Windows Analysis Report
http://ionl.ca

Overview

General Information

Sample URL:	http://ionl.ca
Analysis ID:	1580411
Infos:

Detection

Score:	21
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

AI detected landing page (webpage, office document or email)

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

AI detected landing page (webpage, office document or email)

Source: http://ionl.ca/

Joe Sandbox AI: Page contains button: 'CLICK HERE' Source: '1.0.pages.csv'

HTML page contains hidden javascript code

Source: http://ionl.ca/

HTTP Parser: Base64 decoded: {"popupbox":{"id":"2","title":"Notice of Address Change","popup_name":"","description":"","category_id":"1","autoclose":"20","cookie":"43200","width":400,"height":500,"bgcolor":"#ffffff","textcolor":"#000000","bordersize":"1","bordercolor":"#ffffff","bord...

Source: http://ionl.ca/wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdf	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdf	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdf	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49742 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ionl.caConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=6.6.2 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ays-popup-box/public/css/animate.css?ver=5.0.5 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/genericons/genericons.css?ver=3.4.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/style.css?ver=6.6.2 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/css/bootstrap.min.css?ver=20150930 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/css/bootstrap-theme.min.css?ver=20150930 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/style.css?ver=20150930 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.9 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/js_composer/custom.css?ver=7.9 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ays-popup-box/public/js/ays-pb-public.js?ver=5.0.5 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/circleFit.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/img/logo-top.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?rev=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ays-popup-box/public/js/ays-pb-public.js?ver=5.0.5 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/circleFit.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?rev=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/img/logo-top.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/header01.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?rev=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/500-IMG_2508_855x525.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/mkt_workplace_810x440.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?rev=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/header01.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/500-IMG_2508_855x525.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ays-popup-box/public/css/ays-pb-public-min.css?ver=5.0.5 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/mkt_workplace_810x440.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/js/bootstrap.min.js?ver=20151204 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/js/skip-link-focus-fix.js?ver=20151112 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.9 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/img/facebook-30.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/wp-content/themes/prime/style.css?ver=20150930Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/js/skip-link-focus-fix.js?ver=20151112 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/js/bootstrap.min.js?ver=20151204 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.9 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/img/facebook-30.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/bk-testimonials.jpg?id=551 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/installation-400x450.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /track/ctin.php?t=1735044226030&custnum=c291e5e867c41a37&sname=ionl.ca&pagename=php5-cgi&group=%2Fservices%2Fwebpages%2Fi%2Fo%2Fionl.ca%2Fcgi-bin&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1280x1024&color_depth=24&campaign=&referrer=&page_url=http%253A%252F%252Fionl.ca%252F&plugins=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B HTTP/1.1Host: count.carrierzone.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/installation-400x450.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/bk-testimonials.jpg?id=551 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /track/ctin.php?t=1735044226030&custnum=c291e5e867c41a37&sname=ionl.ca&pagename=php5-cgi&group=%2Fservices%2Fwebpages%2Fi%2Fo%2Fionl.ca%2Fcgi-bin&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1280x1024&color_depth=24&campaign=&referrer=&page_url=http%253A%252F%252Fionl.ca%252F&plugins=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B HTTP/1.1Host: count.carrierzone.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /favicon-16x16.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /favicon-96x96.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /android-icon-192x192.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdf HTTP/1.1Host: ionl.caConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdfAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdf HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdfAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227

Source: global traffic	DNS traffic detected: DNS query: ionl.ca
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: fast.fonts.net
Source: global traffic	DNS traffic detected: DNS query: count.carrierzone.com

Source: unknown

HTTP traffic detected: POST /wp-admin/admin-ajax.php HTTP/1.1Host: ionl.caConnection: keep-aliveContent-Length: 34Accept: text/plain, */*; q=0.01X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded; charset=UTF-8Origin: http://ionl.caReferer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227Data Raw: 69 64 3d 32 26 61 63 74 69 6f 6e 3d 61 79 73 5f 69 6e 63 72 65 6d 65 6e 74 5f 70 62 5f 76 69 65 77 73 Data Ascii: id=2&action=ays_increment_pb_views

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 24 Dec 2024 12:43:51 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Content-Encoding: gzipData Raw: 31 37 65 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5d eb 92 db 36 96 fe ad ae da 77 40 94 9a 91 14 8b 77 52 b7 be 64 1d c7 19 67 cb c9 78 c7 9e 71 4d d9 ae 2e 88 84 24 b6 29 92 21 a9 96 3a 3d 5d b5 af b1 af b7 4f b2 e7 00 bc 4a d4 bd b3 55 ab 6a 4b 24 70 2e 1f 0e 80 83 03 12 80 af be f9 f1 af af 3e fc f3 dd 6b 32 4b e6 de cd c5 15 fe 10 8f fa d3 eb 26 f3 a5 57 2f 9b c4 f6 68 1c 5f 37 fd 40 ba 8b 9b 48 c1 a8 73 73 d1 b8 b8 fa 46 92 c8 5f 82 60 ea 31 92 d0 29 69 4f e1 5b be 8b 3b 44 92 80 2c b6 23 37 4c 08 8d 1f 7c 9b c4 91 7d dd 9c 25 49 18 8f 14 65 b9 5c ca 53 ce 07 0c 73 ea d3 29 8b 64 3b 98 2b 28 40 b9 8b bf 77 9d eb bf 48 ef 87 af df ff f3 fd db de bb ff 6c de 5c 29 42 5a 2e f6 e6 82 90 a5 eb 3b c1 52 76 68 42 df d2 07 16 91 eb cd a4 7f fd 8b 7c fa 72 09 c4 93 85 6f 27 6e e0 13 d4 d1 ee 3c e6 24 72 b8 88 67 6d 1a 4d 17 73 e6 27 71 e7 f2 09 a8 39 51 eb 2e 6e 75 89 cf 96 e4 47 9a b0 76 a7 73 79 91 67 d9 81 3f 71 a7 90 dd 2a 03 6d 01 49 01 15 4c 44 e0 73 e5 b9 fe 57 12 31 ef ba 49 c3 d0 63 52 12 2c ec 99 e4 82 88 26 89 dd df 19 d8 d6 ea af ac 7e 93 cc 22 36 b9 6e 2a 82 0c 09 24 9e 21 87 fe b4 79 73 b0 b0 9e ba ea a9 75 c2 78 c6 91 c2 fa fa aa af d7 09 e3 19 c7 0a eb ad fa bd 5a 61 98 71 a4 30 4d 33 57 f0 af 4e 5c 9a 75 ac 40 5d 5d c1 bf 5a 81 22 eb 58 81 26 c0 30 eb 11 8a ac 63 05 5a fa 0a fe d5 0a 14 59 c7 0a 1c 40 b9 06 f5 45 16 59 f5 02 85 90 e4 21 64 70 3d 87 fe ab 20 59 2e 75 08 58 86 00 33 17 eb 3b 51 e0 3a a9 60 91 7b 8a 60 43 5f 19 45 e9 27 f4 9e 0b e4 a9 a7 88 1b f6 56 c3 de 86 38 9e 7a 8a 38 ad b7 d2 36 c5 f1 d4 7a 71 e0 fa dc 09 8b 93 9c 27 4b 00 27 0a 8a 52 fa 39 78 49 e2 d3 39 e8 9c c7 58 41 ae 4d d1 93 49 1f 5c 8f bd 0a bc 20 02 17 1d f8 09 78 af eb e6 b7 13 fe 39 88 f7 67 2c 41 89 57 99 c7 5b 1b 67 49 50 32 63 73 26 d9 3b 15 8b af 8b 86 e0 b3 67 34 8a 19 10 fd fd c3 4f d2 00 48 1a 65 79 f7 2e 5b 86 41 94 94 84 2d 5d 27 99 5d 3b 0c 2c c8 24 7e d3 25 ae ef 26 2e f5 a4 d8 a6 1e bb d6 b8 94 c2 94 61 14 4c a0 48 99 25 71 a4 81 81 66 3a 0f a7 72 10 4d 95 d5 c4 57 34 ce d3 c8 06 10 27 b0 b9 c7 97 b3 8b d7 1e e3 f7 7c b8 7b eb c6 09 f9 9e ec 27 92 a9 e3 b4 5b f7 21 8c 8d ad 0e 19 ed e1 f8 15 4a 4c 5e 5c 93 16 11 1c 97 a5 81 2d 71 13 8f dd bc 83 3a 21 7e 90 90 49 b0 f0 1d f2 e7 6f 07 ba a6 5d 92 9f 63 18 92 1d f2 d7 c9 04 4c 72 a5 08 da 8b 92 19 5b 51 30 0e 92 b8 95 1b b1 35 a7 2b 89 37 52 29 8c 18 1a 79 e4 c1 28 c7 5a 44 01 c6 dc 72 ad 38 79 f0 58 3c 63 2c 69 11 18 77 5b cb 50 1a 7b 81 fd 55 f2 dc 71 44 a3 07 c9 8e 41 2a 37 6b 2b 35 2b 34 20 4f b6 a9 02 a4 ae 6f 7b 0b 87 c5 0a 50 29 0e d8 43 a9 30 2b 5c ba 3c 77 7d 19 08 be bf 67 d1 75 4f ee c9 7a 4b 74 a2 56 c2 56 89 c2 15 cc 99 e3 d2 eb 16 f5 3c 01 90 33 72 40 dc 70 ae 2d 89 76 27 e0 82 5e 28 01 13 d8 d6 44 dd 5c
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 24 Dec 2024 12:43:53 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Content-Encoding: gzipData Raw: 31 37 65 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5d eb 92 db 36 96 fe ad ae da 77 40 94 9a 91 14 8b 77 52 b7 be 64 1d c7 19 67 cb c9 78 c7 9e 71 4d d9 ae 2e 88 84 24 b6 29 92 21 a9 96 3a 3d 5d b5 af b1 af b7 4f b2 e7 00 bc 4a d4 bd b3 55 ab 6a 4b 24 70 2e 1f 0e 80 83 03 12 80 af be f9 f1 af af 3e fc f3 dd 6b 32 4b e6 de cd c5 15 fe 10 8f fa d3 eb 26 f3 a5 57 2f 9b c4 f6 68 1c 5f 37 fd 40 ba 8b 9b 48 c1 a8 73 73 d1 b8 b8 fa 46 92 c8 5f 82 60 ea 31 92 d0 29 69 4f e1 5b be 8b 3b 44 92 80 2c b6 23 37 4c 08 8d 1f 7c 9b c4 91 7d dd 9c 25 49 18 8f 14 65 b9 5c ca 53 ce 07 0c 73 ea d3 29 8b 64 3b 98 2b 28 40 b9 8b bf 77 9d eb bf 48 ef 87 af df ff f3 fd db de bb ff 6c de 5c 29 42 5a 2e f6 e6 82 90 a5 eb 3b c1 52 76 68 42 df d2 07 16 91 eb cd a4 7f fd 8b 7c fa 72 09 c4 93 85 6f 27 6e e0 13 d4 d1 ee 3c e6 24 72 b8 88 67 6d 1a 4d 17 73 e6 27 71 e7 f2 09 a8 39 51 eb 2e 6e 75 89 cf 96 e4 47 9a b0 76 a7 73 79 91 67 d9 81 3f 71 a7 90 dd 2a 03 6d 01 49 01 15 4c 44 e0 73 e5 b9 fe 57 12 31 ef ba 49 c3 d0 63 52 12 2c ec 99 e4 82 88 26 89 dd df 19 d8 d6 ea af ac 7e 93 cc 22 36 b9 6e 2a 82 0c 09 24 9e 21 87 fe b4 79 73 b0 b0 9e ba ea a9 75 c2 78 c6 91 c2 fa fa aa af d7 09 e3 19 c7 0a eb ad fa bd 5a 61 98 71 a4 30 4d 33 57 f0 af 4e 5c 9a 75 ac 40 5d 5d c1 bf 5a 81 22 eb 58 81 26 c0 30 eb 11 8a ac 63 05 5a fa 0a fe d5 0a 14 59 c7 0a 1c 40 b9 06 f5 45 16 59 f5 02 85 90 e4 21 64 70 3d 87 fe ab 20 59 2e 75 08 58 86 00 33 17 eb 3b 51 e0 3a a9 60 91 7b 8a 60 43 5f 19 45 e9 27 f4 9e 0b e4 a9 a7 88 1b f6 56 c3 de 86 38 9e 7a 8a 38 ad b7 d2 36 c5 f1 d4 7a 71 e0 fa dc 09 8b 93 9c 27 4b 00 27 0a 8a 52 fa 39 78 49 e2 d3 39 e8 9c c7 58 41 ae 4d d1 93 49 1f 5c 8f bd 0a bc 20 02 17 1d f8 09 78 af eb e6 b7 13 fe 39 88 f7 67 2c 41 89 57 99 c7 5b 1b 67 49 50 32 63 73 26 d9 3b 15 8b af 8b 86 e0 b3 67 34 8a 19 10 fd fd c3 4f d2 00 48 1a 65 79 f7 2e 5b 86 41 94 94 84 2d 5d 27 99 5d 3b 0c 2c c8 24 7e d3 25 ae ef 26 2e f5 a4 d8 a6 1e bb d6 b8 94 c2 94 61 14 4c a0 48 99 25 71 a4 81 81 66 3a 0f a7 72 10 4d 95 d5 c4 57 34 ce d3 c8 06 10 27 b0 b9 c7 97 b3 8b d7 1e e3 f7 7c b8 7b eb c6 09 f9 9e ec 27 92 a9 e3 b4 5b f7 21 8c 8d ad 0e 19 ed e1 f8 15 4a 4c 5e 5c 93 16 11 1c 97 a5 81 2d 71 13 8f dd bc 83 3a 21 7e 90 90 49 b0 f0 1d f2 e7 6f 07 ba a6 5d 92 9f 63 18 92 1d f2 d7 c9 04 4c 72 a5 08 da 8b 92 19 5b 51 30 0e 92 b8 95 1b b1 35 a7 2b 89 37 52 29 8c 18 1a 79 e4 c1 28 c7 5a 44 01 c6 dc 72 ad 38 79 f0 58 3c 63 2c 69 11 18 77 5b cb 50 1a 7b 81 fd 55 f2 dc 71 44 a3 07 c9 8e 41 2a 37 6b 2b 35 2b 34 20 4f b6 a9 02 a4 ae 6f 7b 0b 87 c5 0a 50 29 0e d8 43 a9 30 2b 5c ba 3c 77 7d 19 08 be bf 67 d1 75 4f ee c9 7a 4b 74 a2 56 c2 56 89 c2 15 cc 99 e3 d2 eb 16 f5 3c 01 90 33 72 40 dc 70 ae 2d 89 76 27 e0 82 5e 28 01 13 d8 d6 44 dd 5c
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 24 Dec 2024 12:43:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Content-Encoding: gzipData Raw: 31 37 65 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5d eb 92 db 36 96 fe ad ae da 77 40 94 9a 91 14 8b 77 52 b7 be 64 1d c7 19 67 cb c9 78 c7 9e 71 4d d9 ae 2e 88 84 24 b6 29 92 21 a9 96 3a 3d 5d b5 af b1 af b7 4f b2 e7 00 bc 4a d4 bd b3 55 ab 6a 4b 24 70 2e 1f 0e 80 83 03 12 80 af be f9 f1 af af 3e fc f3 dd 6b 32 4b e6 de cd c5 15 fe 10 8f fa d3 eb 26 f3 a5 57 2f 9b c4 f6 68 1c 5f 37 fd 40 ba 8b 9b 48 c1 a8 73 73 d1 b8 b8 fa 46 92 c8 5f 82 60 ea 31 92 d0 29 69 4f e1 5b be 8b 3b 44 92 80 2c b6 23 37 4c 08 8d 1f 7c 9b c4 91 7d dd 9c 25 49 18 8f 14 65 b9 5c ca 53 ce 07 0c 73 ea d3 29 8b 64 3b 98 2b 28 40 b9 8b bf 77 9d eb bf 48 ef 87 af df ff f3 fd db de bb ff 6c de 5c 29 42 5a 2e f6 e6 82 90 a5 eb 3b c1 52 76 68 42 df d2 07 16 91 eb cd a4 7f fd 8b 7c fa 72 09 c4 93 85 6f 27 6e e0 13 d4 d1 ee 3c e6 24 72 b8 88 67 6d 1a 4d 17 73 e6 27 71 e7 f2 09 a8 39 51 eb 2e 6e 75 89 cf 96 e4 47 9a b0 76 a7 73 79 91 67 d9 81 3f 71 a7 90 dd 2a 03 6d 01 49 01 15 4c 44 e0 73 e5 b9 fe 57 12 31 ef ba 49 c3 d0 63 52 12 2c ec 99 e4 82 88 26 89 dd df 19 d8 d6 ea af ac 7e 93 cc 22 36 b9 6e 2a 82 0c 09 24 9e 21 87 fe b4 79 73 b0 b0 9e ba ea a9 75 c2 78 c6 91 c2 fa fa aa af d7 09 e3 19 c7 0a eb ad fa bd 5a 61 98 71 a4 30 4d 33 57 f0 af 4e 5c 9a 75 ac 40 5d 5d c1 bf 5a 81 22 eb 58 81 26 c0 30 eb 11 8a ac 63 05 5a fa 0a fe d5 0a 14 59 c7 0a 1c 40 b9 06 f5 45 16 59 f5 02 85 90 e4 21 64 70 3d 87 fe ab 20 59 2e 75 08 58 86 00 33 17 eb 3b 51 e0 3a a9 60 91 7b 8a 60 43 5f 19 45 e9 27 f4 9e 0b e4 a9 a7 88 1b f6 56 c3 de 86 38 9e 7a 8a 38 ad b7 d2 36 c5 f1 d4 7a 71 e0 fa dc 09 8b 93 9c 27 4b 00 27 0a 8a 52 fa 39 78 49 e2 d3 39 e8 9c c7 58 41 ae 4d d1 93 49 1f 5c 8f bd 0a bc 20 02 17 1d f8 09 78 af eb e6 b7 13 fe 39 88 f7 67 2c 41 89 57 99 c7 5b 1b 67 49 50 32 63 73 26 d9 3b 15 8b af 8b 86 e0 b3 67 34 8a 19 10 fd fd c3 4f d2 00 48 1a 65 79 f7 2e 5b 86 41 94 94 84 2d 5d 27 99 5d 3b 0c 2c c8 24 7e d3 25 ae ef 26 2e f5 a4 d8 a6 1e bb d6 b8 94 c2 94 61 14 4c a0 48 99 25 71 a4 81 81 66 3a 0f a7 72 10 4d 95 d5 c4 57 34 ce d3 c8 06 10 27 b0 b9 c7 97 b3 8b d7 1e e3 f7 7c b8 7b eb c6 09 f9 9e ec 27 92 a9 e3 b4 5b f7 21 8c 8d ad 0e 19 ed e1 f8 15 4a 4c 5e 5c 93 16 11 1c 97 a5 81 2d 71 13 8f dd bc 83 3a 21 7e 90 90 49 b0 f0 1d f2 e7 6f 07 ba a6 5d 92 9f 63 18 92 1d f2 d7 c9 04 4c 72 a5 08 da 8b 92 19 5b 51 30 0e 92 b8 95 1b b1 35 a7 2b 89 37 52 29 8c 18 1a 79 e4 c1 28 c7 5a 44 01 c6 dc 72 ad 38 79 f0 58 3c 63 2c 69 11 18 77 5b cb 50 1a 7b 81 fd 55 f2 dc 71 44 a3 07 c9 8e 41 2a 37 6b 2b 35 2b 34 20 4f b6 a9 02 a4 ae 6f 7b 0b 87 c5 0a 50 29 0e d8 43 a9 30 2b 5c ba 3c 77 7d 19 08 be bf 67 d1 75 4f ee c9 7a 4b 74 a2 56 c2 56 89 c2 15 cc 99 e3 d2 eb 16 f5 3c 01 90 33 72 40 dc 70 ae 2d 89 76 27 e0 82 5e 28 01 13 d8 d6 44 dd 5c
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 24 Dec 2024 12:43:56 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Content-Encoding: gzipData Raw: 31 37 65 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5d eb 92 db 36 96 fe ad ae da 77 40 94 9a 91 14 8b 77 52 b7 be 64 1d c7 19 67 cb c9 78 c7 9e 71 4d d9 ae 2e 88 84 24 b6 29 92 21 a9 96 3a 3d 5d b5 af b1 af b7 4f b2 e7 00 bc 4a d4 bd b3 55 ab 6a 4b 24 70 2e 1f 0e 80 83 03 12 80 af be f9 f1 af af 3e fc f3 dd 6b 32 4b e6 de cd c5 15 fe 10 8f fa d3 eb 26 f3 a5 57 2f 9b c4 f6 68 1c 5f 37 fd 40 ba 8b 9b 48 c1 a8 73 73 d1 b8 b8 fa 46 92 c8 5f 82 60 ea 31 92 d0 29 69 4f e1 5b be 8b 3b 44 92 80 2c b6 23 37 4c 08 8d 1f 7c 9b c4 91 7d dd 9c 25 49 18 8f 14 65 b9 5c ca 53 ce 07 0c 73 ea d3 29 8b 64 3b 98 2b 28 40 b9 8b bf 77 9d eb bf 48 ef 87 af df ff f3 fd db de bb ff 6c de 5c 29 42 5a 2e f6 e6 82 90 a5 eb 3b c1 52 76 68 42 df d2 07 16 91 eb cd a4 7f fd 8b 7c fa 72 09 c4 93 85 6f 27 6e e0 13 d4 d1 ee 3c e6 24 72 b8 88 67 6d 1a 4d 17 73 e6 27 71 e7 f2 09 a8 39 51 eb 2e 6e 75 89 cf 96 e4 47 9a b0 76 a7 73 79 91 67 d9 81 3f 71 a7 90 dd 2a 03 6d 01 49 01 15 4c 44 e0 73 e5 b9 fe 57 12 31 ef ba 49 c3 d0 63 52 12 2c ec 99 e4 82 88 26 89 dd df 19 d8 d6 ea af ac 7e 93 cc 22 36 b9 6e 2a 82 0c 09 24 9e 21 87 fe b4 79 73 b0 b0 9e ba ea a9 75 c2 78 c6 91 c2 fa fa aa af d7 09 e3 19 c7 0a eb ad fa bd 5a 61 98 71 a4 30 4d 33 57 f0 af 4e 5c 9a 75 ac 40 5d 5d c1 bf 5a 81 22 eb 58 81 26 c0 30 eb 11 8a ac 63 05 5a fa 0a fe d5 0a 14 59 c7 0a 1c 40 b9 06 f5 45 16 59 f5 02 85 90 e4 21 64 70 3d 87 fe ab 20 59 2e 75 08 58 86 00 33 17 eb 3b 51 e0 3a a9 60 91 7b 8a 60 43 5f 19 45 e9 27 f4 9e 0b e4 a9 a7 88 1b f6 56 c3 de 86 38 9e 7a 8a 38 ad b7 d2 36 c5 f1 d4 7a 71 e0 fa dc 09 8b 93 9c 27 4b 00 27 0a 8a 52 fa 39 78 49 e2 d3 39 e8 9c c7 58 41 ae 4d d1 93 49 1f 5c 8f bd 0a bc 20 02 17 1d f8 09 78 af eb e6 b7 13 fe 39 88 f7 67 2c 41 89 57 99 c7 5b 1b 67 49 50 32 63 73 26 d9 3b 15 8b af 8b 86 e0 b3 67 34 8a 19 10 fd fd c3 4f d2 00 48 1a 65 79 f7 2e 5b 86 41 94 94 84 2d 5d 27 99 5d 3b 0c 2c c8 24 7e d3 25 ae ef 26 2e f5 a4 d8 a6 1e bb d6 b8 94 c2 94 61 14 4c a0 48 99 25 71 a4 81 81 66 3a 0f a7 72 10 4d 95 d5 c4 57 34 ce d3 c8 06 10 27 b0 b9 c7 97 b3 8b d7 1e e3 f7 7c b8 7b eb c6 09 f9 9e ec 27 92 a9 e3 b4 5b f7 21 8c 8d ad 0e 19 ed e1 f8 15 4a 4c 5e 5c 93 16 11 1c 97 a5 81 2d 71 13 8f dd bc 83 3a 21 7e 90 90 49 b0 f0 1d f2 e7 6f 07 ba a6 5d 92 9f 63 18 92 1d f2 d7 c9 04 4c 72 a5 08 da 8b 92 19 5b 51 30 0e 92 b8 95 1b b1 35 a7 2b 89 37 52 29 8c 18 1a 79 e4 c1 28 c7 5a 44 01 c6 dc 72 ad 38 79 f0 58 3c 63 2c 69 11 18 77 5b cb 50 1a 7b 81 fd 55 f2 dc 71 44 a3 07 c9 8e 41 2a 37 6b 2b 35 2b 34 20 4f b6 a9 02 a4 ae 6f 7b 0b 87 c5 0a 50 29 0e d8 43 a9 30 2b 5c ba 3c 77 7d 19 08 be bf 67 d1 75 4f ee c9 7a 4b 74 a2 56 c2 56 89 c2 15 cc 99 e3 d2 eb 16 f5 3c 01 90 33 72 40 dc 70 ae 2d 89 76 27 e0 82 5e 28 01 13 d8 d6 44 dd 5c

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49742 version: TLS 1.2

Source: classification engine

Classification label: sus21.win@26/47@20/187

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2004,i,7577569698952660962,12297675400179224436,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ionl.ca"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2004,i,7577569698952660962,12297675400179224436,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
172.217.19.206	unknown	United States	15169	GOOGLEUS	false
172.217.19.238	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
172.217.17.35	unknown	United States	15169	GOOGLEUS	false
216.58.208.227	unknown	United States	15169	GOOGLEUS	false
69.49.101.51	ionl.ca	United States	14116	INFB-ASUS	false
142.250.181.104	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
66.175.41.113	count.carrierzone.com	United States	30447	INFB2-ASUS	false
172.217.21.35	unknown	United States	15169	GOOGLEUS	false
64.233.161.84	unknown	United States	15169	GOOGLEUS	false
172.217.17.40	unknown	United States	15169	GOOGLEUS	false
172.217.21.36	www.google.com	United States	15169	GOOGLEUS	false
142.250.181.78	unknown	United States	15169	GOOGLEUS	false
172.217.19.10	unknown	United States	15169	GOOGLEUS	false
216.239.36.178	unknown	United States	15169	GOOGLEUS	false
104.16.40.28	fast.fonts.net	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.17
192.168.2.16

Contacted Domains

Name	IP	Active
ionl.ca	69.49.101.51	true
fast.fonts.net	104.16.40.28	true
www.google.com	172.217.21.36	true
count.carrierzone.com	66.175.41.113	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://ionl.ca/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.9	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/uploads/2016/11/bk-testimonials.jpg?id=551	true	Avira URL Cloud: safe	unknown
http://ionl.ca/favicon-32x32.png	true	Avira URL Cloud: safe	unknown
file:///C:/Users/user/Downloads/downloaded.pdf	false	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/revslider/public/assets/assets/loader.gif	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/assets/css/bootstrap.min.css?ver=20150930	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/style.css?ver=20150930	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/assets/js/skip-link-focus-fix.js?ver=20151112	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdf	true		unknown
http://ionl.ca/favicon-16x16.png	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/uploads/2016/11/header01.jpg	true	Avira URL Cloud: safe	unknown
http://ionl.ca/favicon-96x96.png	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/ays-popup-box/public/css/animate.css?ver=5.0.5	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/ays-popup-box/public/css/ays-pb-public-min.css?ver=5.0.5	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/uploads/js_composer/custom.css?ver=7.9	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/uploads/2016/11/500-IMG_2508_855x525.jpg	true	Avira URL Cloud: safe	unknown
http://ionl.ca/	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/uploads/2016/11/circleFit.png	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?rev=6.2.17	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-includes/images/w-logo-blue-white-bg.png	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/assets/img/logo-top.png	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-admin/admin-ajax.php	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/assets/img/facebook-30.png	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/assets/js/bootstrap.min.js?ver=20151204	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?rev=6.2.17	true	Avira URL Cloud: safe	unknown
http://ionl.ca/android-icon-192x192.png	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/ays-popup-box/public/js/ays-pb-public.js?ver=5.0.5	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/uploads/2016/11/mkt_workplace_810x440.jpg	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/assets/genericons/genericons.css?ver=3.4.1	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/style.css?ver=6.6.2	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/uploads/2016/11/installation-400x450.jpg	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/themes/prime/assets/css/bootstrap-theme.min.css?ver=20150930	true	Avira URL Cloud: safe	unknown
http://count.carrierzone.com/track/ctin.php?t=1735044226030&custnum=c291e5e867c41a37&sname=ionl.ca&pagename=php5-cgi&group=%2Fservices%2Fwebpages%2Fi%2Fo%2Fionl.ca%2Fcgi-bin&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1280x1024&color_depth=24&campaign=&referrer=&page_url=http%253A%252F%252Fionl.ca%252F&plugins=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B	false	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.17	true	Avira URL Cloud: safe	unknown
http://ionl.ca/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.9	true	Avira URL Cloud: safe	unknown
http://ionl.ca/favicon.ico	true	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 24 11:43:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	736526DBC2FC95304429371D348650EA	9E81080B7F01A75E3AD3338087811CE2B4BFF633	64354915FD550478DD5BDA7D78167F215FF35C002F475172C45BD0B085CE0A8D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 24 11:43:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	E85DA4D5305AE65F436BAD239807A8F1	244B5BDAD9FAE733F9FC09D97B8FBF65DD577713	34649C82E2022A87BC63B7EC964849F3183F4C7CA2DE9CA76656F6CC0DB70501
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	8145CBBE82F6F59CAFE701B251F2F35E	31688602A0211B8B04414723E38E787CDE17FDFB	568907DF9A96382059AAF03203D2FE6BDFA99ADC1C58F10922FD0294CBB417C8
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 24 11:43:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	FEEA20E66ED4D285E367EDB3BC439FBE	C31250D263B9A20EDEBE503B1AC6A1307B0183FA	88A5CE875AE67BBA99B52F62253588E2A9980CDDA7C6C0FB1D0AAA8B6AC8C61D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 24 11:43:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	721F6A00DCEADAB3AD5F078E909A0266	FBD1B3177EE23BC660D66EBFB624B7B69FF0F1F1	4D3BD8BC945E3AF6A0154D04D4F4BF327A02301AFC1F1E885D11770A927AF474
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Dec 24 11:43:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	55847041CDA5426E61E162613DEAC6C5	69569A42F051172D3079D7B6DB8783A61E89B1C0	1796F0E39E31F39AF5EED5B2A9C84575EF384E34137267E0CF0A600461F9FB06
C:\Users\user\Downloads\downloaded.pdf (copy)	PDF document, version 1.7	F7293B5066383E7764AD217F4BF9A35F	2C0BF5F9F035D0ABC599DB59FF2695CEBEC8909B	2310AFC2B0363D5EB7AF75618BEDBDF97D91CA452E8FEB517B298A0EE61D5F90
C:\Users\user\Downloads\downloaded.pdf.crdownload (copy)	PDF document, version 1.7	F7293B5066383E7764AD217F4BF9A35F	2C0BF5F9F035D0ABC599DB59FF2695CEBEC8909B	2310AFC2B0363D5EB7AF75618BEDBDF97D91CA452E8FEB517B298A0EE61D5F90
C:\Users\user\Downloads\e325695b-ea4a-4ebe-9499-10a61d315959.tmp	PDF document, version 1.7	F7293B5066383E7764AD217F4BF9A35F	2C0BF5F9F035D0ABC599DB59FF2695CEBEC8909B	2310AFC2B0363D5EB7AF75618BEDBDF97D91CA452E8FEB517B298A0EE61D5F90
Chrome Cache Entry: 112	PNG image data, 236 x 236, 8-bit/color RGBA, non-interlaced	E29559DA64C1DDE5AE2430B7FE332454	2CE3579251F4D080840E2E272245083CE4AF9B62	19BC37A1B6C5E189569D0FCC236EB5CD7BE9C38FD15A38139D05946DC46D1F40
Chrome Cache Entry: 113	GIF image data, version 89a, 24 x 24	4B3AFB84B2B71EF56DF09997A350BD04	ACCDAC8A7ABEAB0E21C49539AAD0A973ADDB28EF	9034D5D34015E4B05D2C1D1A8DC9F6EC9D59BD96D305EB9E24E24E65C591A645
Chrome Cache Entry: 115	gzip compressed data, from Unix, original size modulo 2^32 139894	855DF083971439DB7CA238122FCFE80F	013BE34EF4C52ED7A50DC3C7AF30A357F5D89BB2	5786207BDD2CAB3FC67DFDFD0DF96D5886B9B2C396C0633AE67D4737E47813CD
Chrome Cache Entry: 116	gzip compressed data, from Unix, original size modulo 2^32 112427	38AAFBD06E6910BD6F3DAFC0D56FA52D	84BA675634422CCE64F2C75272255799A346ADCC	146EBB318637AA7232EA0821602029740997CE6C304C20016460AB3965E27A1F
Chrome Cache Entry: 119	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1950x675, components 3	38825A89D00BCE68296926F190C36BFE	5AF71E22A258F41672F86F3C1A15868E66C2E3EE	4A074EB19B7E30514333DFF2FB35AABA41E3EA69A0DA04B5DF6F721E15DFA2FF
Chrome Cache Entry: 120	gzip compressed data, from Unix, original size modulo 2^32 1059	6209669D9298E364D532DAC780C3B015	A00A7286154427C580F0B5FD65FFAB6148662104	7F119C8A8A132FF8C30088B18D4A4479C2D4FC1C65C275F49348DB4DE92FC58F
Chrome Cache Entry: 121	ASCII text, with CRLF line terminators	8268A2329ED0A7F4D9BF04CFA05A568B	50825AB8E16E25B62E21A1ED6864FD7267DA0C81	6107509EB2DA22B4FB99AC0558B32896FD54252EEC5D938048A04E93FDFCC31B
Chrome Cache Entry: 122	gzip compressed data, from Unix, original size modulo 2^32 58023	DA22D62960AF38A84EF52B4B17097545	AFAD526AF2A6C3EF30740D27A9A5E09637C5981C	A0598E049815DFC8A1AE2D7791B6DA727859CB055FFE7F4A94A326B4AF127C41
Chrome Cache Entry: 123	very short file (no magic)	CFCD208495D565EF66E7DFF9F98764DA	B6589FC6AB0DC82CF12099D1C2D40AB994E8410C	5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
Chrome Cache Entry: 124	gzip compressed data, from Unix, original size modulo 2^32 28266	4FF8D3AEED6011B489510558FAF1D907	620A71557C57A39EDB8FDD2AFC755FEF280EC86F	136CFD450171390EA34B3121B8FE05E74F1E1AC1C01B514692C039F8313CD573
Chrome Cache Entry: 129	ASCII text, with very long lines (6075), with no line terminators	31B37559307EC803B48F97C67FDEC57A	5A47F5996F979AFB1369990FF01DB9CE58C87CCE	86C8179CB38EBF40335278310AA24716895AE4C14B759D7E9AD7EB0130E9759B
Chrome Cache Entry: 132	gzip compressed data, from Unix, original size modulo 2^32 30302	1F3AAFE31F98BDEA01D3C6749711E2E8	B8C5924D07097F315770D6FAC5A4003D1F0E4176	C4E8174912B6D4BDAEC4241BC8FB69AC4BD961EC56C0D7943FDBA2CEF8470F93
Chrome Cache Entry: 134	PNG image data, 249 x 130, 8-bit/color RGBA, non-interlaced	3F2057130962DC553E43DECA1F09E35C	50E99CCA48C4B4E63DD334CEF405844A2A32D4FF	BA4E9B66FF1D233537543698BFCBA796FDF5327BD3349D7AF14223D4A4F9EFCB
Chrome Cache Entry: 136	ASCII text, with very long lines (1146)	F6EFB8C940AE7A9D2BEB3976DC3A788B	38C773F7B36EE68C04DC2F64CE099FA98DD8176A	B62CA8B9F23036BC9B90E3FE8624DAB0AC998AFC58067F47D4E2521ED2F1657C
Chrome Cache Entry: 140	gzip compressed data, from Unix, original size modulo 2^32 47104	4189DB70B0150AE5015BF97B3D66224E	3C335F4F9FF82F23538A12EFBCCB55D02D853A65	D83083BD55C4EEBAB9E072D9001A73770C11B46C48D1FA68EBD977246E7DD537
Chrome Cache Entry: 141	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 810x440, components 3	3A19E10E3DEA438703CAB66C52335CAF	D73001914C318D5B309B7CA2AFB6B4CC7C330E12	9CE5E8112CED0B18659E52D21D0A08B3E959E0291D95F7D672AE15614BD22E2E
Chrome Cache Entry: 145	gzip compressed data, from Unix, original size modulo 2^32 458836	172C302BC5B61DD128F55C82C9BAC116	961132B457B91EC293C0C1267D7DA713795DC043	1302B1CC9047C2CBEDDED1EE4C58B263A972B37D005FB50FEB88A410411135B3
Chrome Cache Entry: 147	gzip compressed data, from Unix, original size modulo 2^32 13577	E9D7A4E6EF99699429F065CA15677121	0FCF8A61A6E5DF4604969F8D03ACAC46C3D130D2	BED8B65020015B71183E9E371CBA70FA1957E354C020C2FDEE6020C9EB717FFA
Chrome Cache Entry: 149	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 400x450, components 3	537A41763F6BE221FAA52C38D865AD5E	92E2BE4858304CD4EC801CE6E753E909BE740C74	052BE49552255D9D8DD11BAADDB2B5414E24F0A22D716DE5699E6F36853DFD1E
Chrome Cache Entry: 150	gzip compressed data, from Unix, original size modulo 2^32 149934	F32264994D6A3F4CAE3AB2F0969B1B1E	F017844E1FC13E7D1FC5D31E2A943B8421B53746	C910B1B7DCE39978B98073D50C6CC27EE664AE5CE0A89DD8B899BEE1A05C248C
Chrome Cache Entry: 151	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 855x525, components 3	2B0AEA9AB69926B016E659538A4EE090	0ED8503430978697BE35E6488C385D2A2F73CAE4	C243EC2874B604F536897C08FD2888EE20CBAA4300E5A5650EECC12F07A77C4C
Chrome Cache Entry: 153	gzip compressed data, from Unix, original size modulo 2^32 87553	9ABA54DA5D9051AA835D91815A427A5E	DD8D53FA8346CB3C92B624FA7AF4585A4B5B43C2	2A5ECD5E26156BD1606F90777AC10F52E0101C2570AAE9CCC95BBE05CB883B12
Chrome Cache Entry: 155	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1350x300, components 3	1B68A444A23A61A18BFF56AF5A0292FA	91FE739CA9D14265516D11A585D5AB31E5F72A75	6B4810D75CF1D488B788593CB52605DD5C1982D6CE60AD79122B6412E09704E1
Chrome Cache Entry: 157	gzip compressed data, from Unix, original size modulo 2^32 323042	A556D91A425101B6B29442988F4DB776	369BADDCF0BC753B0854292838B92EE45B9C72CF	825142DCB168134C4F4EAA9F130D8DDCE1738FAC41AEFF5F011CF0129CF9F7A6
Chrome Cache Entry: 158	gzip compressed data, max compression, original size modulo 2^32 46274	01D5892E6E243B52998310C2925B9F3A	58180151B6A6EE4AF73583A214B68EFB9E8844D4	7E90EFB4620A78E8869796D256BCDDBDE90B853C8C15C5CC116CB11D3D17BC4D
Chrome Cache Entry: 159	gzip compressed data, from Unix, original size modulo 2^32 14560	36E1EA7218D066D0EAD16DF8961231BD	3B1BA77DDA44A254CE7267957288F7B5FE291937	CEA64B78BB7A6596A047E6C6E44302BC431F811F680A32108222B7A5000BDCCA
Chrome Cache Entry: 160	ASCII text, with very long lines (2019)	D22B9D8D3CFE3E19B65A2E09CA164CE7	6FC460C9F19183A9B605F72D1199C0563C68F3D0	52F7BFF0CCDD80DC36D123955C81195EA7173AF8EB7C5BE8A863E8E0ECFD5954
Chrome Cache Entry: 164	gzip compressed data, from Unix, original size modulo 2^32 17478	18FCFD3C061E977B8132D1B7916C810A	CC863311FFD830488772D28934E23BE4AC8D0E03	0C11DC25C5D672D4FBC9C729E3B1D6CA2083DCB119B437CD138FAD4F05EB711E
Chrome Cache Entry: 166	gzip compressed data, from Unix, original size modulo 2^32 50394	2923120E3485EC604187F9273C56A17B	B2FA705BE8E7BA096B9136A0CF09B777FBBDAFE5	CA5762393E0F9F06E6BBBD41A5AE55987CEE7B7998CE8D9DD4E3D8B463C9BA63
Chrome Cache Entry: 168	PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced	D3F1F843064DC92DEC7562D5A79771CC	14438D49DBE511657123596FC5C90BBCD52BB65A	1AAD5DB7D7B9DF7DF04C332A5786831CD27B15966E285F260823666F85ECC3C3
Chrome Cache Entry: 169	ASCII text, with very long lines (5945)	99D1F360A6E7E8397C64A5448532CA65	E091AFD8D6983A98EE3662706281532EF02BF08C	48CE77EF8B9D3715D6565F418F6A9DFD8E7308ED7EED1D6AC0FEEE0C3D542930
Chrome Cache Entry: 170	gzip compressed data, from Unix, original size modulo 2^32 23409	0DCCEB882E5A3B77D82454D2B3B0CF57	21D2ABE712C9B0C9F6F68FBA5E71C04291F69ECD	9A91AD405866872D0D4C1AD89D39477AC4436B9107F87642B13BDA64895548CB
Chrome Cache Entry: 171	Web Open Font Format (Version 2), TrueType, length 24268, version 1.0	106BEA653D604AC457079B1BE8618A5A	53D6444EE94A43ED8DA3F97279ED9A3E4681C927	F012A09671A067D6B1FE89A880C3C02B3E2B7E86BE5EBB95FE529275F2219839
Chrome Cache Entry: 174	ASCII text	853F44F8A3814F75CD4556FBDCBE5D26	B3BB2FFD8DDA9CF07A163A754595E57678A9F9B8	F418E6B5416F03CBC22B24F481582E2D55EE0F7CA6989C562B59F12C9229214E
Chrome Cache Entry: 175	Web Open Font Format (Version 2), TrueType, length 25948, version 1.0	F286F5E8A1B0D422E9C38D9E6075CB22	A1D20A0E8F8FEB0DE902531E9740D9A5722DD82F	6B46737EC17D04244EB04C2C164CF604B1D41E5176E524A536EEFDDA3DE056A5
Chrome Cache Entry: 177	gzip compressed data, from Unix, original size modulo 2^32 24998	8398448105BE72DAEAB989014256526A	1BF21FA3FC462E0EAA13850980CDB39B111510C3	10E21C5ECBB8E568FCBF6AD4C28FA5D8F44EE4AE5970E2137A9F38BA88C91504
Chrome Cache Entry: 180	ASCII text	D991883786B331A9AADBA5C75F69E2DA	616589D5DC229739BCD00EEED1D18E6E3B7802F0	236E2825FB0BF02806FE428B48B72C2B546AEAA2FD02106C740392B0EADE381C
Chrome Cache Entry: 181	gzip compressed data, from Unix, original size modulo 2^32 59946	0772C7A51019BFC117208874B3D4007F	9B1A368C890B1834D0BBC5E739639ADDAEEE750E	8E41787B96ED4CC4174B7DF7A4F58C00B279BD3CF6A6A3B6CFC883D8FC36163F
Chrome Cache Entry: 182	PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced	000BF649CC8F6BF27CFB04D1BCDCD3C7	D73D2F6D74EC6CDCBAE07955592962E77D8AE814	6BDB369337AC2496761C6F063BFFEA0AA6A91D4662279C399071A468251F51F0
Chrome Cache Entry: 183	gzip compressed data, from Unix, original size modulo 2^32 119386	C6DDFD01F75AADF9B170EBCE56937F23	0519A8BBA9334C2DD68E279C94DC2534F1778F34	44A53F624C89864109FCCD0B722BCE90287B1EA9D02FD6D475E9D66368300D44

Phishing

AI detected landing page (webpage, office document or email)

Source: http://ionl.ca/

Joe Sandbox AI: Page contains button: 'CLICK HERE' Source: '1.0.pages.csv'

HTML page contains hidden javascript code

Source: http://ionl.ca/

Source: http://ionl.ca/wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdf	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdf	HTTP Parser: No favicon
Source: file:///C:/Users/user/Downloads/downloaded.pdf	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49742 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ionl.caConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=6.6.2 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ays-popup-box/public/css/animate.css?ver=5.0.5 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/genericons/genericons.css?ver=3.4.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/style.css?ver=6.6.2 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/css/bootstrap.min.css?ver=20150930 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/css/bootstrap-theme.min.css?ver=20150930 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/style.css?ver=20150930 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.9 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/js_composer/custom.css?ver=7.9 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ays-popup-box/public/js/ays-pb-public.js?ver=5.0.5 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/circleFit.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/img/logo-top.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?rev=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ays-popup-box/public/js/ays-pb-public.js?ver=5.0.5 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/circleFit.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?rev=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/img/logo-top.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/header01.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?rev=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/500-IMG_2508_855x525.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/mkt_workplace_810x440.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?rev=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/header01.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/500-IMG_2508_855x525.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ays-popup-box/public/css/ays-pb-public-min.css?ver=5.0.5 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/mkt_workplace_810x440.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/js/bootstrap.min.js?ver=20151204 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.17 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/js/skip-link-focus-fix.js?ver=20151112 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.9 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/img/facebook-30.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/wp-content/themes/prime/style.css?ver=20150930Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/js/skip-link-focus-fix.js?ver=20151112 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/js/bootstrap.min.js?ver=20151204 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.9 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/prime/assets/img/facebook-30.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/bk-testimonials.jpg?id=551 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/installation-400x450.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /track/ctin.php?t=1735044226030&custnum=c291e5e867c41a37&sname=ionl.ca&pagename=php5-cgi&group=%2Fservices%2Fwebpages%2Fi%2Fo%2Fionl.ca%2Fcgi-bin&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1280x1024&color_depth=24&campaign=&referrer=&page_url=http%253A%252F%252Fionl.ca%252F&plugins=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B HTTP/1.1Host: count.carrierzone.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/installation-400x450.jpg HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2016/11/bk-testimonials.jpg?id=551 HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222
Source: global traffic	HTTP traffic detected: GET /track/ctin.php?t=1735044226030&custnum=c291e5e867c41a37&sname=ionl.ca&pagename=php5-cgi&group=%2Fservices%2Fwebpages%2Fi%2Fo%2Fionl.ca%2Fcgi-bin&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1280x1024&color_depth=24&campaign=&referrer=&page_url=http%253A%252F%252Fionl.ca%252F&plugins=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B HTTP/1.1Host: count.carrierzone.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /favicon-16x16.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /favicon-96x96.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /android-icon-192x192.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-admin/admin-ajax.php HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdf HTTP/1.1Host: ionl.caConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Referer: http://ionl.ca/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdfAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdf HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://ionl.ca/wp-content/uploads/2021/06/Global-Seating-7-Day-Quick-Ship-Program3.pdfAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227
Source: global traffic	HTTP traffic detected: GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1Host: ionl.caConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: ays_popup_cookie_2=Notice%20of%20Address%20Change; ays_show_popup_only_once_2=Notice%20of%20Address%20Change; _ga_S9ESYSL6PQ=GS1.1.1735044222.1.0.1735044222.0.0.0; _ga=GA1.1.669240536.1735044222; __utma=212917772.669240536.1735044222.1735044227.1735044227.1; __utmc=212917772; __utmz=212917772.1735044227.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=212917772.1.10.1735044227

Source: global traffic	DNS traffic detected: DNS query: ionl.ca
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: fast.fonts.net
Source: global traffic	DNS traffic detected: DNS query: count.carrierzone.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 24 Dec 2024 12:43:51 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Content-Encoding: gzipData Raw: 31 37 65 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5d eb 92 db 36 96 fe ad ae da 77 40 94 9a 91 14 8b 77 52 b7 be 64 1d c7 19 67 cb c9 78 c7 9e 71 4d d9 ae 2e 88 84 24 b6 29 92 21 a9 96 3a 3d 5d b5 af b1 af b7 4f b2 e7 00 bc 4a d4 bd b3 55 ab 6a 4b 24 70 2e 1f 0e 80 83 03 12 80 af be f9 f1 af af 3e fc f3 dd 6b 32 4b e6 de cd c5 15 fe 10 8f fa d3 eb 26 f3 a5 57 2f 9b c4 f6 68 1c 5f 37 fd 40 ba 8b 9b 48 c1 a8 73 73 d1 b8 b8 fa 46 92 c8 5f 82 60 ea 31 92 d0 29 69 4f e1 5b be 8b 3b 44 92 80 2c b6 23 37 4c 08 8d 1f 7c 9b c4 91 7d dd 9c 25 49 18 8f 14 65 b9 5c ca 53 ce 07 0c 73 ea d3 29 8b 64 3b 98 2b 28 40 b9 8b bf 77 9d eb bf 48 ef 87 af df ff f3 fd db de bb ff 6c de 5c 29 42 5a 2e f6 e6 82 90 a5 eb 3b c1 52 76 68 42 df d2 07 16 91 eb cd a4 7f fd 8b 7c fa 72 09 c4 93 85 6f 27 6e e0 13 d4 d1 ee 3c e6 24 72 b8 88 67 6d 1a 4d 17 73 e6 27 71 e7 f2 09 a8 39 51 eb 2e 6e 75 89 cf 96 e4 47 9a b0 76 a7 73 79 91 67 d9 81 3f 71 a7 90 dd 2a 03 6d 01 49 01 15 4c 44 e0 73 e5 b9 fe 57 12 31 ef ba 49 c3 d0 63 52 12 2c ec 99 e4 82 88 26 89 dd df 19 d8 d6 ea af ac 7e 93 cc 22 36 b9 6e 2a 82 0c 09 24 9e 21 87 fe b4 79 73 b0 b0 9e ba ea a9 75 c2 78 c6 91 c2 fa fa aa af d7 09 e3 19 c7 0a eb ad fa bd 5a 61 98 71 a4 30 4d 33 57 f0 af 4e 5c 9a 75 ac 40 5d 5d c1 bf 5a 81 22 eb 58 81 26 c0 30 eb 11 8a ac 63 05 5a fa 0a fe d5 0a 14 59 c7 0a 1c 40 b9 06 f5 45 16 59 f5 02 85 90 e4 21 64 70 3d 87 fe ab 20 59 2e 75 08 58 86 00 33 17 eb 3b 51 e0 3a a9 60 91 7b 8a 60 43 5f 19 45 e9 27 f4 9e 0b e4 a9 a7 88 1b f6 56 c3 de 86 38 9e 7a 8a 38 ad b7 d2 36 c5 f1 d4 7a 71 e0 fa dc 09 8b 93 9c 27 4b 00 27 0a 8a 52 fa 39 78 49 e2 d3 39 e8 9c c7 58 41 ae 4d d1 93 49 1f 5c 8f bd 0a bc 20 02 17 1d f8 09 78 af eb e6 b7 13 fe 39 88 f7 67 2c 41 89 57 99 c7 5b 1b 67 49 50 32 63 73 26 d9 3b 15 8b af 8b 86 e0 b3 67 34 8a 19 10 fd fd c3 4f d2 00 48 1a 65 79 f7 2e 5b 86 41 94 94 84 2d 5d 27 99 5d 3b 0c 2c c8 24 7e d3 25 ae ef 26 2e f5 a4 d8 a6 1e bb d6 b8 94 c2 94 61 14 4c a0 48 99 25 71 a4 81 81 66 3a 0f a7 72 10 4d 95 d5 c4 57 34 ce d3 c8 06 10 27 b0 b9 c7 97 b3 8b d7 1e e3 f7 7c b8 7b eb c6 09 f9 9e ec 27 92 a9 e3 b4 5b f7 21 8c 8d ad 0e 19 ed e1 f8 15 4a 4c 5e 5c 93 16 11 1c 97 a5 81 2d 71 13 8f dd bc 83 3a 21 7e 90 90 49 b0 f0 1d f2 e7 6f 07 ba a6 5d 92 9f 63 18 92 1d f2 d7 c9 04 4c 72 a5 08 da 8b 92 19 5b 51 30 0e 92 b8 95 1b b1 35 a7 2b 89 37 52 29 8c 18 1a 79 e4 c1 28 c7 5a 44 01 c6 dc 72 ad 38 79 f0 58 3c 63 2c 69 11 18 77 5b cb 50 1a 7b 81 fd 55 f2 dc 71 44 a3 07 c9 8e 41 2a 37 6b 2b 35 2b 34 20 4f b6 a9 02 a4 ae 6f 7b 0b 87 c5 0a 50 29 0e d8 43 a9 30 2b 5c ba 3c 77 7d 19 08 be bf 67 d1 75 4f ee c9 7a 4b 74 a2 56 c2 56 89 c2 15 cc 99 e3 d2 eb 16 f5 3c 01 90 33 72 40 dc 70 ae 2d 89 76 27 e0 82 5e 28 01 13 d8 d6 44 dd 5c
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 24 Dec 2024 12:43:53 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Content-Encoding: gzipData Raw: 31 37 65 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5d eb 92 db 36 96 fe ad ae da 77 40 94 9a 91 14 8b 77 52 b7 be 64 1d c7 19 67 cb c9 78 c7 9e 71 4d d9 ae 2e 88 84 24 b6 29 92 21 a9 96 3a 3d 5d b5 af b1 af b7 4f b2 e7 00 bc 4a d4 bd b3 55 ab 6a 4b 24 70 2e 1f 0e 80 83 03 12 80 af be f9 f1 af af 3e fc f3 dd 6b 32 4b e6 de cd c5 15 fe 10 8f fa d3 eb 26 f3 a5 57 2f 9b c4 f6 68 1c 5f 37 fd 40 ba 8b 9b 48 c1 a8 73 73 d1 b8 b8 fa 46 92 c8 5f 82 60 ea 31 92 d0 29 69 4f e1 5b be 8b 3b 44 92 80 2c b6 23 37 4c 08 8d 1f 7c 9b c4 91 7d dd 9c 25 49 18 8f 14 65 b9 5c ca 53 ce 07 0c 73 ea d3 29 8b 64 3b 98 2b 28 40 b9 8b bf 77 9d eb bf 48 ef 87 af df ff f3 fd db de bb ff 6c de 5c 29 42 5a 2e f6 e6 82 90 a5 eb 3b c1 52 76 68 42 df d2 07 16 91 eb cd a4 7f fd 8b 7c fa 72 09 c4 93 85 6f 27 6e e0 13 d4 d1 ee 3c e6 24 72 b8 88 67 6d 1a 4d 17 73 e6 27 71 e7 f2 09 a8 39 51 eb 2e 6e 75 89 cf 96 e4 47 9a b0 76 a7 73 79 91 67 d9 81 3f 71 a7 90 dd 2a 03 6d 01 49 01 15 4c 44 e0 73 e5 b9 fe 57 12 31 ef ba 49 c3 d0 63 52 12 2c ec 99 e4 82 88 26 89 dd df 19 d8 d6 ea af ac 7e 93 cc 22 36 b9 6e 2a 82 0c 09 24 9e 21 87 fe b4 79 73 b0 b0 9e ba ea a9 75 c2 78 c6 91 c2 fa fa aa af d7 09 e3 19 c7 0a eb ad fa bd 5a 61 98 71 a4 30 4d 33 57 f0 af 4e 5c 9a 75 ac 40 5d 5d c1 bf 5a 81 22 eb 58 81 26 c0 30 eb 11 8a ac 63 05 5a fa 0a fe d5 0a 14 59 c7 0a 1c 40 b9 06 f5 45 16 59 f5 02 85 90 e4 21 64 70 3d 87 fe ab 20 59 2e 75 08 58 86 00 33 17 eb 3b 51 e0 3a a9 60 91 7b 8a 60 43 5f 19 45 e9 27 f4 9e 0b e4 a9 a7 88 1b f6 56 c3 de 86 38 9e 7a 8a 38 ad b7 d2 36 c5 f1 d4 7a 71 e0 fa dc 09 8b 93 9c 27 4b 00 27 0a 8a 52 fa 39 78 49 e2 d3 39 e8 9c c7 58 41 ae 4d d1 93 49 1f 5c 8f bd 0a bc 20 02 17 1d f8 09 78 af eb e6 b7 13 fe 39 88 f7 67 2c 41 89 57 99 c7 5b 1b 67 49 50 32 63 73 26 d9 3b 15 8b af 8b 86 e0 b3 67 34 8a 19 10 fd fd c3 4f d2 00 48 1a 65 79 f7 2e 5b 86 41 94 94 84 2d 5d 27 99 5d 3b 0c 2c c8 24 7e d3 25 ae ef 26 2e f5 a4 d8 a6 1e bb d6 b8 94 c2 94 61 14 4c a0 48 99 25 71 a4 81 81 66 3a 0f a7 72 10 4d 95 d5 c4 57 34 ce d3 c8 06 10 27 b0 b9 c7 97 b3 8b d7 1e e3 f7 7c b8 7b eb c6 09 f9 9e ec 27 92 a9 e3 b4 5b f7 21 8c 8d ad 0e 19 ed e1 f8 15 4a 4c 5e 5c 93 16 11 1c 97 a5 81 2d 71 13 8f dd bc 83 3a 21 7e 90 90 49 b0 f0 1d f2 e7 6f 07 ba a6 5d 92 9f 63 18 92 1d f2 d7 c9 04 4c 72 a5 08 da 8b 92 19 5b 51 30 0e 92 b8 95 1b b1 35 a7 2b 89 37 52 29 8c 18 1a 79 e4 c1 28 c7 5a 44 01 c6 dc 72 ad 38 79 f0 58 3c 63 2c 69 11 18 77 5b cb 50 1a 7b 81 fd 55 f2 dc 71 44 a3 07 c9 8e 41 2a 37 6b 2b 35 2b 34 20 4f b6 a9 02 a4 ae 6f 7b 0b 87 c5 0a 50 29 0e d8 43 a9 30 2b 5c ba 3c 77 7d 19 08 be bf 67 d1 75 4f ee c9 7a 4b 74 a2 56 c2 56 89 c2 15 cc 99 e3 d2 eb 16 f5 3c 01 90 33 72 40 dc 70 ae 2d 89 76 27 e0 82 5e 28 01 13 d8 d6 44 dd 5c
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 24 Dec 2024 12:43:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Content-Encoding: gzipData Raw: 31 37 65 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5d eb 92 db 36 96 fe ad ae da 77 40 94 9a 91 14 8b 77 52 b7 be 64 1d c7 19 67 cb c9 78 c7 9e 71 4d d9 ae 2e 88 84 24 b6 29 92 21 a9 96 3a 3d 5d b5 af b1 af b7 4f b2 e7 00 bc 4a d4 bd b3 55 ab 6a 4b 24 70 2e 1f 0e 80 83 03 12 80 af be f9 f1 af af 3e fc f3 dd 6b 32 4b e6 de cd c5 15 fe 10 8f fa d3 eb 26 f3 a5 57 2f 9b c4 f6 68 1c 5f 37 fd 40 ba 8b 9b 48 c1 a8 73 73 d1 b8 b8 fa 46 92 c8 5f 82 60 ea 31 92 d0 29 69 4f e1 5b be 8b 3b 44 92 80 2c b6 23 37 4c 08 8d 1f 7c 9b c4 91 7d dd 9c 25 49 18 8f 14 65 b9 5c ca 53 ce 07 0c 73 ea d3 29 8b 64 3b 98 2b 28 40 b9 8b bf 77 9d eb bf 48 ef 87 af df ff f3 fd db de bb ff 6c de 5c 29 42 5a 2e f6 e6 82 90 a5 eb 3b c1 52 76 68 42 df d2 07 16 91 eb cd a4 7f fd 8b 7c fa 72 09 c4 93 85 6f 27 6e e0 13 d4 d1 ee 3c e6 24 72 b8 88 67 6d 1a 4d 17 73 e6 27 71 e7 f2 09 a8 39 51 eb 2e 6e 75 89 cf 96 e4 47 9a b0 76 a7 73 79 91 67 d9 81 3f 71 a7 90 dd 2a 03 6d 01 49 01 15 4c 44 e0 73 e5 b9 fe 57 12 31 ef ba 49 c3 d0 63 52 12 2c ec 99 e4 82 88 26 89 dd df 19 d8 d6 ea af ac 7e 93 cc 22 36 b9 6e 2a 82 0c 09 24 9e 21 87 fe b4 79 73 b0 b0 9e ba ea a9 75 c2 78 c6 91 c2 fa fa aa af d7 09 e3 19 c7 0a eb ad fa bd 5a 61 98 71 a4 30 4d 33 57 f0 af 4e 5c 9a 75 ac 40 5d 5d c1 bf 5a 81 22 eb 58 81 26 c0 30 eb 11 8a ac 63 05 5a fa 0a fe d5 0a 14 59 c7 0a 1c 40 b9 06 f5 45 16 59 f5 02 85 90 e4 21 64 70 3d 87 fe ab 20 59 2e 75 08 58 86 00 33 17 eb 3b 51 e0 3a a9 60 91 7b 8a 60 43 5f 19 45 e9 27 f4 9e 0b e4 a9 a7 88 1b f6 56 c3 de 86 38 9e 7a 8a 38 ad b7 d2 36 c5 f1 d4 7a 71 e0 fa dc 09 8b 93 9c 27 4b 00 27 0a 8a 52 fa 39 78 49 e2 d3 39 e8 9c c7 58 41 ae 4d d1 93 49 1f 5c 8f bd 0a bc 20 02 17 1d f8 09 78 af eb e6 b7 13 fe 39 88 f7 67 2c 41 89 57 99 c7 5b 1b 67 49 50 32 63 73 26 d9 3b 15 8b af 8b 86 e0 b3 67 34 8a 19 10 fd fd c3 4f d2 00 48 1a 65 79 f7 2e 5b 86 41 94 94 84 2d 5d 27 99 5d 3b 0c 2c c8 24 7e d3 25 ae ef 26 2e f5 a4 d8 a6 1e bb d6 b8 94 c2 94 61 14 4c a0 48 99 25 71 a4 81 81 66 3a 0f a7 72 10 4d 95 d5 c4 57 34 ce d3 c8 06 10 27 b0 b9 c7 97 b3 8b d7 1e e3 f7 7c b8 7b eb c6 09 f9 9e ec 27 92 a9 e3 b4 5b f7 21 8c 8d ad 0e 19 ed e1 f8 15 4a 4c 5e 5c 93 16 11 1c 97 a5 81 2d 71 13 8f dd bc 83 3a 21 7e 90 90 49 b0 f0 1d f2 e7 6f 07 ba a6 5d 92 9f 63 18 92 1d f2 d7 c9 04 4c 72 a5 08 da 8b 92 19 5b 51 30 0e 92 b8 95 1b b1 35 a7 2b 89 37 52 29 8c 18 1a 79 e4 c1 28 c7 5a 44 01 c6 dc 72 ad 38 79 f0 58 3c 63 2c 69 11 18 77 5b cb 50 1a 7b 81 fd 55 f2 dc 71 44 a3 07 c9 8e 41 2a 37 6b 2b 35 2b 34 20 4f b6 a9 02 a4 ae 6f 7b 0b 87 c5 0a 50 29 0e d8 43 a9 30 2b 5c ba 3c 77 7d 19 08 be bf 67 d1 75 4f ee c9 7a 4b 74 a2 56 c2 56 89 c2 15 cc 99 e3 d2 eb 16 f5 3c 01 90 33 72 40 dc 70 ae 2d 89 76 27 e0 82 5e 28 01 13 d8 d6 44 dd 5c
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 24 Dec 2024 12:43:56 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Content-Encoding: gzipData Raw: 31 37 65 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5d eb 92 db 36 96 fe ad ae da 77 40 94 9a 91 14 8b 77 52 b7 be 64 1d c7 19 67 cb c9 78 c7 9e 71 4d d9 ae 2e 88 84 24 b6 29 92 21 a9 96 3a 3d 5d b5 af b1 af b7 4f b2 e7 00 bc 4a d4 bd b3 55 ab 6a 4b 24 70 2e 1f 0e 80 83 03 12 80 af be f9 f1 af af 3e fc f3 dd 6b 32 4b e6 de cd c5 15 fe 10 8f fa d3 eb 26 f3 a5 57 2f 9b c4 f6 68 1c 5f 37 fd 40 ba 8b 9b 48 c1 a8 73 73 d1 b8 b8 fa 46 92 c8 5f 82 60 ea 31 92 d0 29 69 4f e1 5b be 8b 3b 44 92 80 2c b6 23 37 4c 08 8d 1f 7c 9b c4 91 7d dd 9c 25 49 18 8f 14 65 b9 5c ca 53 ce 07 0c 73 ea d3 29 8b 64 3b 98 2b 28 40 b9 8b bf 77 9d eb bf 48 ef 87 af df ff f3 fd db de bb ff 6c de 5c 29 42 5a 2e f6 e6 82 90 a5 eb 3b c1 52 76 68 42 df d2 07 16 91 eb cd a4 7f fd 8b 7c fa 72 09 c4 93 85 6f 27 6e e0 13 d4 d1 ee 3c e6 24 72 b8 88 67 6d 1a 4d 17 73 e6 27 71 e7 f2 09 a8 39 51 eb 2e 6e 75 89 cf 96 e4 47 9a b0 76 a7 73 79 91 67 d9 81 3f 71 a7 90 dd 2a 03 6d 01 49 01 15 4c 44 e0 73 e5 b9 fe 57 12 31 ef ba 49 c3 d0 63 52 12 2c ec 99 e4 82 88 26 89 dd df 19 d8 d6 ea af ac 7e 93 cc 22 36 b9 6e 2a 82 0c 09 24 9e 21 87 fe b4 79 73 b0 b0 9e ba ea a9 75 c2 78 c6 91 c2 fa fa aa af d7 09 e3 19 c7 0a eb ad fa bd 5a 61 98 71 a4 30 4d 33 57 f0 af 4e 5c 9a 75 ac 40 5d 5d c1 bf 5a 81 22 eb 58 81 26 c0 30 eb 11 8a ac 63 05 5a fa 0a fe d5 0a 14 59 c7 0a 1c 40 b9 06 f5 45 16 59 f5 02 85 90 e4 21 64 70 3d 87 fe ab 20 59 2e 75 08 58 86 00 33 17 eb 3b 51 e0 3a a9 60 91 7b 8a 60 43 5f 19 45 e9 27 f4 9e 0b e4 a9 a7 88 1b f6 56 c3 de 86 38 9e 7a 8a 38 ad b7 d2 36 c5 f1 d4 7a 71 e0 fa dc 09 8b 93 9c 27 4b 00 27 0a 8a 52 fa 39 78 49 e2 d3 39 e8 9c c7 58 41 ae 4d d1 93 49 1f 5c 8f bd 0a bc 20 02 17 1d f8 09 78 af eb e6 b7 13 fe 39 88 f7 67 2c 41 89 57 99 c7 5b 1b 67 49 50 32 63 73 26 d9 3b 15 8b af 8b 86 e0 b3 67 34 8a 19 10 fd fd c3 4f d2 00 48 1a 65 79 f7 2e 5b 86 41 94 94 84 2d 5d 27 99 5d 3b 0c 2c c8 24 7e d3 25 ae ef 26 2e f5 a4 d8 a6 1e bb d6 b8 94 c2 94 61 14 4c a0 48 99 25 71 a4 81 81 66 3a 0f a7 72 10 4d 95 d5 c4 57 34 ce d3 c8 06 10 27 b0 b9 c7 97 b3 8b d7 1e e3 f7 7c b8 7b eb c6 09 f9 9e ec 27 92 a9 e3 b4 5b f7 21 8c 8d ad 0e 19 ed e1 f8 15 4a 4c 5e 5c 93 16 11 1c 97 a5 81 2d 71 13 8f dd bc 83 3a 21 7e 90 90 49 b0 f0 1d f2 e7 6f 07 ba a6 5d 92 9f 63 18 92 1d f2 d7 c9 04 4c 72 a5 08 da 8b 92 19 5b 51 30 0e 92 b8 95 1b b1 35 a7 2b 89 37 52 29 8c 18 1a 79 e4 c1 28 c7 5a 44 01 c6 dc 72 ad 38 79 f0 58 3c 63 2c 69 11 18 77 5b cb 50 1a 7b 81 fd 55 f2 dc 71 44 a3 07 c9 8e 41 2a 37 6b 2b 35 2b 34 20 4f b6 a9 02 a4 ae 6f 7b 0b 87 c5 0a 50 29 0e d8 43 a9 30 2b 5c ba 3c 77 7d 19 08 be bf 67 d1 75 4f ee c9 7a 4b 74 a2 56 c2 56 89 c2 15 cc 99 e3 d2 eb 16 f5 3c 01 90 33 72 40 dc 70 ae 2d 89 76 27 e0 82 5e 28 01 13 d8 d6 44 dd 5c

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49742 version: TLS 1.2

Source: classification engine

Classification label: sus21.win@26/47@20/187

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2004,i,7577569698952660962,12297675400179224436,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ionl.ca"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=2004,i,7577569698952660962,12297675400179224436,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

ID:	1580411
Product:	CloudBasic
Start time:	13:43:04
Start date:	24.12.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://ionl.ca

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://ionl.ca

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://ionl.ca