Windows Analysis Report
http://www.bidsonline.tv

Overview

General Information

Sample URL:	http://www.bidsonline.tv
Analysis ID:	1528605
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	60%

Signatures

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Classification

Signatures

HTML page contains hidden javascript code

Source: http://www.bidsonline.tv/

HTTP Parser: Base64 decoded: v/images/video.jpg" /></a><b>Auction Video Highlights</b><br /> Watch video highlights of Michael in action, Leogate, Tatachilla, Angove's Verdelho and much more<br /> <a target="_blank" href="http://www.youtube.com/user/bid...

Source: http://www.bidsonline.tv/

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49731 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: application/javascriptContent-Encoding: gzipLast-Modified: Thu, 11 Nov 2010 13:40:00 GMTAccept-Ranges: bytesETag: "0b89fefa581cb1:0"Vary: Accept-EncodingServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 5577Data Raw: 1f 8b 08 00 00 00 00 00 04 00 b4 3b 7b 77 9b 38 f6 ff fb 53 50 e6 b7 0e 8a 65 e2 a4 9d 76 17 42 72 d2 34 ed 74 a7 af 69 3a 8f dd 4e e7 1c 19 64 9b 04 03 05 1c 37 b5 fd dd 7f f7 ea 01 02 3b 7d ec d9 9d 33 29 20 5d 5d 5d 5d 5d dd a7 7c b0 df b3 f6 ad a7 2c 0d 6f 1f 67 9f ac a1 75 f5 cb 82 17 b7 d6 9b 64 31 8d 53 ec bb 8c e7 79 c2 2d 96 46 d6 04 c1 ac 24 9e ce aa 31 00 b3 a4 e2 45 ca aa f8 86 03 20 c2 5e 7c 62 08 5c 0a e8 28 0b 17 73 9e 56 00 90 a5 16 ab 3c 6b 56 55 b9 77 70 20 d0 00 02 37 e5 15 8e c2 bf f3 2c bf 2d 10 b1 e5 84 c4 3a 1a 8d fe 0e b4 1c 8d 0e 47 d6 3f 59 1a 97 d6 e5 35 2b 52 9e c4 25 02 bf 9b b1 ca 2a 59 1c 51 2b ae 2c e8 9d b1 22 4a 6e 2d 66 65 29 1f e6 bc 28 61 c2 bc c8 ae 78 58 b9 d6 4b 96 de 5a 39 cf 70 15 33 76 c3 ad 72 31 9e c7 55 c5 23 6b bc 98 96 d4 0a b3 88 53 41 72 36 99 f0 02 da ab 19 8f 0b 8b 45 37 71 c8 ad 49 c1 79 72 eb c2 ac d8 58 2e f2 3c 2b c4 ac d3 82 b3 0a a7 cd f3 82 87 31 03 8c ae 5e cf 6f 40 04 2c db b3 0e dd fb ee 03 cb 39 3c 3c 80 ff 71 41 04 bb df f2 8f 8b b8 e0 a5 a7 f9 7d 03 70 03 c5 c5 27 0b 96 00 97 43 9e 96 40 cb 22 8d 78 81 14 59 2f 9f bf 13 54 3e 7b f3 42 77 97 1e 0e b0 34 67 97 cb a5 9b e5 d0 91 2d 8a 90 bb 59 31 3d d0 80 07 b0 e4 a1 fa 70 f3 59 be 35 6e 9a 2e da 03 a6 79 e2 ce aa 79 02 90 07 bd 9e ef 4c 16 69 88 5b e9 8c c9 ea 86 15 d6 9c 56 74 41 27 f4 09 bd a2 17 34 a5 9f e9 19 fd 18 8c 28 0f 56 1b 9a 05 ef 3f d0 1c be 22 fc 4a f0 eb 59 90 2e 92 84 de 04 29 5f 5a cf e7 6c ca e9 3f 83 83 3f 5d e7 2a 9f ae a7 f1 64 9d a7 d3 f5 78 9e af af 72 3e 25 8e bb 4f 4e ff ef 20 a6 bf 07 07 ef ff fa d3 fd 00 80 e5 72 42 fe 2c f7 b1 f5 67 fa 22 38 a4 b7 30 41 19 d8 36 2d 68 4c 67 c1 84 25 25 a7 8f 83 b1 cb 3f 55 3c 8d 9c b1 63 1f 47 f1 cd c1 89 4d de 8f 3e d0 15 c8 44 ee 8d 36 84 be 04 98 71 91 2d 4b 5e b8 f3 32 e6 fd 7e f3 7d 23 b7 ee f8 51 bf 7f 6f 19 a7 51 b6 74 ff 78 f9 e2 27 e0 14 ee 1a 2f 2b fa 2a a8 79 41 56 95 3b 8b 23 ee 10 ff c6 05 e9 2b 8a ac 08 f0 2d c9 58 24 16 ec 3f eb f7 9f b9 6c 0c 42 03 40 73 97 cf f3 ea d6 21 1b fa da c4 12 4f 1c 41 7d 10 04 b0 6f e9 05 e2 71 32 fa 91 72 62 4c a1 96 b8 e1 f0 cf 8a bb 55 5c 25 fc 72 96 2d 65 b3 cf dd 65 1c 55 b3 c0 66 8b 2a b3 e1 13 24 16 8e 94 fe 9e 8b ed 74 f6 8e 73 2b 8e 02 5b 1f c3 a1 20 da 3e 01 f9 b6 0a b9 42 10 bb 30 4b 81 85 95 15 b2 34 cd 2a 6b cc 2d 5c 11 48 f8 f1 b8 b0 0e 4e de 24 9c 95 dc aa 40 74 d9 94 c5 a9 95 80 f8 17 ee f1 41 7e b2 47 fc de 53 58 e0 86 3e 37 57 88 22 c3 82 ec fd c7 0f 34 a4 53 7a 4d cf e9 1b ba f4 5f c1 b2 78 b3 63 20 2c 63 77 92 ba b5 8e 88 f8 84 2d 92 aa a4 d5 2d 9c e1 89 35 76 18 71 23 56 31 a7 5e 80 4d 82 c0 c6 63 32 89 53 1e d9 a7 dc db 09 44 fc a5 e0 ed 65 c5 60 2b 24 6f 7d e0 fb 12 78 2e f8 47 66 9a 8f c8 5e e8 51
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: application/javascriptContent-Encoding: gzipLast-Modified: Tue, 02 Feb 2010 13:33:00 GMTAccept-Ranges: bytesETag: "04ecb3cca4ca1:0"Vary: Accept-EncodingServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 2197Data Raw: 1f 8b 08 00 00 00 00 00 04 00 ec 58 e1 6e 9b 5a 12 fe 9f a7 38 f7 4a 2b 83 8d 21 38 75 9a c6 f1 56 c4 26 09 bb 8e ed 02 6e 9a 6d 72 25 0c c7 36 8d 0d 14 0e 49 73 83 1f 68 5f 63 9f 6c 67 0e c6 c1 b1 6f da bb 5a 69 a5 55 2b 35 3e 3e 33 f3 cd 37 df 19 06 83 52 dd 23 55 f2 e5 43 4a e3 47 a2 3b 89 1f 4c c9 bd 2a 1f 90 3a 99 31 16 1d 2b ca 34 99 7a b2 1b ca e9 9d 92 38 81 37 0e bf 29 5f be a2 bb 42 b9 bb 02 00 88 31 4a 68 42 d8 8c 92 71 ea cf 19 f1 03 92 db 89 eb 44 ce d8 9f fb cc 07 07 c7 f3 a8 47 8c a0 48 a9 ca 2a 06 b3 90 84 93 09 8d c9 22 9d 33 3f 9a d3 22 38 8c 98 1f 06 c9 2a 87 ad 9b 97 16 19 9c 91 91 a5 03 c3 0d da 68 c7 ff 83 88 06 24 09 d3 d8 a5 24 0d 3c c0 44 52 a7 56 97 f4 7c 97 06 09 95 49 e1 da 09 a3 c7 d8 9f ce 18 f9 d7 3f 49 63 7f ff 88 9c d3 30 9e 52 72 e9 9e fb c1 9c 3e 12 6b e1 b3 19 ba 6a f3 39 e1 ae 09 89 69 42 e3 7b ea c9 05 8c 49 3d 3f 61 b1 3f 4e 91 2b 01 91 48 9a 50 54 60 45 03 77 c6 7e e0 00 d7 49 18 2f 12 89 3c 00 2c 09 63 fe 19 a6 8c 2c 42 cf 9f f8 ae 83 00 12 07 75 62 4a 22 1a 43 7e 06 82 45 71 78 ef a3 72 6c e6 30 5e d0 24 9c cf c3 07 ae 6f 18 78 3e 57 89 07 2d 28 3b de cd 2c 01 8d 0b 4a 6e e8 81 6b 9a 30 28 87 39 40 15 31 9d 71 78 8f a6 42 95 20 64 20 99 04 36 3f 21 73 40 42 00 c4 2d a7 0c 90 54 99 0f a4 74 e7 8e bf a0 b1 bc 8b 03 e4 2a 69 51 70 80 02 bd 14 78 fd 18 0d c4 05 2a 3f 48 83 ac ca f3 42 37 5d d0 80 39 c5 31 29 70 02 21 58 a0 ed 1c 46 63 df 99 27 1c 7a ad 36 3f 26 1e 5a 2a 61 7d ee 7d ea f3 60 74 08 9c 05 45 4a 9c 7f 0a 87 1a 03 ed 67 53 b2 a2 9b 83 84 71 02 19 1f c9 98 62 a3 78 d8 fd 34 f0 60 97 e6 95 c5 c8 60 11 32 8a 9f 20 0b 34 1d f4 b1 0f 3d 47 26 60 c8 85 48 c2 09 7b c0 03 2f 7a 28 89 a8 8b 4d 04 41 3e b6 56 8c ad 13 e4 4d 94 24 65 e2 f6 85 61 11 6b 70 66 5f 69 a6 4e 60 3d 34 07 1f 8d ae de 25 a7 d7 60 d4 49 67 30 bc 36 8d f3 0b 9b 5c 0c 7a 5d dd b4 88 d6 ef c2 6e df 36 8d d3 91 3d 80 8d 5f 35 0b 22 7f e5 06 ad 7f cd 71 f5 4f 43 53 b7 e0 02 35 89 71 39 ec 19 00 08 19 4c ad 6f 1b ba 25 11 a3 df e9 8d ba 46 ff 5c 22 00 42 fa 03 9b f4 8c 4b c3 06 37 7b 20 f1 c4 db 61 70 b5 23 f4 a5 6e 76 2e 60 47 3b 35 7a 86 7d cd d3 9e 19 76 1f d3 9d 41 3e 8d 0c 35 d3 36 3a a3 9e 66 92 e1 c8 1c 0e 60 42 60 75 5d c3 ea f4 34 e3 52 ef ca 40 00 92 12 fd a3 de b7 89 75 a1 f5 7a 98 13 d1 4b 05 0f ae fa ba 89 15 6c 54 7b aa 03 55 ed b4 a7 e7 c9 a0 de ae 61 ea 1d 1b 8b 7a 5e 75 40 43 a0 d8 93 88 35 d4 3b 06 2c 38 b8 fe 49 87 b2 34 f3 5a 5a e1 5a fa 87 11 38 82 03 e9 6a 97 da 39 54 29 7c 47 1c 38 a1 ce c8 d4 2f 91 3a cc 3f 6b 74 6a d9 86 3d b2 73 fa e7 83 41 97 cb 6e e9 e6 47 a3 a3 5b 2d d2 1b 58 c5 a4 94 20 8b ad f1 e4 00 03 aa 81 19 d6 a7 23 cb e0 fa 19 7d 98 ab e6 68 68 1b 83 be 08 27 7e 05 0a 01 4f 0d 42 bb fc 5c 51 ec 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: application/javascriptContent-Encoding: gzipLast-Modified: Mon, 20 Jul 2009 00:28:00 GMTAccept-Ranges: bytesETag: "0e8a0efd08ca1:0"Vary: Accept-EncodingServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 2500Data Raw: 1f 8b 08 00 00 00 00 00 04 00 ec 5a 79 6f db 3a 12 ff 3b 01 f2 1d a6 c2 e2 d9 46 6c f9 c8 d1 c3 4d 0a 6f 7a a0 8b 5e 68 8a f6 01 d9 e0 81 96 68 5b ad 2c 69 49 ca 8e d1 97 ef be c3 4b 92 75 a4 69 d3 02 fd e3 15 a8 2d 91 33 bf 99 e1 1c 1c d2 e9 f7 e1 79 48 f8 02 de 85 64 43 19 7c a4 8c 07 71 04 4f a9 a0 9e 90 4f 3d 78 4f 57 30 74 8f f7 76 91 58 8f c3 59 18 d0 48 c0 bf 59 bc e6 c8 25 36 09 55 d3 67 71 b2 61 c1 7c 21 da 5e 07 46 83 c1 51 0f 3f 8e 61 e2 c7 53 0a af 89 c7 e2 25 f5 03 02 e7 f1 4c ac 09 a3 5d 78 f5 ea cc 85 49 18 82 62 e3 c0 28 02 ae a8 ef ee ed ae 08 83 80 bf 7c 06 70 02 ed 88 ac 82 39 11 31 73 49 92 18 2d dd 20 f2 e9 d5 db 59 db 79 7d fe f2 99 d3 81 7b 27 d0 1b 76 e0 09 08 96 52 78 04 33 12 72 3a b6 48 9f 82 a8 11 49 c4 af e2 35 65 67 84 d3 76 27 c7 5d 07 d1 37 61 df 26 94 91 6d e0 14 6d 98 cc 71 85 72 24 45 75 03 d6 de ee 2c 8d f4 8a 9f c5 91 60 71 68 54 6b 77 f6 76 bf ee ed ee 48 61 2b 3d 34 36 af e4 2a b6 8f 1a 62 07 5d f0 e6 ed 87 67 88 1b d1 35 4c 10 6f 45 ff 7c 3b fd 8c 3e 6b 73 c1 9e c7 71 07 c4 42 7a 0d 48 04 f4 ca a3 89 12 19 cc 40 4f a3 3d 51 4b 00 ae 94 58 50 74 c6 3c c0 f1 0d 22 e3 27 48 35 a4 08 a3 06 ac 03 f4 1b 3a 96 53 01 b3 98 c1 70 e0 fe 09 f8 3d 67 94 08 0c 8b 44 c5 14 97 5c a8 2a 2e 51 55 29 e7 7c 11 7b 5f d6 64 45 55 18 ba a5 d7 e1 c0 e9 48 13 77 ac c8 13 69 b4 fb 82 8a 8f 84 05 64 1a d2 b6 f3 2f 33 a7 29 af c1 23 c2 5b 40 9b 76 94 be d7 6a 5d d0 be f6 3d 43 87 eb b9 a3 2c c9 4c ba c9 a6 87 8d 26 fd a8 4d 0f 8d 49 b7 b7 a9 62 94 b4 ea ce 96 3d f8 e9 96 3d f8 4d 2c bb ff d3 2d bb ff 9b 58 76 8c 96 19 73 20 8e c2 cd 5d 6c 3a b6 36 59 a1 41 c4 05 09 43 ea 1b 11 58 0b 80 63 c1 c6 32 b0 0a 94 3a f1 0c 35 18 58 fa 06 eb c1 63 08 4f b9 52 d8 8c 72 c9 e7 8e 46 aa f8 a4 f3 85 7e 7d d8 b5 50 3c 86 35 85 05 ea 06 22 96 06 7b b8 39 cc d2 d0 85 2d 0d 7d 3a 23 69 28 24 8d 2c 4f b3 80 71 01 49 3a 0d 03 cf 4a 2a 79 c9 f9 f4 f2 0d 1c 77 07 dd d1 b0 3b 70 74 91 54 50 a6 0a a2 2b 70 f3 89 d7 e7 1e 0b 92 89 e7 51 ce c1 8f 51 f9 28 16 58 1f b1 fa 41 3b 90 e5 d8 4f 3d 5c 18 ac 8b a8 39 3b bc df 31 4a c9 28 c8 01 84 41 40 b9 24 5c 93 0d 2f 4a e4 64 a6 ac f3 70 8d 8d 33 25 52 21 52 bf 2b c2 7e 59 8c 1d ea ec 39 ca 42 ed 2e 41 76 f0 9b 24 ce c1 af b2 46 05 d8 01 06 d8 f0 81 0e b0 5f 64 c0 e8 67 18 d0 a0 fe 08 d5 47 03 86 0d ea 17 c8 7b c3 71 c1 20 99 02 8c 8a 94 45 85 ce 44 19 8a 86 fc 87 ac 88 4e 0a 58 d0 10 bb 1f 2c 23 ff 4b 03 86 59 84 49 e0 eb 3e 72 ab f7 7c 17 a6 f3 97 19 14 e6 1a da bd 24 42 25 75 d6 1c 61 e4 9c af 67 d8 1b b5 3b 5f 4d c3 73 de d7 2d 98 65 3c 3d 81 03 f0 16 d4 fb a2 56 4e cb 48 10 3c 90 a0 f6 89 30 46 36 a6 7b 9a 49 12 c4 cc 2c 34 ae ca 3b 3a cd c4 65 fb 16 a5 e8 99 3f fe 80 ca a4 1b d2 68 2e 16 70 0a 03 b3 7

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /themes/bidsonline/style.css HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.fancybox-1.3.4.css HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.fancybox-1.3.4.pack.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.easing-1.3.pack.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/AC_OETags.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t_logo-b.png HTTP/1.1Host: twitter-badges.s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/ShowAuction.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=BhbuJQWnqLpHKhC5uwyP2KH8Do34vnz1jW9DKFZB8_L5jkCL3HSxiC5FrWchCU_Abi-MQh-gCG4X7WbXPe4lVECKXZI1&t=638333973895133451 HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=rzkfFnVPFNqILIGRE_aCXAFFv0KgHguFS5RYIiRmZfQ1Y7x9fMjAfn8iEob8Cael1xHw3HXgA5Nzumi0f9lwPDqeMA01&t=638333973895133451 HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/ShowAuction.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=BhbuJQWnqLpHKhC5uwyP2KH8Do34vnz1jW9DKFZB8_L5jkCL3HSxiC5FrWchCU_Abi-MQh-gCG4X7WbXPe4lVECKXZI1&t=638333973895133451 HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t_logo-b.png HTTP/1.1Host: twitter-badges.s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/bol_logo.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/register.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/login.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /userfiles/image/btv-screen.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/video.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.fancybox-1.3.4.pack.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/AC_OETags.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.easing-1.3.pack.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=rzkfFnVPFNqILIGRE_aCXAFFv0KgHguFS5RYIiRmZfQ1Y7x9fMjAfn8iEob8Cael1xHw3HXgA5Nzumi0f9lwPDqeMA01&t=638333973895133451 HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/auctions.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/guarantee.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/delivery.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/content/Somersault-Shiraz-sm.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/content/bridgewater-mill-pinot-sm.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/content/Preece-chardonnay-sm.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/CallUs.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/bol_logo.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/getflash.gif HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/offair.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/menucentre.gif HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/register.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/login.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/video.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/auctions.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/guarantee.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/delivery.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /userfiles/image/btv-screen.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/CallUs.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/getflash.gif HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/menucentre.gif HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/offair.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839

Source: global traffic	DNS traffic detected: DNS query: www.bidsonline.tv
Source: global traffic	DNS traffic detected: DNS query: twitter-badges.s3.amazonaws.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49731 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/35@10/152

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1948,i,550653106159733678,13402877363024548303,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.bidsonline.tv"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1948,i,550653106159733678,13402877363024548303,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
52.217.69.12	unknown	United States	16509	AMAZON-02US	false
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.78	unknown	United States	15169	GOOGLEUS	false
1.1.1.1	unknown	Australia	13335	CLOUDFLARENETUS	false
74.125.133.84	unknown	United States	15169	GOOGLEUS	false
54.231.136.249	s3-w.us-east-1.amazonaws.com	United States	16509	AMAZON-02US	false
142.250.186.106	unknown	United States	15169	GOOGLEUS	false
142.250.181.238	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.142	unknown	United States	15169	GOOGLEUS	false
13.75.235.30	bidsonline.tv	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.195	unknown	United States	15169	GOOGLEUS	false
172.217.18.99	unknown	United States	15169	GOOGLEUS	false
142.250.184.234	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
s3-w.us-east-1.amazonaws.com	54.231.136.249	true
bidsonline.tv	13.75.235.30	true
www.google.com	142.250.184.196	true
twitter-badges.s3.amazonaws.com	unknown	unknown
www.bidsonline.tv	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://www.bidsonline.tv/scripts/ShowAuction.js	false		unknown
http://www.bidsonline.tv/images/offair.jpg	false		unknown
http://www.bidsonline.tv/images/guarantee.png	false		unknown
http://www.bidsonline.tv/images/auctions.png	false		unknown
http://www.bidsonline.tv/favicon.ico	false		unknown
http://www.bidsonline.tv/scripts/AC_OETags.js	false		unknown
http://www.bidsonline.tv/images/bol_logo.png	false		unknown
http://www.bidsonline.tv/images/menucentre.gif	false		unknown
http://www.bidsonline.tv/fancybox/jquery.fancybox-1.3.4.css	false		unknown
http://twitter-badges.s3.amazonaws.com/t_logo-b.png	false	0%, Virustotal, Browse	unknown
http://www.bidsonline.tv/images/content/bridgewater-mill-pinot-sm.jpg	false		unknown
http://www.bidsonline.tv/images/register.png	false		unknown
http://www.bidsonline.tv/images/login.png	false		unknown
http://www.bidsonline.tv/images/delivery.png	false		unknown
http://www.bidsonline.tv/userfiles/image/btv-screen.jpg	false		unknown
http://www.bidsonline.tv/images/video.jpg	false		unknown
http://www.bidsonline.tv/images/getflash.gif	false		unknown
http://www.bidsonline.tv/themes/bidsonline/style.css	false		unknown
http://www.bidsonline.tv/images/CallUs.png	false		unknown
http://www.bidsonline.tv/fancybox/jquery.fancybox-1.3.4.pack.js	false		unknown
http://www.bidsonline.tv/fancybox/jquery.easing-1.3.pack.js	false		unknown
http://www.bidsonline.tv/images/content/Somersault-Shiraz-sm.jpg	false		unknown
http://www.bidsonline.tv/	false		unknown
http://www.bidsonline.tv/WebResource.axd?d=rzkfFnVPFNqILIGRE_aCXAFFv0KgHguFS5RYIiRmZfQ1Y7x9fMjAfn8iEob8Cael1xHw3HXgA5Nzumi0f9lwPDqeMA01&t=638333973895133451	false		unknown
http://www.bidsonline.tv/images/content/Preece-chardonnay-sm.jpg	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 01:17:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	3044EDD496C82DD881DF67A6FD517F71	801F3FB07801CDDDB67A21FE4DD66F9AAD9B1BC7	023EFF9ACAE2840FDD5DF01C014F8010D8B10B8B265B19056378A978364E7307
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 01:17:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	95F3D4AE11794EFF1E0A76CF15C52420	E735F9F1AA37907CA8FA629949376BED387B0F3B	C7FF89CCFCE536C32C192B435C41CBA660C6DB6BA1FB43F7B2F9CB7B4CFAF419
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	0129C6DA591285DB48128EA5C4559DFB	3D6F5D67AD7C0833EFBDB1FB6F05093F0923F0DC	0A9F13DEFD5E5C9111C3F6C87D0A2CB0E8BC306A4EF5BD7A435D7E6086CA3060
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 01:17:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	DF2D8E3B632E3BDA1273DAE60EE838B2	9395F0D13EFF758D27F645B9F0DC5D19A35148FC	24C644693BE5FD3CDCC50340892025F37E41A2EEB5160EC6B14282360977A6C3
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 01:17:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	477BFDFA37AFFA11598CB1A52847D63A	B8BA345EE87B0CCD69FDF097C1DCCEB71CD03C26	66EFEFD153F2AC56CB7A276AD8255262E44BBB6EF49E1B272173227E23599C8E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 01:17:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	16D100B266A32B1E6D4D72A198C9BA8E	CB04AAAB3DC6004AD23F5B3E92BF2C86501DE86B	DDA52A6A803435AF0A9BCA771167BE8BBFEFFC3E5F1AA63EDC2E27E16508D884
Chrome Cache Entry: 104	PNG image data, 200 x 93, 8-bit colormap, non-interlaced	874DC4DC0AE3C1485DD5C37212FD12CD	863C7DAF3266A39399311A24DC7390912F8F79E9	9E0676BDA76E2F026E94A09E1CF541F71D70055AC69471079DF6906D864A241E
Chrome Cache Entry: 107	HTML document, ASCII text, with CRLF line terminators	5343C1A8B203C162A3BF3870D9F50FD4	04B5B886C20D88B57EEA6D8FF882624A4AC1E51D	DC1D54DAB6EC8C00F70137927504E4F222C8395F10760B6BEECFCFA94E08249F
Chrome Cache Entry: 108	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	F0923DE6BF6B8D82BDB2183176F19EC8	3E0F3469C8FACC07A0CA8909F5AA3DF2CEC7FFD6	BDB2516E68F67AFBA64FFC34C226080F79D0902E89CF087B7DE720868BEF584F
Chrome Cache Entry: 109	HTML document, Unicode text, UTF-8 text, with very long lines (19064), with CRLF, CR line terminators	C83E2D1912F07B0E26AF6CAE29558EF5	31B75ED930484C150B52F86DE7C80B454FAD45FE	BDA1160E3E5F3C4FEF8B9C621FB5F6F69DD4EBAB94FF2C6F6AD0FE6734A1EA37
Chrome Cache Entry: 111	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 15624	66DED249AD94BF0F0A289CEC683E4247	8BD0FC5AEE6B3C53197926DD3AB8B90BAC93E833	7C8FC5C3E2494341CA35FAE8745227FA4F32FB68D4B23B4E4863D4389EF38176
Chrome Cache Entry: 112	Unicode text, UTF-8 text, with very long lines (3199)	DEF257DBB0AB805C4996FD8ABB1A6B49	55D99C8D1E3E5867724A274DF57AD05E3168A5CC	9A7F76FDC1930049302DFF8D3CB5E6E0CBFCF8FEB6D1B1A06EF16A7445B05111
Chrome Cache Entry: 113	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 9666	8FD457C9BED01FB17D61252A0A6F9089	BFFE5CFF2A82579047914E1FD2BFAB50F8403266	9CE42D307084DC613413A22CE2A06B166A346D13F6A189C274B3FC14DEF5A072
Chrome Cache Entry: 120	PNG image data, 93 x 40, 8-bit colormap, non-interlaced	DFF624ED12EFA46E96D2FF1150300309	C082D004F68D768187A770862466620AF238B50B	5CE46FC1BFDAC171D64DF1DC7F1A696307E4F9D00B55DB3A1201B1D0C7AFCD23
Chrome Cache Entry: 121	ASCII text, with very long lines (752)	8BC36A08C46719377528D962966CE37C	CAEB31E930068CE5820B239D44D8415F95957138	D84BAC3710C2842DC8D5D5AE6E324007443CBD8AE26B909DD89BC2BDC31C8561
Chrome Cache Entry: 72	PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced	05DA34F2EE296CF14C2BA5068BD53437	357BE5018B84F662BB00F7A40C959D5D62E4AE3E	B71B87890879F43802EA9C970A0198847C9CBF0BF78C99C5BDAA842519F3488B
Chrome Cache Entry: 73	PNG image data, 200 x 90, 8-bit colormap, non-interlaced	1D030A53637BD95492392E1B3E8C3F1A	96EA28BA126BDE590379C46AACD8A0A6FBFAD1C5	0721C68AD0C858DDBF288FF1E143F4B013F9ABDE50187CB42B14B406571EBB8D
Chrome Cache Entry: 75	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 6717	6180DA120EAB05828C7C28E1C3E6BC18	F55CB9AFE9B7A4D81E0E9A3AC063A7B8CD73F38A	78C414CBD95313DCE19D1BB2124B3B115C191DCCD57B58D5EEF57AF5A9878DE5
Chrome Cache Entry: 77	PNG image data, 286 x 64, 8-bit colormap, non-interlaced	07C02DB801A744A48BA2C07F8500652B	87DF1C12F3E8A038933C1B331D0F0D87D112F253	69183874A7268C3AEE96AF01592FCBCF27C8C34744A3FF2DF5122C31435F0C08
Chrome Cache Entry: 79	gzip compressed data, max compression, original size modulo 2^32 46274	01D5892E6E243B52998310C2925B9F3A	58180151B6A6EE4AF73583A214B68EFB9E8844D4	7E90EFB4620A78E8869796D256BCDDBDE90B853C8C15C5CC116CB11D3D17BC4D
Chrome Cache Entry: 80	ASCII text, with CRLF line terminators	4638CE99EF00CF62BFB22D230F9924B8	DC79D46238A7DD0A7B63F640BCE08AE52AF73B36	B16DC95BB0DEE2BE9A35DD088B2624C26B574A51611CF64AA9F04E9464E054A9
Chrome Cache Entry: 81	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 147x120, components 3	49BA4FBC22C7262F9F364F3CCDB73CA2	C7C1102828A3409B5F21917E4CF2E9212A2745F9	BD42FD156DEE0BB790B87959B9DA9D541E078B78854B6AEF6B05C4B47DD77844
Chrome Cache Entry: 83	GIF image data, version 89a, 93 x 37	D8657000EE74D49175B16DAE74A9A90F	559EFD7948BE059E86B6E2CC3398C6C7D3F2812B	B3EAA42814EA3CC301345AC7E4D131A1A388AC9404C91FD69D0E7232B89E8666
Chrome Cache Entry: 84	PNG image data, 110 x 40, 8-bit colormap, non-interlaced	1F91B9AE976716FC0C183B98794C56C0	B81372B61F68BA53CBE1ED22E2D9D9514F1BBCAF	4E609F9292D77B13439A032BD26D24B452FF4EAB2DD1336E5F3BCEB7703CCA85
Chrome Cache Entry: 87	PNG image data, 200 x 90, 8-bit colormap, non-interlaced	3FB9065587BF42D8240170596FE74E6D	CB8A8B20419F7C03A4BB625E8043F87F0998E0B1	E71A883C929F184146AEED337A9C3BFCCE4EB2461B318156D02BA6A421D4DDFE
Chrome Cache Entry: 88	ASCII text, with very long lines (820)	73A9C334C5CA71D70D092B42064F6476	B75990598EE8D3895448ED9D08726AF63109F842	517364F2D45162FB5037437B5B6CB953D00D9B2B3B79BA87D9FE57EA6EE6070C
Chrome Cache Entry: 89	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 400x264, components 3	E45A62AA17F0BAB843CFC53945B057E8	904AC64104C9D37C164D45AF47E0CEAC2024AF2D	4ED11CB1CD552C12A25A85344C457EF5F5E8FB3963D7BBFCA5B527A1A29654D8
Chrome Cache Entry: 90	PNG image data, 234 x 127, 8-bit colormap, non-interlaced	A4DF09B8055098DC1A35279D18DC4679	0D35C196C5804A1FB28061C86EFCEAF8F17DEB6D	08BCB542C99955EF000B14ABDBFB56C7FA3408FDD6095CD68ED022C106470870
Chrome Cache Entry: 92	ASCII text, with CRLF line terminators	EAC91542A05209478107C4A3725CE29C	2987E7C40CE780293B3CDD39C4AD491F471BCCEE	0BA2F6756001669BDF934F9D79E8FD1CCF2028130C33A0510279581EC9DFD73A
Chrome Cache Entry: 93	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 120x340, components 3	B1D7FE4617011A9A9125DF48502CB52C	900C5D65E38D1B2138987A664EF139B9F2256C21	D5037CE98F1DA665475B7776F62A49E9E4918AFDBFA273755330634C89466B19
Chrome Cache Entry: 94	GIF image data, version 89a, 9 x 40	10966860D625FAA901F8CC7B387F0060	C9E53360703D17EAEF7A1332431BA888017F109B	72586BFCF05F60B1B41F5AF311832790D9A7839B5790F12FA5448846CD96D4FB
Chrome Cache Entry: 95	ASCII text, with CRLF line terminators	B1D9AA8D7E88DB4E7E9F10503145B60D	E7F909633AFBC92A54F2008B5EF18D8C283D1057	AEAA9E7C8C70D2CE5431CFDF5387E4A96FD55FF14FADD4420CF7CFE6ADF01AA1
Chrome Cache Entry: 97	ASCII text, with CRLF line terminators	B3E32372DFF720EA105B338CB06A8796	391794289A3C75D258CBB6FE1A70BF15164957E2	71573D822086F06E8BCB4C1F95455C19F1AFEA621359EBBCEA8B60358CBFC5C5
Chrome Cache Entry: 98	ASCII text, with CRLF, LF line terminators	26A509752705E9CF4DE6E58C8A0DE363	AF854B8871C9A4CEB7B8901B25881E050659F82B	0086C4D22761BEF189E61D1DD3D3B27AF527DB74D5F8C88677661F44BF0C87D5
Chrome Cache Entry: 99	ASCII text, with CRLF line terminators	23562764BDD21F885025D3DF1B95037F	0F55B795E54001FD60429D25EFE52AD705186BBE	CFA538B83414C504A126CCFD85960CB8650DA737C10C5ED71CBCB5D6B1FB2E71

HTML page contains hidden javascript code

Source: http://www.bidsonline.tv/

HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49731 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197
Source: unknown	TCP traffic detected without corresponding DNS query: 4.175.87.197

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: application/javascriptContent-Encoding: gzipLast-Modified: Thu, 11 Nov 2010 13:40:00 GMTAccept-Ranges: bytesETag: "0b89fefa581cb1:0"Vary: Accept-EncodingServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 5577Data Raw: 1f 8b 08 00 00 00 00 00 04 00 b4 3b 7b 77 9b 38 f6 ff fb 53 50 e6 b7 0e 8a 65 e2 a4 9d 76 17 42 72 d2 34 ed 74 a7 af 69 3a 8f dd 4e e7 1c 19 64 9b 04 03 05 1c 37 b5 fd dd 7f f7 ea 01 02 3b 7d ec d9 9d 33 29 20 5d 5d 5d 5d 5d dd a7 7c b0 df b3 f6 ad a7 2c 0d 6f 1f 67 9f ac a1 75 f5 cb 82 17 b7 d6 9b 64 31 8d 53 ec bb 8c e7 79 c2 2d 96 46 d6 04 c1 ac 24 9e ce aa 31 00 b3 a4 e2 45 ca aa f8 86 03 20 c2 5e 7c 62 08 5c 0a e8 28 0b 17 73 9e 56 00 90 a5 16 ab 3c 6b 56 55 b9 77 70 20 d0 00 02 37 e5 15 8e c2 bf f3 2c bf 2d 10 b1 e5 84 c4 3a 1a 8d fe 0e b4 1c 8d 0e 47 d6 3f 59 1a 97 d6 e5 35 2b 52 9e c4 25 02 bf 9b b1 ca 2a 59 1c 51 2b ae 2c e8 9d b1 22 4a 6e 2d 66 65 29 1f e6 bc 28 61 c2 bc c8 ae 78 58 b9 d6 4b 96 de 5a 39 cf 70 15 33 76 c3 ad 72 31 9e c7 55 c5 23 6b bc 98 96 d4 0a b3 88 53 41 72 36 99 f0 02 da ab 19 8f 0b 8b 45 37 71 c8 ad 49 c1 79 72 eb c2 ac d8 58 2e f2 3c 2b c4 ac d3 82 b3 0a a7 cd f3 82 87 31 03 8c ae 5e cf 6f 40 04 2c db b3 0e dd fb ee 03 cb 39 3c 3c 80 ff 71 41 04 bb df f2 8f 8b b8 e0 a5 a7 f9 7d 03 70 03 c5 c5 27 0b 96 00 97 43 9e 96 40 cb 22 8d 78 81 14 59 2f 9f bf 13 54 3e 7b f3 42 77 97 1e 0e b0 34 67 97 cb a5 9b e5 d0 91 2d 8a 90 bb 59 31 3d d0 80 07 b0 e4 a1 fa 70 f3 59 be 35 6e 9a 2e da 03 a6 79 e2 ce aa 79 02 90 07 bd 9e ef 4c 16 69 88 5b e9 8c c9 ea 86 15 d6 9c 56 74 41 27 f4 09 bd a2 17 34 a5 9f e9 19 fd 18 8c 28 0f 56 1b 9a 05 ef 3f d0 1c be 22 fc 4a f0 eb 59 90 2e 92 84 de 04 29 5f 5a cf e7 6c ca e9 3f 83 83 3f 5d e7 2a 9f ae a7 f1 64 9d a7 d3 f5 78 9e af af 72 3e 25 8e bb 4f 4e ff ef 20 a6 bf 07 07 ef ff fa d3 fd 00 80 e5 72 42 fe 2c f7 b1 f5 67 fa 22 38 a4 b7 30 41 19 d8 36 2d 68 4c 67 c1 84 25 25 a7 8f 83 b1 cb 3f 55 3c 8d 9c b1 63 1f 47 f1 cd c1 89 4d de 8f 3e d0 15 c8 44 ee 8d 36 84 be 04 98 71 91 2d 4b 5e b8 f3 32 e6 fd 7e f3 7d 23 b7 ee f8 51 bf 7f 6f 19 a7 51 b6 74 ff 78 f9 e2 27 e0 14 ee 1a 2f 2b fa 2a a8 79 41 56 95 3b 8b 23 ee 10 ff c6 05 e9 2b 8a ac 08 f0 2d c9 58 24 16 ec 3f eb f7 9f b9 6c 0c 42 03 40 73 97 cf f3 ea d6 21 1b fa da c4 12 4f 1c 41 7d 10 04 b0 6f e9 05 e2 71 32 fa 91 72 62 4c a1 96 b8 e1 f0 cf 8a bb 55 5c 25 fc 72 96 2d 65 b3 cf dd 65 1c 55 b3 c0 66 8b 2a b3 e1 13 24 16 8e 94 fe 9e 8b ed 74 f6 8e 73 2b 8e 02 5b 1f c3 a1 20 da 3e 01 f9 b6 0a b9 42 10 bb 30 4b 81 85 95 15 b2 34 cd 2a 6b cc 2d 5c 11 48 f8 f1 b8 b0 0e 4e de 24 9c 95 dc aa 40 74 d9 94 c5 a9 95 80 f8 17 ee f1 41 7e b2 47 fc de 53 58 e0 86 3e 37 57 88 22 c3 82 ec fd c7 0f 34 a4 53 7a 4d cf e9 1b ba f4 5f c1 b2 78 b3 63 20 2c 63 77 92 ba b5 8e 88 f8 84 2d 92 aa a4 d5 2d 9c e1 89 35 76 18 71 23 56 31 a7 5e 80 4d 82 c0 c6 63 32 89 53 1e d9 a7 dc db 09 44 fc a5 e0 ed 65 c5 60 2b 24 6f 7d e0 fb 12 78 2e f8 47 66 9a 8f c8 5e e8 51
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: application/javascriptContent-Encoding: gzipLast-Modified: Tue, 02 Feb 2010 13:33:00 GMTAccept-Ranges: bytesETag: "04ecb3cca4ca1:0"Vary: Accept-EncodingServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 2197Data Raw: 1f 8b 08 00 00 00 00 00 04 00 ec 58 e1 6e 9b 5a 12 fe 9f a7 38 f7 4a 2b 83 8d 21 38 75 9a c6 f1 56 c4 26 09 bb 8e ed 02 6e 9a 6d 72 25 0c c7 36 8d 0d 14 0e 49 73 83 1f 68 5f 63 9f 6c 67 0e c6 c1 b1 6f da bb 5a 69 a5 55 2b 35 3e 3e 33 f3 cd 37 df 19 06 83 52 dd 23 55 f2 e5 43 4a e3 47 a2 3b 89 1f 4c c9 bd 2a 1f 90 3a 99 31 16 1d 2b ca 34 99 7a b2 1b ca e9 9d 92 38 81 37 0e bf 29 5f be a2 bb 42 b9 bb 02 00 88 31 4a 68 42 d8 8c 92 71 ea cf 19 f1 03 92 db 89 eb 44 ce d8 9f fb cc 07 07 c7 f3 a8 47 8c a0 48 a9 ca 2a 06 b3 90 84 93 09 8d c9 22 9d 33 3f 9a d3 22 38 8c 98 1f 06 c9 2a 87 ad 9b 97 16 19 9c 91 91 a5 03 c3 0d da 68 c7 ff 83 88 06 24 09 d3 d8 a5 24 0d 3c c0 44 52 a7 56 97 f4 7c 97 06 09 95 49 e1 da 09 a3 c7 d8 9f ce 18 f9 d7 3f 49 63 7f ff 88 9c d3 30 9e 52 72 e9 9e fb c1 9c 3e 12 6b e1 b3 19 ba 6a f3 39 e1 ae 09 89 69 42 e3 7b ea c9 05 8c 49 3d 3f 61 b1 3f 4e 91 2b 01 91 48 9a 50 54 60 45 03 77 c6 7e e0 00 d7 49 18 2f 12 89 3c 00 2c 09 63 fe 19 a6 8c 2c 42 cf 9f f8 ae 83 00 12 07 75 62 4a 22 1a 43 7e 06 82 45 71 78 ef a3 72 6c e6 30 5e d0 24 9c cf c3 07 ae 6f 18 78 3e 57 89 07 2d 28 3b de cd 2c 01 8d 0b 4a 6e e8 81 6b 9a 30 28 87 39 40 15 31 9d 71 78 8f a6 42 95 20 64 20 99 04 36 3f 21 73 40 42 00 c4 2d a7 0c 90 54 99 0f a4 74 e7 8e bf a0 b1 bc 8b 03 e4 2a 69 51 70 80 02 bd 14 78 fd 18 0d c4 05 2a 3f 48 83 ac ca f3 42 37 5d d0 80 39 c5 31 29 70 02 21 58 a0 ed 1c 46 63 df 99 27 1c 7a ad 36 3f 26 1e 5a 2a 61 7d ee 7d ea f3 60 74 08 9c 05 45 4a 9c 7f 0a 87 1a 03 ed 67 53 b2 a2 9b 83 84 71 02 19 1f c9 98 62 a3 78 d8 fd 34 f0 60 97 e6 95 c5 c8 60 11 32 8a 9f 20 0b 34 1d f4 b1 0f 3d 47 26 60 c8 85 48 c2 09 7b c0 03 2f 7a 28 89 a8 8b 4d 04 41 3e b6 56 8c ad 13 e4 4d 94 24 65 e2 f6 85 61 11 6b 70 66 5f 69 a6 4e 60 3d 34 07 1f 8d ae de 25 a7 d7 60 d4 49 67 30 bc 36 8d f3 0b 9b 5c 0c 7a 5d dd b4 88 d6 ef c2 6e df 36 8d d3 91 3d 80 8d 5f 35 0b 22 7f e5 06 ad 7f cd 71 f5 4f 43 53 b7 e0 02 35 89 71 39 ec 19 00 08 19 4c ad 6f 1b ba 25 11 a3 df e9 8d ba 46 ff 5c 22 00 42 fa 03 9b f4 8c 4b c3 06 37 7b 20 f1 c4 db 61 70 b5 23 f4 a5 6e 76 2e 60 47 3b 35 7a 86 7d cd d3 9e 19 76 1f d3 9d 41 3e 8d 0c 35 d3 36 3a a3 9e 66 92 e1 c8 1c 0e 60 42 60 75 5d c3 ea f4 34 e3 52 ef ca 40 00 92 12 fd a3 de b7 89 75 a1 f5 7a 98 13 d1 4b 05 0f ae fa ba 89 15 6c 54 7b aa 03 55 ed b4 a7 e7 c9 a0 de ae 61 ea 1d 1b 8b 7a 5e 75 40 43 a0 d8 93 88 35 d4 3b 06 2c 38 b8 fe 49 87 b2 34 f3 5a 5a e1 5a fa 87 11 38 82 03 e9 6a 97 da 39 54 29 7c 47 1c 38 a1 ce c8 d4 2f 91 3a cc 3f 6b 74 6a d9 86 3d b2 73 fa e7 83 41 97 cb 6e e9 e6 47 a3 a3 5b 2d d2 1b 58 c5 a4 94 20 8b ad f1 e4 00 03 aa 81 19 d6 a7 23 cb e0 fa 19 7d 98 ab e6 68 68 1b 83 be 08 27 7e 05 0a 01 4f 0d 42 bb fc 5c 51 ec 4
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKContent-Type: application/javascriptContent-Encoding: gzipLast-Modified: Mon, 20 Jul 2009 00:28:00 GMTAccept-Ranges: bytesETag: "0e8a0efd08ca1:0"Vary: Accept-EncodingServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 2500Data Raw: 1f 8b 08 00 00 00 00 00 04 00 ec 5a 79 6f db 3a 12 ff 3b 01 f2 1d a6 c2 e2 d9 46 6c f9 c8 d1 c3 4d 0a 6f 7a a0 8b 5e 68 8a f6 01 d9 e0 81 96 68 5b ad 2c 69 49 ca 8e d1 97 ef be c3 4b 92 75 a4 69 d3 02 fd e3 15 a8 2d 91 33 bf 99 e1 1c 1c d2 e9 f7 e1 79 48 f8 02 de 85 64 43 19 7c a4 8c 07 71 04 4f a9 a0 9e 90 4f 3d 78 4f 57 30 74 8f f7 76 91 58 8f c3 59 18 d0 48 c0 bf 59 bc e6 c8 25 36 09 55 d3 67 71 b2 61 c1 7c 21 da 5e 07 46 83 c1 51 0f 3f 8e 61 e2 c7 53 0a af 89 c7 e2 25 f5 03 02 e7 f1 4c ac 09 a3 5d 78 f5 ea cc 85 49 18 82 62 e3 c0 28 02 ae a8 ef ee ed ae 08 83 80 bf 7c 06 70 02 ed 88 ac 82 39 11 31 73 49 92 18 2d dd 20 f2 e9 d5 db 59 db 79 7d fe f2 99 d3 81 7b 27 d0 1b 76 e0 09 08 96 52 78 04 33 12 72 3a b6 48 9f 82 a8 11 49 c4 af e2 35 65 67 84 d3 76 27 c7 5d 07 d1 37 61 df 26 94 91 6d e0 14 6d 98 cc 71 85 72 24 45 75 03 d6 de ee 2c 8d f4 8a 9f c5 91 60 71 68 54 6b 77 f6 76 bf ee ed ee 48 61 2b 3d 34 36 af e4 2a b6 8f 1a 62 07 5d f0 e6 ed 87 67 88 1b d1 35 4c 10 6f 45 ff 7c 3b fd 8c 3e 6b 73 c1 9e c7 71 07 c4 42 7a 0d 48 04 f4 ca a3 89 12 19 cc 40 4f a3 3d 51 4b 00 ae 94 58 50 74 c6 3c c0 f1 0d 22 e3 27 48 35 a4 08 a3 06 ac 03 f4 1b 3a 96 53 01 b3 98 c1 70 e0 fe 09 f8 3d 67 94 08 0c 8b 44 c5 14 97 5c a8 2a 2e 51 55 29 e7 7c 11 7b 5f d6 64 45 55 18 ba a5 d7 e1 c0 e9 48 13 77 ac c8 13 69 b4 fb 82 8a 8f 84 05 64 1a d2 b6 f3 2f 33 a7 29 af c1 23 c2 5b 40 9b 76 94 be d7 6a 5d d0 be f6 3d 43 87 eb b9 a3 2c c9 4c ba c9 a6 87 8d 26 fd a8 4d 0f 8d 49 b7 b7 a9 62 94 b4 ea ce 96 3d f8 e9 96 3d f8 4d 2c bb ff d3 2d bb ff 9b 58 76 8c 96 19 73 20 8e c2 cd 5d 6c 3a b6 36 59 a1 41 c4 05 09 43 ea 1b 11 58 0b 80 63 c1 c6 32 b0 0a 94 3a f1 0c 35 18 58 fa 06 eb c1 63 08 4f b9 52 d8 8c 72 c9 e7 8e 46 aa f8 a4 f3 85 7e 7d d8 b5 50 3c 86 35 85 05 ea 06 22 96 06 7b b8 39 cc d2 d0 85 2d 0d 7d 3a 23 69 28 24 8d 2c 4f b3 80 71 01 49 3a 0d 03 cf 4a 2a 79 c9 f9 f4 f2 0d 1c 77 07 dd d1 b0 3b 70 74 91 54 50 a6 0a a2 2b 70 f3 89 d7 e7 1e 0b 92 89 e7 51 ce c1 8f 51 f9 28 16 58 1f b1 fa 41 3b 90 e5 d8 4f 3d 5c 18 ac 8b a8 39 3b bc df 31 4a c9 28 c8 01 84 41 40 b9 24 5c 93 0d 2f 4a e4 64 a6 ac f3 70 8d 8d 33 25 52 21 52 bf 2b c2 7e 59 8c 1d ea ec 39 ca 42 ed 2e 41 76 f0 9b 24 ce c1 af b2 46 05 d8 01 06 d8 f0 81 0e b0 5f 64 c0 e8 67 18 d0 a0 fe 08 d5 47 03 86 0d ea 17 c8 7b c3 71 c1 20 99 02 8c 8a 94 45 85 ce 44 19 8a 86 fc 87 ac 88 4e 0a 58 d0 10 bb 1f 2c 23 ff 4b 03 86 59 84 49 e0 eb 3e 72 ab f7 7c 17 a6 f3 97 19 14 e6 1a da bd 24 42 25 75 d6 1c 61 e4 9c af 67 d8 1b b5 3b 5f 4d c3 73 de d7 2d 98 65 3c 3d 81 03 f0 16 d4 fb a2 56 4e cb 48 10 3c 90 a0 f6 89 30 46 36 a6 7b 9a 49 12 c4 cc 2c 34 ae ca 3b 3a cd c4 65 fb 16 a5 e8 99 3f fe 80 ca a4 1b d2 68 2e 16 70 0a 03 b3 7

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /themes/bidsonline/style.css HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.fancybox-1.3.4.css HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,/;q=0.1Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.fancybox-1.3.4.pack.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.easing-1.3.pack.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/AC_OETags.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t_logo-b.png HTTP/1.1Host: twitter-badges.s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/ShowAuction.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=BhbuJQWnqLpHKhC5uwyP2KH8Do34vnz1jW9DKFZB8_L5jkCL3HSxiC5FrWchCU_Abi-MQh-gCG4X7WbXPe4lVECKXZI1&t=638333973895133451 HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=rzkfFnVPFNqILIGRE_aCXAFFv0KgHguFS5RYIiRmZfQ1Y7x9fMjAfn8iEob8Cael1xHw3HXgA5Nzumi0f9lwPDqeMA01&t=638333973895133451 HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/ShowAuction.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=BhbuJQWnqLpHKhC5uwyP2KH8Do34vnz1jW9DKFZB8_L5jkCL3HSxiC5FrWchCU_Abi-MQh-gCG4X7WbXPe4lVECKXZI1&t=638333973895133451 HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /t_logo-b.png HTTP/1.1Host: twitter-badges.s3.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/bol_logo.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/register.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/login.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /userfiles/image/btv-screen.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/video.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.fancybox-1.3.4.pack.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/AC_OETags.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fancybox/jquery.easing-1.3.pack.js HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=rzkfFnVPFNqILIGRE_aCXAFFv0KgHguFS5RYIiRmZfQ1Y7x9fMjAfn8iEob8Cael1xHw3HXgA5Nzumi0f9lwPDqeMA01&t=638333973895133451 HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/auctions.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/guarantee.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/delivery.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/content/Somersault-Shiraz-sm.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/content/bridgewater-mill-pinot-sm.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/content/Preece-chardonnay-sm.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/CallUs.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/bol_logo.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/getflash.gif HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/offair.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/menucentre.gif HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/register.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/login.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/video.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/auctions.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/guarantee.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/delivery.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /userfiles/image/btv-screen.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/CallUs.png HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Referer: http://www.bidsonline.tv/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/getflash.gif HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/menucentre.gif HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /images/offair.jpg HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.bidsonline.tvConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: __utma=56734137.957244807.1728353839.1728353839.1728353839.1; __utmc=56734137; __utmz=56734137.1728353839.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1; __utmb=56734137.1.10.1728353839

Source: global traffic	DNS traffic detected: DNS query: www.bidsonline.tv
Source: global traffic	DNS traffic detected: DNS query: twitter-badges.s3.amazonaws.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Tue, 08 Oct 2024 02:17:19 GMTContent-Length: 1245Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 46 69 6c 65 20 6f 72 20 64 69 72 65 63 74 6f 72 79 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 45 45 45 45 45 45 3b 7d 0d 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 7d 20 0d 0a 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 34 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 7d 0d 0a 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 43 43 30 30 30 30 3b 7d 20 0d 0a 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 65 6d 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0d 0a 23 68 65 61 64 65 72 7b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 30 3b 70 61 64 64 69 6e 67 3a 36 70 78 20 32 25 20 36 70 78 20 32 25 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 74 72 65 62 75 63 68 65 74 20 4d 53 22 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 35 35 35 35 35 3b 7d 0d 0a 23 63 6f 6e 74 65 6e 74 7b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 32 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2e 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 77 69 64 74 68 3a 39 36 25 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 70 78 3b 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 7d 0d 0a 2d 2d 3e 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 3c 68 31 3e 53 65 72 76

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:49731 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/35@10/152

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1948,i,550653106159733678,13402877363024548303,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.bidsonline.tv"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1948,i,550653106159733678,13402877363024548303,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

ID:	1528605
Product:	CloudBasic
Start time:	04:16:48
Start date:	08.10.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://www.bidsonline.tv

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://www.bidsonline.tv

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://www.bidsonline.tv