Windows Analysis Report http://www.ichiban.menu/menu-teppanyaki/

Phishing:

Found iframes

Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-M4B3WHH
Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1576.8028902007743!2d145.16554316794347!3d-37.77584079786201!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xca0290e5e494d84e!2sYamagata+Teppanyaki+Japanese+Restaurant!5e0!3m2!1sen!2sau!4v1501640073264
Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-M4B3WHH
Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1576.8028902007743!2d145.16554316794347!3d-37.77584079786201!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xca0290e5e494d84e!2sYamagata+Teppanyaki+Japanese+Restaurant!5e0!3m2!1sen!2sau!4v1501640073264
Source: http://www.ichiban.menu/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-M4B3WHH
Source: http://www.ichiban.menu/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1576.8028902007743!2d145.16554316794347!3d-37.77584079786201!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xca0290e5e494d84e!2sYamagata+Teppanyaki+Japanese+Restaurant!5e0!3m2!1sen!2sau!4v1501640073264
Source: http://www.ichiban.menu/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-M4B3WHH
Source: http://www.ichiban.menu/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1576.8028902007743!2d145.16554316794347!3d-37.77584079786201!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xca0290e5e494d84e!2sYamagata+Teppanyaki+Japanese+Restaurant!5e0!3m2!1sen!2sau!4v1501640073264
Source: http://www.ichiban.menu/about/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-M4B3WHH
Source: http://www.ichiban.menu/about/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1576.8028902007743!2d145.16554316794347!3d-37.77584079786201!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xca0290e5e494d84e!2sYamagata+Teppanyaki+Japanese+Restaurant!5e0!3m2!1sen!2sau!4v1501640073264
Source: http://www.ichiban.menu/gallery/teppanyaki/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-M4B3WHH
Source: http://www.ichiban.menu/gallery/teppanyaki/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1576.8028902007743!2d145.16554316794347!3d-37.77584079786201!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xca0290e5e494d84e!2sYamagata+Teppanyaki+Japanese+Restaurant!5e0!3m2!1sen!2sau!4v1501640073264
Source: http://www.ichiban.menu/menu/takeaway/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-M4B3WHH
Source: http://www.ichiban.menu/menu/takeaway/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1576.8028902007743!2d145.16554316794347!3d-37.77584079786201!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xca0290e5e494d84e!2sYamagata+Teppanyaki+Japanese+Restaurant!5e0!3m2!1sen!2sau!4v1501640073264
Source: http://www.ichiban.menu/reservations/	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-M4B3WHH
Source: http://www.ichiban.menu/reservations/	HTTP Parser: Iframe src: https://booking-widget.quandoo.com.au/iframe.html?agentId=2&merchantId=53825&origin=http%3A%2F%2Fwww.ichiban.menu&path=https%3A%2F%2Fbooking-widget.quandoo.com%2F&theme=light
Source: http://www.ichiban.menu/reservations/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d1576.8028902007743!2d145.16554316794347!3d-37.77584079786201!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xca0290e5e494d84e!2sYamagata+Teppanyaki+Japanese+Restaurant!5e0!3m2!1sen!2sau!4v1501640073264

No HTML title found

Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: HTML title missing
Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: HTML title missing
Source: http://www.ichiban.menu/	HTTP Parser: HTML title missing
Source: http://www.ichiban.menu/	HTTP Parser: HTML title missing
Source: http://www.ichiban.menu/about/	HTTP Parser: HTML title missing
Source: http://www.ichiban.menu/gallery/teppanyaki/	HTTP Parser: HTML title missing
Source: http://www.ichiban.menu/menu/takeaway/	HTTP Parser: HTML title missing
Source: http://www.ichiban.menu/reservations/	HTTP Parser: HTML title missing

None HTTPS page querying sensitive user data (password, username or email)

Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: Has password / email / username input fields
Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: Has password / email / username input fields
Source: http://www.ichiban.menu/	HTTP Parser: Has password / email / username input fields
Source: http://www.ichiban.menu/	HTTP Parser: Has password / email / username input fields
Source: http://www.ichiban.menu/about/	HTTP Parser: Has password / email / username input fields
Source: http://www.ichiban.menu/gallery/teppanyaki/	HTTP Parser: Has password / email / username input fields
Source: http://www.ichiban.menu/menu/takeaway/	HTTP Parser: Has password / email / username input fields
Source: http://www.ichiban.menu/reservations/	HTTP Parser: Has password / email / username input fields

META author tag missing

Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: No <meta name="author".. found
Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: No <meta name="author".. found
Source: http://www.ichiban.menu/	HTTP Parser: No <meta name="author".. found
Source: http://www.ichiban.menu/	HTTP Parser: No <meta name="author".. found
Source: http://www.ichiban.menu/about/	HTTP Parser: No <meta name="author".. found
Source: http://www.ichiban.menu/gallery/teppanyaki/	HTTP Parser: No <meta name="author".. found
Source: http://www.ichiban.menu/menu/takeaway/	HTTP Parser: No <meta name="author".. found
Source: http://www.ichiban.menu/reservations/	HTTP Parser: No <meta name="author".. found

META copyright tag missing

Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: No <meta name="copyright".. found
Source: http://www.ichiban.menu/menu-teppanyaki/	HTTP Parser: No <meta name="copyright".. found
Source: http://www.ichiban.menu/	HTTP Parser: No <meta name="copyright".. found
Source: http://www.ichiban.menu/	HTTP Parser: No <meta name="copyright".. found
Source: http://www.ichiban.menu/about/	HTTP Parser: No <meta name="copyright".. found
Source: http://www.ichiban.menu/gallery/teppanyaki/	HTTP Parser: No <meta name="copyright".. found
Source: http://www.ichiban.menu/menu/takeaway/	HTTP Parser: No <meta name="copyright".. found
Source: http://www.ichiban.menu/reservations/	HTTP Parser: No <meta name="copyright".. found

Compliance:

Creates a directory in C:\Program Files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Uses secure TLS version for HTTPS connections

Source: unknown	HTTPS traffic detected: 52.218.20.156:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.167.90.204:443 -> 192.168.2.3:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.167.90.204:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.20.156:443 -> 192.168.2.3:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.213.64.175:443 -> 192.168.2.3:49875 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.78:443 -> 192.168.2.3:49889 version: TLS 1.2

Networking:

Downloads compressed data via HTTP

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:15:33 GMTServer: ApacheVary: Accept-Encoding,CookieUpgrade: h2,h2cConnection: Upgrade, Keep-AliveLast-Modified: Tue, 03 Aug 2021 20:35:45 GMTETag: "de26-5c8ada157a219"Accept-Ranges: bytesContent-Length: 56870Cache-Control: max-age=0, publicExpires: Tue, 03 Aug 2021 22:15:33 GMTReferrer-Policy: X-Powered-By: W3 Total Cache/0.15.1Pragma: publicKeep-Alive: timeout=5, max=100Content-Type: text/html; charset=UTF-8Content-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 ec fd eb 76 db b8 b2 30 8a fe de 19 63 bf 03 57 7a f4 ea 4e 47 92 45 ea 6e cf 64 2d db b1 1d 27 71 9c 9b e3 d8 73 f6 e9 41 91 94 c4 98 12 15 92 f2 75 7b 8f fd 1a e7 df 79 96 73 de e4 3c c9 c6 95 c4 a5 40 52 ee f4 65 ee 6f b5 db 8e 04 14 80 42 a1 50 28 14 0a 85 7f fc c7 8b e3 dd 4f 67 ef f6 ac 59 36 8f 9e ff 03 ff b5 22 77 31 7d f6 38 58 3c b6 96 49 30 09 af 9f 3d 8e a7 9b 08 20 5b 6e 6e 6c c4 d3 65 6b 1e 6c 2c d2 1f 1e 23 f0 c0 f5 9f 5b ff f8 8f 66 d3 3a 88 e3 69 14 58 9f dc a9 75 e4 2e dc 69 90 58 cd 26 cb db 5b f8 86 fc 7f cc 83 cc b5 bc 99 9b a4 41 f6 ec f1 c9 a7 fd e6 f0 31 4b 5d b8 f3 e0 d9 e3 cb 30 b8 5a c6 49 f6 d8 f2 e2 45 16 2c 10 d4 55 e8 67 b3 67 7e 70 19 7a 41 93 7c 69 58 e1 22 cc 42 37 6a a6 9e 1b 05 cf ec 56 1b d5 92 66 37 a8 c5 ec 66 89 aa c9 82 eb 6c c3 4b d3 c7 d6 3c f0 43 f7 d9 63 37 8a 1e 3f df f8 e5 3f ac af ef 57 41 72 63 9d 1c 5a 4d eb d2 6e d9 ed 56 07 7d 72 da 76 a7 d9 1e 36 ed de a3 5f 78 d7 bf 7e c3 90 ab b0 e5 c5 73 94 7a b8 f0 a2 95 1f a4 9b 16 cd 68 91 9c 24 68 a1 66 1a 42 5a 12 a4 e1 ad 3b 8e b4 8c 34 88 02 2f 83 72 5c 0f 55 e4 87 f1 42 cb 58 65 31 6a 7d 19 05 99 56 68 bc ca 32 bd 84 ef 66 c1 32 f4 2e 82 44 cb 41 f4 8a a7 6a ea 3c 58 ac d4 b4 65 12 4f 51 2f d2 b1 ab 55 92 46 a1 af 57 9d 2e c3 c5 42 4f 46 7d 4d b5 b4 38 8e b2 70 89 93 11 4d 3f c5 16 1e 70 cb 45 1c 33 8f fd 70 72 63 65 b3 30 45 7f 82 79 d0 40 79 69 98 41 c3 b1 41 00 92 38 8a 82 64 e3 bf 26 93 17 c1 c4 5d 45 d9 b3 cf 41 e2 23 6e fb d1 d9 dd 4e 50 77 d1 bf a9 bb 48 9b 69 90 84 93 ff 9c 5c 71 b0 45 9c cc dd e8 3f 27 29 4f 40 7c 10 cc ff 13 0d 02 ea c5 07 d7 0f 57 e9 b3 ee f2 fa 3f c7 d3 dd 38 8a 93 97 88 ed 83 e4 99 47 fe 43 89 9f 10 73 ad 92 80 25 cf c2 e9 2c 42 bf d9 6f 69 3c c9 50 f6 e1 7c 7a bc 74 bd 30 bb 61 10 83 de 7f 8e d1 f8 06 89 58 9b 4b fe fb cf 89 c7 be 3b e4 bf ff 0c 11 db 8b 60 2c 99 61 b2 cb e6 c4 84 fc 57 a0 92 a7 47 ae 8c 01 cf 90 51 e0 a9 39 0e 3c 41 45 42 49 67 58 70 aa 05 7d fc 53 60 c1 d3 a7 91 9b a6 12 1a 3c 47 46 83 a7 fa 1d fc 83 d0 e0 09 3d f2 5f 81 06 4f 1f 92 ff f2 61 89 2f 11 81 7c 17 ff 08 a3 42 52 75 14 68 ba 32 14 24 6d 44 fe c3 23 41 be 3a 36 fe 11 06 82 a4 76 7b f8 87 37 bd ed 65 e1 65 a0 0d 03 4b d6 1b 67 19 7d a9 75 96 98 0f 02 fb ae b6 cf 92 65 04 5e 72 a6 7b 36 19 4f 46 41 20 f4 3f cf 01 68 90 e7 f5 64 3a 14 b5 79 88 d4 36 a6 45 9e d4 e9 e3 1f 81 1e 79 8e 13 0c 3b a4 fb 24 7d 2f 49 e2 e4 d9 24 98 d8 81 30 49 68 aa 8e 0a 4d 1f 49 68 d0 34 cf 6f bb 6d 4c 0f e9 6b de bc 94 ca Da
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:15:34 GMTServer: ApacheVary: Accept-EncodingLast-Modified: Mon, 02 Aug 2021 15:41:02 GMTETag: "839e-5c89565891c51"Accept-Ranges: bytesContent-Length: 33694Cache-Control: max-age=31425928, publicExpires: Tue, 02 Aug 2022 15:41:02 GMTReferrer-Policy: X-Powered-By: W3 Total Cache/0.15.1Pragma: publicKeep-Alive: timeout=5, max=99Connection: Keep-AliveContent-Type: application/x-javascriptContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 02 03 dd bd 6b 77 1b c7 d1 2e fa fd fc 0a 62 a2 97 9e 11 9a 20 29 db d9 c9 40 43 1c 59 92 63 27 be 4b 8e ed 80 b0 d7 dc 00 0c 89 1b 01 50 a4 4c 20 bf fd d4 53 d5 dd d3 73 01 e5 bc ef de 6b ed 75 9c 88 98 4b 4f df bb ba aa ba ea a9 d3 a7 9d a3 ab ef 6f f3 f5 fb a3 77 e7 bd f3 67 bd 4f 8e 76 47 7e 1a 98 87 9f 2f 6f 17 59 bc 2d 96 0b 7a 7e 75 83 67 bd e5 7a 72 3a 2b d2 7c b1 c9 8f 9e 9e fe 3f 9d f1 ed 22 45 0a 3f 56 49 f0 e0 2d 93 ab 3c dd 7a 51 b4 7d bf ca 97 e3 a3 f9 32 bb 9d e5 c7 c7 07 5e f4 f2 fb d5 72 bd dd 0c aa b7 51 dc cb 96 e9 ed 3c 5f 6c 07 09 e5 dc 39 0b c2 b2 a0 e0 a1 18 fb 9d 32 49 b0 9d ae 97 77 47 8b fc ee e8 f5 7a bd 5c fb 9e ae ff 3a bf b9 2d d6 f9 e6 28 3e ba 2b 16 19 a5 b9 2b b6 53 ba 33 5f 7a 41 7f 9d 6f 6f d7 8b 23 2a 25 d8 87 fc d7 f7 a8 d5 f9 b8 58 e4 99 d7 31 d5 95 ef 07 f2 13 6e a7 c5 46 55 5b fe 2e 5e 1f a5 d1 70 a4 32 a7 f2 2a 8f d2 de 06 dd a5 c6 74 95 2e 17 69 bc 55 13 ba 5c dd 6e a6 6a 4a 17 94 61 7e ff ed 58 15 d1 c3 5e 5d 45 45 6f bb 7c b3 5d 17 8b 89 ba a6 9b 69 bc f9 f6 6e f1 dd 7a b9 ca d7 db f7 6a 86 44 f3 c8 93 c1 f2 d4 22 aa 56 42 37 06 3d b1 e8 8d 17 94 79 b1 e5 37 7b b5 8c 4e 7f 1d 5e 6e 2e 6f 3f 7f fd f9 e7 97 f7 2f ce 46 dd 5d ed fe c9 e9 44 ad 28 d9 c9 7c 73 72 aa 6e a2 d3 13 7f 78 99 c5 27 bf 8f 82 d3 49 a1 d6 ed 85 25 54 e3 1f 57 54 bf 97 f1 26 f7 83 7d 1f 25 47 8b de 6a bd dc 2e d1 7b d1 83 4c 9d 70 ae a8 03 36 db f5 6d ba 5d ae c3 85 da e4 b3 9c 2f 3d 4f cd f2 c5 64 3b 0d cf d4 76 f9 62 bd 8e df 97 c3 6d 0b ca 7b 69 3c 9b f9 e8 7b 6a cf 24 df 56 a6 84 69 fa ed 6c d6 89 e2 c1 d9 45 3c 40 ca 61 dc c5 4f 4f f2 1f 85 f2 6c 14 56 33 c3 68 bc d9 c6 e9 75 25 4b 0c 69 42 2d 99 e7 eb 49 ce 49 7b 4e 03 fc 40 c5 e5 f4 a1 e6 e6 ef be e5 39 1e f1 ec 48 90 76 9b df cb ad b9 51 c9 5e e5 71 3a 6d ad 7a 0f 6f b8 1c ca 99 c6 39 5e b5 25 e3 ec 6c 85 7d aa 5e bc f2 ab 13 32 51 a9 4d 1e 4b 43 e9 11 a6 41 40 f9 f2 7c 6c e9 df 5a c6 79 2f 5e ad 66 ef 75 7d d6 13 9e d0 1b 64 30 2e d6 9b ed a1 0c f2 1b ff 8c d2 cc e2 47 93 9c 9c 53 9a fc a6 a5 bb 9d d1 52 69 d4 8d bb 3e 86 32 09 cf 6c 5f d7 ea 99 5e 44 67 c7 c7 c9 45 3a 18 f2 e0 a6 a3 51 38 1c 21 fb 45 76 b0 95 76 b0 76 bb e6 b8 ca 7c 08 27 6a 43 b4 28 a4 05 4c 3f 6a b3 e2 6e a3 3b be d8 2b 1a ae fb 2d 95 11 f1 4a d3 d7 4e 79 68 0e ad 13 ea f7 4c d1 f2 a7 55 6f 3b 71 78 36 da ed 68 25 4f a3 73 5a f7 f6 b1 69 f6 55 d4 39 ef 8f 41 c7 92 e5 72 96 c7 8b 92 6a 4e 8e 8f fd ab 68 52 c9 6c aa 33 eb 76 03 d5 20 b3 93 dd 8e c8 c0 e6 73 53 af 49 b0 db f9 13 22 23 01 95 1e 45 05 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:15:34 GMTServer: ApacheVary: Accept-EncodingUpgrade: h2,h2cConnection: Upgrade, Keep-AliveLast-Modified: Mon, 02 Aug 2021 15:42:05 GMTETag: "1197c-5c89569469380"Accept-Ranges: bytesContent-Length: 72060Cache-Control: max-age=31425990, publicExpires: Tue, 02 Aug 2022 15:42:05 GMTReferrer-Policy: X-Powered-By: W3 Total Cache/0.15.1Pragma: publicKeep-Alive: timeout=5, max=100Content-Type: application/x-javascriptContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 02 03 e4 fd f9 7e 1b 47 92 28 8c fe ef a7 00 ab d5 44 95 90 00 41 c9 4b bb a0 12 8e 16 da e6 b4 b6 91 e4 76 f7 d0 b4 4e 6d 00 8a 04 01 18 00 45 d1 04 ce fb 7c 0f 76 df e3 c6 92 6b 2d 20 a5 ee 9e f3 cd bd fd 73 8b a8 dc 33 32 32 32 22 32 32 c2 1f 5d ce d2 75 31 9f f9 57 22 13 2b 31 15 45 70 73 75 32 3d 8d f0 9f cd e6 e4 74 80 3f 7a 8b cb d5 c4 bf 69 8f d7 17 bd d5 3a 5e ae db e1 2c bf 6a 3d 8f d7 b9 1f f4 c6 f9 fa 7d 71 01 bf 44 fe 31 9f ad 43 2a 76 b6 6a 6f 83 c1 c7 78 d9 1a 45 19 16 39 9a e6 17 90 bb 7a 7a fd 3e 1e bf 8a a1 fc 2a 38 e9 9f 8a 33 c8 4e 97 39 34 25 4b 40 ba c8 a6 d1 74 2f 6a 67 f1 3a 7e 11 5f e7 cb f6 b0 bd 3f 8d da 9d 69 d8 6e 0f ce 7a f1 ea 7a 96 46 eb e5 65 0e 1f ab 65 1a b5 27 eb f5 62 15 1e 1c 5c 5d 5d f5 c6 f3 f9 78 9a af e3 f1 45 3c 8b c7 f9 b2 97 ce 2f 0e 78 4c c3 22 83 56 8a 4e 36 1d 8c 7a 8b 78 09 dd bd 9a 67 79 af 98 ad f2 e5 fa 69 3e 9a 2f 73 ff 4c 8c 82 c1 36 f0 af 8a 59 36 07 b8 cc d3 4b 1c 97 68 af d2 65 b1 58 b7 85 35 2e d1 fe f1 fd cb ee cb af 9f 3e fc e5 a7 9f da c1 e0 2b ae d4 fb 70 b5 c8 2f e6 67 c5 bb 7c bd 2e 66 e3 55 74 e3 25 f1 2a ff 79 39 f5 42 8f 07 fb eb c1 af 07 ab de 55 6f be 1c ff 7a 50 5c c0 48 57 bf 1e a4 30 80 5f 0f a8 ea af 07 87 87 bf 1e 7c f7 e0 d3 77 0f 7e 3d f0 84 97 7f 5a 43 dd de 62 36 86 8f d5 c7 f1 e7 b7 05 95 a8 25 f8 7b c4 8d c1 2f fc 9e 5f 2e d3 dc 0b 6f bc 74 3e 4b 61 25 b0 8a 6c 9b 9a 46 a8 16 e9 a4 48 e2 59 0f 40 71 09 29 8b 6e 31 4b a7 97 19 76 74 b6 a2 04 aa d6 5d e6 d3 1c 66 da bb 28 66 08 f0 8f f9 32 fa ba f7 7d ef 2f de 76 3b d8 d3 e8 16 8b 44 a4 c1 8d fa 6e 65 98 12 dc 20 be a4 d1 bb f5 12 60 d6 1b 2d e7 17 cf 26 f1 f2 19 ac d0 60 da 4b a1 dd e5 db 3c 5d fb 7d d1 17 e7 bd ab 22 5b 4f e0 ef 24 2f c6 93 75 20 a6 bd 51 31 9d be 07 30 f9 69 2f 5e 2c a6 d7 fe 7a 52 ac 44 1c 40 f1 3e e3 62 16 9d f7 d6 73 c0 db f8 e7 b7 2f fc e0 9f 68 35 b1 5a cd 4b ad 2e f3 f5 e5 12 e6 14 45 51 be d5 53 cc fd 98 27 98 0c 8a 91 bf 37 dd 6c f6 4c e3 01 d7 d9 3b 1c ac ae 8a 75 3a f1 a7 bd 35 24 3f 05 48 4e 8b 59 1e 79 eb f9 c2 c3 c1 cc 67 eb c8 fb b6 df 6f 3d 7c b0 f8 d4 7a b2 2c e2 a9 07 53 bc 49 a1 a4 37 9a c6 63 2f 94 4d f9 49 94 f9 27 df 7c f3 f0 9b 6f c5 37 df fe e5 01 fc ab 7e 1f 7e 7f 2a 9c 9c bf 3c e8 3f 74 b2 83 60 7f df 69 e0 bb 87 0f 1f 40 de e1 83 bf c0 bf 5f 3f 78 68 7e 1f fe c5 4a 3f 34 bf 1f f6 eb cb 7f fd 9d e9 9c 5a e5 ce ad a2 6e 02 b4 5f 2a 71 58 4a 80 9e 6e 69 03 fa 0c c4 5e 12 0c 08 4c 12 bf e5 32 e9 59 62 c9 ef be ed 8b ef bf fb fe 81 f8 f6 Data
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:15:35 GMTServer: ApacheVary: Accept-Encoding,User-AgentLast-Modified: Fri, 13 Jul 2018 06:37:26 GMTETag: "2efa-570dbb686f580-gzip"Accept-Ranges: bytesCache-Control: max-age=31536000, publicExpires: Wed, 03 Aug 2022 22:15:35 GMTContent-Encoding: gzipReferrer-Policy: Pragma: publicX-Powered-By: W3 Total Cache/0.15.1Content-Length: 4382Keep-Alive: timeout=5, max=99Connection: Keep-AliveContent-Type: application/x-javascriptData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 5a 6f 73 db b8 d1 7f df 4f 61 b3 1d 85 1c 43 14 49 49 a4 28 87 f1 c4 8e 7d 73 f3 f4 7a 9d e6 7a 7d e1 b8 cf 80 00 28 cb 91 44 85 a2 e2 a4 96 be fb b3 f8 41 a4 48 4b ce 5d ae cf 8c 66 05 02 8b c5 fe 03 76 41 6e af 77 f2 3e 5f 17 42 8d 4f 1e 97 dd e9 42 cc d6 52 ad 7a 0f ab 5e f9 a8 e6 f9 c3 d4 9d 4f 17 ee c3 ea 4f 9f 79 71 b2 eb 4a b2 f5 42 94 d3 7c 61 3b 4f d6 7a a5 4e 56 65 31 15 a5 75 5e f5 9f 70 9b b3 d4 79 2a 54 b9 2e 16 27 32 17 eb b9 5a 94 ae 28 14 2f d5 2f ea 4b f9 b7 5c 2a 3b bd e0 6e a1 96 33 2e 94 bd 62 96 e5 8c b9 b3 ad 69 a4 36 af 29 ec f1 d6 ec be 81 23 9a eb 58 96 2b f2 85 e0 a5 9d ba 29 5f 29 96 ba ab e9 7f 14 b3 7a 16 23 34 97 96 6d 4c 95 66 6a 96 17 b6 16 4d 30 c5 b2 84 bb e2 7e 3a 93 9a bb 15 9b 24 99 3b 53 8b 49 79 7f 3e e9 76 cf 1d 91 64 b7 93 3b a6 12 e1 2e 08 e1 97 af 4b c5 fa 49 92 a8 8b d4 5d ae 57 f7 b6 70 c6 fe 29 3d 6f 36 56 fe b8 50 c5 fb 5f 7f b8 9e 29 2d b9 35 25 5e 37 9b cf 6e a9 56 a5 6d e6 ff 8d cf 95 5b e6 7f cd 1f 55 71 45 ec da 8e b3 d9 48 5b 10 57 e7 3b b1 d3 3d bb aa a1 8d dc e6 ee 74 21 d5 97 9f 33 bb 74 5e 7b df 54 63 66 a7 4c ec e5 cc d8 84 dd b3 29 7b 60 1f d9 8c cd d9 82 e5 6c c9 3e b1 15 2b 13 49 a8 b7 77 0e 5b 27 65 25 f8 5a 0b 8e c9 f7 c9 a9 cf a6 c9 33 5b be db 3d de 14 7c a2 ff 6d 87 3d 24 e5 ed fa 8e 7d 4c 1e 20 e6 af 7c b6 56 6c 9e 78 e7 b3 a4 20 1b 28 61 7f 74 88 e6 34 b3 17 c9 cc c8 c1 16 a4 b6 79 a7 33 75 f9 72 a9 16 f2 4a 1b c1 e6 f6 47 77 35 9b 92 54 c4 a6 c3 4e 3d c7 61 cb 64 76 eb dd b1 4f 89 b2 97 0e 51 5d 9c 2d 77 ac b2 15 d9 45 f0 d9 2c e5 e2 a3 fd 89 64 76 9e f2 64 a1 1e 4f 7e 9c f3 89 62 b9 9b 93 49 8a bc 20 b4 5d 8b fa 56 aa 7c 5b 92 f7 a6 eb 52 d9 96 24 29 26 3c 9d 29 8b 59 19 9f ad 94 e5 90 53 08 97 57 28 2b 9b 74 e5 9c 6b 7d 4c 4e c8 a6 99 93 b9 f7 7c f5 f3 e3 e2 ef 45 be 54 45 f9 d5 9e 38 9d 8e 47 e2 4c 6a 13 59 f9 c2 a2 ce d3 5c a3 ee 57 d3 88 cf 18 98 30 ed 61 ce 79 ee 8a 19 5f ad b4 87 68 a1 aa 36 f1 cb 67 65 b2 d4 7c 17 22 59 31 b2 89 c7 da 4a cb 9d 6d be d9 3c 57 e4 92 9d fa a4 3d d2 c7 7a 36 db de 77 3a f6 fc f5 c7 9d e2 be a1 f6 9d d2 1f dc 25 2f c8 b8 7a 5b 54 9e 66 70 c9 8f 1c 67 7b e8 ad 13 da 5c a2 f6 d7 39 3d d5 47 06 b9 b1 f6 43 c9 c8 13 13 4e 22 68 cf 26 c7 6a 18 ef 9e e6 9e 93 7f 4c 9d a7 49 62 bd 9e ce 27 27 f5 d6 7e 05 6d 24 d6 2b d6 54 cc 2b eb e4 15 7b 55 9b 2f d9 59 4f 77 6a 8d 11 36 27 1c 7a 3a d1 8a a3 c6 54 3f 3a 4c b6 8d 4b ec 18 e3 66 da b8 d2 91 cf 8d 9b ed 8c 9b 3d 37 6e c3 da 27 d6 59 76 66 25 96 43 47 43 d7 27 55 4f c8 1
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:15:49 GMTServer: ApacheVary: Accept-Encoding,CookieUpgrade: h2,h2cConnection: Upgrade, Keep-AliveLast-Modified: Tue, 03 Aug 2021 21:25:15 GMTETag: "deee-5c8ae52687f2c"Accept-Ranges: bytesContent-Length: 57070Cache-Control: max-age=566, publicExpires: Tue, 03 Aug 2021 22:25:15 GMTReferrer-Policy: X-Powered-By: W3 Total Cache/0.15.1Pragma: publicKeep-Alive: timeout=5, max=100Content-Type: text/html; charset=UTF-8Content-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 ec bd 69 77 db b8 b2 00 f8 79 72 ce fc 07 be f4 e9 d7 9d 8e 24 93 d4 6e df e4 5d db b1 1d 27 71 9c cd 71 ec 7b 7b fa 50 14 25 31 a6 44 85 a4 bc 8e e7 b7 0f 56 12 4b 81 a4 dc e9 e5 ce bc b8 ed 96 80 02 50 28 14 0a 85 42 a1 f0 8f ff 7a 71 bc fb e9 ec dd 9e 35 cb e6 d1 f3 7f e0 bf 56 e4 2d a6 cf 1e 07 8b c7 d6 32 09 26 e1 f5 b3 c7 f1 74 13 01 64 cb cd 8d 8d 78 ba 6c cd 83 8d 45 fa c3 63 04 1e 78 e3 e7 d6 3f fe ab d9 b4 0e e2 78 1a 05 d6 27 6f 6a 1d 79 0b 6f 1a 24 56 b3 c9 f2 f6 16 63 43 fe 3f e6 41 e6 59 fe cc 4b d2 20 7b f6 f8 e4 d3 7e 73 f0 98 a5 2e bc 79 f0 ec f1 65 18 5c 2d e3 24 7b 6c f9 f1 22 0b 16 08 ea 2a 1c 67 b3 67 e3 e0 32 f4 83 26 f9 d2 b0 c2 45 98 85 5e d4 4c 7d 2f 0a 9e 39 2d 1b d5 92 66 37 a8 c5 ec 66 89 aa c9 82 eb 6c c3 4f d3 c7 d6 3c 18 87 de b3 c7 5e 14 3d 7e be f1 cb 7f 59 5f df af 82 e4 c6 3a 39 b4 9a d6 a5 d3 72 ec 56 1b 7d 72 6d a7 dd b4 07 4d a7 fb e8 17 de f5 af df 30 e4 2a 6c f9 f1 1c a5 1e 2e fc 68 35 0e d2 4d 8b 66 b4 48 4e 12 b4 50 33 0d 21 2d 09 d2 f0 d6 1b 45 5a 46 1a 44 81 9f 41 39 9e 8f 2a 1a 87 f1 42 cb 58 65 31 6a 7d 19 05 99 56 68 b4 ca 32 bd c4 d8 cb 82 65 e8 5f 04 89 96 83 e8 15 4f d5 d4 79 b0 58 a9 69 cb 24 9e a2 5e a4 23 4f ab 24 8d c2 b1 5e 75 ba 0c 17 0b 3d 19 f5 35 d5 d2 e2 38 ca c2 25 4e 46 34 fd 14 5b 78 c0 2d 0f 71 cc 3c 1e 87 93 1b 2b 9b 85 29 fa 13 cc 83 06 ca 4b c3 0c 1a 8e 0d 02 90 c4 51 14 24 1b ff 33 99 bc 08 26 de 2a ca 9e 7d 0e 92 31 e2 b6 1f dd dd ed 04 75 17 fd 3f f5 16 69 33 0d 92 70 f2 df 93 2b 0e b6 88 93 b9 17 fd f7 24 e5 09 88 0f 82 f9 7f a3 41 40 bd f8 e0 8d c3 55 fa ac b3 bc fe ef d1 74 37 8e e2 e4 25 62 fb 20 79 e6 93 7f 28 f1 13 62 ae 55 12 b0 e4 59 38 9d 45 e8 37 fb 2d 8d 27 19 ca 3e 9c 4f 8f 97 9e 1f 66 37 0c a2 df fd ef 11 1a df 20 11 6b f3 c8 bf ff 9e f8 ec bb 4b fe fd 77 88 d8 5e 04 63 c9 0c 93 5d 36 27 26 e4 5f 81 4a 9e 1e 79 32 06 3c 43 46 81 a7 e6 38 f0 04 15 09 25 9d 61 c1 a9 16 f4 f0 4f 81 05 4f 9f 46 5e 9a 4a 68 f0 1c 19 0d 9e 3a 6e e3 1f 84 06 4f e8 92 7f 05 1a 3c 7d 40 fe e5 c3 12 5f 22 02 8d 3d fc 23 8c 0a 49 d5 51 a0 e9 ca 50 90 b4 21 f9 87 47 82 7c 75 1d fc 23 0c 04 49 ed 74 f1 0f 6f 7a db cf c2 cb 40 1b 06 96 ac 37 ce 32 7a 52 eb 2c 31 1f 04 f6 5d 6d 9f 25 cb 08 bc e4 4c f7 6c 32 9a 0c 83 40 e8 7f 9e 03 d0 20 cf eb ca 74 28 6a f3 11 a9 1d 4c 8b 3c a9 dd c3 3f 02 3d f2 1c 37 18 b4 49 f7 49 fa 5e 92 c4 c9 b3 49 30 71 02 61 92 d0 54 1d 15 9a 3e 94 d0 a0 69 fe d8 f6 6c 4c 0f e9 6b de bc 94 ca 9a 3e 46 23 14 79 37 9c 94 79 Data A
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:15:50 GMTServer: ApacheVary: Accept-EncodingUpgrade: h2,h2cConnection: Upgrade, Keep-AliveLast-Modified: Mon, 02 Aug 2021 15:41:02 GMTETag: "1245a-5c895658a54d2"Accept-Ranges: bytesContent-Length: 74842Cache-Control: max-age=31425911, publicExpires: Tue, 02 Aug 2022 15:41:02 GMTReferrer-Policy: X-Powered-By: W3 Total Cache/0.15.1Pragma: publicKeep-Alive: timeout=5, max=100Content-Type: application/x-javascriptContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 02 03 e4 fd fb 7e 1b c7 b1 28 8c fe ef a7 00 27 0a 31 63 34 40 50 b2 9d 64 a0 11 b6 2e 74 cc 15 c9 d2 92 e4 38 59 34 a3 3d 37 00 43 82 00 0c 80 a2 68 02 fb 7d be 07 3b ef 71 ea d2 d7 b9 00 94 92 ac fd ad 73 f2 73 44 4c df bb ba ba ba aa ba ba ca 1f 5d cf d2 75 31 9f f9 37 22 13 2b 31 15 45 70 77 73 36 3d 8f f0 9f cd e6 ec 7c 80 3f 7a 8b eb d5 c4 bf 6b 8f d7 57 bd d5 3a 5e ae db e1 2c bf 69 bd 88 d7 b9 1f f4 c6 f9 fa 7d 71 05 bf 44 fe 31 9f ad 43 2a 76 b1 6a 6f 83 c1 c7 78 d9 1a 45 19 16 39 99 e6 57 90 bb 7a 76 fb 3e 1e ff 18 43 f9 55 70 d6 3f 17 17 90 9d 2e 73 68 4a 96 80 74 91 4d a3 e9 41 d4 ce e2 75 fc 32 be cd 97 ed 61 fb 70 1a b5 3b d3 b0 dd 1e 5c f4 e2 d5 ed 2c 8d d6 cb eb 1c 3e 56 cb 34 6a 4f d6 eb c5 2a 3c 3a ba b9 b9 e9 8d e7 f3 f1 34 5f c7 e3 ab 78 16 8f f3 65 2f 9d 5f 1d f1 98 86 45 06 ad 14 9d 6c 3a 18 f5 16 f1 12 ba fb 71 9e e5 bd 62 b6 ca 97 eb 67 f9 68 be cc fd 0b 31 0a 06 db c0 bf 29 66 d9 1c e0 32 4f af 71 5c a2 bd 4a 97 c5 62 dd 16 d6 b8 44 fb cf ef 5f 75 5f 7d f3 ec d1 cf 3f fc d0 0e 06 5f 71 a5 de 87 9b 45 7e 35 bf 28 de e5 eb 75 31 1b af a2 3b 2f 89 57 f9 4f cb a9 17 7a 3c d8 5f 8e 7e 39 5a f5 6e 7a f3 e5 f8 97 a3 e2 0a 46 ba fa e5 28 85 01 fc 72 44 55 7f 39 3a 3e fe e5 e8 0f 0f 3f fd e1 e1 2f 47 9e f0 f2 4f 6b a8 db 5b cc c6 f0 b1 fa 38 fe fc b6 a0 12 b5 04 7f 4f b8 31 f8 85 df f3 eb 65 9a 7b e1 9d 97 ce 67 29 ac 04 56 91 6d 53 d3 08 d5 22 9d 14 49 3c eb 01 28 ae 21 65 d1 2d 66 e9 f4 3a c3 8e 2e 56 94 40 d5 ba cb 7c 9a c3 4c 7b 57 c5 0c 01 fe 31 5f 46 df f4 fe d4 fb a3 b7 dd 0e 0e 34 ba c5 22 11 69 70 a7 be 5b 19 a6 04 77 88 2f 69 f4 6e bd 04 98 f5 46 cb f9 d5 f3 49 bc 7c 0e 2b 34 98 f6 52 68 77 f9 36 4f d7 7e 5f f4 c5 65 ef a6 c8 d6 13 f8 3b c9 8b f1 64 1d 88 69 6f 54 4c a7 ef 01 4c 7e da 8b 17 8b e9 ad bf 9e 14 2b 11 07 50 bc cf b8 98 45 97 bd f5 1c f0 36 fe e9 ed 4b 3f f8 27 5a 4d ac 56 f3 52 ab cb 7c 7d bd 84 39 45 51 94 6f f5 14 73 3f e6 09 26 83 62 e4 1f 4c 37 9b 03 d3 78 c0 75 0e 8e 07 ab 9b 62 9d 4e fc 69 6f 0d c9 cf 00 92 d3 62 96 47 de 7a be f0 70 30 f3 d9 3a f2 be eb f7 5b 8f 1e 2e 3e b5 9e 2e 8b 78 ea c1 14 ef 52 28 e9 8d a6 f1 d8 0b 65 53 7e 12 65 fe d9 b7 df 3e fa f6 3b f1 ed 77 7f 7c 08 ff aa df c7 7f 3a 17 4e ce 1f 1f f6 1f 39 d9 41 70 78 e8 34 f0 87 47 8f 1e 42 de f1 c3 3f c2 bf df 3c 7c 64 7e 1f ff d1 4a 3f 36 bf 1f f5 eb cb 7f f3 07 d3 39 b5 ca 9d 5b 45 dd 04 68 bf 54 e2 b8 94 00 3d ed 69 03 fa 0c c4 41 12 0c 08 4c 12 bf e5 32 e9 59 62 c9 3f 7c d7 17 7f fa c3 9f 1e Data
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:16:12 GMTServer: ApacheVary: Accept-EncodingLast-Modified: Tue, 03 Aug 2021 00:26:31 GMTETag: "11b54-5c89cbccbd2fc"Accept-Ranges: bytesContent-Length: 72532Cache-Control: max-age=31457418, publicExpires: Wed, 03 Aug 2022 00:26:31 GMTReferrer-Policy: X-Powered-By: W3 Total Cache/0.15.1Pragma: publicKeep-Alive: timeout=5, max=94Connection: Keep-AliveContent-Type: application/x-javascriptContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 02 03 e4 fd f9 7e 1b 47 92 28 8c fe ef a7 00 ab d5 44 95 90 00 41 c9 4b bb a0 12 8e 16 da e6 b4 b6 91 e4 76 f7 d0 b4 4e 6d 00 8a 04 01 18 00 45 d1 04 ce fb 7c 0f 76 df e3 c6 92 6b 2d 20 a5 ee 9e f3 cd bd fd 73 8b a8 dc 33 32 32 32 22 32 32 c2 1f 5d ce d2 75 31 9f f9 57 22 13 2b 31 15 45 70 73 75 32 3d 8d f0 9f cd e6 e4 74 80 3f 7a 8b cb d5 c4 bf 69 8f d7 17 bd d5 3a 5e ae db e1 2c bf 6a 3d 8f d7 b9 1f f4 c6 f9 fa 7d 71 01 bf 44 fe 31 9f ad 43 2a 76 b6 6a 6f 83 c1 c7 78 d9 1a 45 19 16 39 9a e6 17 90 bb 7a 7a fd 3e 1e bf 8a a1 fc 2a 38 e9 9f 8a 33 c8 4e 97 39 34 25 4b 40 ba c8 a6 d1 74 2f 6a 67 f1 3a 7e 11 5f e7 cb f6 b0 bd 3f 8d da 9d 69 d8 6e 0f ce 7a f1 ea 7a 96 46 eb e5 65 0e 1f ab 65 1a b5 27 eb f5 62 15 1e 1c 5c 5d 5d f5 c6 f3 f9 78 9a af e3 f1 45 3c 8b c7 f9 b2 97 ce 2f 0e 78 4c c3 22 83 56 8a 4e 36 1d 8c 7a 8b 78 09 dd bd 9a 67 79 af 98 ad f2 e5 fa 69 3e 9a 2f 73 ff 4c 8c 82 c1 36 f0 af 8a 59 36 07 b8 cc d3 4b 1c 97 68 af d2 65 b1 58 b7 85 35 2e d1 fe f1 fd cb ee cb af 9f 3e fc e5 a7 9f da c1 e0 2b ae d4 fb 70 b5 c8 2f e6 67 c5 bb 7c bd 2e 66 e3 55 74 e3 25 f1 2a ff 79 39 f5 42 8f 07 fb eb c1 af 07 ab de 55 6f be 1c ff 7a 50 5c c0 48 57 bf 1e a4 30 80 5f 0f a8 ea af 07 87 87 bf 1e 7c f7 e0 d3 77 0f 7e 3d f0 84 97 7f 5a 43 dd de 62 36 86 8f d5 c7 f1 e7 b7 05 95 a8 25 f8 7b c4 8d c1 2f fc 9e 5f 2e d3 dc 0b 6f bc 74 3e 4b 61 25 b0 8a 6c 9b 9a 46 a8 16 e9 a4 48 e2 59 0f 40 71 09 29 8b 6e 31 4b a7 97 19 76 74 b6 a2 04 aa d6 5d e6 d3 1c 66 da bb 28 66 08 f0 8f f9 32 fa ba f7 7d ef 2f de 76 3b d8 d3 e8 16 8b 44 a4 c1 8d fa 6e 65 98 12 dc 20 be a4 d1 bb f5 12 60 d6 1b 2d e7 17 cf 26 f1 f2 19 ac d0 60 da 4b a1 dd e5 db 3c 5d fb 7d d1 17 e7 bd ab 22 5b 4f e0 ef 24 2f c6 93 75 20 a6 bd 51 31 9d be 07 30 f9 69 2f 5e 2c a6 d7 fe 7a 52 ac 44 1c 40 f1 3e e3 62 16 9d f7 d6 73 c0 db f8 e7 b7 2f fc e0 9f 68 35 b1 5a cd 4b ad 2e f3 f5 e5 12 e6 14 45 51 be d5 53 cc fd 98 27 98 0c 8a 91 bf 37 dd 6c f6 4c e3 01 d7 d9 3b 1c ac ae 8a 75 3a f1 a7 bd 35 24 3f 05 48 4e 8b 59 1e 79 eb f9 c2 c3 c1 cc 67 eb c8 fb b6 df 6f 3d 7c b0 f8 d4 7a b2 2c e2 a9 07 53 bc 49 a1 a4 37 9a c6 63 2f 94 4d f9 49 94 f9 27 df 7c f3 f0 9b 6f c5 37 df fe e5 01 fc ab 7e 1f 7e 7f 2a 9c 9c bf 3c e8 3f 74 b2 83 60 7f df 69 e0 bb 87 0f 1f 40 de e1 83 bf c0 bf 5f 3f 78 68 7e 1f fe c5 4a 3f 34 bf 1f f6 eb cb 7f fd 9d e9 9c 5a e5 ce ad a2 6e 02 b4 5f 2a 71 58 4a 80 9e 6e 69 03 fa 0c c4 5e 12 0c 08 4c 12 bf e5 32 e9 59 62 c9 ef be ed 8b ef bf fb fe 81 f8 f6 9b fe 43 05 25 95 41 6d 5a b9 d8
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:16:34 GMTServer: ApacheX-Powered-By: W3 Total Cache/0.15.1Pragma: publicExpires: Wed, 03 Aug 2022 22:16:34 GMTVary: Accept-Encoding,User-AgentCache-Control: max-age=31536000, publicContent-Encoding: gzipLast-Modified: Thu, 05 Nov 2020 12:48:42 GMTETag: "pub1604580522;gz"Content-Length: 72964Referrer-Policy: Keep-Alive: timeout=5, max=93Connection: Keep-AliveContent-Type: application/x-javascript; charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 02 03 e4 fd f9 7e 1b 47 92 28 8c fe ef a7 00 ab d5 44 95 90 00 41 c9 4b bb a0 12 8e 16 da e6 b4 b6 91 e4 76 f7 d0 b4 4e 6d 00 8a 04 01 18 00 45 d1 04 ce fb 7c 0f 76 df e3 c6 92 6b 2d 20 a5 ee 9e f3 cd bd fd 73 8b a8 dc 33 32 32 32 22 32 32 c2 1f 5d ce d2 75 31 9f f9 57 22 13 2b 31 15 45 70 73 75 32 3d 8d f0 9f cd e6 e4 74 80 3f 7a 8b cb d5 c4 bf 69 8f d7 17 bd d5 3a 5e ae db e1 2c bf 6a 3d 8f d7 b9 1f f4 c6 f9 fa 7d 71 01 bf 44 fe 31 9f ad 43 2a 76 b6 6a 6f 83 c1 c7 78 d9 1a 45 19 16 39 9a e6 17 90 bb 7a 7a fd 3e 1e bf 8a a1 fc 2a 38 e9 9f 8a 33 c8 4e 97 39 34 25 4b 40 ba c8 a6 d1 74 2f 6a 67 f1 3a 7e 11 5f e7 cb f6 b0 bd 3f 8d da 9d 69 d8 6e 0f ce 7a f1 ea 7a 96 46 eb e5 65 0e 1f ab 65 1a b5 27 eb f5 62 15 1e 1c 5c 5d 5d f5 c6 f3 f9 78 9a af e3 f1 45 3c 8b c7 f9 b2 97 ce 2f 0e 78 4c c3 22 83 56 8a 4e 36 1d 8c 7a 8b 78 09 dd bd 9a 67 79 af 98 ad f2 e5 fa 69 3e 9a 2f 73 ff 4c 8c 82 c1 36 f0 af 8a 59 36 07 b8 cc d3 4b 1c 97 68 af d2 65 b1 58 b7 85 35 2e d1 fe f1 fd cb ee cb af 9f 3e fc e5 a7 9f da c1 e0 2b ae d4 fb 70 b5 c8 2f e6 67 c5 bb 7c bd 2e 66 e3 55 74 e3 25 f1 2a ff 79 39 f5 42 8f 07 fb eb c1 af 07 ab de 55 6f be 1c ff 7a 50 5c c0 48 57 bf 1e a4 30 80 5f 0f a8 ea af 07 87 87 bf 1e 7c f7 e0 d3 77 0f 7e 3d f0 84 97 7f 5a 43 dd de 62 36 86 8f d5 c7 f1 e7 b7 05 95 a8 25 f8 7b c4 8d c1 2f fc 9e 5f 2e d3 dc 0b 6f bc 74 3e 4b 61 25 b0 8a 6c 9b 9a 46 a8 16 e9 a4 48 e2 59 0f 40 71 09 29 8b 6e 31 4b a7 97 19 76 74 b6 a2 04 aa d6 5d e6 d3 1c 66 da bb 28 66 08 f0 8f f9 32 fa ba f7 7d ef 2f de 76 3b d8 d3 e8 16 8b 44 a4 c1 8d fa 6e 65 98 12 dc 20 be a4 d1 bb f5 12 60 d6 1b 2d e7 17 cf 26 f1 f2 19 ac d0 60 da 4b a1 dd e5 db 3c 5d fb 7d d1 17 e7 bd ab 22 5b 4f e0 ef 24 2f c6 93 75 20 a6 bd 51 31 9d be 07 30 f9 69 2f 5e 2c a6 d7 fe 7a 52 ac 44 1c 40 f1 3e e3 62 16 9d f7 d6 73 c0 db f8 e7 b7 2f fc e0 9f 68 35 b1 5a cd 4b ad 2e f3 f5 e5 12 e6 14 45 51 be d5 53 cc fd 98 27 98 0c 8a 91 bf 37 dd 6c f6 4c e3 01 d7 d9 3b 1c ac ae 8a 75 3a f1 a7 bd 35 24 3f 05 48 4e 8b 59 1e 79 eb f9 c2 c3 c1 cc 67 eb c8 fb b6 df 6f 3d 7c b0 f8 d4 7a b2 2c e2 a9 07 53 bc 49 a1 a4 37 9a c6 63 2f 94 4d f9 49 94 f9 27 df 7c f3 f0 9b 6f c5 37 df fe e5 01 fc ab 7e 1f 7e 7f 2a 9c 9c bf 3c e8 3f 74 b2 83 60 7f df 69 e0 bb 87 0f 1f 40 de e1 83 bf c0 bf 5f 3f 78 68 7e 1f fe c5 4a 3f 34 bf 1f f6 eb cb 7f fd 9d e9 9c 5a e5 ce ad a2 6e 02 b4 5f 2a 71 58 4a 80 9e 6e 69 03 fa 0c c4 5e 12 0c 08 4c 12 bf e5 32 e9 59 62 c9 ef be ed 8b ef bf fb fe 81 f8 f6 9b fe 43 05 25 95 41 6d 5a b9 d8
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 03 Aug 2021 22:16:37 GMTServer: ApacheVary: Accept-Encoding,CookieLast-Modified: Tue, 03 Aug 2021 21:45:56 GMTETag: "d725-5c8ae9c571df9"Accept-Ranges: bytesContent-Length: 55077Cache-Control: max-age=1758, publicExpires: Tue, 03 Aug 2021 22:45:56 GMTReferrer-Policy: X-Powered-By: W3 Total Cache/0.15.1Pragma: publicKeep-Alive: timeout=5, max=92Connection: Keep-AliveContent-Type: text/html; charset=UTF-8Content-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 ec fd fb 76 db 38 d2 38 8a fe bd b3 d6 79 07 7e e9 d5 d3 9d 8e 24 93 d4 dd 9e e4 1b df e3 24 8e 73 77 ec 99 3e bd 28 91 92 18 53 a2 42 52 be 6e ef b5 df 61 bf c0 7e 96 7d de e4 3c c9 c1 95 c4 a5 40 52 ee 74 4f cf ef 7c 71 db 2d 01 85 42 01 28 14 0a 85 42 e1 ef ff b5 77 b2 fb f1 ec ed be 35 cb e6 d1 f3 bf e3 bf 56 e4 2d a6 cf 1e 07 8b c7 d6 32 09 26 e1 f5 b3 c7 f1 74 13 01 64 cb cd 8d 8d 78 ba 6c cd 83 8d 45 fa c3 63 04 1e 78 fe 73 eb ef ff d5 6c 5a 87 71 3c 8d 02 eb a3 37 b5 8e bd 85 37 0d 12 ab d9 64 79 fb 0b df 90 ff f7 79 90 79 d6 78 e6 25 69 90 3d 7b fc e9 e3 41 73 f0 98 a5 2e bc 79 f0 ec f1 65 18 5c 2d e3 24 7b 6c 8d e3 45 16 2c 10 d4 55 e8 67 b3 67 7e 70 19 8e 83 26 f9 d2 b0 c2 45 98 85 5e d4 4c c7 5e 14 3c 73 5a 36 c2 92 66 37 a8 c6 ec 66 89 d0 64 c1 75 b6 31 4e d3 c7 d6 3c f0 43 ef d9 63 2f 8a 1e 3f df f8 e5 bf ac af ef 56 41 72 63 7d 3a b2 9a d6 a5 d3 72 ec 56 1b 7d 72 6d a7 dd b4 07 4d a7 fb e8 17 de f4 af df 30 e4 2a 6c 8d e3 39 4a 3d 5a 8c a3 95 1f a4 9b 16 cd 68 91 9c 24 68 a1 6a 1a 42 5a 12 a4 e1 ad 37 8a b4 8c 34 88 82 71 06 e5 78 63 84 c8 0f e3 85 96 b1 ca 62 54 fb 32 0a 32 ad d0 68 95 65 7a 09 df cb 82 65 38 be 08 12 2d 07 f5 57 3c 55 53 e7 c1 62 a5 a6 2d 93 78 8a 5a 91 8e 3c 0d 49 1a 85 be 8e 3a 5d 86 8b 85 9e 8c da 9a 6a 69 71 1c 65 e1 12 27 a3 3e fd 18 5b 78 c0 2d 0f 71 cc 3c f6 c3 c9 8d 95 cd c2 14 fd 09 e6 41 03 e5 a5 61 06 0d c7 06 01 48 e2 28 0a 92 8d ff 9e 4c f6 82 89 b7 8a b2 67 9f 83 c4 47 dc f6 a3 bb bb 9d a0 e6 a2 ff a7 de 22 6d a6 41 12 4e fe 36 b9 e2 60 8b 38 99 7b d1 df 26 29 4f 40 7c 10 cc ff 86 06 01 b5 e2 bd e7 87 ab f4 59 67 79 fd b7 d1 74 37 8e e2 e4 05 62 fb 20 79 36 26 ff 50 e2 47 c4 5c ab 24 60 c9 b3 70 3a 8b d0 6f f6 5b 1a 4f 32 94 7d 34 9f 9e 2c bd 71 98 dd 30 88 7e f7 6f 23 34 be 41 22 62 f3 c8 bf bf 4d c6 ec bb 4b fe fd 2d 44 6c 2f 82 b1 64 46 c9 2e 9b 13 13 f2 af 20 25 4f 8f 3c 99 02 9e 21 93 c0 53 73 1a 78 82 4a 84 92 ce a8 e0 bd 16 f4 f0 4f 41 05 4f 9f 46 5e 9a 4a 64 f0 1c 99 0c 9e ea b7 f1 0f 22 83 27 74 c9 bf 82 0c 9e 3e 20 ff f2 61 89 2f 51 07 f9 1e fe 11 46 85 a4 ea 24 d0 74 65 28 48 da 90 fc c3 23 41 be ba 0e fe 11 06 82 a4 76 ba f8 87 57 bd 3d ce c2 cb 40 1b 06 96 ac 57 ce 32 7a 52 ed 2c 31 1f 04 f6 5d ad 9f 25 cb 04 bc e0 4c f7 6c 32 9a 0c 83 40 68 7f 9e 03 f4 41 9e d7 95 fb a1 c0 36 46 5d ed e0 be c8 93 da 3d fc 23 f4 47 9e e3 06 83 36 69 3e 49 df 4f 92 38 79 36 09 26 4e 20 4c 12 9a aa 93 42 d3 87 12 19 34 6d ec db 9e 8d fb 43 fa 9a 57 2f a5 b2 aa 4f d0 08 45 de 0d ef ca bc 7

Downloads files from webservers via HTTP

Source: global traffic	HTTP traffic detected: GET /menu-teppanyaki/ HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/cache/minify/c7035.js HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Referer: http://www.ichiban.menu/menu-teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/ichiban_horizontal_teppan_small.png HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/menu-teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/cache/minify/fbbf4.js HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Referer: http://www.ichiban.menu/menu-teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/niseko-pirka-teppanyaki-02.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/menu-teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/dina/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveOrigin: http://www.ichiban.menuUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Referer: http://www.ichiban.menu/menu-teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8 HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Referer: http://www.ichiban.menu/menu-teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/cropped-Ichiban_ico-1-32x32.png HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/menu-teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/cropped-Ichiban_ico-1-192x192.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.ichiban.menu
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/ichiban_horizontal_teppan_small.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.ichiban.menu
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IchibanFrontDoor-768x1002.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/about-1-1-1024x512.png HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/japanese_food-t2.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/cache/minify/37e61.js HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Referer: http://www.ichiban.menu/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/774388-1920x1280.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IchibanFrontDoor.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.ichiban.menu
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/about-1-1.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.ichiban.menu
Source: global traffic	HTTP traffic detected: GET /about/ HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/japanese_food-t2.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.ichiban.menu
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/774332-1920x1280.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/Screen-Shot-8-1.png HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/about/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/sushi-backgrounds_112713348_82.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/about/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/Screen-Shot-8-1.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.ichiban.menu
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/410666-1920x1280.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /gallery/ayce/ HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /gallery/teppanyaki/ HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/cache/minify/9af47.js HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/24293862_2175673712446641_5670291794321811786_n.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/24294086_2175673782446634_2294808588112786641_n.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/24899790_2187483284599017_7338923987939449924_n.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_1963_1-squashed.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_1991-squashed-e1502606036564.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_2014_1-squashed.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_2024_1-squashed.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_2023_1-squashed.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_2041_1-squashed.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/06/738370-1920x1280.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_1922-squashed.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_1929-squashed.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_1978-squashed.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2017/08/IMG_2014_1.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/gallery/teppanyaki/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /menu-ayce/ HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2If-None-Match: "deee-5c8ae52687f2c"
Source: global traffic	HTTP traffic detected: GET /menu/takeaway/ HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /wp-content/cache/minify/853a9.js HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Referer: http://www.ichiban.menu/menu/takeaway/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _gat_UA-114098840-1=1; _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2
Source: global traffic	HTTP traffic detected: GET /avatar/ab8d6594683241f7233cdf471cf9edef?s=20&d=mm&r=g HTTP/1.1Host: 1.gravatar.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/menu/takeaway/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /avatar/ab8d6594683241f7233cdf471cf9edef?s=20&d=mm&r=g HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: 1.gravatar.com
Source: global traffic	HTTP traffic detected: GET /reservations/ HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2; _gat_UA-114098840-1=1
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/08/6858880820_12fd062a18_o.jpg HTTP/1.1Host: www.ichiban.menuConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Referer: http://www.ichiban.menu/reservations/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.2063951436.1628061335; _gid=GA1.2.2019788632.1628061335; PHPSESSID=0d4c3d8330e64b2f0127e16534ed64a2; _gat_UA-114098840-1=1

Found strings which match to known social media urls

Source: 362e18053d8cbdb4_0.1.dr	String found in binary or memory: '//www.youtube.com/embed/%id%?autoplay=1 equals www.youtube.com (Youtube)
Source: 362e18053d8cbdb4_0.1.dr	String found in binary or memory: //www.youtube.com/embed/%id%?autoplay=1 equals www.youtube.com (Youtube)

Performs DNS lookups

Source: unknown

DNS traffic detected: queries for: www.ichiban.menu

URLs found in memory or binary data

Source: 77EC63BDA74BD0D0E0426DC8F8008506.3.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: ee81135c03c7b5b4_0.1.dr, 8faa0d8de0d24714_0.1.dr, 49c8f33c87de4fa9_0.1.dr	String found in binary or memory: http://ichiban.menu/
Source: e0c377885a89094b_0.1.dr	String found in binary or memory: http://ichiban.menu/0K
Source: acfe1214994be3e9_0.1.dr	String found in binary or memory: http://ichiban.menu/:U
Source: c82a6d17667a3b4e_0.1.dr	String found in binary or memory: http://ichiban.menu/B
Source: acfe1214994be3e9_0.1.dr	String found in binary or memory: http://ichiban.menu/gk
Source: 3beb4f631bd2117c_0.1.dr	String found in binary or memory: http://ichiban.menu/h
Source: 49c8f33c87de4fa9_0.1.dr	String found in binary or memory: http://ichiban.menu/t
Source: 3f2d48f104e12204_0.1.dr	String found in binary or memory: http://ichiban.menu/tdD
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: http://maps.gstatic.cn
Source: ed62acd94547fee5_0.1.dr	String found in binary or memory: http://maps.gstatic.cn/mapfiles/api-3/images/mapcnt6.png
Source: ed62acd94547fee5_0.1.dr	String found in binary or memory: http://maps.gstatic.cn/mapfiles/api-3/images/mapcnt6_hdpi.png
Source: ed62acd94547fee5_0.1.dr	String found in binary or memory: http://maps.gstatic.cn/mapfiles/transparent.png)
Source: 9a6c0cc2dc7afa9b_0.1.dr	String found in binary or memory: http://www.google.cn
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/#rainmaker_form_2109
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu//
Source: History.1.dr	String found in binary or memory: http://www.ichiban.menu/Ichiban
Source: Favicons.1.dr	String found in binary or memory: http://www.ichiban.menu/about/
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/about/#rainmaker_form_2109
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/about/.About
Source: History.1.dr	String found in binary or memory: http://www.ichiban.menu/about/About
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/about/sl
Source: Favicons.1.dr	String found in binary or memory: http://www.ichiban.menu/gallery/ayce/
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/gallery/ayce/&
Source: History.1.dr	String found in binary or memory: http://www.ichiban.menu/gallery/ayce/Teppanyaki
Source: Favicons.1.dr, Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/gallery/teppanyaki/
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/gallery/teppanyaki/#rainmaker_form_2109
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/gallery/teppanyaki/(Teppanyaki
Source: Favicons.1.dr	String found in binary or memory: http://www.ichiban.menu/gallery/teppanyaki/)
Source: History.1.dr	String found in binary or memory: http://www.ichiban.menu/gallery/teppanyaki/Teppanyaki
Source: Favicons.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-ayce/
Source: Favicons.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-ayce//
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-ayce/3
Source: History.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-ayce/Ichiban
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/#rainmaker_form_2109
Source: History-journal.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/2
Source: History Provider Cache.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/2:Teppanyaki
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/:
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/:Teppanyaki
Source: History-journal.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/J
Source: History.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/Teppanyaki
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/Y
Source: Favicons-journal.1.dr	String found in binary or memory: http://www.ichiban.menu/menu-teppanyaki/zw
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu/takeaway/
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu/takeaway/#rainmaker_form_2109
Source: Favicons.1.dr	String found in binary or memory: http://www.ichiban.menu/menu/takeaway/&
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/menu/takeaway/&Takeaway
Source: History.1.dr	String found in binary or memory: http://www.ichiban.menu/menu/takeaway/Takeaway
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/reservations/
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/reservations/#rainmaker_form_2109
Source: History.1.dr	String found in binary or memory: http://www.ichiban.menu/reservations/Ichiban
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menu/reservations/PIchiban
Source: 362e18053d8cbdb4_0.1.dr, 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-admin/admin-ajax.php
Source: 8faa0d8de0d24714_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/37e61.js
Source: 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/37e61.jsa
Source: 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/37e61.jsaD
Source: 93f52fb938ee1996_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/853a9.js
Source: 3f2d48f104e12204_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/9af47.js
Source: e0c377885a89094b_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/c7035.js
Source: 2927575d9fcb27ca_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/c7035.jsa
Source: 2927575d9fcb27ca_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/c7035.jsaD
Source: 3beb4f631bd2117c_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/fbbf4.js
Source: 362e18053d8cbdb4_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/fbbf4.jsa
Source: 362e18053d8cbdb4_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/cache/minify/fbbf4.jsaD
Source: 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/uploads/2017/06/410666-1920x1280.jpg
Source: 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/uploads/2017/06/738370-1920x1280.jpg
Source: 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/uploads/2017/06/774332-1920x1280.jpg
Source: 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/uploads/2017/06/774388-1920x1280.jpg
Source: Favicons.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-content/uploads/2017/06/cropped-Ichiban_ico-1-32x32.png
Source: 362e18053d8cbdb4_0.1.dr, 0fcc6d437574cf25_0.1.dr, 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Source: 0fcc6d437574cf25_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8a
Source: 0fcc6d437574cf25_0.1.dr	String found in binary or memory: http://www.ichiban.menu/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8aD
Source: Current Session.1.dr	String found in binary or memory: http://www.ichiban.menuh
Source: manifest.json0.1.dr, 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://accounts.google.com
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://ajax.googleapis.com
Source: ee81135c03c7b5b4_0.1.dr, f9a9992f840ec712_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Source: dbf0ad74f36c4d17_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.jsa
Source: dbf0ad74f36c4d17_0.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.jsaD
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://api.segment.io
Source: manifest.json0.1.dr, 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://apis.google.com
Source: Current Session.1.dr	String found in binary or memory: https://booking-widget.quandoo.com.au/iframe.html?agentId=2&merchantId=53825&origin=http%3A%2F%2Fwww
Source: edcb47dfafe4384e_0.1.dr	String found in binary or memory: https://booking-widget.quandoo.com/3.0.1620734422/bootstrap.js
Source: c82a6d17667a3b4e_0.1.dr	String found in binary or memory: https://booking-widget.quandoo.com/index.js
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.1.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://content-autofill.googleapis.com
Source: manifest.json0.1.dr	String found in binary or memory: https://content.googleapis.com
Source: Reporting and NEL.3.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/downloads-lorry
Source: ed62acd94547fee5_0.1.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages#
Source: b348cfc8-9cc2-4b6b-b4a9-f44319af0088.tmp.3.dr, 70b31bea-6754-4bcc-8164-7ace39cbbc35.tmp.3.dr, 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://dns.google
Source: manifest.json0.1.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor.1.dr	String found in binary or memory: https://fonts.googleapis.com/
Source: manifest.json0.1.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor.1.dr	String found in binary or memory: https://fonts.gstatic.com/
Source: manifest.json0.1.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: a4927b8e8b6e8e49_0.1.dr, 6cb099d4e0f055ee_0.1.dr, 997643720c860f01_0.1.dr	String found in binary or memory: https://google.com/
Source: 62809a1915858607_0.1.dr	String found in binary or memory: https://google.com/(
Source: 62809a1915858607_0.1.dr	String found in binary or memory: https://google.com/:
Source: 89199a962e76065d_0.1.dr	String found in binary or memory: https://google.com/D
Source: 89199a962e76065d_0.1.dr	String found in binary or memory: https://google.com/R
Source: 779cdb7592da434b_0.1.dr	String found in binary or memory: https://google.com/X
Source: e7745fb0fb323f3d_0.1.dr	String found in binary or memory: https://google.com/c
Source: 62809a1915858607_0.1.dr	String found in binary or memory: https://google.com/f
Source: manifest.json0.1.dr	String found in binary or memory: https://hangouts.google.com/
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://maps.googleapis.com
Source: Network Action Predictor.1.dr	String found in binary or memory: https://maps.googleapis.com/
Source: 9a6c0cc2dc7afa9b_0.1.dr, 83b514cbc0a57437_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/common.js
Source: 9a6c0cc2dc7afa9b_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/common.jsaD
Source: f8a71b102e62ffe6_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/map.js
Source: 2e06fb361c0b40d3_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/map.jsaD
Source: a4927b8e8b6e8e49_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/onion.js
Source: a4927b8e8b6e8e49_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/onion.jsa
Source: a4927b8e8b6e8e49_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/onion.jsaD
Source: 6cb099d4e0f055ee_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/overlay.js
Source: 6cb099d4e0f055ee_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/overlay.jsaD
Source: 997643720c860f01_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/search_impl.js
Source: 997643720c860f01_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/search_impl.jsaD
Source: 779cdb7592da434b_0.1.dr, ed62acd94547fee5_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/util.js
Source: ed62acd94547fee5_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps-api-v3/api/js/45/8/util.jsaD
Source: 89199a962e76065d_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-37.7798781385
Source: 62809a1915858607_0.1.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://maps.gstatic.com
Source: Network Action Predictor.1.dr	String found in binary or memory: https://maps.gstatic.com/
Source: ed62acd94547fee5_0.1.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/api-3/images/mapcnt6.png
Source: ed62acd94547fee5_0.1.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/api-3/images/mapcnt6_hdpi.png
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/defaultphoto
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/entity11.png);background-size:70px
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/entity11_hdpi.png);background-size:70px
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/exp2.png);background-size:109px
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/exp2_hdpi.png);background-size:109px
Source: ed62acd94547fee5_0.1.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/transparent.png);height:10px;width:4px;float:left;margin-top:3px;m
Source: e7745fb0fb323f3d_0.1.dr	String found in binary or memory: https://maps.gstatic.com/maps-api-v3/embed/js/45/8/init_embed.js
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://maps.gstatic.com/maps-api-v3/embed/js/45/8/init_embed.jsa
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://maps.gstatic.com/maps-api-v3/embed/js/45/8/init_embed.jsaD
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://myaccount.google.com/
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://ogs.google.com
Source: manifest.json.1.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://play.google.com
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://r3---sn-5hneknee.gvt1.com
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://redirector.gvt1.com
Source: 362e18053d8cbdb4_0.1.dr, 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: https://s.w.org/images/core/emoji/11/72x72/
Source: 362e18053d8cbdb4_0.1.dr, 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: https://s.w.org/images/core/emoji/11/svg/
Source: Network Action Predictor.1.dr	String found in binary or memory: https://s3-eu-west-1.amazonaws.com/
Source: ee81135c03c7b5b4_0.1.dr	String found in binary or memory: https://s3-eu-west-1.amazonaws.com/quandoo-website/widget-builder/
Source: ee81135c03c7b5b4_0.1.dr	String found in binary or memory: https://s3-eu-west-1.amazonaws.com/quandoo-website/widget-builder/quandoo-widget-builder.js
Source: ee81135c03c7b5b4_0.1.dr	String found in binary or memory: https://s3-eu-west-1.amazonaws.com/quandoo-website/widget-builder/quandoo-widget-builder.jsaD
Source: manifest.json.1.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://ssl.gstatic.com
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://static.hotjar.com
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://stats.g.doubleclick.net
Source: messages.json83.1.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json83.1.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://support.google.com/maps/?p=thirdpartymaps
Source: 3e81a720e5335a28_0.1.dr	String found in binary or memory: https://support.google.com/maps?p=kml
Source: 0fcc6d437574cf25_0.1.dr	String found in binary or memory: https://twemoji.maxcdn.com/2/
Source: 362e18053d8cbdb4_0.1.dr, 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: https://w.soundcloud.com
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://www.google-analytics.com
Source: 49c8f33c87de4fa9_0.1.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: 9a6c0cc2dc7afa9b_0.1.dr, manifest.json0.1.dr, 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://www.google.com
Source: 000003.log0.1.dr	String found in binary or memory: https://www.google.com/
Source: Current Session.1.dr	String found in binary or memory: https://www.google.com/maps/embed?pb=
Source: manifest.json0.1.dr	String found in binary or memory: https://www.google.com;
Source: Current Session.1.dr	String found in binary or memory: https://www.google.comh
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.1.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.1.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr	String found in binary or memory: https://www.googletagmanager.com
Source: 362e18053d8cbdb4_0.1.dr, 3fe29dc3ee4dedc6_0.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: acfe1214994be3e9_0.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-M4B3WHH
Source: 766a81c8-70dc-4e7f-a659-38ccea56616c.tmp.3.dr, 0003996a-5449-4d1d-ba52-5cef383641cc.tmp.3.dr	String found in binary or memory: https://www.gstatic.com
Source: manifest.json0.1.dr	String found in binary or memory: https://www.gstatic.com;

Uses HTTPS

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723

Uses secure TLS version for HTTPS connections

Source: unknown	HTTPS traffic detected: 52.218.20.156:443 -> 192.168.2.3:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.167.90.204:443 -> 192.168.2.3:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.167.90.204:443 -> 192.168.2.3:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.218.20.156:443 -> 192.168.2.3:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.213.64.175:443 -> 192.168.2.3:49875 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.184.78:443 -> 192.168.2.3:49889 version: TLS 1.2

System Summary:

Classification label

Source: classification engine

Classification label: clean1.win@38/250@26/19

Creates files inside the program directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Creates files inside the user directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-610A3E91-2F0.pma

Jump to behavior

Creates temporary files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\fbd055e9-defb-4009-8c3c-5b3254776055.tmp

Jump to behavior

Spawns processes

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://www.ichiban.menu/menu-teppanyaki/'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1556,16433198126318794357,6094034236782199136,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1704 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1556,16433198126318794357,6094034236782199136,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1704 /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Found graphical window changes (likely an installer)

Source: Window Recorder

Window detected: More than 3 window changes detected

Creates a directory in C:\Program Files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior