e...u.X/...=/F....z..&.hQ...Y.L.jfp..m..C~..."QsU...Ev{.......u^e.Azp...s.7Wtg...q.5.8.V.m...f&..l..Lw......U^..L.MZ...t.g$O..I.]f.7U.....U&......h..i.j.\..+...j5.....a...r.o...R]..UZ.}[P...j...h./..h....4..+Tq....d!u^&!0..Ujh...yV.S..r........X/.T..I.....V.$..#......(.....Vu.)UE.y.i~.&i6...,m.W........WXE..r.dwM..w....A^..D.4....%.$.....K..t....\|...h.J+..+.......^....&I6.A...v....e6YN..Y4."....b..I.;5P...a.i......"o..V.M.....g._}......p..t\|9.g..he`/y....&.....s...Zf.es....\|^U.}..mgJ....u......r.........?#il...V...4...W%...1\g.e.U..N....-M..n.....Ve......#.......NW}.A.....B..0......L.....g";.....T.V..@jTp.Wu.......,...9:.2.o=...a6.y..vR.~......i3.....Y<...b.w.vU6......kU.A..b..U.x../....6.....i..a..E.........=.urJ..>6.^&..1.Hp^..,u6pJ.d..^e..l8

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (625)
Category:	downloaded
Size (bytes):	29785
Entropy (8bit):	5.430526915006745
Encrypted:	false
SSDEEP:
MD5:	9076D8AA16B9776A3C39E17501844D2C
SHA1:	369A2979ED775495AE9641CBC650EF2A413D344A
SHA-256:	960FEEF22CB759DB8E00A16692F7EBF255E89F432A9226702682E4576E732DED
SHA-512:	DAC42646BB3A43AE258E7A53ACE4384FE7797420B4FE6F6339D15A22A142152F81EB348FFBF6B520A1148AACE1B0ECC28725CF6D838A520494B61C76140CA0B1
Malicious:	false
Reputation:	unknown
URL:	https://hm.baidu.com/hm.js?78c5e7556f3d3e95005150f5a8bae6e5
Preview:	(function(){var h={},mt={},c={id:"78c5e7556f3d3e95005150f5a8bae6e5",dm:["finelandipr.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],cetrk:[],cptrk:[],icon:'',ctrk:[],vdur:1800000,age:31536000000,qiao:0,pt:0,spa:0,aet:'',hca:'4E8714337D80795F',ab:'0',v:1};var s=void 0,t=!0,u=null,x=!1;mt.cookie={};mt.cookie.set=function(e,a,b){var k;b.C&&(k=new Date,k.setTime(k.getTime()+b.C));document.cookie=e+"="+a+(b.domain?"; domain="+b.domain:"")+(b.path?"; path="+b.path:"")+(k?"; expires="+k.toGMTString():"")+(b.dc?"; secure":"")};mt.cookie.get=function(e){return(e=RegExp("(^\| )"+e+"=([^;]*)(;\|$)").exec(document.cookie))?e[2]:u};.mt.cookie.rb=function(e,a){try{var b="Hm_ck_"+ +new Date;mt.cookie.set(b,"42",{domain:e,path:a,C:s});var k="42"===mt.cookie.get(b)?"1":"0";mt.cookie.set(b,"",{domain:e,path:a,C:-1});return k}catch(d){return"0"}};mt.event={};mt.event.c=function(e,a,b,k){e.addEventListener?e.addEventListener(a,b,k\|\|x):e.attachEvent&&e.attachEvent("on"+a,function(d){b.call(e,d)})};.(function

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=460, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x460, components 3
Category:	downloaded
Size (bytes):	432849
Entropy (8bit):	7.957703016632203
Encrypted:	false
SSDEEP:
MD5:	956D351BF68800EE8AB22C0BF3A6DDDA
SHA1:	AC4FF5E4B7D48EFB6C11C835BA2B04D78300D3E3
SHA-256:	6144E9DE8096C0640DFB3CAC245430E831DB9022DB9943FA572F0006A09AF689
SHA-512:	1E2236BE3DCA8067673630DC529A7585FA1C79910997B1E5A3B4A829C341369CCCECE72759E2E021FA47EFC4058E4D665A64F110E66590448866F355D2257319
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20230525/d71031f83676d089056d16aeb903ecca.jpg
Preview:	......Exif..II*.......................................................................................................(...........1...........2...........i........... ..............'.......'..Adobe Photoshop CS6 (Windows).2023:05:25 16:08:31.............0221................................................................n...........v...(...................~...................H.......H............XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=2160, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3840], progressive, precision 8, 3840x2160, components 3
Category:	dropped
Size (bytes):	1555103
Entropy (8bit):	7.976550203355021
Encrypted:	false
SSDEEP:
MD5:	5A233A3DEE518151CCA91B962BE2359C
SHA1:	332A1D2BD3BE4166D907E880654EC4E629BBE21F
SHA-256:	9F374E5158FA49600A2C99F0BB736F7F1FBFDD5FFD95A7AC35604E1DB1F53C2B
SHA-512:	7415A211C2274CF98BEE9D24DF871C262454F316ECB7815B574377228F96315C8257AF9B099028F7B60A651A536395139F6251C70A4D2A4C311BDC9B90C41904
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*...........................p...........................................................................(...........1...........2.....................i.....................-....'..-....'.Adobe Photoshop CS6 (Windows).2023:09:06 11:15:33.....................................................................0221...................................p...........................................&.(.................................}.......H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 96419
Category:	downloaded
Size (bytes):	23609
Entropy (8bit):	7.988806671440694
Encrypted:	false
SSDEEP:
MD5:	1EB4F36723DB1F2AEA35DF6278D939B4
SHA1:	5902B1D30ED2DEBB90D59D4780541A0565DE65D9
SHA-256:	168193E3F7B01470EBF9E4CA8DECE5812EEE208846B7B18A63D0C92081ED9BA1
SHA-512:	D178BD6D97AE715A7AB99534D8CBEA3F63A5CB0889C8CB15309E3931092558253823EB31434D82C6EE7F9FFBC9EA0CE9D19D905A75BA52F78C46F4D5EAA5BEE3
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/yadotemp/yado/static/js/swiper.min.js
Preview:	...........k{..(.=.B...&H..d.....6.?.c..6.V....!...`.P.F...oU....(.Lv.=....{WWWWW.e....<.9..Y..b...9~.(.fgQ...?..<.i....N=.!q'-f;.U..n......N..mZe;..E6...f;M..u..eQc...u.,.......\|..WYU.V.~M#.W.^....nv..G..w.2Og.".v......2..X..:....f6t.Z~._dE.c[.8...U..0..s.b..!.`..aL......^....K....:...h..MZ.dq...:.{..S.Yt_e....!m........MR+..`..`.A.j..<..v....z..#<..P.&{....M.A.4U...&....U. ....ds...V.Q\|....\5.fI.5.#dp.aJ.)..2...~.......}i.3[.M...K.y\|.E..A^.-f.\.y..>.......CU..q.Z=..aw..v..c..e..X.:..t..U.D..2.a.a.E.;.u/..$i.Yy..DuR# ...B.l...%.A.{..J.f.D.S:.d...).Qt.&.6,^.4.:..i3.)...p...w..m..W.u..;.....U+......In.bV..>....}<...&...d._........nw..T..eY.....P.?du.S..ZK....%.`..G...&...Y0.{D..\|.d..+.@..H}x._..u>.....XX.@Y..&.......Q.%.q.r......k./K....T^..7.....V ....................["..%..4...{h.h.y.{...p.....oi^.D..Qw......:[..{O.a6.....O...+.._.M5.?.Y...Yy.Z.H$.{;...4.:.?.)....b.j`.%...4...6.^.).......6[.....0C...v......{...4.......*..A..K@D..<..H

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1028, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1117], progressive, precision 8, 1028x1028, components 3
Category:	downloaded
Size (bytes):	133756
Entropy (8bit):	7.843005500548598
Encrypted:	false
SSDEEP:
MD5:	99674903584D2BBF64A254DBD33C271B
SHA1:	3618081F462930FD2EA0D633BF3E17F8FC3787F0
SHA-256:	D37DB174C312C1934C1804A298B731454B3C2C33A177DCF498AA6E9435A9CCE4
SHA-512:	EB3B6BF612BE68A46B9C57EC99510CE10E833CCCF285FD5D361730AB236F342CED2154ADA33CEF799CF5C81AFB57B974CEB9AC6EC8A50394323F71DAAF74C4FD
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20231109/9a969ac668dd6fc5fdad18f603bbd1f6.jpg
Preview:	....1.Exif..MM.*...............].......................................................................................(...........1...........2..........i............. ............'.......'.Adobe Photoshop CS6 (Windows).2023:09:09 10:41:40.............0221...................................................................n...........v.(.....................~..........0(.......H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 23316
Category:	downloaded
Size (bytes):	3673
Entropy (8bit):	7.941019414728908
Encrypted:	false
SSDEEP:
MD5:	661C23889210EE820678555527F6727A
SHA1:	E7628713AD30439546B7BBEDDFD15CD3DDECC256
SHA-256:	6220B75AF86C7FAF529B30D90FBC72963218663EC0B0708E878166731ACB9201
SHA-512:	2ACFE9F55F5F131E159A935238C6FA155B377CF5D62B707E5F07742BC461DA2F6077C53E08E92AF22AB13A53CE604F79AFB60E01B3975062EEC45570627A579A
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/index.php
Preview:	...........\Ko...>..C/.....yq..)..l...e.R.l.F.L.....lw.(.{.[~@...,....dsJ.\r.... H.C.....%Q"eq.2ls..............O_>F...{.....8..V.F.....{..t#..=.......0.D.Vr......ty..d.rF. K.. ?M.I...".....IM}.".PAq\.>..UE}\|N.y.R.s..7.A.Y1f:zC.......,/..>...irA-F..0........SR..~&?..I.Z.*b....h?.b.c.C..0..>fo.+.\......1.E.c....ab..{$...........t...Y.k.V..2..r.QLz./HS.......V..xF\|..}K....-1....Q....s^E....(.&.......HD.y.S..PP..L....H<U.<.2..4..0...`.PJ{.B}V]..>..q1..Q.....P2.). `...st0bf...c..A.....1..!..p.b.......3.`.>....s. ....Qc...8.....T....>..9>...z..F.1..0...r..S\|.ui.q._@........S.}..-7@...e..Y..H..._p..}.....4......`(?.z...s.[.?..)j.~......YH.+%.\.........%.B.CV..f....].H-!.SA.\..UU.x.@..t..E.]\.......:!F!....Q...oP...)/.....H.l.0..A=,. ..`....~^.....?........./.%...@b]. .R...^Lyt#..S..........o...W..........~.......o..._..k,..\..z.B'.?..&UKx.i.....5....M......W`.q>d8.I/.C. .X...j{S...f.&.Be.^.}.`f.[.......Q.aM.U.^d$A..k.9{..r.}b.......By.S..x

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 24x24, components 3
Category:	downloaded
Size (bytes):	2325
Entropy (8bit):	7.327523215178205
Encrypted:	false
SSDEEP:
MD5:	1A15F376F3FB5203F197C9A6408A684D
SHA1:	1D3D96A7137BF4C419471A68FA2B14F5073F6AFD
SHA-256:	24B9D2D55103CE02865AB86602133E6A6E43140B69E14158F4A5967B4A51F4CC
SHA-512:	F811CFE69AB0B687693118B72DA04FAD38606D68AB00AC8D1E8D174828AEA1CA93504993CD98BDB5988ED40AA7BE84F6933A4E246ECDD17B9FF0B65419F4C666
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/yadotemp/yado/static/img/icon_news.jpg
Preview:	......Exif..II*.................Ducky.......d.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c140 79.160451, 2017/05/06-01:08:21 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)" xmpMM:InstanceID="xmp.iid:B96D9B2EC80B11E9A55CBB7EAAA1FBD3" xmpMM:DocumentID="xmp.did:B96D9B2FC80B11E9A55CBB7EAAA1FBD3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:ADACBB9DC80B11E9A55CBB7EAAA1FBD3" stRef:documentID="xmp.did:ADACBB9EC80B11E9A55CBB7EAAA1FBD3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 7603
Category:	downloaded
Size (bytes):	1998
Entropy (8bit):	7.895512148797785
Encrypted:	false
SSDEEP:
MD5:	8B87626EF37B50E41D3C8A64AFC3F85B
SHA1:	1BD98D5118024B97CE1337C77114E17DB3D0B1D6
SHA-256:	83067A3BA763E7B8CD8EECA927B521FE4EC085E7A7150BCE198D7BE042662AE8
SHA-512:	351EA09AD2744F079A356BACFFA07A5D7080F43E20C51D3242518EA1EFD15217ADC49AF02A634386F1C7D97E43D66448FD8CF57D8B3FEB05D25EEE245D44D0C0
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20230907/dbe044291520b2bb7ede3d9739395585.jpg
Preview:	...........Y[....~/..0e`$.D]WZI..u]'.....5..-0$G...b8..0."i.>.._Z...}....KQ8m._c....3...e...y(..V3s..w..g....o.....r.....Y.M......O.F..yD...c#..Txd..6..G.8g\|.......3...@6....U.h..M+`..ylm...lE.:d\......CV.&f...h@.....#'..ZF.......d..6.O>.w..qD...1.9[t..\|l.1>Eo.......6E..p........q.x+"...GdI..r....A..z...9..B.O.mB.n.......Ei...3.LQ.4.b...L.~....JK.;...>....#.E...u{....$.ne{....O.......5.g..g.-.{4 ..L....L}.'...M..<...k$...ytH.^UW.l...1...+.E.<..!....hi.\..t.T...j..v...vd.......4..-...\.Hj.........Cl....Z.Xp.2...8....G..$.[.G.s]-c.p%..p..lE..5.!..g..8Z.da...3..1.c.."...b....{..R.r.Z=u.+.Y.(.@....."..L.;...d..z.a9.2...I.c.Qf_.....b..@F....So;E7Y.9.#....E.^Cw.T...C...`.S.[..(.69l.y.Au(..[.W..-[.B.j.yL.1......41..N4..:...`..'F...I......zd!t{{....T.O.O.K]5..\|.P.X.mQdsB.....A..40.........w+..p4:...P..[...sV,.\I..woml...A.`E/.lN..`...<P.}.E..h.Z..$..6.q.......X...Y...b.P.M..hj...r..n%.{.,U.@....O.<c..../.....x..G.....n3.lsu..'. .g..6)...d..P7.{

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x155, components 3
Category:	downloaded
Size (bytes):	38188
Entropy (8bit):	7.871204738961364
Encrypted:	false
SSDEEP:
MD5:	B37E840EC87DC7A76A8127AD48EEC820
SHA1:	BA980D6A7BD2BF22A59D2D2414820C9FDA120E69
SHA-256:	F13D6FA7479969E8AB7B8C761C8B0AFB11F1A1A29CA22FE46314032C2E587E5C
SHA-512:	2720594216763D45F11275102D2BEBC92D4ACFDD80E32461C27DB69985ACCB92BC9BE711DB92E121319A829005F47395E3BF93B275B904D21D24B41047286A59
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/yadotemp/yado/static/img/logo.jpg
Preview:	......JFIF.....`.`.....C....................................................................C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....(....T.-.M6.....K;H.i.A.p...3....$.(.M."z.>3.~.W...G..q.}...b.l....LG;cO.#....j........._.j.....g.......9.3Z....i.Y.'..l..d..._...H.........i?...'C...s>.p%.\|......#..+...x...n..>.Kw.W...O.2..=.....R...^......7.6=.......\|..).,~.xGS.}....j.t."{2.....xd_.7...j.3....t=...\....V.v......E}.............v......+.......I....Z7x....U_...p.....y...-V.Z..>?.f..6......[..{

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 20562
Category:	downloaded
Size (bytes):	2877
Entropy (8bit):	7.931462401996485
Encrypted:	false
SSDEEP:
MD5:	F2A9F880A0670F4C292E93267852285D
SHA1:	30F8294ECBDCDA7E9A18C825BFF3282F73C26ECE
SHA-256:	FDCE7F1610F6B81FE42E77F212C244DDC2DCA6D26C8F4BBB6B03396A338B2EC4
SHA-512:	6CE6716F3780B9FE9132AB46D19D3697F281903051D5C438D21AA8C78F609D112C53EFF07B4C2A0D7D9C44E740BCB30F244CA51B397DFEEEF3B650CEF9EF5110
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/css/css.css
Preview:	...........\.....S0......-Yv..<D..Z.medI..?..>@...Sr.. A.]...Lz...L..)..3...1.nY,..U_...3^.<G..lQ..6K..'..-...}...CZ.jTgi.@.E...]........!M.........,....mKb:Q..`.~S.wy2..o.......&.GMQ..hje"G..gg.J.dh.'s...._..7..L.=(a.....H.k...<z.wD.....d.=.....6..]../..1....\|x4.y......{T...K.M......6.....B.Q.....U.%. Ks4.7S..%.......m..........\...U.D..l...V.....I.3M..x.."+.%8[,.....}.yQ.`.J.J.L...a.......5..B<...d......AP..A@.R...2./-...b.....N.C..`..%(..EN..Y.d..h.a&8....../.jpU.5..P...'.6.p.....tu..:..`.J%..j...LG...Z.'..>..Rm.\|2yk6I........9...&k..i/.+1..U.......W...wq...}..e..^...2l.\|;g.#.....b$.X..L.-.iN..3.z.....S.1..0.......,.z.....p{.`"\|.Q8a.FUs.......&("....B.BM...8.H.s2.1.].@.e..f.o.,.+i%...g..,.?..F..P.....Y.b..E....3......L.2p!..8.#.R.3.[<...P....b;....(.l4.#Y.Q:..TF..\|..]T.l7....8)."B.....#.w..V8...6..1...%&L.%(s.q.7....jw.%.........*5........aW2.q....S.N.....z.Vt"....\+fq-t.&......9..........4.ou.j..D.'...g.0t....2L!.....\...#.[#

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 21404
Category:	downloaded
Size (bytes):	3480
Entropy (8bit):	7.93107076806683
Encrypted:	false
SSDEEP:
MD5:	9A1E7A8C6DD60E49ACF15C5504F14BAF
SHA1:	6CA6C4D0C05E4D1C91B31EC6779A921E1CA8D730
SHA-256:	CC8DF8F2CDE4E5A12632013BD518C9B31763A78A1AC1C1CC71591579B43E3F16
SHA-512:	51D656E6D8CE68BB27AFA5FD15B5D20BFF7229F95949263C1BE933603DA00EFE9CCBDAD79490BAC72D05650D9D70B8BB7A4080C070A3D73CE6382385A0758FC1
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/css/common.css
Preview:	...........\........s..1..\|h.n....8H.C^l.0=....4. i....H.....$y..$.v.....?.=..E....R.iv.[.]......U].R.Q...&...........i..MH.(.#.p...y.9.8..].g[J..,.a.S./4M....D>IhS..]....l.e......e....Y.]........._....?.._....$.$Y....\...o.C.@..K..8...G..B..E.D..`...h<.X.....W>........b..q2.c2..H...._\|..~.........d...N.....3...2H.Q.m..$Z.A....\|........2.e...,....t^..u..J<._..n>...xC..?....CM...,* .\..Y..8Gl.>Y...8`.M.m.. !8P....`...2N..1.r8......eq4.bpBp^....Aw..J(r1N..........n....v2.N...p.........s.......U.nEP~.._..h.!.dq:X..4Y....t0..S..`t......';.....!.S..8..Y....n.D.C..CvK.h.x..12....3.Z.V.L.....P..~......m..s$... n..)...oFAXD#'..@..y.........4..M..........j.".D.....\..$G.....p.@..^.o....4..OH.npI....]</....MF.L..E!x..7.P...T..-...&.........]#pd......t..0..m[.8.. F..!N.D.......2@......*.4G..D._..a&..Y....U.\.."..Y...a0Z..X!2gG...dd.c.M....y..y..y..u.....qRK2.x.Fy.7.p'.X.;.K.9.B.n+ey..Z.1.4......\|...'...z..>}.0...t....,..f.)?J6K\|....h\|.F.+.........#m.....

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 7578
Category:	downloaded
Size (bytes):	1975
Entropy (8bit):	7.909699827464867
Encrypted:	false
SSDEEP:
MD5:	EE05BEAA96DED1EB015DBFC87BCB9850
SHA1:	00D3BE6B8EC466B524D6D14E3F77C8A60F8AA58A
SHA-256:	49BE22B88E937B9EBBF9EC06BC3CCD2CD510A9DECF1B802706E9BFE5EB82E733
SHA-512:	765D764F03872C4878DE2EA483C32CD3EAFA8E66C0592FC2AA4D242CF519A56F90C85E8357E8DED86E5C7779963FA407B88DBF1F60686D4DE929FE6147DEDC6D
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/favicon.ico
Preview:	...........Y[...~/...0.....e<+...n. N..k (Z..8+b%Q....0.I.>.._....F.j ..R.N[..x....F..Bj.E...vvH..s..!5..O.~..G'7.'.......7..\|#x....9..1.../........'... ...9...v.L......L..rX(H..BFC..z!.3.gK...d.J...D.....]...1..=DC(....>9..P.....6....9..B>...F.......c6s....o.8.g.Bo..._...A0......K..C.C.-./...F....=...=t...=..m.p...@..[...C1.c.$......4..6.a..)L..!. ..,.wM..\|f...#.E./..F....$.ac{.......&....%.....pX'.iHL/.....e..x.`o2qH...=.{..>.#.w.:j.j.M!. ...`....O].&!D..~?Nl.k ...Jv.Tm...:W....>nw..\|Mla..u%..K-!7..SAV.t..8...X....!..L..B.8..$..z2..kj.#.+A........I...~..D.h.....S...O...,JL..1$$..c.J...+...o...........B8.L.;..+...........6s'..2...e%..Kb..u..q@...n..r.....S.l..n3..=t..>....S.{(..8...m.Y.Au(..[.W..5KD.b..<f.......^..\Fx.!..#......}ld.._.9@H`p.O.B..O0..U....X......b.B..b....R....Q@C..! p...h...B../.....PU...=.x.%+.R..N.7W....{/....I1..oS..........1>%.4oV.<.J..u]u..up.B..j.k...2.`.m...2...>h[..^-K.0.D.<..>..\|.........~h.....s.6W.\|...}z.p..Z..O..su.

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 17218
Category:	downloaded
Size (bytes):	2759
Entropy (8bit):	7.922619787687397
Encrypted:	false
SSDEEP:
MD5:	1E6C5A22EB4D575A20C266E452A6E223
SHA1:	258A256FA1FFC16B93FD2AA68809B8FF0224E9BF
SHA-256:	FF57723688FA9A81CA47E9C89908D39ED21BFC6226A54E457BE5224564F9FCB0
SHA-512:	B886C26F36C25FC6EB37B400F7ABC0EC1B5F27376FD3E06B5140070C3AA990959E97B82430D46A3E94789B83018ABFD503235B7646581694F6391E647D8BF3AA
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/css/swiper.min.css
Preview:	............ko.8.......q.rd9.C.-....k..-.;-Q6.Y.H:Nb...[.,;...m"yf8...g..........w$..Mf.....r.lh.Y..%I.#.6\;<!.tP.91C........v.E;....'.!.#G0.r".M.d+..Bd...n.....+..d./....D.GFVk....j../A.......I.&#..t...C~/..tPp.BB.r.m..\|........I.M..3^.-b...X....?M..nHS.H..~............'H.{........k.E8]<...}....^nJ.8..K...H..=0@"Hp,....AB..Z.v.e..;..#..~.e.."(h..>Y.\..F..P.%..v...vf...........:.z..b....{..EDx...6.........;.%......rR7c...U+..).h..IK...f...-.x..DQ.Q3/'O$]..)..J%...83..[0..%Q...6G+e.R...,:...w.hj.HAM..5.o.4.l.M.at.;i. ."..\i......._.R....b..cW.].\5......oS=.d.r.Vt<.........4..s3.5....w.W....Q...D.N.1.7p.m.}.V4.{i.....PBVi..b.r..0'V0......B[.G.....[.l.X]..M. 1.+..)h.!.......C..~g.@.c...0.....3....+..>.U..q...d..^.....io.P.>....."...?t.W.x...T...1sX..a.r.s.z=........g.+.\..@._.E.e.. .S..Px.b.*$.'.b.(N..[).a..@-&{....0T;P..7.VZ ..h...,.....l^. /.:..@.5..&.. .66.A+.lYr..B......_..I.!.....lE...f..q.{.J.......=.}<.?.?Y..f................>.&....._

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 24x24, components 3
Category:	dropped
Size (bytes):	2370
Entropy (8bit):	7.349993098197959
Encrypted:	false
SSDEEP:
MD5:	F00A52378CB1E8A250392FA4242EBBEB
SHA1:	2EE1D2F8281A557FB92D0BDC343D6F759C60F6BF
SHA-256:	133E3D202382C004D352C12136912AA01E4F8263115B739F6B5D962CA8943458
SHA-512:	9AA72BAD9DD30AAC6C2779404B0E5B4FFB5926839D9EA4DEB302C9865FBCC4012037410270EC16DBCC225A64E6C4BA4FC6C077A9078AFCD29F7E238B24C3EA66
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II*.................Ducky.......d.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c140 79.160451, 2017/05/06-01:08:21 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)" xmpMM:InstanceID="xmp.iid:ADACBB97C80B11E9A55CBB7EAAA1FBD3" xmpMM:DocumentID="xmp.did:ADACBB98C80B11E9A55CBB7EAAA1FBD3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:ADACBB95C80B11E9A55CBB7EAAA1FBD3" stRef:documentID="xmp.did:ADACBB96C80B11E9A55CBB7EAAA1FBD3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 7603
Category:	downloaded
Size (bytes):	1997
Entropy (8bit):	7.910188886560994
Encrypted:	false
SSDEEP:
MD5:	C3E8BE2FF1EABE3693AD1AD12E47D121
SHA1:	07DBF91F12425DADE90C4258C39199B544E7A405
SHA-256:	BF70546E6CFA48E64BAE23A1A9FF87FF22A84C40CCEE6FAFD64556D799018370
SHA-512:	32D90E3F2D2A2BD51D8ACA9BC10BC490B5EC76220CC56CC82A34B3329C2B578F31A7911CD0F2079A82DD413833EB94F9D407C544F038FD46949D24CF4D5344B0
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20220715/0615753db414cf8aa4e3cfb2bc076e9e.png
Preview:	...........Y[....~..?..._......lkv..(..r...Lp...f......f!P...`.^..v."...+/!.I._.YI.".z.{.R..k......s.\.s.z...~q...'7.T...k?.e..{......L...<.~y....J.$.>....$...Bp1.l......cKp...B......,......}..PGC.`t.r!s.K...G..P;..B,`.a....q....../..@.3.#...SO.....(z.s1.ro..^.V..>..z..._-.L@0......C....B.M./.d....Z-4M.Z..Q[..[....D....B..".$g...3,NY.ni<..S.@{].@.)-Yr.....A.Fr..].;.....S....v.>....Vv.g...N.>..2...jO...^.</....{.!.u{.W...5P...<.k....6.....\|.+.E.}.7(.....h.\..L.U...z..v7.zO..D.A..]..b...(+9....r#,1.t%m....d...X..2...8...#.I.........1...T.8:S..e.....3..-qr19;...A....-..1.d.T.W...+U.w..S..B.%.&....@p.......\)M. ...?(gU...:ir.>...c...Rl....cw.g._;.:. gq....s..k.....B.h......FE..`8.1..M9.5....y......sY.Xm0.=....{.W.1......M.."`....V......B..[}:...}...*.......3.1.x.QD.....b.f,...........+..p08T..P..[...sV,.\I..wo.....{?..i6..o[..)........"\|J.i^..i..j..y..K.`......7..1dh.&..4.Ude.._.R..j..a...i..}......g.\|..._...eF.....m.............R.QO...}.

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 6079
Category:	downloaded
Size (bytes):	1767
Entropy (8bit):	7.877325082790684
Encrypted:	false
SSDEEP:
MD5:	9FAEF513BC2C092514F978B03EB931C0
SHA1:	CF6F7A5B0D1A9C65975A88BA2207485D02AE8FD2
SHA-256:	8F0D176942E1DBADBE5A840C5354AF4BACE838D709DAA87307E3026545B3BE77
SHA-512:	C24D898F8D0AF262D914321869D7E567E01F1AE2A5C0B8BFC155F9FB83C6FCB53B1E456230779346A5C0E9AFCFE598C4FCAA29519901D9EDB2C6B7D4EE61C3A7
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/yadotemp/yado/static/js/jquery.dlmenu.js
Preview:	...........X.o.6..l..\`@r.(..-F..]..h.@..CQ..D.ldR...i..}w\|.z.M;4@...;...).={6%....V?fE.e..>(.p..g...<;..vY..ZV..[....<gB..4.`5..Fn~.KJ....e....s..z}....S.Rm.....z..z......,....T...2%.F.K....(.na4\q......t.4...k..d..ggd].;ZN'..&7....SM...,,-..N...3KI..&d.2f.o.o.A.iu..>......?...W..VJ.[..[....fc..D..z{f.......\|..K.._...5T.-E6.V+.k........\|&\.#).S..N.8.H.D6...+.C.N..LUK-.c.6......a..69.<. ....."%.n.\|..../:`Y.h.v+.e.a.(......&x....g..R..:.......~)... ...e.l.I.aw.\_{<.Dj.]..d....R.Q...R..%......%.bo.uM.:..[$.=........G..+...Q.qq[..y3N...j........l"....?.........j.G.q.c>'..s.....[...?p..?t...b.z.,....YkS.r.Z<l..R+..}.v.R_E*.W+g.gj}6...ZN.D.\4...Q.....a./.L`...b.:.r.^3...f...E..V.Fk.V...z..)..S..k.U..tMh.._..Sd......K..<.c.(.....%I.r.$F.z$2,.I...>...QS.&\|..a.[.51K.y)..j...dO...]J..m#..X.b....10n.=. lM.....d.l&W+.=..4[F4&N.=.:Y.....>...l....w...,eJ../.Q.ZM.t..J6#..6w5n..;...`... ...y..db.7.Wr..;nU>rL.@.0...3.....J...M.yF....!:L.g...$...D..O..

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 16, baseline, precision 8, 1908x198, components 3
Category:	dropped
Size (bytes):	62187
Entropy (8bit):	7.860445634027857
Encrypted:	false
SSDEEP:
MD5:	F0EA0A5F66EA5A562622122C1057CC16
SHA1:	D9E2598FEE9A3FE16C02BB4EE03C202D68AA4B32
SHA-256:	41FC98B3EA34E9CDA5CBE59B85565634388151DE87853D030FC6590F9FB30C02
SHA-512:	F8F65589429A6016BC684649DF8C6B7E4E74916DEC59380DA01DCD455FA97EF9C7B85FFFE5542A2B7111C4F158F0D96DC7F1918C9D86A47ECB58BC6EF0E82CD7
Malicious:	false
Reputation:	unknown
Preview:	......JFIF.............C....................................................................C.........................................................................t.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..S..(...(.......N....x.m.R.M3.DQ.$.....+....k..Kuys...Ct.N....'.+._....P...O.x..?.j..mNrV.6..d.4.PTz._,.\|g........_.....k..S....z.kf4..JK.^G.`xW.Z..1.Ti....v...}......_.&...Q..7....x.......[._<x...W.}C\|^...Fx._..R}@....5...'f........2.....h4.XbA......>.......t/.........J...t.. .torB....R9.....].%....=;..\..r..zF........7..R4Z~......E..H..8.~...o.[..\|.\|A.?8...A.

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 24x24, components 3
Category:	downloaded
Size (bytes):	2259
Entropy (8bit):	7.308114493647776
Encrypted:	false
SSDEEP:
MD5:	B9A244CB74C5C95228DB448491E05334
SHA1:	3CE6172B2EBF9072D24F06482D6231AB082A1485
SHA-256:	89D918DF6B70B606DAB0422857FCA5A24FAA8D07911F4E749E9E3F1B953F503F
SHA-512:	32FB844AD98B67B8CF70A8CA343095709B511412867B498DBCDCDDF9716FA77B4BFEC78A99C56D26EED0FB16588D4EC205FDBC1681DBFDC89DE4C4D1D3D45604
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/img/icon_about.jpg
Preview:	......Exif..II*.................Ducky.......d.....,http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c140 79.160451, 2017/05/06-01:08:21 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)" xmpMM:InstanceID="xmp.iid:ADACBB9BC80B11E9A55CBB7EAAA1FBD3" xmpMM:DocumentID="xmp.did:ADACBB9CC80B11E9A55CBB7EAAA1FBD3"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:ADACBB99C80B11E9A55CBB7EAAA1FBD3" stRef:documentID="xmp.did:ADACBB9AC80B11E9A55CBB7EAAA1FBD3"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d................................................................................................................................

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 21556
Category:	downloaded
Size (bytes):	3498
Entropy (8bit):	7.946076196823668
Encrypted:	false
SSDEEP:
MD5:	3ABAF88D85C759E86F5D0EE84D069921
SHA1:	A77DBD4D57398D01C96D0308ADEE4B26A73B95AD
SHA-256:	DD3A26E85589578732E28EFBCD7881319E534420B2167142D83B728EBD55F36E
SHA-512:	054B73CB4B04A29EA4612E4560840F1F12410B3D1F420C7647EC2FEE9E0A60B3D848C7665F608C4FDEAD94DEA80E49895F590BF0729B561528CA3B4482E5DDE5
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/yadotemp/yado/static/css/common.css
Preview:	...........\........s..1../...._...y.m..g.3#.F.$.~..G..<8!$/I..1...B.vp..x.....n}.._..;..r.J]U]]...Z....7~8.-..{..n...N...d..($..,.....Bh.EQ...8L}..8!.B....I.6E........._....,^.,#..eL.....f...'....o.....uo.%.%I.......~......\...!.$8L...X/.?$...m:G...b...x4z......\|\|..^.. ..oL&....#........^..._\|.....W......uJb.].I.j..=....O..../.h..&......z.&g.....pG.c).e.h7..{{.!W..n3.~..&.G.,.!.F....hq..=..b..Q.......&@Bp....T.n..e..9cD.p.....!M.p@....!...8\.P.b..{.!.%..!..*m..d........l....._f"((.^....nEPv.._....!..Q.[..$^.......(.YA0....I.....N...z...,..=C.....@.=..(.....<'..b..........rS..=.5.....qr.{.MwA...@..-..EP...(..h...h/...).8.[J@. .D.:.0H..:].f+bH.{.....p@2...)...5.....9.>J\|.........M....kQ.Wg..$..)Y.'Lp.......8....m...n...<..5.G...1.N...#h.E....bD....L.\(k....z......T20R...(..h.+t#.$.#........b].?[.;...C.+D..Hxp...`,...b.0OR!oR1o...!... NjI....(+....h...%.N.....<.S-..Z...z}.a>....Zq=GO.<..G.N..^t..._.....%...g8>m"q$......s..#m....

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1162, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 139x81, components 3
Category:	dropped
Size (bytes):	226331
Entropy (8bit):	5.963839537247212
Encrypted:	false
SSDEEP:
MD5:	FC87A4AB5B8EF9F6A7068DA68EF240F8
SHA1:	329646560FE6E5F8E667F0BF5E405EF591009138
SHA-256:	6249DD2F36EFBD5E505B6CADCDF504E5E56D9590065490F74B8F370D7964E813
SHA-512:	201F024A785CE0A884EA7C5FD6AF61FF04429201D0310DEBC09EE673EE9164042B990CA350405ECEAB8616B6DC5EFE7E541BDA5E328392F71AA19B7DD4362AB4
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*.......................................................................................................(...........1.....".....2..........i.............$............'.......'.Adobe Photoshop CC 2014 (Windows).2019:09:19 12:35:05.............0221...................................Q...............................r...........z.(.................................I.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................Q...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?../....eY.y.......q.k.\..1....q..S..j.>..s..>.2.c..R...w....k....G..c..g.

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=460, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x460, components 3
Category:	dropped
Size (bytes):	239035
Entropy (8bit):	7.942726521977068
Encrypted:	false
SSDEEP:
MD5:	2E7A57913A54E1F41723F8D9BB867DA1
SHA1:	44E029B1CED7EE2F633A2B22C3CA253AFEA8AE49
SHA-256:	35D0D92004915C383965F5C64F845BE3599FB1324450BE465D8C5DBC978B3502
SHA-512:	385C09560E2DACEC0FF01C0B871AF66DFFFE03C9BFA532614D3DB18EEFAE0661E0451599D3BE5B5458EBA43A21FBF0EA53057BD7E67A6F8D02C8EDB70BD51515
Malicious:	false
Reputation:	unknown
Preview:	......Exif..II*.......................................................................................................(...........1...........2...........i........... ..............'.......'..Adobe Photoshop CS6 (Windows).2019:11:13 16:18:39.............0221................................................................n...........v...(...................~...........;.......H.......H............XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 560 x 97, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	15168
Entropy (8bit):	7.940352188609962
Encrypted:	false
SSDEEP:
MD5:	E241DB50F215822672EA186378C4033B
SHA1:	80C7BE1A45E0A91672ADD5B7BADF007D7E8831A0
SHA-256:	37687D6B43AB5ED8106D7F7A108B748662F264AE1DC332EBCBC42266C39547C1
SHA-512:	A67550DF109562696AD9E08CCB77B9BA8B31770BC0C98AF8DAF29F8FDFC7E0476059D02B183D9AEBABFF36A7097099A5C614277F0E67995995D9FCA7C443C321
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20240109/6660bc2bf6d36513ebec0a959b1568f5.png
Preview:	.PNG........IHDR...0...a............sRGB.........gAMA......a.....pHYs..........o.d..:.IDATx^.....o.2333.W.Sff.2.-3._{...p...x......%.3V$[N.M.;9''..,K...wF....\.....K.%..p..L.....p....].......................0o.K.%.......%..p..%...10C...q....................%:d}...m.Z...Wz..6..o.u.........}.{.bz].\|v.+~.......sv.j..E*...:.;.}...<....&e;X`...(4i..:..J....v........a$..f.9...`..E..3......(...DLj.2o.'J.....H.>&.7..iC...UO..)...x0....#...m.....m...5..z>.9.Y.:mN...:..@.-.m.m@~.d.[d.....S=.x..z..I_T.T.a....&._!..4;:...>e...l....=...DH...G`sZ..F#..f.xb.I..b&....s.3..m.m.V..Jm.....6pp.....t9`...7?.J.9#d...>g....A..Y.IO.H.,.vE2...f2M.eb3.d./.@.!._H.G$z.......y......I..N........U?...R....TRk.....=5.R...d.O.j..Z'...3.L...di(.1.m..kk......su..!.._..i7...s...F.].r.,..S.....zs....d.]..4.F<7gL.b.vf .T....$T.}S..u......ke}...D...(.{......k.s..v4.h&... _j..f#.J.eo...tR......o{r.+fu..)I.-.45....U^.`0&+..7RO....L.<(..@...Wz.H..Y$/#f..k\|.j..EC-....m.......J.m..

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 1333
Category:	downloaded
Size (bytes):	511
Entropy (8bit):	7.545581152304763
Encrypted:	false
SSDEEP:
MD5:	21AD80AC906B2A19287C296FC8410E5D
SHA1:	0AE9C7A07E6BF3CEBB2F7CEA23DBD151F00D0B36
SHA-256:	15CFA0A579DD332F26E7BD37A8D7077233B8AC74BF5E34042D9712D049E09EA8
SHA-512:	D32E86A8A1C0222EAFB06851C2845DE1424485594DFC82B0B646F654296953E9272EF685971557011C34201D54EAD33F71EB8546EF7F4FFAC078F249B1C299DC
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/yadotemp/yado/static/js/common.js
Preview:	...........SMO.@...W....8.......W..z....V.w..uB.Ej..h.....R....8..3....];4.WI.}.yo.....]..@O...zY\..0c:..Z..DGl..,4\|2.&.+.Y..(....`.(..qD!DJ.0.08P.R3.FE.f0..:.Q..B...a.T.@..".w.,.3....8x.s......g...).$%... ^..h...m\|....R-N..$.x$..g.0%...4O#XmN.f.Z........q.....4..c..,0.#.4......M..XIk...Y\,......r.vp...O..~.N.o.On.}.)..9N...a.......g...WAE........^....%....'p}.$-Cq..u....K.&....R............_gw.~...\|G....f....{..O.z{.Z+f$.......T3..5. ....r.........UE.rBk)..F..Psr.R....Y.5...

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 7603
Category:	downloaded
Size (bytes):	1999
Entropy (8bit):	7.907366127429681
Encrypted:	false
SSDEEP:
MD5:	2963102182C8D24C72EECCC648206815
SHA1:	1EFB4D3EB52E51CC63C28A98FF932C14212E69CA
SHA-256:	08631E72A90A238C484C5FEC4BA71943897FE10238A45C6EBD242ECAAE11E6AC
SHA-512:	C16AA441EFF2E88CBB4E21FA2AC5F95B1FC2EB2244191A85326325900B62DF7EA1DF23703E66455EE8823A4EB230C63AFEE0CA7515025E25D4EBEC51C8D7F665
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20230907/272b7a32ed1206dd807eae744099d749.jpg
Preview:	...........Y[....~..?T...,...Lw....q...f`....(I...T.T.....n.yX._...&.1,q^B.&.......9..4.T.5a.....:...;.J.....7.~rz.-.....i.M......O.F.....Gw.3'F6'.....M$..nq.....+...''.g6............%.N......@=...U.(...+.'.YR........{f.`...:(..O~a.......M..\|z...w{.c6s7...o.8.c.Bo...\/..A0....5.G....A.m.-...F........:...Q;..;..,bs.>...}..".D&HN.=\|..h`.~e<.K.3.@.>. .T...wM..\|n...#.E...]....H....Ru3.....'......g...Q.J....t.`X"/.4.x.p8.8.i.....FR...G.t..u....q.....XD..z...Q....5.H.nJ%[..6Aiw...jG.....l3O.[.yU.GRK...T..0].0..e V.`.e.4/4...... :I4.....Z...J...h-.T.k.C.K7.."q.......g@.b.'...e..&.Y0$$.Uc.J...k..!..........B8.L.;..k.......G...63'....:<.Y.!...@F..s.Soc..,........&;..;..G..!..:.&....a8..C..r.hP..i....x.bQ.X]0......k..K..5.c....T...#e`....B..[=2...=....k.'.-....{>q)F,.6(r8!..b.w\|........G.....x]]8......,Tn.z.f...+)WQ...[k..I.}..Y..$.S..)XhU{..J..O....m..@.d...:.:.G..Av9.5}C....I7.MM.Yyn.6..r...j...@..Y.gl.~........o....#.....Vm....$..{....!..#.....q

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1117x1028, components 3
Category:	downloaded
Size (bytes):	151591
Entropy (8bit):	7.87108939901347
Encrypted:	false
SSDEEP:
MD5:	528A03D072B3FD36BC3941DD2C06E962
SHA1:	B3A1495C49CB5E76AF150E76490E000608B6115D
SHA-256:	F988BBE6A385D07AD0FC3E83BCC00DBA5720D808B893242C5FA0333DCFED2131
SHA-512:	D64ABE5750ABBA44628B7B4D530A12FCB9936641C7FB709B3B95350C56BF1269673AA82C0CC6B1217FAEAB7E8A8B0DF55F803DCBFB968B64ADC3E5700B8B52AA
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20240415/53eb77b45613be8230160a2eb16c4f8a.jpg
Preview:	......JFIF.............C....................................................................C.........................................................................].."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..S..(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 212x95, components 3
Category:	downloaded
Size (bytes):	1865
Entropy (8bit):	7.161912438070362
Encrypted:	false
SSDEEP:
MD5:	AF1DFC792D538ABBE3D1876914EA0363
SHA1:	7D5EEDF322E0428A93B80F4F3E23EA42E00AFA05
SHA-256:	D6B5435E97FF4E9106033ADC9BA8AC2244A445F297A3947F22F2A3B11E3D8109
SHA-512:	204BC64A6627608EAD4FD57E9A4763E59667865B6E6F9CADE632235B9DC7AA78DE863C3CF6049E94D69347EB30E577C5C05F904936FACFAE0AE00F93A0EC8B70
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20190919/bd48f759269beb00190cd946d1dfdad8.jpg
Preview:	......JFIF.....`.`.....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......_....".................................................................................................5......_.....-.i........~e.hL.v....4f.W..o@........;.H......m..K.J}...................'......................@.....3....!$`p..............U...z..._...T....7.O..j=.....{..h.\#Y...X....Un\.8L.BN.........q.R.m... .EI6..K-.,..^.......%t&.A.c...q....J.~.F.k..F.-......................`........?.).....................`........?.).../........................!."1.#@AQa.2BSq`bp...........?...'..j].....f.&.q";g>us).th.....S.rt.....@.>.Z.i.....r..H..z.:..C............H.-.J....4..{g.9R2..Z.Yz..5u'....n&dP..m.d/r....w.s#.X....._.8?oO..E,P..}?0.{f.p\|.X.?7.....o..um..\+{F..p*.V.&..:2...1k..S..I#\[..].}.......,4..H./.iOk...r.l)Vo...w....{..m^`.T.Ek...a6.x....F@U....-.p..~i-..<l...>.q.....(...................

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 7603
Category:	downloaded
Size (bytes):	1998
Entropy (8bit):	7.8959069395690005
Encrypted:	false
SSDEEP:
MD5:	00EA1F0F969D7A5B9844E1D34918DD11
SHA1:	D01D5C1AC28EE2C19800A480BD83F47AEEFFE6CF
SHA-256:	F64754F27F6ABB15C1AF92F68466A37CDB089830C1F014126ACE3C10BC3F6206
SHA-512:	CC81D2AB430AE495227535569AC583F30DAA1484BDC7A02787140A05565A8B93B8FF73FDA651D4822FEBEE54BACE2A07486646CC517D146A0C898FB48470ADB1
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20220623/36a072e4f020fdbf0a450a1b174b867b.png
Preview:	...........Y[....~/..0a`..Q...Z....n. N..k (R`H.W.%9.pt.a.E/@.../.....>.@...(............2Cq.<..V..9g..;g.......?>..f"..d.....7.g....3.<&.....##..T.d..:.$@78g\|....C..c.3...@.....U.h.U'd..}.4POA..d.1...K..K..!f.hH...;.'.....'....!.e..:.O>.w.8&.....5.{.[>.....7.....g<.l......!..!. .&..DP......4..:...Q;..[..,f.@....A1.c.$.^e...S...U.......&......%.is...(.2.Ha...g...}...U.^.n..S2F.Qm.dvI....s`U.}..s.N..J.E...O..F#.4._.3..P.1.p.....6..".b\..V.....Eo.B4..u.-s.$..R....MP.]......f7......m^Ur.c.%.FTa.J..q..2.k.`.e.4/4...#..At.hl=...U..... \.q<c.RU......$#....'.;g...=.....,.L.3cHH..T..2..+............>Fx..>vF.W.%..w...Y..mfN...G.}uxL..C..c..u.z8..z....r.....P.l..n1...t..>...9..wP..q.....F..PH..P.>.k6......k.i\|>8......HCx.#......}l...O.. $0..'......=..........?..K1b..F....Q!.C.....,v....x...-.....P....B.&..k.,X..r.u...rH.D.....^&....M..q.......$..).y..dIV.m..3.....Y...Y.....P.M..hj...s{.i%.{5,U.@......<c............C...fw.[..:O.....S...T.\|rP...

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from Unix, original size modulo 2^32 9174
Category:	downloaded
Size (bytes):	4041
Entropy (8bit):	7.947696429750412
Encrypted:	false
SSDEEP:
MD5:	C350E432D7145517389895856AE99705
SHA1:	32523F371CB0F907B6D944C4F67FBAF0F178A7BB
SHA-256:	979F4B1A7D434FA678C5533E2842C1AFE5A5CC3184E7DFAB4076C44AB318B8A5
SHA-512:	331EEAB5F37CCB9637B9CCEE67D2E96AF7A22B2973D806B0B2E3E5C6020623090283579F13C5BB0CBAA1EA7EE9330A9EF0B981258261F2D13FC620598BD39865
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/en/yadotemp/yado/static/js/modernizr.custom.js
Preview:	...........Z]s.}..0[.".iy..P.U..Ij'..3[.A.M.$(R.H..l...s...%.{o.}.D.M...>}....[..@.i.PXo.?9o,......u....[...o..u.....7O]+.....v.:~.....4.Tp.../K..[U.YZ.]U........E..4.'.,uy..:..upQ..}.gt..Yn.T..u/Y^.........fwq.M.~_2.>.l+...?v.........}%..yG..... ....bL0a3.'.W.q~..>.....BKI)......h.o........_B..L......U..XqjAU..R-..,...{[.v..x.^..HJ...xR.<.gs..v.....)...z.B(...f.p8m.....4.^.`...C..N.=....3..T....]eO.Se?...R.\|..2.}m_q.%..b....@7\|.p.....n.wm{....t.x]...l......X.......s..$.e.....`P.. B9..... .w[.V..M_"....&bH..V.n.......b#.L...5:..d...6qua]l..\|ftU^Xl.[...1.....Ld2............CA.%}Tr..;Y5V...n.0...n.B.bm.>....[L....{h.........N......@\M9...D...._.4........F....#q..&.....^..........?.x......\|-"...Z(..^.......3&.X$..<qS..T........Ez.X....6G.x.....&.....V.a..I..A.S&6ru6&....W'+...\|;..k...6.}..ws....f..za0.O..p1...qO.....].O.......F...I.........?.....Q... ........#)bx.WY....t.-O.;.O.<G..?8..F.+{.7.....Ek.$.xVEEvg......E.....v.

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 232x109, components 3
Category:	downloaded
Size (bytes):	2273
Entropy (8bit):	7.368774291947866
Encrypted:	false
SSDEEP:
MD5:	05A114433843373E2442DFDAC25B1EF9
SHA1:	67F297605078CEFFC8DCAC74ABC2E8E5E271E599
SHA-256:	6EB594B08FAA86522A66220A68453E72BAC7A59A119B57717F74BA09A2534036
SHA-512:	3C05EE3EBBC5DEAA63F7236EB429094C9699B4E6537D1F57E8393BCED4B4EF25D651575CE86EE857D0D257E8110DCBDCBBA9E77C3D67931DAD3E675F14774B73
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20190919/f8d2d305fcc559d17128a53a72f5888e.jpg
Preview:	......JFIF.....`.`.....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222......m....".....................................................................................................JD..u.-Pz...@........6D.?R.O...W.i...E_...i.........]i....D.U.T..P.Id]fgL......<}...^...a.!. ..................$..........................@... !`p...........4.)....+p...,..$..k5.......(...%.a.{{rT.....]l..8....+..k.f...J\|..;u..P...HRV3X?C`.r..t.?.I...Y..9...#9Y...HX.;m.1.`:6b..,Z.6..;h.9H.~.j\|..L.LtgQZT..iX..[WD.x......q..q........................`........?.S.....................`........?.S...6.........................!"12A@aq. #R...Q..$34B`pt..........?...6W.-...:n.wBw#..s....G.C9....s.\.%..u.2....+.....i.g..m....F..l..E.Jy..F...'.$m.L..O.....G.{p.....Y0. ..-,k.+4...:k.....!..._.C.'..W..ZL.kx...?l.[.0$/...`.ZS.,.\|....G'.......H..t..gseQrj..e.....h=(B._..N.&.m....^c,.Q.C...B]m.F.FF=.j.\|\..,g

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1028, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1117], progressive, precision 8, 1028x1028, components 3
Category:	downloaded
Size (bytes):	391556
Entropy (8bit):	7.958943648212276
Encrypted:	false
SSDEEP:
MD5:	528953664A9821F1B7E229A45FA5AF10
SHA1:	09DE0366771BA284BBA2AC20C5D6E7C4F1EBC299
SHA-256:	E762826F5488ECD5EF8CB86C1B2FD7DD4A8E72F8E70925F21744DA17C01F405F
SHA-512:	828CADD1BF6A45F0F03F815C9FE338E2AF28D3028D78F1C451554728EAABDC4E7B436167B64D307E14E8F2150398DFF8A1D30BCACBA3BB265B949F1AD61F9AF3
Malicious:	false
Reputation:	unknown
URL:	http://www.finelandip.com/uploads/20231109/09acdd6a4ce2c96a6a2da584c6a620a9.jpg
Preview:	....1.Exif..MM.*...............].......................................................................................(...........1...........2..........i............. ............'.......'.Adobe Photoshop CS6 (Windows).2023:09:09 10:41:40.............0221...................................................................n...........v.(.....................~..........0(.......H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=833, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=968], progressive, precision 8, 62x61, components 3
Category:	dropped
Size (bytes):	23318
Entropy (8bit):	7.151927400814774
Encrypted:	false
SSDEEP:
MD5:	CD01B3E60F97010C0EDBE74A8F71DA3C
SHA1:	5881BA4256BC1387E84F02A63CBEE6C64781A495
SHA-256:	822D315E2FFAD6FF6F24CC00528BE096A7E59810AEEFA9D1A4DD9FE94669BC24
SHA-512:	07B2DE93F1E2FE9F23C21820624686C8F76698847E0F5C591705B39AC2A4C0618F54B2EC80D497D225A17C05767B7780F4BCC9BE00987F4A70F2D749D9A04C16
Malicious:	false
Reputation:	unknown
Preview:	......Exif..MM.*...........................A...........................................................................(...........1...........2..........i............. .......-....'..-....'.Adobe Photoshop CS6 (Windows).2019:09:25 14:40:59.............0221.......................>...........=...............................n...........v.(.....................~...........8.......H.......H.........XICC_PROFILE......HLino....mntrRGB XYZ .........1..acspMSFT....IEC sRGB.......................-HP ................................................cprt...P...3desc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....dmnd...T...pdmdd........vued...L....view.......$lumi........meas.......$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Copyright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1............sRGB IEC61966-2.1..................................................XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......

Static File Info

⊘No static file info

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://www.finelandip.com/

Overview

General Information

Detection

Signatures

Classification

Analysis Advice

Process Tree

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 135

Chrome Cache Entry: 138

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 145

Chrome Cache Entry: 147

Chrome Cache Entry: 151

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Windows Analysis Report
http://www.finelandip.com/