Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&wdo=2&authkey=!AJzT10c65dPX7EI

Overview

General Information

Sample URL:https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&wdo=2&authkey=!AJzT10c65dPX7EI
Analysis ID:517811
Infos:

Most interesting Screenshot:

Detection

HTMLPhisher
Score:80
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Phishing site detected (based on favicon image match)
Yara detected HtmlPhish10
Antivirus detection for URL or domain
Phishing site detected (based on logo template match)
Phishing site detected (based on image similarity)
Invalid 'forgot password' link found
Found iframes
No HTML title found
HTML body contains low number of good links

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 6920 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&wdo=2&authkey=!AJzT10c65dPX7EI MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 7104 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1628,8635849486097007892,2611066637864603376,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus / Scanner detection for submitted sampleShow sources
Source: https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&wdo=2&authkey=!AJzT10c65dPX7EISlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
Antivirus detection for URL or domainShow sources
Source: https://onedrive.live.com/redir?resid=DEE5B7E6B473EA8%21297&authkey=%21AJzT10c65dPX7EI&page=View&wd=target%28Quick%20Notes.one%7Cdae4515d-1fad-4794-ba15-9ed30915b9e1%2FTableTops%20Unlimited%202021%7Cda5c4bfd-33bd-403e-a141-aa9e59f4f25d%2F%29SlashNext: Label: Fake Login Page type: Phishing & Social Engineering
Source: https://rollingproductions.co/form/vendor/SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

barindex
Phishing site detected (based on favicon image match)Show sources
Source: https://rollingproductions.co/form/vendor/Matcher: Template: microsoft matched with high similarity
Yara detected HtmlPhish10Show sources
Source: Yara matchFile source: 18336.3.pages.csv, type: HTML
Phishing site detected (based on logo template match)Show sources
Source: https://rollingproductions.co/form/vendor/Matcher: Template: microsoft matched
Phishing site detected (based on image similarity)Show sources
Source: https://rollingproductions.co/form/vendor/Matcher: Found strong image similarity, brand: Microsoft image: 18336.3.img.2.gfk.csv EE5C8D9FB6248C938FD0DC19370E90BD
Source: https://rollingproductions.co/form/vendor/HTTP Parser: Invalid link: Forgot my password
Source: https://rollingproductions.co/form/vendor/HTTP Parser: Invalid link: Forgot my password
Source: https://www.ttucorp.com/HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&co=aHR0cHM6Ly93d3cudHR1Y29ycC5jb206NDQz&hl=en&v=kcXVPRWG7fMILHmzon0--fD3&size=invisible&cb=lh2pb45igvi
Source: https://www.ttucorp.com/HTTP Parser: Iframe src: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&co=aHR0cHM6Ly93d3cudHR1Y29ycC5jb206NDQz&hl=en&v=kcXVPRWG7fMILHmzon0--fD3&size=invisible&cb=lh2pb45igvi
Source: https://rollingproductions.co/form/vendor/HTTP Parser: HTML title missing
Source: https://rollingproductions.co/form/vendor/HTTP Parser: HTML title missing
Source: https://www.ttucorp.com/HTTP Parser: HTML title missing
Source: https://www.ttucorp.com/HTTP Parser: HTML title missing
Source: https://rollingproductions.co/form/vendor/HTTP Parser: Number of links: 0
Source: https://rollingproductions.co/form/vendor/HTTP Parser: Number of links: 0
Source: https://rollingproductions.co/form/vendor/HTTP Parser: No <meta name="author".. found
Source: https://rollingproductions.co/form/vendor/HTTP Parser: No <meta name="author".. found
Source: https://www.ttucorp.com/HTTP Parser: No <meta name="author".. found
Source: https://www.ttucorp.com/HTTP Parser: No <meta name="author".. found
Source: https://rollingproductions.co/form/vendor/HTTP Parser: No <meta name="copyright".. found
Source: https://rollingproductions.co/form/vendor/HTTP Parser: No <meta name="copyright".. found
Source: https://www.ttucorp.com/HTTP Parser: No <meta name="copyright".. found
Source: https://www.ttucorp.com/HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49968 version: TLS 1.2
Source: unknownHTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49967 version: TLS 1.2
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
Source: unknownNetwork traffic detected: HTTP traffic on port 49984 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50022 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50102 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50125 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
Source: unknownNetwork traffic detected: HTTP traffic on port 50085 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
Source: unknownNetwork traffic detected: HTTP traffic on port 49996 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
Source: unknownNetwork traffic detected: HTTP traffic on port 50010 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50091 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50113 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
Source: unknownNetwork traffic detected: HTTP traffic on port 50120 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50034 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
Source: unknownNetwork traffic detected: HTTP traffic on port 50114 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50130 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50080
Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50082
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50085
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
Source: unknownNetwork traffic detected: HTTP traffic on port 50119 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50087
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50090
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50094
Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50096
Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49974 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50130
Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
Source: unknownNetwork traffic detected: HTTP traffic on port 50110 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
Source: unknownNetwork traffic detected: HTTP traffic on port 50066 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50104 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50089 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
Source: unknownNetwork traffic detected: HTTP traffic on port 50121 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
Source: unknownNetwork traffic detected: HTTP traffic on port 50033 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50043
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
Source: unknownNetwork traffic detected: HTTP traffic on port 50115 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
Source: unknownNetwork traffic detected: HTTP traffic on port 50109 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50126 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50122 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50007 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50059 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50100
Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50102
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50101
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50104
Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50128 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50088 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50117
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50116
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50119
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50118
Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50110
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50113
Source: unknownNetwork traffic detected: HTTP traffic on port 50076 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50112
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50115
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50114
Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50099 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50043 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50127 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50100 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50128
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50127
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50009
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
Source: unknownNetwork traffic detected: HTTP traffic on port 49969 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50120
Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
Source: unknownNetwork traffic detected: HTTP traffic on port 50054 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50122
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50121
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50124
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
Source: unknownNetwork traffic detected: HTTP traffic on port 50111 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50123
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50125
Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50082 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50097
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50099
Source: unknownNetwork traffic detected: HTTP traffic on port 50112 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50087 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50117 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50008 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49960 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50124 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50092 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49982 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50097 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49987 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50030 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50101 -> 443
Source: data_2.1.drString found in binary or memory: !function(e,t){"function"==typeof define&&define.amd?define(t):"object"==typeof exports?module.exports=t:e.fluidvids=t()}(this,function(){"use strict";function e(e){return new RegExp("^(https?:)?//(?:"+d.players.join("|")+").*$","i").test(e)}function t(e,t){return parseInt(e,10)/parseInt(t,10)*100+"%"}function i(i){if((e(i.src)||e(i.data))&&!i.getAttribute("data-fluidvids")){var n=document.createElement("div");i.parentNode.insertBefore(n,i),i.className+=(i.className?" ":"")+"fluidvids-item",i.setAttribute("data-fluidvids","loaded"),n.className+="fluidvids",n.style.paddingTop=t(i.height,i.width),n.appendChild(i)}}function n(){var e=document.createElement("div");e.innerHTML="<p>x</p><style>"+o+"</style>",r.appendChild(e.childNodes[1])}var d={selector:["iframe","object"],players:["www.youtube.com","player.vimeo.com"]},o=[".fluidvids {","width: 100%; max-width: 100%; position: relative;","}",".fluidvids-item {","position: absolute; top: 0px; left: 0px; width: 100%; height: 100%;","}"].join(""),r=document.head||document.getElementsByTagName("head")[0];return d.render=function(){for(var e=document.querySelectorAll(d.selector.join()),t=e.length;t--;)i(e[t])},d.init=function(e){for(var t in e)d[t]=e[t];d.render(),n()},d}); equals www.youtube.com (Youtube)
Source: data_2.1.drString found in binary or memory: !function(e,t){"function"==typeof define&&define.amd?define(t):"object"==typeof exports?module.exports=t:e.fluidvids=t()}(this,function(){"use strict";function e(e){return new RegExp("^(https?:)?//(?:"+d.players.join("|")+").*$","i").test(e)}function t(e,t){return parseInt(e,10)/parseInt(t,10)*100+"%"}function i(i){if((e(i.src)||e(i.data))&&!i.getAttribute("data-fluidvids")){var n=document.createElement("div");i.parentNode.insertBefore(n,i),i.className+=(i.className?" ":"")+"fluidvids-item",i.setAttribute("data-fluidvids","loaded"),n.className+="fluidvids",n.style.paddingTop=t(i.height,i.width),n.appendChild(i)}}function n(){var e=document.createElement("div");e.innerHTML="<p>x</p><style>"+o+"</style>",r.appendChild(e.childNodes[1])}var d={selector:["iframe","object"],players:["www.youtube.com","player.vimeo.com"]},o=[".fluidvids {","width: 100%; max-width: 100%; position: relative;","}",".fluidvids-item {","position: absolute; top: 0px; left: 0px; width: 100%; height: 100%;","}"].join(""),r=document.head||document.getElementsByTagName("head")[0];return d.render=function(){for(var e=document.querySelectorAll(d.selector.join()),t=e.length;t--;)i(e[t])},d.init=function(e){for(var t in e)d[t]=e[t];d.render(),n()},d});/*! waitForImages jQuery Plugin 2016-01-04 */ equals www.youtube.com (Youtube)
Source: Ruleset Data.0.drString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: Filtering Rules.0.drString found in binary or memory: www.facebook.com/ajax/ads/ equals www.facebook.com (Facebook)
Source: Filtering Rules.0.drString found in binary or memory: www.facebook.com0 equals www.facebook.com (Facebook)
Source: angular.js.0.drString found in binary or memory: http://angularjs.org
Source: data_3.1.drString found in binary or memory: http://api.jqueryui.com/accordion/
Source: data_2.1.drString found in binary or memory: http://api.jqueryui.com/category/ui-core/
Source: data_3.1.drString found in binary or memory: http://api.jqueryui.com/jQuery.widget/
Source: data_3.1.drString found in binary or memory: http://api.jqueryui.com/tabs/
Source: data_2.1.drString found in binary or memory: http://bas2k.ru/
Source: data_3.1.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt0
Source: data_2.1.drString found in binary or memory: http://code.google.com/p/jquery-appear/
Source: data_3.1.drString found in binary or memory: http://crl.pki.goog/gsr1/gsr1.crl0;
Source: data_3.1.drString found in binary or memory: http://crl.pki.goog/gtsr1/gtsr1.crl0W
Source: data_3.1.drString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: data_3.1.drString found in binary or memory: http://crl3.digicert.com/ssca-sha2-g7.crl0/
Source: data_3.1.drString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl0=
Source: data_3.1.drString found in binary or memory: http://crl4.digicert.com/ssca-sha2-g7.crl0
Source: data_3.1.drString found in binary or memory: http://crls.pki.goog/gts1c3/QOvJ0N1sT2A.crl0
Source: data_3.1.drString found in binary or memory: http://crls.pki.goog/gts1c3/QqFxbi9M48c.crl0
Source: data_3.1.drString found in binary or memory: http://crls.pki.goog/gts1c3/fVJxbV-Ktmk.crl0
Source: data_3.1.drString found in binary or memory: http://ejohn.org/
Source: angular.js.0.drString found in binary or memory: http://errors.angularjs.org/1.6.4-local
Source: data_2.1.drString found in binary or memory: http://greensock.com
Source: data_2.1.drString found in binary or memory: http://greensock.com/standard-license
Source: data_3.1.drString found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: data_2.1.drString found in binary or memory: http://jquery.org/license
Source: data_2.1.drString found in binary or memory: http://jqueryui.com
Source: data_3.1.drString found in binary or memory: http://keith-wood.name/countdown.html
Source: data_3.1.drString found in binary or memory: http://keith-wood.name/licence.html)
Source: pnacl_public_x86_64_pnacl_sz_nexe.0.drString found in binary or memory: http://llvm.org/):
Source: data_3.1.drString found in binary or memory: http://malsup.com/jquery/block/
Source: data_3.1.drString found in binary or memory: http://modernizr.com/download/#-fontface-backgroundsize-borderimage-borderradius-boxshadow-flexbox-f
Source: data_3.1.drString found in binary or memory: http://ocsp.digicert.com0
Source: data_3.1.drString found in binary or memory: http://ocsp.digicert.com0F
Source: data_3.1.drString found in binary or memory: http://ocsp.pki.goog/gsr10)
Source: data_3.1.drString found in binary or memory: http://ocsp.pki.goog/gts1c301
Source: data_3.1.drString found in binary or memory: http://ocsp.pki.goog/gtsr100
Source: data_3.1.drString found in binary or memory: http://pki.goog/gsr1/gsr1.crt02
Source: data_3.1.drString found in binary or memory: http://pki.goog/repo/certs/gts1c3.der0
Source: data_3.1.drString found in binary or memory: http://pki.goog/repo/certs/gts1c3.der0M
Source: data_3.1.drString found in binary or memory: http://pki.goog/repo/certs/gtsr1.der04
Source: data_1.1.drString found in binary or memory: http://themeforest.net/user/select-themes
Source: data_1.1.drString found in binary or memory: http://tonda.select-themes.com
Source: mirroring_hangouts.js.0.drString found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: data_3.1.drString found in binary or memory: http://ubilabs.net
Source: mirroring_hangouts.js.0.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: data_3.1.drString found in binary or memory: http://www.digicert.com/CPS0
Source: data_3.1.drString found in binary or memory: http://www.gnu.org/licenses/gpl-3.0.html
Source: data_2.1.dr, data_3.1.drString found in binary or memory: http://www.gnu.org/licenses/gpl.html
Source: data_2.1.drString found in binary or memory: http://www.ianlunn.co.uk/
Source: data_2.1.drString found in binary or memory: http://www.ianlunn.co.uk/plugins/jquery-parallax/
Source: mirroring_hangouts.js.0.drString found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
Source: mirroring_hangouts.js.0.drString found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
Source: data_3.1.drString found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: data_2.1.drString found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: Current Session.0.drString found in binary or memory: http://www.ttucorp.com/
Source: Reporting and NEL.1.drString found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=5lcaos6DejOUWSZB49%2BiWw6mbvhJlOAwo6itDCkFHlpQ1jyOeg7qVwloX
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.s
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.s
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoSEG
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343
Source: data_1.1.drString found in binary or memory: https://aadcdn.msftauth.net/ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, manifest.json3.0.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://accounts.google.com
Source: craw_window.js.0.drString found in binary or memory: https://accounts.google.com/MergeSession
Source: data_1.1.drString found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
Source: data_1.1.dr, data_2.1.drString found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
Source: data_1.1.drString found in binary or memory: https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-GB&wrapperId=suites
Source: data_2.1.drString found in binary or memory: https://api.w.org/
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, manifest.json3.0.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://apis.google.com
Source: Network Action Predictor.0.drString found in binary or memory: https://apis.google.com/
Source: mirroring_common.js.0.drString found in binary or memory: https://apis.google.com/js/client.js
Source: data_1.1.drString found in binary or memory: https://apis.google.com/js/platform.js
Source: data_1.1.drString found in binary or memory: https://apis.google.com/js/platform.js1
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/161470241023_App_Scripts/Feedback/latest/Intl/en-gb/offi
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/161470241023_App_Scripts/Feedback/latest/officebrowserfe
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/161470241023_App_Scripts/wacairspaceanimationlibrary.js
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/161470241023_resources/2057/progress.gif
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/161470241023_resources/2057/wapsw.png?b=1601470241023
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.jsg
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/h634B081C8DD46209_App_Scripts/2057/CommonIntl.js
Source: data_1.1.drString found in binary or memory: https://c1-officeapps-15.cdn.office.net/o/s/h634B081C8DD46209_App_Scripts/2057/CommonIntl.js5
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/2057/OneNoteSimplified.Wac.TellMeM
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/2057/onenote-intl-mlr.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/2057/onenote-intl-mlr.min.jsf
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/2057/onenote-navpane-strings.min.j
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/2057/onenote-ribbon-intl.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/2057/onenote-ribbon-sprite-lazy.mi
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/2057/osfruntime_strings.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/2057/osfruntime_strings.jsU
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/OfficeExtension.WacRuntime.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/OneNote.box4.dll2.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/OneNoteSimplified.Wac.TellMeSugges
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/appChrome.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/appChromeLazy.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/appIconsLazy.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/common.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/common50.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/common50.min.jsqu
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/navigation.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/navigation.min.jsj1
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/onenoteloadingspinner.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/onenoteloadingspinner.min.jsW
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/oreolazy.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/oreolazy.min.jsB
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/oreonavpane.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/oreonotebookpane.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/oreonotebookpane.min.jsN
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/oreosearchpane.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/osfruntime_ono.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/otelFullNext.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/suiteux-shell/js/suiteux.shell.con
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/suiteux-shell/js/suiteux.shell.cor
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/suiteux-shell/js/suiteux.shell.plu
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/suiteux-shell/strings/en-gb/shells
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/uiFabricLazy.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_App_Scripts/uiSlice20.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/Meetings_manifest.xml
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/Meetings_manifest.xml3
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/agavedefaulticon96x96.png
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/agavedefaulticon96x96.pngh
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/m2/ColumnSelect.cur
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/m2/ColumnSelect.cur7
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/m2/box42.png
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/m2/box43.png
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/m2/one.png
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/moe_status_icons.png
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/moeerrorux.css
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/161470241023_resources/2057/progress.gif
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h02D2855C8A5417CD_resources/2057/Blank10x10.gif
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h02D2855C8A5417CD_resources/2057/Blank10x10.gifo;A
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h06FE78141D1F3A43_App_Scripts/Compat.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h1E02DD236AA1095D_App_Scripts/common.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h1EC49C7120425D0F_App_Scripts/2057/Box4Intl.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h3970ED1F2F0DE5B9_App_Scripts/OneNote.box4.dll1.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h47F4322F99F46093_App_Scripts/2057/WoncaIntl.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h47F4322F99F46093_App_Scripts/2057/WoncaIntl.jsWi2M
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h6D0E0E4D4B7CC565_resources/2057/OneNote.Refresh.css
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h6D0E0E4D4B7CC565_resources/2057/OneNote.Refresh.cssH
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h816A0F42A2BF4732_resources/2057/EditSurface.css
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h816A0F42A2BF4732_resources/2057/EditSurface.cssn
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h89EDB66D2A189EF4_App_Scripts/fonts/sharedheaderplaceholder
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h8B4ECD32C72DCD7C_App_Scripts/OneNote.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h8B4ECD32C72DCD7C_App_Scripts/OneNote.js#
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h8F800AEB9D180D26_App_Scripts/healthOffline.worker.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h8F800AEB9D180D26_App_Scripts/healthOffline.worker.min.jsGI
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/h9B7802DB24B7D3FB_App_Scripts/2057/OneNoteIntl.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hCF8E38AF39F430EA_App_Scripts/jSanity.js=k
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hE5571A84E628B051_App_Scripts/wacBoot.min.js
Source: data_1.1.drString found in binary or memory: https://c1-onenote-15.cdn.office.net/o/s/hFC91EC898F55B8F2_App_Scripts/onenoteSync.min.js
Source: 000003.log6.0.drString found in binary or memory: https://c1-onenote-15.cdn.office.net:443/o/s/161470241023_
Source: data_1.1.drString found in binary or memory: https://c2-onenote-15.cdn.office.net/o/resources/1033/FavIcon_OneNote.ico
Source: data_1.1.drString found in binary or memory: https://c2-onenote-15.cdn.office.net/o/s/h19E7C1840088466A_App_Scripts/onenote-boot.min.js
Source: data_1.1.drString found in binary or memory: https://c2-onenote-15.cdn.office.net/o/s/h19E7C1840088466A_App_Scripts/onenote-boot.min.jsGIF89a
Source: mirroring_common.js.0.drString found in binary or memory: https://castedumessaging-pa.googleapis.com/v1
Source: data_1.1.dr, data_2.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/BrowserUls.js
Source: data_1.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/BrowserUls.jsGIF89a
Source: data_1.1.dr, data_2.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/CommonDiagnostics.js
Source: data_1.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/CommonDiagnostics.jsx
Source: data_1.1.dr, data_2.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/ExternalResources/js-cookie.js
Source: data_1.1.dr, data_2.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/Instrumentation.js
Source: data_1.1.dr, data_2.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/LearningTools/LearningTools.js
Source: data_1.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/LearningTools/LearningTools.jsv
Source: data_1.1.dr, data_2.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/aria-web-telemetry-2.9.0.min.js
Source: data_1.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/aria-web-telemetry-2.9.0.min.js%
Source: data_1.1.dr, data_2.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/pickadate.min.js
Source: data_1.1.drString found in binary or memory: https://cdn.onenote.net/officeaddins/161470230350_Scripts/pickadate.min.js4
Source: Network Action Predictor.0.drString found in binary or memory: https://cdnjs.cloudflare.com/
Source: data_1.1.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Source: pnacl_public_x86_64_libcrt_platform_a.0.drString found in binary or memory: https://chromium.googlesource.com/a/native_client/pnacl-clang.git
Source: pnacl_public_x86_64_libcrt_platform_a.0.drString found in binary or memory: https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://clients2.google.com
Source: mirroring_hangouts.js.0.dr, mirroring_cast_streaming.js.0.drString found in binary or memory: https://clients2.google.com/cr/report
Source: manifest.json0.0.dr, manifest.json3.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://clients2.googleusercontent.com
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://clients6.google.com
Source: pnacl_public_x86_64_ld_nexe.0.drString found in binary or memory: https://code.google.com/p/nativeclient/issues/entry
Source: pnacl_public_x86_64_ld_nexe.0.drString found in binary or memory: https://code.google.com/p/nativeclient/issues/entry%s:
Source: data_1.1.drString found in binary or memory: https://code.jquery.com/jquery-3.1.1.min.js
Source: data_1.1.drString found in binary or memory: https://connect.facebook.net/en_US/sdk.js
Source: data_1.1.drString found in binary or memory: https://connect.facebook.net/en_US/sdk.js?hash=a3524221fb455028a2e01f0833955374
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.drString found in binary or memory: https://content-autofill.googleapis.com
Source: data_1.1.drString found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIUCXUszW06HQgPEgk
Source: data_1.1.drString found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIfCU7H5x14rgQNEgk
Source: data_1.1.drString found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIfCW9RaD-ljAa9Egk
Source: data_1.1.drString found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIqCUMt63w4MkDvEgk
Source: manifest.json3.0.drString found in binary or memory: https://content.googleapis.com
Source: 000003.log6.0.drString found in binary or memory: https://content.growth.office.net/mirrored/resources/programmablesurfaces/prod/officewebsurfaces.cor
Source: mirroring_cast_streaming.js.0.dr, common.js.0.drString found in binary or memory: https://crash.corp.google.com/samples?reportid=&q=
Source: LICENSE.txt.0.drString found in binary or memory: https://creativecommons.org/.
Source: LICENSE.txt.0.drString found in binary or memory: https://creativecommons.org/compatiblelicenses
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://creativecommons.org/publicdomain/zero/1.0/.
Source: data_2.1.dr, data_3.1.drString found in binary or memory: https://csp.withgoogle.com/csp/apps-themes
Source: data_2.1.drString found in binary or memory: https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy:
Source: data_3.1.drString found in binary or memory: https://csp.withgoogle.com/csp/apps-themescross-origin-resource-policy:cross-origincross-origin-open
Source: data_2.1.dr, data_3.1.drString found in binary or memory: https://csp.withgoogle.com/csp/recaptcha
Source: data_2.1.drString found in binary or memory: https://csp.withgoogle.com/csp/recaptchaCross-Origin-Resource-Policy:
Source: data_3.1.drString found in binary or memory: https://csp.withgoogle.com/csp/recaptchacross-origin-resource-policy:cross-origincross-origin-opener
Source: data_3.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: data_3.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS
Source: data_3.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk
Source: data_3.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/recaptcha
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/recaptchaX
Source: Reporting and NEL.1.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/recaptcha_
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190430033309/ttu-logo-large-new.png
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190502234305/footer-cards.png
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190502234305/footer-cards.png8
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503044755/INT2969_WEBSITEIMAGES_21-192
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503053253/INT2969_WEBSITEIMAGES_24-630
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503053847/INT2969_WEBSITEIMAGES_25-630
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503054332/INT2969_WEBSITEIMAGES_26-630
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503060452/INT2969_WEBSITEIMAGES_23-630
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503060929/INT2969_WEBSITEIMAGES_22-630
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503082942/INT2969_WEBSITEIMAGES_19-189
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503083144/INT2969_WEBSITEIMAGES_20-189
Source: data_1.1.drString found in binary or memory: https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503083202/INT2969_WEBSITEIMAGES_1890x1
Source: data_3.1.drString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/CustomEvent/CustomEvent
Source: d4530721-f181-4df1-a2c6-ed1a3f15b0c8.tmp.1.dr, 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 006a602e-5399-4480-908f-6b1157b1b6f8.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://dns.google
Source: mirroring_common.js.0.drString found in binary or memory: https://docs.google.com
Source: LICENSE.txt.0.drString found in binary or memory: https://easylist.to/)
Source: manifest.json3.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor.0.drString found in binary or memory: https://fonts.googleapis.com/
Source: data_1.1.drString found in binary or memory: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%7COpen
Source: data_1.1.drString found in binary or memory: https://fonts.googleapis.com/css?family=Poppins:500%7COpen
Source: manifest.json3.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: data_3.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor.0.drString found in binary or memory: https://fonts.gstatic.com/
Source: data_1.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z11lFc-K.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z11lFc-K.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: data_1.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z11lFc-K.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2)
Source: data_1.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJbecmNE.woff2)
Source: data_1.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: data_3.1.drString found in binary or memory: https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: data_1.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Source: data_1.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Source: data_1.1.drString found in binary or memory: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2%a
Source: manifest.json3.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: data_3.1.drString found in binary or memory: https://github.com/Prinzhorn/skrollr
Source: data_3.1.drString found in binary or memory: https://github.com/alvarotrigo/multiscroll.js
Source: material_css_min.css.0.drString found in binary or memory: https://github.com/angular/material
Source: data_2.1.drString found in binary or memory: https://github.com/bas2k/jquery.appear/
Source: LICENSE.txt.0.drString found in binary or memory: https://github.com/easylist)
Source: craw_window.js.0.dr, craw_background.js.0.drString found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: data_3.1.drString found in binary or memory: https://github.com/imakewebthings/jquery-waypoints/blob/master/licenses.txt
Source: data_2.1.drString found in binary or memory: https://github.com/js-cookie/js-cookie
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: data_2.1.drString found in binary or memory: https://github.com/toddmotto/fluidvids
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://hangouts.clients6.google.com
Source: manifest.json3.0.drString found in binary or memory: https://hangouts.google.com/
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://hangouts.google.com/hangouts/_/logpref
Source: data_3.1.drString found in binary or memory: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1636384757&rver=7.3.6962.0&wp=MBI_SSL&wre
Source: mirroring_common.js.0.drString found in binary or memory: https://meet.google.com
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://meetings.clients6.google.com
Source: mirroring_common.js.0.drString found in binary or memory: https://networktraversal.googleapis.com/v1alpha
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://ogs.google.com
Source: 000003.log6.0.drString found in binary or memory: https://onedrive.live.com
Source: Current Session.0.drString found in binary or memory: https://onedrive.live.com/
Source: data_1.1.drString found in binary or memory: https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0
Source: data_1.1.drString found in binary or memory: https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-GB&group=GroupFolders&v=19.773.0927.2003&
Source: data_1.1.drString found in binary or memory: https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-GB&group=Office&v=19.773.0927.2003&useReq
Source: Current Session.0.drString found in binary or memory: https://onedrive.live.com/redir?resid=DEE5B7E6B473EA8%21297&authkey=%21AJzT10c65dPX7EI&page=View&wd=
Source: Current Session.0.drString found in binary or memory: https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8
Source: data_3.1.drString found in binary or memory: https://onedrive.live.comX-Content-Type-Options:
Source: Current Session.0.drString found in binary or memory: https://onedrive.live.comh
Source: 000003.log6.0.drString found in binary or memory: https://onenote.officeapps.live.com
Source: QuotaManager.0.dr, index.txt.tmp.0.drString found in binary or memory: https://onenote.officeapps.live.com/
Source: QuotaManager.0.drString found in binary or memory: https://onenote.officeapps.live.com//.
Source: data_1.1.drString found in binary or memory: https://onenote.officeapps.live.com/o/AddinServiceHandler.ashx?action=laststoreupdate&app=4&lc=EN-GB
Source: data_1.1.drString found in binary or memory: https://onenote.officeapps.live.com/o/AppSettingsHandler.ashx?app=OneNote&usid=bbb5aa22-1a67-4a19-93
Source: data_1.1.drString found in binary or memory: https://onenote.officeapps.live.com/o/App_Scripts/Acl/Acl1033.js
Source: data_1.1.drString found in binary or memory: https://onenote.officeapps.live.com/o/GetImage.ashx?&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fw
Source: Current Session.0.drString found in binary or memory: https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-GB&rs=en-US&hid=G%2BisbB6Yckeez
Source: data_2.1.dr, data_3.1.drString found in binary or memory: https://onenote.officeapps.live.comAccess-Control-Allow-Headers:
Source: data_3.1.drString found in binary or memory: https://onenote.officeapps.live.comAccess-Control-Allow-Methods:
Source: data_1.1.drString found in binary or memory: https://p.sfx.ms//storage/aria-2.5.0.min.js
Source: data_1.1.drString found in binary or memory: https://p.sfx.ms/is/invis.gif
Source: data_1.1.drString found in binary or memory: https://p.sfx.ms/is/invis.gifb
Source: craw_window.js.0.dr, manifest.json.0.drString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: data_3.1.drString found in binary or memory: https://pki.goog/repository/0
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://play.google.com
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://preprod-hangouts-googleapis.sandbox.google.com
Source: c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://r5---sn-h0jeln7l.gvt1.com
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://redirector.gvt1.com
Source: Network Action Predictor.0.drString found in binary or memory: https://rollingproductions.co/
Source: Current Session.0.dr, data_1.1.drString found in binary or memory: https://rollingproductions.co/form/vendor/
Source: data_1.1.drString found in binary or memory: https://rollingproductions.co/form/vendor/GIF89a
Source: craw_window.js.0.dr, manifest.json.0.drString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: data_1.1.drString found in binary or memory: https://shell.cdn.office.net/api/ShellBootInfo/consumer/OneShell/en-gb
Source: data_1.1.drString found in binary or memory: https://shell.cdn.office.net/api/ShellBootInfo/consumer/OneShell/en-gbJ
Source: Current Session.0.dr, data_1.1.drString found in binary or memory: https://skyapi.onedrive.live.com/api/proxy?v=3
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.drString found in binary or memory: https://spoprod-a.akamaihd.net
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/fabric/assets/icons/fabricmdl2icons.woff
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filesbucket3
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss1-11
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss2-78
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//maincss-3d63
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/jquery-1.7.2-
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac0-efa56458
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac1-cdc297b4
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac2-bf8b3319
Source: data_1.1.drString found in binary or memory: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac_s_office-
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.drString found in binary or memory: https://ssl.google-analytics.com
Source: data_1.1.drString found in binary or memory: https://ssl.google-analytics.com/ga.js
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://ssl.gstatic.com
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.drString found in binary or memory: https://stats.g.doubleclick.net
Source: data_1.1.drString found in binary or memory: https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic
Source: messages.json15.0.dr, feedback.html.0.drString found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json15.0.dr, feedback.html.0.drString found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: data_2.1.drString found in binary or memory: https://ttucorp.com/
Source: 000003.log5.0.drString found in binary or memory: https://ttucorp.com/cart/
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4L
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24%
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24I
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13z
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7)
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.7
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3V
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.la
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.na
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.pa
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.sl
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.j
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/countdown/assets/js/plugins/jquery.coun
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/counter/assets/js/plugins/absoluteCount
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/counter/assets/js/plugins/counter.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/custom-font/assets/js/plugins/typed.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/full-screen-sections/assets/js/plugins/
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/pie-chart/assets/js/plugins/easypiechar
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/vertical-split-slider/assets/js/plugins
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-membership/assets/css/membership-responsive.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-membership/assets/css/membership.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/tonda-membership/assets/js/membership.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woochimp/assets/css/skins/woochimp_skin_2.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woochimp/assets/css/style.css?ver=1.4.3
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woochimp/assets/js/woochimp-frontend.js?ver=1.4.3
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woochimp/assets/js/woochimp-frontend.js?ver=1.4.3dJ
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce-gateway-authorize-net-aim/assets/js/frontend/wc-a
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce-gateway-authorize-net-aim/lib/skyverge/woocommerc
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?v
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.7.0
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.7.
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=3.7.
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.7.0
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.7.0-Z
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ve
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ve
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?v
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3c
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.cssA
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-quick-view/assets/js/frontend.min.js?ver=1.3
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.13
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.136t
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?v
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda-child/style.css?c=2
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/elegant-icons/fonts/ElegantIcons.woff
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/elegant-icons/style.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/font-awesome/css/font-awesome.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/font-awesome/fonts/fontawesome-webfont.woff2?
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/ion-icons/css/ionicons.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/ion-icons/fonts/ionicons.ttf?v=2.0.0
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/ion-icons/fonts/ionicons.ttf?v=2.0.0P
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/linear-icons/fonts/Linearicons-Free.woff2?w11
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/linear-icons/style.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/linear-icons/style.css&
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/modules-responsive.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/modules-responsive.min.cssg)#
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/modules.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/style_dynamic_responsive.css?ver=1557889903
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/woocommerce-responsive.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/css/woocommerce.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules.min.jss
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/ScrollToPlugin.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/fluidvids.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/jquery.appear.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/jquery.easing.1.3.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/jquery.geocomplete.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/jquery.geocomplete.min.jsz
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/jquery.plugin.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/jquery.waitforimages.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/jquery.waitforimages.jspr
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/modernizr.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/owl.carousel.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/packery-mode.pkgd.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/parallax.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/perfect-scrollbar.jquery.min.j
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/themes/tonda/style.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=5.7
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/css/dist/block-library/style.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/css/dist/block-library/style.min.css/
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4D
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4WEM
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js/
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1X
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/mediaelement/wp-mediaelement.min.jszD
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/underscore.min.js?ver=1.8.3
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/wp-embed.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/wp-emoji-release.min.js
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/wp-emoji-release.min.js7
Source: data_1.1.drString found in binary or memory: https://ttucorp.com/wp-includes/js/wp-util.min.js
Source: data_2.1.drString found in binary or memory: https://ttucorp.com/wp-json/
Source: craw_window.js.0.dr, craw_background.js.0.drString found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: data_3.1.drString found in binary or memory: https://www.digicert.com/CPS0
Source: 000003.log6.0.drString found in binary or memory: https://www.google.com
Source: 000003.log5.0.dr, manifest.json.0.drString found in binary or memory: https://www.google.com/
Source: craw_window.js.0.drString found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: craw_window.js.0.drString found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.0.drString found in binary or memory: https://www.google.com/images/dot2.gif
Source: craw_window.js.0.drString found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.0.drString found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: mirroring_hangouts.js.0.drString found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: data_1.1.drString found in binary or memory: https://www.google.com/recaptcha/api.js?render=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&ver=3.0
Source: data_1.1.drString found in binary or memory: https://www.google.com/recaptcha/api.js?render=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&ver=3.0U
Source: data_1.1.drString found in binary or memory: https://www.google.com/recaptcha/api2/
Source: Current Session.0.drString found in binary or memory: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&co=aHR0
Source: data_1.1.drString found in binary or memory: https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=kcXVPRWG7fMILHmzon0--fD3
Source: data_1.1.drString found in binary or memory: https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=kcXVPRWG7fMILHmzon0--fD3I
Source: feedback_script.js.0.drString found in binary or memory: https://www.google.com/tools/feedback
Source: manifest.json3.0.drString found in binary or memory: https://www.google.com;
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, craw_window.js.0.dr, craw_background.js.0.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/
Source: manifest.json3.0.drString found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json3.0.drString found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json3.0.drString found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json3.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json3.0.drString found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json3.0.drString found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json3.0.drString found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.drString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json3.0.drString found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: mirroring_common.js.0.drString found in binary or memory: https://www.googleapis.com/calendar/v3
Source: mirroring_common.js.0.drString found in binary or memory: https://www.googleapis.com/hangouts/v1
Source: 1a42d105-4e84-4af2-8d75-016bbc07589a.tmp.1.dr, 66e5e969-f6ad-4881-92a5-340c37bbb063.tmp.1.dr, c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp.1.drString found in binary or memory: https://www.gstatic.com
Source: common.js.0.drString found in binary or memory: https://www.gstatic.com/hangouts_echo_detector/release/%
Source: data_1.1.drString found in binary or memory: https://www.gstatic.com/recaptcha/api2/logo_48.png
Source: data_1.1.drString found in binary or memory: https://www.gstatic.com/recaptcha/api2/logo_48.pngR4
Source: data_1.1.drString found in binary or memory: https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/recaptcha__en.js
Source: data_1.1.drString found in binary or memory: https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/styles__ltr.css
Source: data_1.1.drString found in binary or memory: https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/styles__ltr.cssFZ=
Source: manifest.json3.0.drString found in binary or memory: https://www.gstatic.com;
Source: 000003.log6.0.drString found in binary or memory: https://www.onenote.com
Source: 000003.log5.0.drString found in binary or memory: https://www.onenote.com/
Source: Current Session.0.dr, data_1.1.drString found in binary or memory: https://www.onenote.com/officeaddins/learningtools/?et=
Source: 000003.log6.0.drString found in binary or memory: https://www.ttucorp.com
Source: 000003.log5.0.dr, Network Action Predictor.0.dr, Current Session.0.dr, data_1.1.drString found in binary or memory: https://www.ttucorp.com/
Source: Current Session.0.drString found in binary or memory: https://www.ttucorp.com/;
Source: Current Session.0.drString found in binary or memory: https://www.ttucorp.com/;Cookware
Source: data_1.1.drString found in binary or memory: https://www.ttucorp.com/Cache-Control:
Source: data_1.1.drString found in binary or memory: https://www.ttucorp.com/favicon.ico
Source: Current Session.0.drString found in binary or memory: https://www.ttucorp.comh
Source: unknownHTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: unknownDNS traffic detected: queries for: onedrive.live.com
Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /api/proxy?v=3 HTTP/1.1Host: skyapi.onedrive.live.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://onedrive.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: xid=92c5d3f5-4dab-431d-ac2d-49ff1b723d0c&&RDE42AAC9406C1&360; wla42=; mkt=en-GB; xidseq=2; E=P:9PpIGsui2Yg=:/HqGcPEsqp6mkZPK1MY5j8ynGfqqaVPz9fCx5Nr3py0=:F
Source: global trafficHTTP traffic detected: GET /mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1636384756853 HTTP/1.1Host: storage.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onenote.officeapps.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: xid=92c5d3f5-4dab-431d-ac2d-49ff1b723d0c&&RDE42AAC9406C1&360; wla42=; mkt=en-GB; xidseq=2; E=P:9PpIGsui2Yg=:/HqGcPEsqp6mkZPK1MY5j8ynGfqqaVPz9fCx5Nr3py0=:F; BP=l=SDX.Skydrive&FR=&ST=; MUID=385D304C7CDC6CC203EB20A578DC684B
Source: global trafficHTTP traffic detected: GET /crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /form/vendor/ HTTP/1.1Host: rollingproductions.coConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveOrigin: https://rollingproductions.coUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343074.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rollingproductions.co/form/vendor/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c.svg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343074.svg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/images/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: aadcdn.msftauth.net
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.ttucorp.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.3.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.13 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /js/platform.js HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-membership/assets/css/membership.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-membership/assets/css/membership-responsive.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woochimp/assets/css/style.css?ver=1.4.3 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woochimp/assets/css/skins/woochimp_skin_2.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/yith-woocommerce-quick-view/assets/css/yith-quick-view.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/style.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda-child/style.css?c=2 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/modules.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/font-awesome/css/font-awesome.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/elegant-icons/style.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/ion-icons/css/ionicons.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/linear-icons/style.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/woocommerce.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/modules-responsive.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/woocommerce-responsive.min.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/style_dynamic_responsive.css?ver=1557889903 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce-gateway-authorize-net-aim/lib/skyverge/woocommerce/payment-gateway/assets/css/frontend/sv-wc-payment-gateway-payment-form.min.css?ver=4.7.1 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/js_composer/js_composer_front_custom.css?ver=5.7 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woochimp/assets/js/woochimp-frontend.js?ver=1.4.3 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.7.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.6-78496d1 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.13 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /recaptcha/api.js?render=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&ver=3.0 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: NID=511=DdSfkc4QMrhf0GjEejHgnstUTg2c-YneRr_wXzIeGcJXsOG5dl3mDq9OX2givnhc-2EvnZFJhQwNRyU3qQUBc-7kARK8daIfWoyPKBbjG4udgW-6Yw1qlyg_rOTCRWe8Fp-oXCxxh0EutkW3UnBAI4eZ0VNA-gj-J-OwOJQsM9A
Source: global trafficHTTP traffic detected: GET /s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://www.ttucorp.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600&subset=latin-ext&ver=1.0.0Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190430033309/ttu-logo-large-new.png HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503082942/INT2969_WEBSITEIMAGES_19-1890x1100.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503083202/INT2969_WEBSITEIMAGES_1890x1100.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/linear-icons/fonts/Linearicons-Free.woff2?w118d HTTP/1.1Host: ttucorp.comConnection: keep-aliveOrigin: https://www.ttucorp.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ttucorp.com/wp-content/themes/tonda/assets/css/linear-icons/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveOrigin: https://www.ttucorp.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ttucorp.com/wp-content/themes/tonda/assets/css/font-awesome/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/elegant-icons/fonts/ElegantIcons.woff HTTP/1.1Host: ttucorp.comConnection: keep-aliveOrigin: https://www.ttucorp.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ttucorp.com/wp-content/themes/tonda/assets/css/elegant-icons/style.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/css/ion-icons/fonts/ionicons.ttf?v=2.0.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveOrigin: https://www.ttucorp.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://ttucorp.com/wp-content/themes/tonda/assets/css/ion-icons/css/ionicons.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://www.ttucorp.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600&subset=latin-ext&ver=1.0.0Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503083144/INT2969_WEBSITEIMAGES_20-1890x1100.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503060929/INT2969_WEBSITEIMAGES_22-630x375.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://www.ttucorp.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600&subset=latin-ext&ver=1.0.0Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503060452/INT2969_WEBSITEIMAGES_23-630x3751.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503054332/INT2969_WEBSITEIMAGES_26-630x375.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503053253/INT2969_WEBSITEIMAGES_24-630x375.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /ga.js HTTP/1.1Host: ssl.google-analytics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7528776-1&cid=2067470840.1636384772&jid=1552750421&_v=5.7.2&z=115544500 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503053847/INT2969_WEBSITEIMAGES_25-630x375.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-membership/assets/js/membership.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.7.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.7.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190502234305/footer-cards.png HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/yith-woocommerce-quick-view/assets/js/frontend.min.js?ver=1.3.13 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/jquery.appear.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/modernizr.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/jquery.plugin.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/owl.carousel.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.7 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/fluidvids.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /en_US/sdk.js HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /en_US/sdk.js?hash=a3524221fb455028a2e01f0833955374 HTTP/1.1Host: connect.facebook.netConnection: keep-aliveOrigin: https://www.ttucorp.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=5.7 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/ScrollToPlugin.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/parallax.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/jquery.waitforimages.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/jquery.easing.1.3.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.7 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/packery-mode.pkgd.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/themes/tonda/assets/js/modules/plugins/jquery.geocomplete.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-core/shortcodes/counter/assets/js/plugins/counter.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-core/shortcodes/custom-font/assets/js/plugins/typed.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-core/shortcodes/full-screen-sections/assets/js/plugins/jquery.fullPage.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/tonda-core/shortcodes/vertical-split-slider/assets/js/plugins/jquery.multiscroll.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce-gateway-authorize-net-aim/lib/skyverge/woocommerce/payment-gateway/assets/js/frontend/sv-wc-payment-gateway-payment-form.min.js?ver=4.7.1 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce-gateway-authorize-net-aim/assets/js/frontend/wc-authorize-net-aim.min.js?ver=3.12.1 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-includes/js/wp-embed.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-includes/js/wp-util.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.7.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=3.7.0 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.8 HTTP/1.1Host: ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/20190503044755/INT2969_WEBSITEIMAGES_21-1920x1100.jpg HTTP/1.1Host: d3v4i80726wzko.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.ttucorp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ttucorp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: __utma=69133268.2067470840.1636384772.1636384772.1636384772.1; __utmc=69133268; __utmz=69133268.1636384772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=69133268.|1=logged-in=no=1; __utmt=1; __utmb=69133268.1.10.1636384772
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.ttucorp.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: unknownHTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49968 version: TLS 1.2
Source: unknownHTTPS traffic detected: 152.199.23.37:443 -> 192.168.2.4:49967 version: TLS 1.2
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&wdo=2&authkey=!AJzT10c65dPX7EI
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1628,8635849486097007892,2611066637864603376,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1628,8635849486097007892,2611066637864603376,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&wdo=2&authkey=!AJzT10c65dPX7EIJoe Sandbox Cloud Basic: Detection: clean Score: 0Perma Link
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61893FE4-1B08.pmaJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Local\Temp\1bd54b7a-3f3f-4e37-b61c-8f8f24402269.tmpJump to behavior
Source: classification engineClassification label: mal80.phis.win@33/269@30/19
Source: QuotaManager.0.drBinary or memory string: CREATE TABLE HostQuotaTable(host TEXT NOT NULL, type INTEGER NOT NULL, quota INTEGER DEFAULT 0, UNIQUE(host, type));
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Drive-by Compromise1Windows Management InstrumentationPath InterceptionProcess Injection1Masquerading1OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection1LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothNon-Application Layer Protocol3Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationApplication Layer Protocol4Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferIngress Tool Transfer1SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.