Edit tour

Windows Analysis Report
SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Overview

General Information

Sample name:	SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe
Analysis ID:	1405429
MD5:	a3a38db6f62269ed7cee99fabb676135
SHA1:	39f4958ae7481b2a3e7452c2dffb648ea5e200be
SHA256:	7640282150d51c407ffdfe2fab35f2c60b93b0dc56ac93ad2459b16789aec61b
Tags:	exe
Infos:

Detection

Score:	44
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for dropped file

Multi AV Scanner detection for dropped file

Multi AV Scanner detection for submitted file

HTML page contains suspicious onload / onerror event

PE file contains section with special chars

Queries sensitive Plug and Play Device Information (via WMI, Win32_PnPEntity, often done to detect virtual machines)

Sample is not signed and drops a device driver

Yara detected Costura Assembly Loader

Yara detected Generic Downloader

Adds / modifies Windows certificates

Allocates memory with a write watch (potentially for evading sandboxes)

Binary contains a suspicious time stamp

Checks if the current process is being debugged

Connects to many different domains

Contains functionality for read data from the clipboard

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)

Contains functionality to communicate with device drivers

Contains functionality to delete services

Contains functionality to dynamically determine API calls

Contains functionality to get notified if a device is plugged in / out

Contains functionality to query CPU information (cpuid)

Contains functionality to read device registry values (via SetupAPI)

Contains functionality to shutdown / reboot the system

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Creates driver files

Detected non-DNS traffic on DNS port

Detected potential crypto function

Dropped file seen in connection with other malware

Drops PE files

Drops certificate files (DER)

Drops files with a non-matching file extension (content does not match file extension)

Enables debug privileges

Entry point lies outside standard sections

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found dropped PE file which has not been started or loaded

Found inlined nop instructions (likely shell or obfuscated code)

Found large amount of non-executed APIs

Found potential string decryption / allocating functions

HTML page contains hidden URLs or javascript code

HTTP GET or POST without a user agent

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

May sleep (evasive loops) to hinder dynamic analysis

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

OS version to string mapping found (often used in BOTs)

PE file contains an invalid checksum

PE file contains executable resources (Code or Archives)

PE file contains more sections than normal

PE file contains sections with non-standard names

Queries device information via Setup API

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Sigma detected: Use Short Name Path in Command Line

Stores files to the Windows start menu directory

Stores large binary data to the registry

Tries to load missing DLLs

Uses 32bit PE files

Uses code obfuscation techniques (call, push, ret)

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe (PID: 7040 cmdline: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe MD5: A3A38DB6F62269ED7CEE99FABB676135)

SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp (PID: 6820 cmdline: "C:\Users\user~1\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp" /SL5="$20428,58690757,832512,C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe" MD5: C40A8A7891124F63F741EE4E36AE459C)

7za.exe (PID: 7616 cmdline: "C:\SamFwTool\data\7za.exe" x "C:\SamFwTool\data.7z" -o"C:\SamFwTool\" * -r -aoa MD5: 2E3309647CE678CA313FE3825A57CCB9)

conhost.exe (PID: 7632 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

SamFwTool.exe (PID: 8036 cmdline: C:\SamFwTool\SamFwTool.exe MD5: 99B1E36598E55933E350430519B53B34)

cmd.exe (PID: 1660 cmdline: "C:\Windows\Sysnative\cmd.exe" /c driverquery /FO list MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 3724 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

driverquery.exe (PID: 1916 cmdline: driverquery /FO list MD5: E9AAEFB8346D15994D056DBDDCCBEA15)

WmiPrvSE.exe (PID: 6836 cmdline: C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding MD5: 60FF40CFD7FB8FE41EE4FE9AE5FE1C51)

chrome.exe (PID: 4268 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bit.ly/samfwtool MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 4252 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 6012 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5580 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 2756 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5652 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

SAMSUNG_USB_Driver_for_Mobile_Phones.exe (PID: 3576 cmdline: "C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" MD5: 885D3969D9A9839DF09987A2F0D4F267)

Setup.exe (PID: 1572 cmdline: "C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe" -chk_inst_ui -user MD5: 942BDC409342FCE90F6B68DEECE93E8F)

Setup.exe (PID: 6840 cmdline: "C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe" -user -escape_full MD5: 942BDC409342FCE90F6B68DEECE93E8F)

cleanup

Yara Signatures

Memory Dumps

Source	Rule	Description	Author
00000011.00000002.2702805083.000000000F440000.00000004.08000000.00040000.00000000.sdmp	JoeSecurity_CosturaAssemblyLoader	Yara detected Costura Assembly Loader	Joe Security
00000011.00000002.2630194836.0000000003951000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_CosturaAssemblyLoader	Yara detected Costura Assembly Loader	Joe Security
00000011.00000000.1534059786.0000000000662000.00000002.00000001.01000000.00000009.sdmp	JoeSecurity_CosturaAssemblyLoader	Yara detected Costura Assembly Loader	Joe Security
Process Memory Space: SamFwTool.exe PID: 8036	JoeSecurity_CosturaAssemblyLoader	Yara detected Costura Assembly Loader	Joe Security

Unpacked PEs

Source	Rule	Description	Author	Strings
17.2.SamFwTool.exe.5717f30.3.raw.unpack	JoeSecurity_GenericDownloader_1	Yara detected Generic Downloader	Joe Security

Sigma Signatures

System Summary

Sigma detected: Use Short Name Path in Command Line

Source: Process started

Author: frack113, Nasreddine Bencherchali: Data: Command: "C:\Users\user~1\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp" /SL5="$20428,58690757,832512,C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe" , CommandLine: "C:\Users\user~1\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp" /SL5="$20428,58690757,832512,C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe" , CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, NewProcessName: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, OriginalFileName: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, ParentCommandLine: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, ParentImage: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, ParentProcessId: 7040, ParentProcessName: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, ProcessCommandLine: "C:\Users\user~1\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp" /SL5="$20428,58690757,832512,C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe" , ProcessId: 6820, ProcessName: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for dropped file

Source: C:\SamFwTool\is-SLJ75.tmp

Avira: detection malicious, Label: HEUR/AGEN.1313293

Multi AV Scanner detection for dropped file

Source: C:\SamFwTool\SamFwTool.exe (copy)	ReversingLabs: Detection: 37%
Source: C:\SamFwTool\is-SLJ75.tmp	ReversingLabs: Detection: 37%

Multi AV Scanner detection for submitted file

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Virustotal: Detection: 25%

Perma Link

Phishing

HTML page contains suspicious onload / onerror event

Source: about:srcdoc	HTTP Parser: (function(img) { window.ftclick = ""; window.ftexptrack_7666032 = "
Source: about:srcdoc	HTTP Parser: (function(img) { window.ftclick = ""; window.ftexptrack_7666032 = "
Source: about:srcdoc	HTTP Parser: (function(img) { window.ftclick = ""; window.ftexptrack_7666032 = "

Source: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click

HTTP Parser: Base64 decoded: [null,null,null,null,null,null,[1709914754,882000000],null,null,null,[null,[7]],"https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click",null,[[8,"bwrMcs6ZcYg"],[9,"en-US"],[19,"2"],[17,"[0]"]]]

Source: https://www.youtube.com/embed/videoseries?controls=0&list=PLZUQU2i799iV5W4xHBWzf7hNcpiNHF9_y	HTTP Parser: No favicon
Source: https://www.youtube.com/embed/videoseries?controls=0&list=PLZUQU2i799iV5W4xHBWzf7hNcpiNHF9_y	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDZDRCZ10wY-YWr-AEwAQ&v=APEucNUOQUi-BDPV2nI8doVxvK5N0-F9Vqaijlx7DnKyD1m6UK8zAOKvBQtni0QCKK-qMpKI6u7C5ktZ77QZQD7mrdJeYQsbKw	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=600&slotname=9436650906&adk=3093387139&adf=91783236&pi=t.ma~as.9436650906&w=210&fwrn=4&fwrnh=100&lmt=1709914749&rafmt=1&format=210x600&url=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1709914746036&bpp=1&bdt=4632&idt=3019&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=4878663825463&frm=20&pv=1&ga_vid=65435421.1709914749&ga_sid=1709914749&ga_hid=118342943&ga_fc=1&u_tz=60&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=764&ady=1195&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31081640%2C95322183%2C95324161%2C95325784%2C95...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=600&slotname=9436650906&adk=3093387139&adf=91783236&pi=t.ma~as.9436650906&w=210&fwrn=4&fwrnh=100&lmt=1709914749&rafmt=1&format=210x600&url=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1709914746036&bpp=1&bdt=4632&idt=3019&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=4878663825463&frm=20&pv=1&ga_vid=65435421.1709914749&ga_sid=1709914749&ga_hid=118342943&ga_fc=1&u_tz=60&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=764&ady=1195&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31081640%2C95322183%2C95324161%2C95325784%2C95...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=600&slotname=9436650906&adk=3093387139&adf=91783236&pi=t.ma~as.9436650906&w=210&fwrn=4&fwrnh=100&lmt=1709914749&rafmt=1&format=210x600&url=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1709914746036&bpp=1&bdt=4632&idt=3019&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=4878663825463&frm=20&pv=1&ga_vid=65435421.1709914749&ga_sid=1709914749&ga_hid=118342943&ga_fc=1&u_tz=60&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=764&ady=1195&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31081640%2C95322183%2C95324161%2C95325784%2C95...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=600&slotname=9436650906&adk=3093387139&adf=91783236&pi=t.ma~as.9436650906&w=210&fwrn=4&fwrnh=100&lmt=1709914749&rafmt=1&format=210x600&url=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1709914746036&bpp=1&bdt=4632&idt=3019&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=4878663825463&frm=20&pv=1&ga_vid=65435421.1709914749&ga_sid=1709914749&ga_hid=118342943&ga_fc=1&u_tz=60&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=764&ady=1195&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31081640%2C95322183%2C95324161%2C95325784%2C95...	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1839315362497448&output=html&h=60&slotname=8063287263&adk=1828820463&adf=1436199206&pi=t.ma~as.8063287263&w=468&lmt=1709914748&rafmt=12&format=468x60&url=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1709914746028&bpp=1&bdt=4624&idt=2918&shv=r20240306&mjsv=m202403040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4878663825463&frm=20&pv=1&ga_vid=65435421.1709914749&ga_sid=1709914749&ga_hid=118342943&ga_fc=1&u_tz=60&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=274&ady=325&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31081640%2C95322183%2C95324161%2C95325784%2C95326430%2C95326916%2C31078663%2C31078665%2C31078668%2C31078670&o...	HTTP Parser: No favicon
Source: about:srcdoc	HTTP Parser: No favicon
Source: about:srcdoc	HTTP Parser: No favicon
Source: about:srcdoc	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	HTTP Parser: No favicon
Source: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEY1-C-yAEwAQ&v=APEucNUf2r99Ej_I6rothiVM2AVstY9ooNRFgRotuDgusoYaLOv1FoQeN4z9Kk7LatwO_mGyrXdrOHguAkXy1l_TjxNWSV8rbx-J9MiBQ-uUOw4JVWKycqY	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDkMxC1h9uaBBi5xL-CAjAB&v=APEucNXLut3fzZ0MEfW3T92Bs0gvNNXBdcVf711zAC1RIwP8ZlV1QhoE0Yx3mMnZ3wZFQOxQdyG_UZAb3LFnwojewYwuMYzz7SagZ9Cbp_UDDH5q_tLsims	HTTP Parser: No favicon
Source: https://tpc.googlesyndication.com/sodar/62bHydCX.html	HTTP Parser: No favicon
Source: https://tpc.googlesyndication.com/sodar/62bHydCX.html	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDkMxC1h9uaBBi5xL-CAjAB&v=APEucNUDrOQ1z-QMlycnvjN0CSHT_nN8c_b065drA4qXw8ltCVtoCoQJ09N8UaiMJMHKhMzbcalNRnccsyo_9VeUTYWrijh4mukNu222w_BPLBgd-NelPHc	HTTP Parser: No favicon
Source: https://u.openx.net/w/1.0/pd?cc=1	HTTP Parser: No favicon
Source: https://s-static.innovid.com/display/uploads/185020/962442/1702561272325/s/728x90/index.html?cb=1709908347831&aid=ABAjH0jbaKaj_NHsZl5dTJukAgE0&eid=1&iseid=&aasd=google.com&apid=pub-7383171830614216&ivc_campaignid=20866695092&ivc_click_through=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhA...	HTTP Parser: No favicon
Source: https://s-static.innovid.com/display/uploads/185020/962442/1702561272325/s/728x90/index.html?cb=1709908347831&aid=ABAjH0jbaKaj_NHsZl5dTJukAgE0&eid=1&iseid=&aasd=google.com&apid=pub-7383171830614216&ivc_campaignid=20866695092&ivc_click_through=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhA...	HTTP Parser: No favicon
Source: https://s-static.innovid.com/display/uploads/185020/962442/1702561272325/s/728x90/index.html?cb=1709908347831&aid=ABAjH0jbaKaj_NHsZl5dTJukAgE0&eid=1&iseid=&aasd=google.com&apid=pub-7383171830614216&ivc_campaignid=20866695092&ivc_click_through=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhA...	HTTP Parser: No favicon
Source: https://s-static.innovid.com/display/uploads/185020/962442/1702561272325/s/728x90/index.html?cb=1709908347856&aid=ABAjH0icaF4c33io6wNV2gJJleaU&eid=1&iseid=&aasd=google.com&apid=pub-7383171830614216&ivc_campaignid=20866695092&ivc_click_through=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5I...	HTTP Parser: No favicon
Source: https://s-static.innovid.com/display/uploads/185020/962442/1702561272325/s/728x90/index.html?cb=1709908347856&aid=ABAjH0icaF4c33io6wNV2gJJleaU&eid=1&iseid=&aasd=google.com&apid=pub-7383171830614216&ivc_campaignid=20866695092&ivc_click_through=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5I...	HTTP Parser: No favicon
Source: https://s-static.innovid.com/display/uploads/185020/962442/1702561272325/s/728x90/index.html?cb=1709908347856&aid=ABAjH0icaF4c33io6wNV2gJJleaU&eid=1&iseid=&aasd=google.com&apid=pub-7383171830614216&ivc_campaignid=20866695092&ivc_click_through=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5I...	HTTP Parser: No favicon
Source: https://proton.ad.gt/join-ad-interest-groups.html?evid=P0K5CIQX&igs=WyJJR0EwMDAwRiIsIklHQTAwMDE5IiwiSUdBMDAwMUIiLCJJR0EwMDAyMSIsIklHQTAwMDI1IiwiSUdBMDAwMkEiLCJJR0EwMDAyRSIsIklHQTAwMDJGIiwiSUdBMDAwMzAiLCJJR0EwMDAzMSIsIklHQTAwMDVCIiwiSUdBMDAwNUMiLCJJR0EwMDA1RiIsIklHQTAwMDYyIiwiSUdBMDAwNjUiLCJJR0EwMDA2NiIsIklHQTAwMDY3IiwiSUdBMDAwNjgiLCJJR0EwMDA2OSIsIklHQTAwMDZCIiwiSUdBMDAwNkYiLCJJR0EwMDA3MyIsIklHQTAwMDc1IiwiSUdBMDAwNzkiLCJJR0EwMDA4NCIsIklHQTAwMDhDIiwiSUdBMDAwOEQiLCJJR0EwMDA4RSIsIklHQTAwMDlCIiwiSUdBMDAwOUMiLCJJR0EwMDA5RCIsIklHQTAwMEE3IiwiSUdBMDAwQTgiLCJJR0EwMDBBOSIsIklHQTAwMEFBIiwiSUdBMDAwQUIiLCJJR0EwMDBBQyIsIklHQTAwMEFEIiwiSUdBMDAwQjIiLCJJR0EwMDBCMyIsIklHQTAwMEI0IiwiSUdBMDAwQjUiLCJJR0EwMDBCRiIsIklHQTAwMEM3IiwiSUdBMDAwQ0IiLCJJR0EwMDBFNCIsIklHQTAwMEVEIiwiSUdBMDAwRUUiLCJJR0EwMDEwMyIsIklHQTAwMTA1IiwiSUdBMDAxMDciLCJJR0EwMDEwOCIsIklHQTAwMTA5IiwiSUdBMDAxMEEiLCJJR0EwMDEwQiIsIklHQTAwMTBDIiwiSUdBMDAxMEUiLCJJR0EwMDEwRiIsIklHQTAwMTE2IiwiSUdBMDAxMTciLCJJR0EwMDExRiIsIklHQTAwMTIzIiwiSUdBMDAxMzgiLCJJR0EwMDE0NCIsIklHQTAwMTQ4Iiwi...	HTTP Parser: No favicon
Source: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84ZDdkN2FmOC00OGU1LTRmNjgtOGJhMS01NDM1MThhNGNhYzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv	HTTP Parser: No favicon
Source: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEY1-C-yAEwAQ&v=APEucNVE0GHWN5aGJbYaMq75YffDwNC65I8_4nboMcadMzp0Y9ynb1ZitiEgOMbOTEyCMbHa18iNc7oVNIGK2Ck6jQ2RDr3bezK4ePZlHr0IqheyP39BSpY	HTTP Parser: No favicon
Source: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-adMediaV1_rx_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_n-vmg_n-baidu_3lift&dcc=t	HTTP Parser: No favicon
Source: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-adMediaV1_rx_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_n-vmg_n-baidu_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3	HTTP Parser: No favicon
Source: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID	HTTP Parser: No favicon
Source: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS00VEJwUmN4RTJ1S3I1eVhueGRTZG1lWGNqOVRISkxZM35B	HTTP Parser: No favicon
Source: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4720380240128192332667	HTTP Parser: No favicon
Source: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=5739124417478682736&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAKyY0HgAppZgMDP2_TAAAAAAA&expiration=1709994757&is_secure=true	HTTP Parser: No favicon
Source: https://usersync.gumgum.com/usersync?b=adf&i=9060652894245162056&gdpr=&gdpr_consent=	HTTP Parser: No favicon
Source: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D	HTTP Parser: No favicon
Source: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D	HTTP Parser: No favicon
Source: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250	HTTP Parser: No favicon
Source: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250	HTTP Parser: No favicon
Source: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250	HTTP Parser: No favicon
Source: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=	HTTP Parser: No favicon
Source: https://usersync.gumgum.com/usersync?b=ttd&i=4380a510-b233-4451-a17c-ec53ca7f9b61	HTTP Parser: No favicon
Source: https://usersync.gumgum.com/usersync?b=sus&i=ZeshisCo5s4AAIV6WjAAAAAA	HTTP Parser: No favicon
Source: https://usersync.gumgum.com/usersync?b=rth&i=M5S-5-4GfP8H9azDQeEeI-L_lKcAfJGbve3SuVj3myQ&pi=gumgum&tc=1	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID	HTTP Parser: No favicon
Source: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east	HTTP Parser: No favicon
Source: https://eus.rubiconproject.com/usync.html?p=gumgum	HTTP Parser: No favicon
Source: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&redir=true&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2	HTTP Parser: No favicon
Source: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID	HTTP Parser: No favicon
Source: https://cdn.flashtalking.com/165449/4560084/index.html	HTTP Parser: No favicon
Source: https://usersync.gumgum.com/usersync?b=pbm&i=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2	HTTP Parser: No favicon
Source: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8190380959160668499&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1920574151252257451	HTTP Parser: No favicon
Source: https://eb2.3lift.com/sync?&ld=1	HTTP Parser: No favicon
Source: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7DpxbFD1RIBgQ5&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=be36ca60-dd58-11ee-aac7-add6991b662a	HTTP Parser: No favicon
Source: https://cdn.flashtalking.com/165449/Disney_EvolvingBanners_Feb2022_master_160x600_RL/index.html	HTTP Parser: No favicon
Source: https://cdn.flashtalking.com/165449/Disney_EvolvingBanners_Feb2022_master_160x600_RL/index.html	HTTP Parser: No favicon
Source: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6KxQfOyoAifzqVMn56gYf-r8DC3zqAJ65qy3nyfb	HTTP Parser: No favicon
Source: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGUw07L1kMAABVWe2Uo_A&gdpr=0	HTTP Parser: No favicon
Source: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7ee510c67c9a4a02bf80e	HTTP Parser: No favicon
Source: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=	HTTP Parser: No favicon
Source: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGUw07L1kMAABVWe2Uo_A&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://www.google.com/recaptcha/api2/aframe	HTTP Parser: No favicon
Source: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}	HTTP Parser: No favicon
Source: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU9417140dcb7c4d699172452ccaae91a7	HTTP Parser: No favicon
Source: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9sM9r_oDVSN4eO2NU2v64poQaSY&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=SM9lmLn8DN223YwNsyHrZQ	HTTP Parser: No favicon
Source: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7631948021216351434	HTTP Parser: No favicon
Source: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2	HTTP Parser: No favicon
Source: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc4465eb-21b3-4300-afdb-9dbad4f295fb&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)	HTTP Parser: No favicon
Source: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005	HTTP Parser: No favicon
Source: https://c1.adform.net/serving/cookie/match?party=14&cid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent=	HTTP Parser: No favicon
Source: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1	HTTP Parser: No favicon
Source: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2	HTTP Parser: No favicon
Source: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D	HTTP Parser: No favicon

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI

Source: unknown

HTTPS traffic detected: 104.98.116.138:443 -> 192.168.2.7:49710 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.7:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.88.24:443 -> 192.168.2.7:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.16.68.112:443 -> 192.168.2.7:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.16.68.112:443 -> 192.168.2.7:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.7:49823 version: TLS 1.2

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_bus\ss_whnt\objfre_w2K_x86\i386\ss_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2234433954.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_cm95\objfre_w2K_x86\i386\ssm_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2280580198.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Japanese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2038350236.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Chinese (Simplified).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1888075461.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\English (US).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1996610467.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Italian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2026128373.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_bus\ss_bus\objfre_w2K_x86\i386\ss_bus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2226416075.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Indonesian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\English (US).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1999416064.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_mdfl\objfre_w2K_x86\i386\ssm_mdfl.pdbL source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2283295839.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Portuguese (Brazil).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2088656272.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Indonesian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2124341456.0000000002744000.00000004.00000020.00020000.00000000.sdmp, lang2101.dll1.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Russian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Arabic.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1850427810.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdm\objfre_wlh_amd64\amd64\sscemdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2355604327.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdbus\objfre_wxp_x86\i386\sscdbus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2305533763.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecr\objfre_w2K_x86\i386\sscecr.pdbM source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2343223544.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdfl\objfre_wxp_x86\i386\sscdmdfl.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2308035714.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Hebrew.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Italian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2024120732.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\English (US).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1990743420.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscevcr\free\SSCEVCR.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2338694322.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Norwegian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2055428150.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Italian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2013266082.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdserd\objfre_wlh_amd64\amd64\sscdserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2319707790.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Slovak.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1813873839.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdirpro\sscdinstall\objfre_wnet_amd64\amd64\Setup.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2321835857.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: sfxcab.pdb source: WinUSBCoInstaller.dll0.24.dr
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_cmnt\objfre_w2K_x86\i386\ssm_cm.pdbla source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2281399092.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\French (France).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1789893738.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Hungarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1805071239.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdbus\objfre_wlh_amd64\amd64\sscdbus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2315202150.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\sscecmnt\objfre_wxp_x86\i386\sscecm.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2342171396.000000000274D000.00000004.00000020.00020000.00000000.sdmp, sscecmnt.sys.24.dr
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdwhnt\objfre_wlh_amd64\amd64\sscdwh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2320584992.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Malay.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1842228742.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Polish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2078355304.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_bus\ss_whnt\objfre_w2K_x86\i386\ss_wh.pdbS source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2234433954.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /home/runner/work/RestSharp/RestSharp/src/RestSharp/obj/Release/net471/RestSharp.pdb source: SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2739697725.0000000016840000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.000000000569D000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\French (France).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1788487655.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecm95\objfre_w2K_x86\i386\sscecm.pdbIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exeR source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2341193904.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Vietnamese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1834460243.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Dropbox\qud_builds\builds\1.00.61\QUD\HY11\QMI\win\qcwwan\filter\Release\qcusbfilter.pdb source: ssudqcfilter.sys.24.dr
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_comm\free\SS_COMM.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2235536033.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecm95\objfre_w2K_x86\i386\sscecm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2341193904.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdcmnt\objfre_wxp_x86\i386\sscdcm.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2307035908.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Romanian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2106471219.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: d:\kma_cc\kma_vi~3\hz-pct~1\driver\win\src\driver\viausb~1\objfre_wxp_x86\i386\VIA_USB_SER.pdb source: VIA_USB_SER.sys0.24.dr
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\sscebus\sscewh95\objfre_w2K_x86\i386\sscewh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2348378029.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_bus\ss_bus\objfre_wlh_amd64\amd64\ss_bus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2240659232.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscevcd\free\sscevcd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2337818097.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_mdfl\objfre_w2K_x86\i386\ssm_mdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2283295839.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_mdm\objfre_w2K_x86\i386\ssm_mdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2285304413.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /_/artifacts/obj/System.Text.Json/Release/net462/System.Text.Json.pdb source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_irpro\ssm_install\objfre_wnet_amd64\amd64\Setup.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2294244511.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Portuguese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2099318032.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Hindi.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2137541979.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: WdfCoInstaller01009.pdb source: WdfCoInstaller01009.dll0.11.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Chinese (Hong Kong).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1869194866.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Czech.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\ssceserd\objfre_wlh_amd64\amd64\ssceserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2357937178.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\Uninstall.pdbO source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2155036233.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /_/artifacts/obj/System.Text.Json/Release/net462/System.Text.Json.pdbSHA256Qb source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Turkish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1830936801.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v4_50_3\u32\brand\elkins\ssecmgmt\ssecmgmt\objfre_wlh_amd64\amd64\ssecmgmt.pdb source: ssecmgmt.sys0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Norwegian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2062744193.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\shrewsbury\ssadbus\ssadwhnt\objfre_wxp_x86\i386\ssadwh.pdb source: ssadwhnt.sys.24.dr
Source:	Binary string: Z:\b\HTE\QDART\QDART_MFG\BSP_Storage\QSaharaServer\Release\QSaharaServer.pdbp source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Czech.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1902788392.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Chinese (Simplified).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1881964758.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: costura.costura.pdb.compressed source: SamFwTool.exe, 00000011.00000002.2630194836.0000000003951000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_cm95\objfre_w2K_x86\i386\ssm_cm.pdbIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exe source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2280580198.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_mdm\ssm_cmnt\objfre_wlh_amd64\amd64\ssm_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2296241734.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Turkish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1833108343.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Romanian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2107610879.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\UKrainian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2129759084.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Greek.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1970530394.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceirpro\ssceinstall\objfre_wnet_amd64\amd64\Setup.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2360499738.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Portuguese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2101449843.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\build\workspace\msscs_19_git-pipeline_master\src\platforms\windows\Release\ss_conn_service2.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Dutch.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2050907418.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002744000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000000.2185241113.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 0000001F.00000002.2210591016.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000000.2490028732.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000002.2627842809.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Arabic.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1844864395.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Bulgarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1852655193.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdserd\objfre_wxp_x86\i386\sscdserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2310795188.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdm\objfre_wxp_x86\i386\sscemdm.pdbP source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2345299710.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Korean.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2042407089.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\German.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1963396839.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_bus\ss_whnt\objfre_wlh_amd64\amd64\ss_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2247160594.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Dutch.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_mdm\ss_mdfl\objfre_w2K_x86\i386\ss_mdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2231056467.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceirpro\ssceinstall\objfre_wnet_amd64\amd64\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2360499738.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_mdm\ss_cmnt\objfre_w2K_x86\i386\ss_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2228605017.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_cr\objfre_w2K_x86\i386\ss_cr.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2230031010.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Croatian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1807480724.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: winusbcoinstaller.pdbH source: WinUSBCoInstaller.dll0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Japanese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdb source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp
Source:	Binary string: DIFXAPI.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2162915136.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\jenkins\build\workspace\miflash_git\out\Release\bin\recovery.pdb source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_irpro\ss_install\objfre_wnet_amd64\amd64\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2239442053.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Portuguese (Brazil).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2080884413.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_irpro\ssm_install\objfre_wnet_amd64\amd64\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2294244511.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Bulgarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002749000.00000004.00000020.00020000.00000000.sdmp, lang0201.dll1.24.dr
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\sscebus\sscewh95\objfre_w2K_x86\i386\sscewh.pdbIoGetAttachedDeviceReferencentoskrnl.exeIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exe source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2348378029.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Czech.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1895849240.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdfl\objfre_wxp_x86\i386\sscemdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2344319539.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdm\objfre_wxp_x86\i386\sscdmdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2309035434.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Slovak.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Greek.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1984324459.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Polish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdfl\objfre_wlh_amd64\amd64\sscdmdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2317803781.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Vietnamese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1838531098.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Spanish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1781583931.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_bus\ssm_whnt\objfre_w2K_x86\i386\ssm_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2287783600.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Romanian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Thai.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1823496705.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Vietnamese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1836101852.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Polish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2077021316.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_cm95\objfre_w2K_x86\i386\ss_cm.pdbIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exe source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2227310801.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\build\workspace\msscs_19_git-pipeline_master\src\platforms\windows\Release\ss_conn_service2.pdb6 source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_irpro\ss_install\objfre_wnet_amd64\amd64\Setup.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2239442053.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdfl\objfre_wxp_x86\i386\sscdmdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2308035714.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Spanish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1780513234.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: winusbcoinstaller.pdb source: WinUSBCoInstaller.dll0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Chinese (Hong Kong).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1872348404.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\French (Canada).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1790910619.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Croatian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Arabic.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1845971650.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Hebrew.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1796992218.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\build\workspace\msscs_2.5\msscs\trunk\src\platforms\windows\Release\ss_conn_service.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\UKrainian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2127412053.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdwhnt\objfre_wxp_x86\i386\sscdwh.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2314115041.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_3\u32\brand\elkins\ssecbus\ssecbus\objfre_w2K_x86\i386\ssecbus.pdb8 source: ssecbus.sys.24.dr
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_bus\ss_wh95\objfre_w2K_x86\i386\ss_wh.pdbIoGetAttachedDeviceReferencentoskrnl.exeIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exe source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2233484567.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\dgderapi.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2165145612.000000000274D000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000002.2213433769.00007FFB0D5F5000.00000002.00000001.01000000.00000018.sdmp, Setup.exe, 00000021.00000002.2629681524.00007FFB1C5C5000.00000002.00000001.01000000.00000018.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdm\objfre_wxp_x86\i386\sscemdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2345299710.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdm\objfre_wlh_amd64\amd64\sscdmdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2318826431.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\English (UK).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2002091284.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_cr\objfre_w2K_x86\i386\ssm_cr.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2282347015.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscebus\objfre_wlh_amd64\amd64\sscebus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2352444362.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdcmnt\objfre_wxp_x86\i386\sscdcm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2307035908.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\build\workspace\msscs_2.5\msscs\trunk\src\platforms\windows\Release\ss_conn_service.pdb- source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Hungarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1802549328.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdfl\objfre_wlh_amd64\amd64\sscemdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2354427691.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Chinese (Traditional).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1867451078.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Spanish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1779546119.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdfl\objfre_wxp_x86\i386\sscemdfl.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2344319539.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\ssceserd\objfre_wxp_x86\i386\ssceserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2346483099.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Hindi.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2134360695.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /home/runner/work/RestSharp/RestSharp/src/RestSharp/obj/Release/net471/RestSharp.pdbSHA256 source: SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2739697725.0000000016840000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.000000000569D000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Korean.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2046404611.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Turkish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1828164046.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\French (France).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1787263721.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Danish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1946843505.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: Z:\b\HTE\QDART\QDART_MFG\BSP_Storage\QSaharaServer\Release\QSaharaServer.pdb source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_mdm\ss_mdfl\objfre_wlh_amd64\amd64\ss_mdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2242403851.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\English (UK).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2010393920.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\English (UK).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2005671327.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscebus\objfre_wxp_x86\i386\sscebus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2340147198.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\French (Canada).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1793958127.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_bus\ss_bus\objfre_w2K_x86\i386\ss_bus.pdbP' source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2226416075.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Malay.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1843560315.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdirpro\sscdinstall\objfre_wnet_amd64\amd64\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2321835857.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_bus\ssm_bus\objfre_wlh_amd64\amd64\ssm_bus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2295324708.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscewhnt\objfre_wxp_x86\i386\sscewh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2351207016.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\Uninstall.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2155036233.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\German.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_3\u32\brand\elkins\ssecbus\ssecbus\objfre_w2K_x86\i386\ssecbus.pdb source: ssecbus.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Thai.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1821597364.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscewhnt\objfre_wlh_amd64\amd64\sscewh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2358976404.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Croatian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1808556486.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_vcd\free\ssm_vcd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2291869220.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Finnish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1784534884.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\German.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Finnish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1786352832.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_vcr\free\SS_VCR.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2237902615.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Norwegian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_14\u32\brand\searsburg\ssaemdm\ssaemdfl\objfre_w2K_x86\i386\ssaemdfl.pdb source: ssaemdfl.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Slovak.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1809808631.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscewhnt\objfre_wxp_x86\i386\sscewh.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2351207016.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Portuguese (Brazil).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2083064630.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Dutch.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2052842971.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Korean.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2043923540.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Chinese (Simplified).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1885258833.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Thai.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1826849286.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_mdm\ss_mdm\objfre_w2K_x86\i386\ss_mdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2232455070.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\French (Canada).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1792519625.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\shrewsbury\ssadbus\ssadwhnt\objfre_wxp_x86\i386\ssadwh.pdbN source: ssadwhnt.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Japanese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2039876918.0000000002743000.00000004.00000020.00020000.00000000.sdmp, lang1101.dll0.24.dr
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_bus\ssm_wh95\objfre_w2K_x86\i386\ssm_wh.pdbIoGetAttachedDeviceReferencentoskrnl.exeIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exeQ source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2286886085.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\dgderdrv.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2160616595.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\ssceserd\objfre_wxp_x86\i386\ssceserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2346483099.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdm\objfre_wxp_x86\i386\sscdmdm.pdbP source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2309035434.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_52_5\u32\brand\selenium\secumdm\secumdm\objfre_w2K_x86\i386\secumdm.pdb source: secumdm.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Danish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1936666289.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Chinese (Traditional).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1865359820.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\sscecmnt\objfre_wxp_x86\i386\sscecm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2342171396.000000000274D000.00000004.00000020.00020000.00000000.sdmp, sscecmnt.sys.24.dr
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\sscecmnt\objfre_wlh_amd64\amd64\sscecm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2353417099.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\A\_work\156\s\corefx\bin\obj\AnyOS.AnyCPU.Release\System.Threading.Tasks.Extensions\netfx\System.Threading.Tasks.Extensions.pdb source: SamFwTool.exe, 00000011.00000002.2740780031.0000000016880000.00000004.08000000.00040000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecr\objfre_w2K_x86\i386\sscecr.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2343223544.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_bus\ssm_wh95\objfre_w2K_x86\i386\ssm_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2286886085.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_cm95\objfre_w2K_x86\i386\ss_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2227310801.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_14\u32\brand\searsburg\ssaemdm\ssaemdfl\objfre_w2K_x86\i386\ssaemdfl.pdbL source: ssaemdfl.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Finnish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1783089924.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdbSHA256 source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_bus\ssm_bus\objfre_w2K_x86\i386\ssm_bus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2279515171.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Russian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2118480192.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Chinese (Traditional).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1861223407.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\Setup.pdbW source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002744000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000000.2185241113.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 0000001F.00000002.2210591016.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000000.2490028732.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000002.2627842809.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdwhnt\objfre_wxp_x86\i386\sscdwh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2314115041.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Indonesian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2121171614.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Malay.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1841048704.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: sfxcab.pdbU source: WinUSBCoInstaller.dll0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Hindi.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2133379357.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_cmnt\objfre_w2K_x86\i386\ssm_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2281399092.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Hungarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1801090296.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_mdm\ssm_mdm\objfre_wlh_amd64\amd64\ssm_mdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2297958903.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecomm\free\SSCECOMM.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2335935501.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdcmnt\objfre_wlh_amd64\amd64\sscdcm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2316516410.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_mdm\ssm_mdfl\objfre_wlh_amd64\amd64\ssm_mdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2297016259.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_vcd\free\ss_vcd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2236727853.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_vcr\free\SSM_VCR.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2293231410.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Danish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1949159728.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_mdm\ss_mdm\objfre_wlh_amd64\amd64\ss_mdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2244215488.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: DIFXAPI.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2162915136.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Portuguese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2096946337.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_bus\ss_wh95\objfre_w2K_x86\i386\ss_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2233484567.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Swedish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_mdm\ss_cmnt\objfre_wlh_amd64\amd64\ss_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2241085318.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Chinese (Hong Kong).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Greek.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1976373597.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\UKrainian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2131902879.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Bulgarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1855524104.0000000002745000.00000004.00000020.00020000.00000000.sdmp, lang0201.dll0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Russian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2113794693.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Swedish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1815114810.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdserd\objfre_wxp_x86\i386\sscdserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2310795188.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_bus\ssm_whnt\objfre_wlh_amd64\amd64\ssm_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2298728548.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_mdm\ss_mdfl\objfre_w2K_x86\i386\ss_mdfl.pdbL source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2231056467.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_comm\free\SSM_COMM.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2289955481.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Swedish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1816861392.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Hebrew.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1799064031.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\peline_Release_for_support_win11\samsung\ssud\win\build\drivers\mss_drivers\x64\Release\ssudrmnet.pdb source: ssudrmnet.sys0.24.dr

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5C3590 UnregisterDeviceNotification,UnregisterDeviceNotification,DeleteCriticalSection,TerminateThread,TerminateThread,CloseHandle,

31_2_00007FFB0D5C3590

Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00405F7B __EH_prolog,FindFirstFileW,FindFirstFileW,FindFirstFileW,	11_2_00405F7B
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00407CEC FindFirstFileW,	11_2_00407CEC
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Code function: 24_2_00406435 FindFirstFileA,FindClose,	24_2_00406435
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Code function: 24_2_00405889 GetTempPathA,DeleteFileA,lstrcatA,lstrcatA,lstrlenA,FindFirstFileA,FindNextFileA,FindClose,	24_2_00405889
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Code function: 24_2_004027A1 FindFirstFileA,	24_2_004027A1
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5ED614 FindFirstFileExA,	31_2_00007FFB0D5ED614
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C8E10 GetWindowsDirectoryW,FindFirstFileW,SetupOpenInfFileW,SetupCloseInfFile,DriverPackageUninstallW,FindNextFileW,FindClose,GetLastError,	31_2_00007FFB0D5C8E10
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5D5A50 GetWindowsDirectoryW,FindFirstFileW,GetLastError,GetLastError,GetLocalTime,MoveFileW,GetLastError,FindNextFileW,FindClose,GetLastError,GetLastError,	31_2_00007FFB0D5D5A50
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C4B30 SHCreateDirectoryExW,GetLocalTime,GetSystemInfo,GetVersionExW,GetWindowsDirectoryW,GetSystemDirectoryW,GetSystemDirectoryW,FindFirstFileW,GetLastError,GetLastError,GetFileVersionInfoSizeW,GetFileVersionInfoW,VerQueryValueW,VerQueryValueW,FindFirstFileW,GetLastError,GetLastError,	31_2_00007FFB0D5C4B30
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5BD614 FindFirstFileExA,	33_2_00007FFB1C5BD614
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C598E10 GetWindowsDirectoryW,FindFirstFileW,SetupOpenInfFileW,SetupCloseInfFile,DriverPackageUninstallW,FindNextFileW,FindClose,GetLastError,	33_2_00007FFB1C598E10
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5A5A50 GetWindowsDirectoryW,FindFirstFileW,GetLastError,GetLastError,GetLocalTime,MoveFileW,GetLastError,FindNextFileW,FindClose,GetLastError,GetLastError,	33_2_00007FFB1C5A5A50
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C594B30 SHCreateDirectoryExW,GetLocalTime,GetSystemInfo,GetVersionExW,GetWindowsDirectoryW,GetSystemDirectoryW,GetSystemDirectoryW,FindFirstFileW,GetLastError,GetLastError,GetFileVersionInfoSizeW,GetFileVersionInfoW,VerQueryValueW,VerQueryValueW,FindFirstFileW,GetLastError,GetLastError,	33_2_00007FFB1C594B30

Source: C:\SamFwTool\data\7za.exe

Code function: 11_2_00406996 __EH_prolog,GetLogicalDriveStringsW,GetLogicalDriveStringsW,GetLogicalDriveStringsW,

11_2_00406996

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\Local\Temp\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\Local\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\	Jump to behavior

Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov ecx, dword ptr [ebp-38h]	17_2_069E4044
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov ecx, dword ptr [ebp-38h]	17_2_069E7441
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 00000000h	17_2_06A0EAD0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then push dword ptr [ebp-24h]	17_2_06A0F938
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 7FFFFFFFh	17_2_06A0F938
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then xor edx, edx	17_2_06A0F468
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then xor edx, edx	17_2_06A0F45C
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then push dword ptr [ebp-20h]	17_2_06A0F204
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 7FFFFFFFh	17_2_06A0F204
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then push dword ptr [ebp-20h]	17_2_06A0F210
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 7FFFFFFFh	17_2_06A0F210
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 00000000h	17_2_06A0ED2C
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then push dword ptr [ebp-24h]	17_2_06A0F907
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 7FFFFFFFh	17_2_06A0F907
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then push dword ptr [ebp-24h]	17_2_0C938F10
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 7FFFFFFFh	17_2_0C938F10
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-20h], 00000000h	17_2_0C9342A0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then push dword ptr [ebp-20h]	17_2_0C938CB8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 7FFFFFFFh	17_2_0C938CB8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then push dword ptr [ebp-20h]	17_2_0C938CAC
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 7FFFFFFFh	17_2_0C938CAC
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then push dword ptr [ebp-24h]	17_2_0C938F04
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-1Ch], 7FFFFFFFh	17_2_0C938F04
Source: C:\SamFwTool\SamFwTool.exe	Code function: 4x nop then mov dword ptr [ebp-20h], 00000000h	17_2_0C934295

Networking

Yara detected Generic Downloader

Source: Yara match

File source: 17.2.SamFwTool.exe.5717f30.3.raw.unpack, type: UNPACKEDPE

Source: unknown

Network traffic detected: DNS query count 221

Source: global traffic

TCP traffic: 192.168.2.7:50302 -> 1.1.1.1:53

Source: global traffic

HTTP traffic detected: GET /Odin/SAMSUNG_USB_Driver_for_Mobile_Phones.exe HTTP/1.1Host: samfw.com

Source: Joe Sandbox View	IP Address: 104.18.24.173 104.18.24.173
Source: Joe Sandbox View	IP Address: 216.22.16.8 216.22.16.8
Source: Joe Sandbox View	IP Address: 147.28.146.89 147.28.146.89

Source: Joe Sandbox View	JA3 fingerprint: 1138de370e523e824bbca92d049a3777
Source: Joe Sandbox View	JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: Joe Sandbox View	JA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e

Source: unknown

HTTPS traffic detected: 104.98.116.138:443 -> 192.168.2.7:49710 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 13.85.23.86
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 96.16.68.112
Source: unknown	TCP traffic detected without corresponding DNS query: 96.16.68.112
Source: unknown	TCP traffic detected without corresponding DNS query: 96.16.68.112
Source: unknown	TCP traffic detected without corresponding DNS query: 96.16.68.112
Source: unknown	TCP traffic detected without corresponding DNS query: 96.16.68.112
Source: unknown	TCP traffic detected without corresponding DNS query: 96.16.68.112
Source: unknown	TCP traffic detected without corresponding DNS query: 96.16.68.112
Source: unknown	TCP traffic detected without corresponding DNS query: 96.16.68.112

Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=T44AyLgHntceSxX&MD=kaTvHc9V HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /api/samfwfrp/version HTTP/1.1Accept: application/json, text/json, text/x-json, text/javascript, application/xml, text/xmlUser-Agent: SamFwFRP/4.9Host: samfw.comAccept-Encoding: gzipConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /Odin/SAMSUNG_USB_Driver_for_Mobile_Phones.exe HTTP/1.1Host: samfw.com
Source: global traffic	HTTP traffic detected: GET /samfwtool HTTP/1.1Host: bit.lyConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click HTTP/1.1Host: samfw.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/css/lazy.css HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/vendor/bootstrap/bootstrap.min.css?v=4 HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/css/demo.css HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/css/autocomplete.css HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/css/flags.css HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/img/logo.png HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome-animation/0.2.1/font-awesome-animation.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/toastr.js/latest/toastr.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/logo.png HTTP/1.1Host: mifirm.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /npm/in-view@0.6.1/dist/in-view.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/logo.png HTTP/1.1Host: samfw.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/img/logo.png HTTP/1.1Host: mifirm.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/media/logos/favicon.png HTTP/1.1Host: lgrom.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/fav.png HTTP/1.1Host: ipsw.proConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/logo_spin.gif HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /blog_images/samfw-frp-tool-32-remove-samsung-frp-one-click-1000x400.png HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/vendor/jquery/jquery.min.js HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/js/jquery.autocomplete.js HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /Badges/DMCABadgeHelper.min.js HTTP/1.1Host: images.dmca.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/vendor/popper/popper.min.js HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/fav.png HTTP/1.1Host: ipsw.proConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/media/logos/favicon.png HTTP/1.1Host: lgrom.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/vendor/bootstrap/bootstrap.min.js HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /assets/img/logo_spin.gif HTTP/1.1Host: samfw.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /embed/videoseries?controls=0&list=PLZUQU2i799iV5W4xHBWzf7hNcpiNHF9_y HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /blog_images/samfw-frp-tool-32-remove-samsung-frp-one-click-1000x400.png HTTP/1.1Host: samfw.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/toastr.js/latest/toastr.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/script.js HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
Source: global traffic	HTTP traffic detected: GET /s/player/c48a9559/www-player.css HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.youtube.com/embed/videoseries?controls=0&list=PLZUQU2i799iV5W4xHBWzf7hNcpiNHF9_yAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=dIGXqCC2Ys0; VISITOR_INFO1_LIVE=OcC21w7rZww; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgFw%3D%3D
Source: global traffic	HTTP traffic detected: GET /saas/3171 HTTP/1.1Host: stpd.cloudConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/player/c48a9559/player_ias.vflset/en_US/embed.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/videoseries?controls=0&list=PLZUQU2i799iV5W4xHBWzf7hNcpiNHF9_yAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=dIGXqCC2Ys0; VISITOR_INFO1_LIVE=OcC21w7rZww; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgFw%3D%3D
Source: global traffic	HTTP traffic detected: GET /s/player/c48a9559/www-embed-player.vflset/www-embed-player.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/videoseries?controls=0&list=PLZUQU2i799iV5W4xHBWzf7hNcpiNHF9_yAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=dIGXqCC2Ys0; VISITOR_INFO1_LIVE=OcC21w7rZww; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgFw%3D%3D
Source: global traffic	HTTP traffic detected: GET /s/player/c48a9559/player_ias.vflset/en_US/base.js HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/embed/videoseries?controls=0&list=PLZUQU2i799iV5W4xHBWzf7hNcpiNHF9_yAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=dIGXqCC2Ys0; VISITOR_INFO1_LIVE=OcC21w7rZww; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgFw%3D%3D
Source: global traffic	HTTP traffic detected: GET /en_US/sdk.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/logo.svg HTTP/1.1Host: vanced.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo.png HTTP/1.1Host: iccid.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /blog_images/samfw-frp-tool-1-0-remove-samsung-frp-one-click/Mu6rbjF.png HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D; _ssid=1709914745293tn9sscf; _gcl_au=1.1.853218472.1709914746
Source: global traffic	HTTP traffic detected: GET /assets/js/lazy.js HTTP/1.1Host: samfw.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-clickAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D; _ssid=1709914745293tn9sscf; _gcl_au=1.1.853218472.1709914746
Source: global traffic	HTTP traffic detected: GET /Badges/dmca-badge-w150-5x1-08.png?ID=cf9a563f-9d66-4f15-8c75-9e3ec086657e HTTP/1.1Host: images.dmca.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo.png HTTP/1.1Host: iccid.infoConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/logo.svg HTTP/1.1Host: vanced.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /yIOeX2Z.jpg HTTP/1.1Host: i.imgur.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /3hlryrq.jpg HTTP/1.1Host: i.imgur.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /RvgYHYp.gif HTTP/1.1Host: i.imgur.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vi/vhCfIyQI8fQ/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGD4gEyh_MA8=&rs=AOn4CLAA7DvycvMLESJcfYQ010sbh0AXSw HTTP/1.1Host: i.ytimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Badges/dmca-badge-w150-5x1-08.png?ID=cf9a563f-9d66-4f15-8c75-9e3ec086657e HTTP/1.1Host: images.dmca.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /instream/ad_status.js HTTP/1.1Host: static.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /removed.png HTTP/1.1Host: i.imgur.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/th/6mt_jkCC8QEMfVv4UaXe0WVRezbgElH9_VSMBGBwk28.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.youtube.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /blog_images/samfw-frp-tool-1-0-remove-samsung-frp-one-click/Mu6rbjF.png HTTP/1.1Host: samfw.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D; _ssid=1709914745293tn9sscf; _gcl_au=1.1.853218472.1709914746; stpdOrigin={"origin":"direct"}
Source: global traffic	HTTP traffic detected: GET /log.js HTTP/1.1Host: u.heatmap.itConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /vi/vhCfIyQI8fQ/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGD4gEyh_MA8=&rs=AOn4CLAA7DvycvMLESJcfYQ010sbh0AXSw HTTP/1.1Host: i.ytimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/sdk.js?hash=6eea074c226b2fe20aebdea8e452bedf HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://samfw.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /removed.png HTTP/1.1Host: i.imgur.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /generate_204?OUHwUQ HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.youtube.com/embed/videoseries?controls=0&list=PLZUQU2i799iV5W4xHBWzf7hNcpiNHF9_yAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=dIGXqCC2Ys0; VISITOR_INFO1_LIVE=OcC21w7rZww; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgFw%3D%3D
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/11479263759/?random=1709914746392&cv=11&fst=1709913600000&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&frm=0&tiba=SamFw%20Tool%204.9%20-%20Remove%20Samsung%20FRP%20one%20click&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqZsG9J6A2MO1imfknDKH70qXdpsoZht4Uy1TUiCBIH8ouEt4I&random=738113362&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /conf/samfw.com.js HTTP/1.1Host: u.heatmap.itConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gh/prebid/currency-file@1/latest.json?date=20240308 HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plainAccept: /Origin: https://samfw.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aax2/apstag.js HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /setupad-hai/op.js HTTP/1.1Host: tagan.adlightning.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=T44AyLgHntceSxX&MD=kaTvHc9V HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsamfw.com%2F&domain=samfw.com&cw=1&lsw=1 HTTP/1.1Host: gum.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonAccept: /Origin: https://samfw.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pcs/view?xai=AKAOjsv5W-NfFlnLuIuaeq4w956CbLSfPPiOfTZXN8rBTuWq7JgGwYB1iErQwlPeey7zUErLqEJCMvEwlBuNw78hNaCzYgp2dxJjUrLZZRFI64U9ZXcRsMm28g1UNaz-3wJO4Tz2Ooy__Dv5zicjqNLrzV23HklVJsE8FsTOglDAnxYZcj7_CGBWBahdn3D6w3ZmIxX4qYMZNMTsKLh0kj6gZZEBX-bPFpj68zAVSKfvnmxkgMuXtPnvk4LVBtvA1xz49gcUvvY8xyq0ZzCXZZWtOtOmSLoCkmhHf3XNtS6Q8h2gTN6JcVKALZz4cNdtx647vr5TYVkavYaGQoJwN2f0qIzFKcgaMn5-EZCC5UWa3FepFeHp7PbuK398C6-TPwY7lNuw-Y3fk-rz7hsRiNMBW8Y2_rO8yqHa0GVGPu2nsYw6EDX9Z9WmeqhWVjhVOF_M0Nsnf11qiYexjmAd_GNyKoN_N6HVp4M7jTK5T18xa0u6ArjHaB1f5MVKpY336wYqOaFieXCjEda8vV7fdRNhOtde5wlguBATrB7SOMj4HHDDrMhyAB5-ns9qRyRnMrvR_CGJhaAIHMzXVl0mE19XFme1ASTOnSgnBQRLFYwuwdKbR-nIdkpQIirHR3Jtx7KK_LRFAarGBldQA7BK_NrY0RYNuipcDrC6X4xn-HIwV3ud8fKsbmmRsGQHon_Okdv9nzdSJSu0kPYxLKaEUghNFZWur7wyMXMEjjgNiD_2q2lankUw7Fc8eiTOhmcsvTqA7XW0VUFjD_4CZt0g5JmVJnR3oJITaIzE6UchyE9gDwIIgeDrhFP6ZKTISxXrUe0SY8gbZ-kbhxDQulukfM0BDAoGrYwef9xyr9-4SKCbrewutXTmDYIIW9pjHqS0Iu_nGHs5IeNz7LE-ua47CIcL3Mqo_zzLKRKkIXUo8Kp7xCF55Xn1OfDd8-y13qyDDTPwhOXmYuspg8leSnLmBOL-NtNKsvzh1n6T3Ttnhi41QjgRM7EkwLbKkjAwX--CiOZp7IAgWrRt8zBxm7DVJ8HrVsHP5i97m0dgmvi_9-t4veusszdDh9MFluKtoPXCvwQNKSCEEor9V3mMMaaK8XndIs_j38H96g3fL26ej-JgwKNqPy-4Uba74iWqHLqziDa_sznNvSNbL1-mEnScMPBFB3H2Fm8H-MbpGO9jsGZ0uNVmdi4MM-wYpelh6wXgc6_JggwJfzEewXTGVSIdK1mYk0ToNqbG1cRDuJcv_eR-T1GtJ7GPf7aNnzI-agZxk-eS7R7mHW7ahmYvio4KTGCZYyTigk3JLRm5Im19WRvSkdCCCOB6IUjvglXBvZpOFLoCG-D8QnDLp1ROae7j6yUCVH5A6OTVsQsM9mdRSRlQLlez&sai=AMfl-YRJnvVgcwJMVYrqGQZnGAFotaqncDswj3YwaVz77DPyWTZ9Dv1yjC5DS2m2ni27BS5n1waoaWTliE2J_1MWcPwf0t9pyu-JzCKkO3R4KjeowpQLhupp6pTE46FF_b2pB4mSnLoNUNjo-OFNdWfGuYmOhSD8qtnaSrYmnZaq4bpEue1mFYCgwy_nYPFvoJZc74d0m9wt5t4OhfS90hL_MbufxCOSAqqAv_184vCwbcNYUCissofgbt9o7zxaGXdST6GaFebi1pgwNM5HuGERQMdmqqT-C10KaK3QIlP3FHr0anNK-knuv2BossGQ1FqImncL4x_9XB3JhGx-ROnY3PooGm4CS6RXJf9AXh-eVXeN_oBjhSv72bv3ToUj1xm7A2SQTTlkekJxgMruNvTPuZO9&sig=Cg0ArKJSzO44kC75jzdLEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20240306.26817&arae=1&ftch=1&adurl= HTTP/1.1Host: googleads4.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmxXBvU_dbUpq-svf17gFxHuMz1mb_4mtszY_tRFGe9_IcyJLoV25Mk0HFae_0
Source: global traffic	HTTP traffic detected: GET /ng-assets/creative/assets/index-5ff488ba.css HTTP/1.1Host: cdn.bidbrain.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ng-assets/creative/assets/index-3259a6fc.js HTTP/1.1Host: cdn.bidbrain.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://googleads.g.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pcs/view?xai=AKAOjsv5W-NfFlnLuIuaeq4w956CbLSfPPiOfTZXN8rBTuWq7JgGwYB1iErQwlPeey7zUErLqEJCMvEwlBuNw78hNaCzYgp2dxJjUrLZZRFI64U9ZXcRsMm28g1UNaz-3wJO4Tz2Ooy__Dv5zicjqNLrzV23HklVJsE8FsTOglDAnxYZcj7_CGBWBahdn3D6w3ZmIxX4qYMZNMTsKLh0kj6gZZEBX-bPFpj68zAVSKfvnmxkgMuXtPnvk4LVBtvA1xz49gcUvvY8xyq0ZzCXZZWtOtOmSLoCkmhHf3XNtS6Q8h2gTN6JcVKALZz4cNdtx647vr5TYVkavYaGQoJwN2f0qIzFKcgaMn5-EZCC5UWa3FepFeHp7PbuK398C6-TPwY7lNuw-Y3fk-rz7hsRiNMBW8Y2_rO8yqHa0GVGPu2nsYw6EDX9Z9WmeqhWVjhVOF_M0Nsnf11qiYexjmAd_GNyKoN_N6HVp4M7jTK5T18xa0u6ArjHaB1f5MVKpY336wYqOaFieXCjEda8vV7fdRNhOtde5wlguBATrB7SOMj4HHDDrMhyAB5-ns9qRyRnMrvR_CGJhaAIHMzXVl0mE19XFme1ASTOnSgnBQRLFYwuwdKbR-nIdkpQIirHR3Jtx7KK_LRFAarGBldQA7BK_NrY0RYNuipcDrC6X4xn-HIwV3ud8fKsbmmRsGQHon_Okdv9nzdSJSu0kPYxLKaEUghNFZWur7wyMXMEjjgNiD_2q2lankUw7Fc8eiTOhmcsvTqA7XW0VUFjD_4CZt0g5JmVJnR3oJITaIzE6UchyE9gDwIIgeDrhFP6ZKTISxXrUe0SY8gbZ-kbhxDQulukfM0BDAoGrYwef9xyr9-4SKCbrewutXTmDYIIW9pjHqS0Iu_nGHs5IeNz7LE-ua47CIcL3Mqo_zzLKRKkIXUo8Kp7xCF55Xn1OfDd8-y13qyDDTPwhOXmYuspg8leSnLmBOL-NtNKsvzh1n6T3Ttnhi41QjgRM7EkwLbKkjAwX--CiOZp7IAgWrRt8zBxm7DVJ8HrVsHP5i97m0dgmvi_9-t4veusszdDh9MFluKtoPXCvwQNKSCEEor9V3mMMaaK8XndIs_j38H96g3fL26ej-JgwKNqPy-4Uba74iWqHLqziDa_sznNvSNbL1-mEnScMPBFB3H2Fm8H-MbpGO9jsGZ0uNVmdi4MM-wYpelh6wXgc6_JggwJfzEewXTGVSIdK1mYk0ToNqbG1cRDuJcv_eR-T1GtJ7GPf7aNnzI-agZxk-eS7R7mHW7ahmYvio4KTGCZYyTigk3JLRm5Im19WRvSkdCCCOB6IUjvglXBvZpOFLoCG-D8QnDLp1ROae7j6yUCVH5A6OTVsQsM9mdRSRlQLlez&sai=AMfl-YRJnvVgcwJMVYrqGQZnGAFotaqncDswj3YwaVz77DPyWTZ9Dv1yjC5DS2m2ni27BS5n1waoaWTliE2J_1MWcPwf0t9pyu-JzCKkO3R4KjeowpQLhupp6pTE46FF_b2pB4mSnLoNUNjo-OFNdWfGuYmOhSD8qtnaSrYmnZaq4bpEue1mFYCgwy_nYPFvoJZc74d0m9wt5t4OhfS90hL_MbufxCOSAqqAv_184vCwbcNYUCissofgbt9o7zxaGXdST6GaFebi1pgwNM5HuGERQMdmqqT-C10KaK3QIlP3FHr0anNK-knuv2BossGQ1FqImncL4x_9XB3JhGx-ROnY3PooGm4CS6RXJf9AXh-eVXeN_oBjhSv72bv3ToUj1xm7A2SQTTlkekJxgMruNvTPuZO9&sig=Cg0ArKJSzO44kC75jzdLEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=74&vt=11&dtpt=71&dett=2&cstd=0&cisv=r20240306.26817&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&arae=1&ftch=1&adurl= HTTP/1.1Host: googleads4.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmxXBvU_dbUpq-svf17gFxHuMz1mb_4mtszY_tRFGe9_IcyJLoV25Mk0HFae_0
Source: global traffic	HTTP traffic detected: GET /localstore.js HTTP/1.1Host: script.4dex.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /e/dtb/bid?src=600&u=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&pid=r1iEvEqJbuCiL&cb=0&ws=1034x870&v=24.305.1002&t=800&slots=%5B%7B%22sd%22%3A%22samfw.com_245x600_sidebar_desktop%22%2C%22s%22%3A%5B%22240x600%22%2C%22160x600%22%2C%22120x600%22%2C%22200x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_245x600_sidebar_desktop%22%7D%2C%7B%22sd%22%3A%22samfw.com_728x90_responsive_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_728x90_desktop_1%22%7D%2C%7B%22sd%22%3A%22samfw.com_1000x100_sticky_anchorad_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_1000x100_sticky_anchorad_desktop%22%7D%2C%7B%22sd%22%3A%22samfw_com_160x600_siderbar_desktop_left%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_160x600_siderbar_desktop_left%22%7D%2C%7B%22sd%22%3A%22samfw_com_160x600_siderbar_desktop_right%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_160x600_siderbar_desktop_right%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Windows%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22117%22%5D%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22117%22%5D%7D%5D%7D%7D%7D&sm=828ba536-dd41-4b52-b621-89833a9a5630&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1Host: aax.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://samfw.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log/pv?pid=116489&u=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&tpl=.&pt=SamFw%20Tool%204.9%20-%20Remove%20Samsung%20FRP%20one%20click&t=154299 HTTP/1.1Host: eu8.heatmap.itConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://samfw.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/prod/config?src=600&u=https%3A%2F%2Fsamfw.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://samfw.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/ld/publishertag.prebid.132.js HTTP/1.1Host: static.criteo.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1709914751136&eid=730c0862c7279d9 HTTP/1.1Host: 1x1.a-mo.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/measurement/l?ebcid=ALh7CaS6tUOANDYPukjXy7cBltLbKC0B5Or7q9bvqgr2iXxeN6FMvY7Dr1-ky_tIEgLV43qtLXHFM0-vcZz4rU7f-owflFdztw HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /ads/measurement/l?ebcid=ALh7CaTCkRsn0N9N3SLzr70L6kfxCU_mZlBiM7vhIfLqfSc3eoQ87yu9Ca483x28AFwxl2g7_ksoWUd7MxEqk1Vc0V-4SqmZMg HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /rum?cm_dsp_id=45&external_user_id=&google_error=15 HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?ssp=google&ssp_init=step1&google_push=AXcoOmQRSc9GJtSainzdxqwtMSOLsItwbty6fp49h3BVbN3oILC2lxI6dZD6j_7AWx7GPvh4YNVAtDsUCCILA2ai6DbvBX-zsmQvN8xav-YC5rmgKNIrNTJ7nWb6yLDYF0IBA5I5Wh_nSK8YnPYRwLsf_igb40A HTTP/1.1Host: rtb.mfadsrvr.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w/1.0/pd HTTP/1.1Host: u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499
Source: global traffic	HTTP traffic detected: GET /adagio.js HTTP/1.1Host: script.4dex.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://samfw.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tum?umid=4&uid=&google_push=AXcoOmRsFQYCIoJQ74nXLBH3sWgZ14ov3pleyLffk-FF7ZJNn_YCUaxjDgFlth14ceXq74WiGJTj78h_cKzZeoVD-quIPbu7r35m6FsHVVuYBnNLVcl2qiOgCf4dJWW3l4iIR0NBFkQ3deA32j6uWHvhFeXVjA HTTP/1.1Host: ums.acuityplatform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMID=ZesheNHM7EgAAAQ7ACy2RwAA; CMPS=780; CMPRO=780
Source: global traffic	HTTP traffic detected: GET /match/47/?remote_uid=&c_param1=AXcoOmQl1eDvwhjU0tSo4cjNCp34FSS_F_cjaD_ZLOjdhVgsulsaP6r1dXM8evYpMsBb_97jdaXiuOq9QeZNrz9uIQe_mXAwR4kg7nt_UHN79kMnMH77xfIUDRSplA4TfmTwcuA5Rv2LNkcN5qvsQdH4JlxpZw&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%% HTTP/1.1Host: s.uuidksinc.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?ssp=google&google_push=AXcoOmSHJnv6JBXd1RfUP1oW_fhLx8XW4xp6ugn33kHrnwXrmBHxf4vujDkZWX8zYpmfOCmhYn_3MOpRvEAQSXpVklcojVc2COjE5ZJNP6W4DLr79_-PJSz0AtI63JG9jvYJlulkMJFaJnVI2qs2MmqZiark HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_push=AXcoOmS4kdytPb0DYGz1O4Ya_TJBhEhKTaSB7Jskm-d3yplwSqN5MGqJ4NxpkxPnPfZ2bDkjjiMT9nLykqcHL8zxZJG4NBTcGrTxFYUpbGjjyw--o85ciQsOSUldVO3uwj8K4YTiGVBFgmXcV-KfbhQchmZZ3Q HTTP/1.1Host: pm.w55c.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync? HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g/asr?google_push=AXcoOmSJyoXmTpgSivOFSNgsyuJKuzSHHTnclGd1xxiJcBzZAPu_beQFglKtIXMrH8YsCmHHaFDj3Z-Yqy-11JNf6nRm4T_FBNnSfQemysu79RWEMInlr37FBGv9VgjHPVrWd3G6W7kf9-vloZqq8CNfjXd2fQ HTTP/1.1Host: aid.send.microad.jpConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_push=AXcoOmSCiYmdISW8I7Z2a6zdcUVazctVxMFYwwtHiPM2mHlhFYZiIhq-devrIwHaDFy6BWn97y61Yg6YemWdmqwsNZ4N9ncLUwO8tquIe-3gnzwUNylbjOcKaqE3LGNHmZWnVyu7v9UfoYrrPeoWam1jAba7kQ HTTP/1.1Host: cms.quantserve.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sn.ashx?google_push=AXcoOmTWeYUzckOdAFaRa6yqYFZwRNAJmfIWP6EBRJIgxMCk5ptPxuR3IJOi0-S58gVYs9lJ3glz3H_Nz5zlfvLs9dTOZr6EVVDSHQ0BD6exJrha6Dzx0iaVArSPIQSWNlUoArVULwlavDxAZdDgFJlPJRlI6A HTTP/1.1Host: aep.mxptint.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /verify.js?ctx=1000798&cmp=30656073&sid=2285918&plc=376639444&crt=200306402&advid=3155318&adsrv=1&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&unit=160x600&adid=&app=&dup=&gmnpo=&isdvvid=&supplySource=&tagtype=&aUrlD=0&brid=3&bridua=3&brver=117.0.0.0&brh=1&vavbkt=&lvvn=28&fcifrms=14&winh=600&winw=160&chro=1&noc=4&wouh=964&wouw=1050&htmlmsging=1&refD=2&scah=984&scaw=1280&jsver=5557&uid=1709914755229514&srcurlD=0&ttfrms=64&num=6&dvp_isOnHead=0&flvr=1&ver=5557&jsCallback=__verify_callback_1709914755229514&jsTagObjCallback=__tagObject_callback_1709914755229514&ssl=1&m1=15&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1578447736.2132473&ee_dp_sukv=1578447736.2132473&dvp_tukv=3731025032.2490525&ee_dp_tukv=3731025032.2490525&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=0.5&dvpx_strhd=0.5&eparams=DC4FC%3Dl9EEADTbpTauTauD2%3E7H%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD2%3E7H%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1839315362497448%26output%3Dhtml%26h%3D600%26slotname%3D9436650906%26adk%3D3093387139%26adf%3D91783236%26pi%3Dt.ma~as.9436650906%26w%3D210%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1709914749%26rafmt%3D1%26format%3D210x600%26url%3Dhttps%253A%252F%252Fsamfw.com%252Fblog%252Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.%26dt%3D1709914746036%26bpp%3D1%26bdt%3D4632%26idt%3D3019%26shv%3Dr20240306%26mjsv%3Dm202403040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C468x60%26nras%3D1%26correlator%3D4878663825463%26frm%3D20%26pv%3D1%26ga_vid%3D65435421.1709914749%26ga_sid%3D1709914749%26ga_hid%3D118342943%26ga_fc%3D1%26u_tz%3D60%26u_his%3D1%26u_h%3D1024%26u_w%3D1280%26u_ah%3D984%26u_aw%3D1280%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D764%26ady%3D1195%26biw%3D1017%26bih%3D870%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44798934%252C31081640%252C95322183%252C95324161%252C95325784%252C95326430%252C95326916%252C31078663%252C31078665%252C31078668%252C31078670%26oid%3D2%26pvsid%3D2794113331524079%26tmod%3D1135936748%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D10%252C10%252C10%252C10%252C1280%252C0%252C1050%252C964%252C1034%252C870%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1.02%26td%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26nt%3D1%26ifi%3D7%26uci%3Da!7%26btvi%3D1%26fsb%3D1%26dtd%3D3023 HTTP/1.1Host: rtb0.doubleverify.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit
Source: global traffic	HTTP traffic detected: GET /int/cm?exc=1&acc=crimtan_holdings_limited&google_push=AXcoOmSJsHGE1rVd6z6yfP2StRsYj7WenNQsdjdjiY3JPXcNoi7SPnAz6Jnv8yzQOuEWPx3hDjJWZGT5AzLolhVhZrnPSBeLUpm6S4vuEykIqfpXJVQo7lxCGNyUySeIr-dH5360n9fmPvmTaNKSnp8RhQmTkQ HTTP/1.1Host: ius.ctnsnet.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /match/47/?remote_uid=&c_param1=AXcoOmRJgkgiuJ8fxw4llSdE_nQi4CgPQCsIcddg8gDuRMLJL0BTYNFdFDxJRXM2d3VKM007yriw5k9KumrrhJLBpwWIgpqXC7faNDBSOeJl_9nC8YZGiWdvXsHTNgC8hULinCvAEinflttWgp9VPZitDpX7&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%% HTTP/1.1Host: s.uuidksinc.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g/asr?google_push=AXcoOmSjNteSjUM-h0sUb-U24b43ygMK2JQGCp8NaY1I4blImCsCjputNYFQ7sQyk_Hp4KlS_QqUf-WrNyz-lJWIcxEI6j1AFhXqTe6jMXhxGL_Y_YOnTmWZ2K_0tf3opXqIt3FSe4YwBjstjfbzzAm80uZBQQ HTTP/1.1Host: aid.send.microad.jpConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /setupad-hai/b-904ac2d-717a3b2c.js HTTP/1.1Host: tagan.adlightning.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /setupad-hai/bl-258c125-e438c6ae.js HTTP/1.1Host: tagan.adlightning.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/cmf/google?google_push=AXcoOmQdu3_aY6betbIDyrNjL5XmO_QvumlHlsiXhTkExvZziqhzWSventkZbKiGkXUB5yZHnOIn1swvfw454F8vH_lj9wEyrWkfvvwfZinLTcXO1oasfgKkBE6WdNavM_rOmuKo0lURKLk73fGwnZ7a1M3q HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_push=AXcoOmS4kdytPb0DYGz1O4Ya_TJBhEhKTaSB7Jskm-d3yplwSqN5MGqJ4NxpkxPnPfZ2bDkjjiMT9nLykqcHL8zxZJG4NBTcGrTxFYUpbGjjyw--o85ciQsOSUldVO3uwj8K4YTiGVBFgmXcV-KfbhQchmZZ3Q HTTP/1.1Host: pm.w55c.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: wfivefivec=j7DpxbFD1RIBgQ5
Source: global traffic	HTTP traffic detected: GET /rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1 HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMID=ZesheMAoIYoAAGpiAIfemQAA; CMPS=4165; CMPRO=4165
Source: global traffic	HTTP traffic detected: GET /w/1.0/pd?cc=1 HTTP/1.1Host: u.openx.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344
Source: global traffic	HTTP traffic detected: GET /sync?exchange=11&google_push=AXcoOmQYKS8QqRtJRwmyYkAY40af5KbY6m6WT7Klw8-3x38n0qdRen-Ys-EwfJ_yGLLsFFLD3T9uxSj6dadXu8SsQwVOQfXNS_CM-kcZ08Boefw71NAjEyW4_mD1SIjScxwkZ5Y8eTxR9EKvwOXrdZUcdFWJJw HTTP/1.1Host: dsp.adkernel.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?&ld=1 HTTP/1.1Host: eb2.3lift.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /ul_cb/sync?ssp=google&ssp_init=step1&google_push=AXcoOmQRSc9GJtSainzdxqwtMSOLsItwbty6fp49h3BVbN3oILC2lxI6dZD6j_7AWx7GPvh4YNVAtDsUCCILA2ai6DbvBX-zsmQvN8xav-YC5rmgKNIrNTJ7nWb6yLDYF0IBA5I5Wh_nSK8YnPYRwLsf_igb40A HTTP/1.1Host: rtb.mfadsrvr.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=06044454-1543-45ea-abab-f2e540aba97d; c=1709908345; tuuid_lu=1709908345
Source: global traffic	HTTP traffic detected: GET /ul_cb/sync?ssp=google&google_push=AXcoOmSHJnv6JBXd1RfUP1oW_fhLx8XW4xp6ugn33kHrnwXrmBHxf4vujDkZWX8zYpmfOCmhYn_3MOpRvEAQSXpVklcojVc2COjE5ZJNP6W4DLr79_-PJSz0AtI63JG9jvYJlulkMJFaJnVI2qs2MmqZiark HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=2a6acefd-2787-4350-b3ca-e8bc2b81c4bd; c=1709908344; tuuid_lu=1709908344
Source: global traffic	HTTP traffic detected: GET /configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac HTTP/1.1Host: config.aps.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /esp.js HTTP/1.1Host: oa.openxcdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-adMediaV1_rx_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_n-vmg_n-baidu_3lift HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=20&ttfrms=64&brid=3&brver=117.0.0.0&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD2%3E7H%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD2%3E7H%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=367&ddur=3902&uid=1709914755229514&jsCallback=dvCallback_1709914755229990&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=1&winh=600&winw=160&wouh=964&wouw=1050&scah=984&scaw=1280&jsver=5557&tgjsver=5557&lvvn=28&m1=15&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1839315362497448%26output%3Dhtml%26h%3D600%26slotname%3D9436650906%26adk%3D3093387139%26adf%3D91783236%26pi%3Dt.ma~as.9436650906%26w%3D210%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1709914749%26rafmt%3D1%26format%3D210x600%26url%3Dhttps%253A%252F%252Fsamfw.com%252Fblog%252Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.%26dt%3D1709914746036%26bpp%3D1%26bdt%3D4632%26idt%3D3019%26shv%3Dr20240306%26mjsv%3Dm202403040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C468x60%26nras%3D1%26correlator%3D4878663825463%26frm%3D20%26pv%3D1%26ga_vid%3D65435421.1709914749%26ga_sid%3D1709914749%26ga_hid%3D118342943%26ga_fc%3D1%26u_tz%3D60%26u_his%3D1%26u_h%3D1024%26u_w%3D1280%26u_ah%3D984%26u_aw%3D1280%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D764%26ady%3D1195%26biw%3D1017%26bih%3D870%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44798934%252C31081640%252C95322183%252C95324161%252C95325784%252C95326430%252C95326916%252C31078663%252C31078665%252C31078668%252C31078670%26oid%3D2%26pvsid%3D2794113331524079%26tmod%3D1135936748%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D10%252C10%252C10%252C10%252C1280%252C0%252C1050%252C964%252C1034%252C870%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1.02%26td%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26nt%3D1%26ifi%3D7%26uci%3Da!7%26btvi%3D1%26fsb%3D1%26dtd%3D3023&fcifrms=14&brh=1&dvp_epl=226&noc=4&nav_pltfrm=Win32&ctx=1000798&cmp=30656073&sid=2285918&plc=376639444&crt=200306402&adsrv=1&advid=3155318&unit=160x600&bsimpid=49eb2d5876cf4e459182134deef78bd8&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1578447736.2132473&ee_dp_sukv=1578447736.2132473&dvp_tukv=3731025032.2490525&ee_dp_tukv=3731025032.2490525&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=0.5&dvpx_strhd=0.5
Source: global traffic	HTTP traffic detected: GET /track/cmb/google?google_push=AXcoOmQdu3_aY6betbIDyrNjL5XmO_QvumlHlsiXhTkExvZziqhzWSventkZbKiGkXUB5yZHnOIn1swvfw454F8vH_lj9wEyrWkfvvwfZinLTcXO1oasfgKkBE6WdNavM_rOmuKo0lURKLk73fGwnZ7a1M3q HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAEYBSgCMgsI4q3O4unh3zwQBTgB
Source: global traffic	HTTP traffic detected: GET /rum?cm_dsp_id=45&external_user_id=&google_error=15 HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMPS=4165; CMID=ZesheMAoIYoAAGpiAIfemQAA; CMPRO=4165
Source: global traffic	HTTP traffic detected: GET /compressedFonts/RobotoRegular.woff2 HTTP/1.1Host: cdn.bidbrain.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://googleads.g.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /compressedFonts/RobotoBold.woff2 HTTP/1.1Host: cdn.bidbrain.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://googleads.g.doubleclick.netsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /connectId-gpt.js HTTP/1.1Host: connectid.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-adMediaV1_rx_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_n-vmg_n-baidu_3lift&dcc=t HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A\|t
Source: global traffic	HTTP traffic detected: GET /api/1.0/esp.js HTTP/1.1Host: cdn.id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /encrypted-signals/encrypted-tag-g.js HTTP/1.1Host: invstatic101.creativecdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /setupad-hai/b-904ac2d-717a3b2c.js HTTP/1.1Host: tagan.adlightning.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /setupad-hai/bl-258c125-e438c6ae.js HTTP/1.1Host: tagan.adlightning.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/ld/publishertag.ids.js HTTP/1.1Host: static.criteo.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rtimp?sid=ab166727-dd58-11ee-bf72-32a6eb59284c&d=samfw.com&cr=ext_ng_start_sqt6&a=imp&p=ZeshcwABwJUB7o59AAlPYWSkVMn6TAHPeiMgMQ&im=wIsb2V9bVIPzc3ZKJBzK7KPqjkdGIfM4cbosH0XyD4KWwdJAvZYn0JgBDTNuMnyOKJGDWch4mY-5ubkJv8e1gp8Htgh5XfbY3JICOrIafBOG_YZ469iQbnRZt1sxGUDaXWus8tUOB_uM6QCTEVOPjLaFh3PQNj0K4PYnkkFRlfCgty5Q_7v_VEKGu46sUBAZR304QVRVoiT9DCkh8DJNrODcqllrNjirxMwBlHRZbE-HrDtnlXwjrA_lAh9V3IsaWgUgu7BxlYss5hiC9pd2GAReMFwkFODf3L9dodVuAQd2HB_xklApR14xz60E40xBYr3xcbva0oVucA0TcqL3CtVbCMv1-_j3eSKHD4UgTcs&cbvp=2 HTTP/1.1Host: g.bidbrain.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sid_cross=ab166727-dd58-11ee-bf72-32a6eb59284c; uid_cross=afa7e556-dd58-11ee-bb35-eefa81ec1cb4
Source: global traffic	HTTP traffic detected: GET /uid2SecureSignal.js HTTP/1.1Host: cdn.prod.uidapi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lt/c/16589/sync.min.js HTTP/1.1Host: tags.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/r1.658055180e0eb4.50671150?cb=[timestamp]&aid=ABAjH0jbaKaj_NHsZl5dTJukAgE0&eid=1&iseid=&aasd=google.com&apid=pub-7383171830614216&ivc_campaignid=20866695092&ivc_click_through=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%26sig%3DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%26cry%3D1%26dbm_d%3DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%26adurl%3D&iv_target=con&ivc_dbmtoken=ALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg HTTP/1.1Host: rtr.innovid.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/r1.658055180e0eb4.50671150?cb=[timestamp]&aid=ABAjH0icaF4c33io6wNV2gJJleaU&eid=1&iseid=&aasd=google.com&apid=pub-7383171830614216&ivc_campaignid=20866695092&ivc_click_through=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%26sig%3DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%26cry%3D1%26dbm_d%3DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%26adurl%3D&iv_target=con&ivc_dbmtoken=ALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ HTTP/1.1Host: rtr.innovid.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lt/c/16576/sync.min.js HTTP/1.1Host: tags.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dahhc4ozyvjm6/script.js HTTP/1.1Host: cadmus.script.acConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/esp/increment?counter=no-config HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plainAccept: /Origin: https://samfw.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ebda?sync=1&gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/sync?&ld=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRgFIAEoAjILCOKtzuLp4d88EAU4AQ..
Source: global traffic	HTTP traffic detected: GET /ftUtils.js HTTP/1.1Host: ajs-assets.ftstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/sync?&ld=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sync=CgoIoQEQ84fr8-ExCgoIkQIQ84fr8-ExCgoItAIQ84fr8-ExCgoI5gEQ84fr8-ExCgoIhwIQ84fr8-ExCgoItwIQ84fr8-ExCgkIOhDzh-vz4TEKCgiMAhDzh-vz4TEKCQhfEPOH6_PhMQoJCB8Q84fr8-Ex; tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/1.0/id5-api.js HTTP/1.1Host: cdn.id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/measurement/l?ebcid=ALh7CaT45pPAghj4rW13UiHNicKJKSp_FXlP2kOYr8MQXh6Yhoh9pQxGlJVu5zfP-w9M_9e25L_3XxH81NplGU9Lkscn511ufQ HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /ads/measurement/l?ebcid=ALh7CaRoPHGWBElYtn93L_M2gVPq52e7LNp3MuXNWMncZAecOn4uAnI4Cew8Ys4FDT7vc-NYFEJlwLk7N7Q0plisitMqfYuuGg HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /ads/measurement/l?ebcid=ALh7CaST2eoyjkL-6ALIDnmbc_YhY_fCLk7Trda2Am3LLSzjBT1C3EHinEVMWDlFjLKK62tvalYUp4y8oP19lZxQ4BdKmRcoGg HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /sync/triplelift/4720380240128192332667?gdpr=0&gdpr_consent= HTTP/1.1Host: pr-bh.ybp.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/measurement/l?ebcid=ALh7CaT6BuLs8QobBIB-mBLNcY3BWNUdA3DTKJs-5Mw8j8ciSL4IB9YBhKRs8x_UWb2D2NCIh9CKa_94rHe_k0BdzoucDIteIg HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /sync?ssp=triplelift&user_id=4720380240128192332667&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=2a6acefd-2787-4350-b3ca-e8bc2b81c4bd; c=1709908344; tuuid_lu=1709908345; google_push=AXcoOmSHJnv6JBXd1RfUP1oW_fhLx8XW4xp6ugn33kHrnwXrmBHxf4vujDkZWX8zYpmfOCmhYn_3MOpRvEAQSXpVklcojVc2COjE5ZJNP6W4DLr79_-PJSz0AtI63JG9jvYJlulkMJFaJnVI2qs2MmqZiark
Source: global traffic	HTTP traffic detected: GET /hadron.js?url=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&ref=&_it=amazon&partner_id=533 HTTP/1.1Host: cdn.hadronid.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /display/7666032/4560084.json HTTP/1.1Host: agen-assets.ftstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://googleads.g.doubleclick.netSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSLlwaBYD7pdmjPtBCAPm1eYRnEgQK8PbH2g9BllUskx3VyQ3xXHFzEpKF3KbMII3kWrjuvjtVWSB8nifh4yjXTQ5Bwp0Vuu0I6YwcnGOy1A7ambi42z6Xy1S3ieH5EBrrVmeFXg3CVts-05hGFWw HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i.match?p=b6&u=&google_push=AXcoOmS5fdKV32-DPH2tSlAAyElaAZQBCL64aNxJfXyscLWRqkE9zNNOXdiRl7HeYX_3gAbNz7ubSZyLT1NhD6aTJhMWtkn8v_G2QySZyLXeU8QTIrUP_cpQI9yT5mNQJoKPQx5tOTosUSxiWdT-uTP97O4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5fdKV32-DPH2tSlAAyElaAZQBCL64aNxJfXyscLWRqkE9zNNOXdiRl7HeYX_3gAbNz7ubSZyLT1NhD6aTJhMWtkn8v_G2QySZyLXeU8QTIrUP_cpQI9yT5mNQJoKPQx5tOTosUSxiWdT-uTP97O4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/1.1Host: a.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRPj9i1WOZ_32AeOb0YvTP6ZMuVeWcHzy1lqZ1WzH6smJmNc6hh5gl47985sh8YrJrNvSVP5vPszntsdW_BslaDrN851eOugeoiitdAylBD3JJK08LF3akiUvFNmtt2cRknMhivRl3hurEww0uCWhM HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sn.ashx?google_push=AXcoOmQqUShnpVUKcYfxUNcGwiU4Mx8quFeO-MtxTx-FZroHHyl52Wt3-SIBS64khNjQSicTzTaS6Sv3Pbq9O6T8DiitdtNHpyFIgh1kcEnwktfMMzZSD-Vz5ZOKxiOJY_IFbeh1rHHzLOiD0ZyGK4ya0w HTTP/1.1Host: aep.mxptint.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mxpim=R4E331_1120F9417_D0B3AA3.1.65EB2179
Source: global traffic	HTTP traffic detected: GET /ups/58269/sync?_origin=1&gdpr=0&redir=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w
Source: global traffic	HTTP traffic detected: GET /sn.ashx?google_push=AXcoOmRR8QpvhpSO43CrjtDGaaurFLr3v99_Mb02lFa4SGfvblkFi_qerx4G7b81ANfB847ShDahSWMLBOllVSUlwmXjmaw2uadwpBoLsptMQyq0mC7w4rSpedr8TDRAgDvi14NdP-_h9I5wyIuxWhfhB38 HTTP/1.1Host: aep.mxptint.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mxpim=R4E331_1120F9417_D0B3AA3.1.65EB2179
Source: global traffic	HTTP traffic detected: GET /i.match?p=b6&u=&google_push=AXcoOmQncXIYWN3x1RSSSV2mUsEXbAQM3XzRCOAE60StSGXPTVFxFduvn1-fzyT6KZsQ-TyBBjbwESR8r6kR0-biIQ7YUfSNkgRm2_dl3vzjLm0vQvM2EjvZOQMVp-RQaSrV4-onk3cadAnQ3-f8KqrqCbc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQncXIYWN3x1RSSSV2mUsEXbAQM3XzRCOAE60StSGXPTVFxFduvn1-fzyT6KZsQ-TyBBjbwESR8r6kR0-biIQ7YUfSNkgRm2_dl3vzjLm0vQvM2EjvZOQMVp-RQaSrV4-onk3cadAnQ3-f8KqrqCbc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/1.1Host: a.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; pd=v2\|1709908345\|vMgavPkWgyiK
Source: global traffic	HTTP traffic detected: GET /i.match?p=b6&u=&google_push=AXcoOmRJNeiV5Sn2SBxXaY_dVwoHnU_vcxvtf9GathLKqJSBsi2Lqa1jOccNsTcgKvmyNv06npGjWUFbdyigfr6Hj7BStFi02MDDQ2OWuTBFRLYKtQvycHk1hk7Ey5n_brF6I47_J4gtFesIXxtOmEjRGMg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJNeiV5Sn2SBxXaY_dVwoHnU_vcxvtf9GathLKqJSBsi2Lqa1jOccNsTcgKvmyNv06npGjWUFbdyigfr6Hj7BStFi02MDDQ2OWuTBFRLYKtQvycHk1hk7Ey5n_brF6I47_J4gtFesIXxtOmEjRGMg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/1.1Host: a.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwOTkwODM0OTYxNzgyNgogIHNlcnZlcl9pcDogMTQ2MzMyOTU3CiAgcHJvY2Vzc19pZDogMTM0NTQ2MDA4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDEyODE3NjY5CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly92aXNpYmxlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA5NDEwMDUxMTkyNjkxOTI5ODk5CmRlYnVnX2tleTogMTAwNjg5NDU4MTc0MDMxODAwNzMKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAzLTA4IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTI4MTc2NjkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODQ4ODIwNDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMjk3NTk2NjkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA4NjY2OTUwOTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1NDIxMDYxNjkKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0e
Source: global traffic	HTTP traffic detected: GET /redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&gdpr=0&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 HTTP/1.1Host: rtb-csync.smartadserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sn.ashx?google_push=AXcoOmRsXUmfqMpZQcZKM3hhkk-c3WqXUjDICa1EkyCy_I9pUGy1xFnVyA0LPDpoyoIOEiGhQ8DdQuJu29hyuCi6HM31IeHhWJfPsP4puMUoQjkJNTw3wnklN_rOxiluItY06NQYZFlGD_nLy6xT1ZqYCfs HTTP/1.1Host: aep.mxptint.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mxpim=R4E331_1120F9417_D0B3AA3.1.65EB2179
Source: global traffic	HTTP traffic detected: GET /redir/?partnerid=76&partneruserid=&gdpr=0&google_error=15 HTTP/1.1Host: rtb-csync.smartadserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/measurement/l?ebcid=ALh7CaTO5k-iqvKez46CYjXrzdgbWbncHkttUvIHCxpjrUp2_2t7xiG6b8xZ2AkqU_IAAk4P3xI65Z_NOOXSgosak562u4H4WA HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /simgad/1816639283876306403 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRuIKGDPeYtPDPkvSI9j3rFxiyGZUjYeMMd1zCXV2w36BvIUFE0b5v_ginueBKLnsI-XJ-SO4gr4ghDyRx-quxfIHhwFlBFbtI66QP43sMcu1gYAQSVaWrSw4vxuluARke3-W8MEOAP3yPFwd1Cfg HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3/pr?exlist=gg_n-adMediaV1_rx_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_n-vmg_n-baidu_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-adMediaV1_rx_n-Beeswax_ox-db5_smrt_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_n-vmg_n-baidu_3lift&dcc=tAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /sync/openx/0f4d1b9e-dcca-e3aa-d52d-0a805e6d7ef6?gdpr=0 HTTP/1.1Host: pr-bh.ybp.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w
Source: global traffic	HTTP traffic detected: GET /getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499
Source: global traffic	HTTP traffic detected: GET /ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwOTkwODM0OTYxNjM0NQogIHNlcnZlcl9pcDogMTAwNTIzODY5CiAgcHJvY2Vzc19pZDogMjg1MzA1MzIxMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjgxNzY2OQphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vdmlzaWJsZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTIzNzUxMzY2NTE4NzQxODk2ODAKZGVidWdfa2V5OiAxNTgwMTEzMTc1OTUzMDc1MDU5OQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDMtMDgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMjgxNzY2OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4NDg4MjA0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTEyOTc1OTY2OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDg2NjY5NTA5MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU0MjEwNjE2OQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZ
Source: global traffic	HTTP traffic detected: GET /prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4720380240128192332667 HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499
Source: global traffic	HTTP traffic detected: GET /track/cmf/openx?oxid=9b8a7dda-4c66-71e3-e4fa-1c75a13ab3bf&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRIWCgdzdng5dDUwEgsIgLvQ0tPh3zwQBRgBIAEoAjILCJqx0__p4d88EAU4AVoHc3Z4OXQ1MGAC
Source: global traffic	HTTP traffic detected: GET /pixel/4068/?che=96648.50296428357&aid=6988&cvid=31923946&col=218625,17304,7666032,0,4560084,2B1EEE90-7887-52C3-668B-90F856957D49,&puid=59113144433097&ftid=[fTrackID]&437020607 HTTP/1.1Host: d.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xuid?mid=3658&xuid=4380a510-b233-4451-a17c-ec53ca7f9b61&dongle=0cfd&gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /xuid?mid=2662&xuid=y-7mUGaf5E2oTx_W_4d5NElhH3gq4i0ayNifAQRlD..Q--~A&dongle=0883 HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /i.match?p=b6&u=&google_push=AXcoOmQi1oQYzAVkBElHEvFB6AWGHK3hXbsBVNa5u5hMGQ_UmZ6XSFmv4U9g_8ZOaO3RA4_wq4dcnlUCH2ruxKYG9xma4CSN5P9XfiNR956jnx5SRNAA1GCCePFdR0uaP5WlwOKKXbCDD0avq0imnTRSi2M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQi1oQYzAVkBElHEvFB6AWGHK3hXbsBVNa5u5hMGQ_UmZ6XSFmv4U9g_8ZOaO3RA4_wq4dcnlUCH2ruxKYG9xma4CSN5P9XfiNR956jnx5SRNAA1GCCePFdR0uaP5WlwOKKXbCDD0avq0imnTRSi2M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/1.1Host: a.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ANON_ID=aMnoeUR3YWM7UXuTwbpfZcPI9beNTFiZdaKeZaCP4Zce
Source: global traffic	HTTP traffic detected: GET /gh/prebid/currency-file@1/latest.json?date=20240308 HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /z/i.match?p=b6&u=&google_push=AXcoOmS5fdKV32-DPH2tSlAAyElaAZQBCL64aNxJfXyscLWRqkE9zNNOXdiRl7HeYX_3gAbNz7ubSZyLT1NhD6aTJhMWtkn8v_G2QySZyLXeU8QTIrUP_cpQI9yT5mNQJoKPQx5tOTosUSxiWdT-uTP97O4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS5fdKV32-DPH2tSlAAyElaAZQBCL64aNxJfXyscLWRqkE9zNNOXdiRl7HeYX_3gAbNz7ubSZyLT1NhD6aTJhMWtkn8v_G2QySZyLXeU8QTIrUP_cpQI9yT5mNQJoKPQx5tOTosUSxiWdT-uTP97O4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/1.1Host: s.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ANON_ID=afnoeUmge0mousnG8w5KdaBdBV0dTOsd0JxTP8f4
Source: global traffic	HTTP traffic detected: GET /cookie_sync HTTP/1.1Host: prebid-stag.setupad.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/11479263759/?random=1709914746392&cv=11&fst=1709913600000&bg=ffffff&guid=ON&async=1&gtm=45be4360za200&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=1024&url=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&frm=0&tiba=SamFw%20Tool%204.9%20-%20Remove%20Samsung%20FRP%20one%20click&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqZsG9J6A2MO1imfknDKH70qXdpsoZht4Uy1TUiCBIH8ouEt4I&random=738113362&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=nNadqW9uTcY0OP6I3afnr71o6EzaYLsdpW4UEYN3vYq_rbRrNFxM1jozPGuhjORBZKKMz2tdDpVe7dNuTWp4CyK-zt5Is6wVElveWAfKQgwNJiKKtXHCCCmrlgzZTl5CiKjTeA2iQqf6zlRK2h8wg1hVpIsWsaKqaWJyHMPF3JA
Source: global traffic	HTTP traffic detected: GET /879366/express_html_inpage_rendering_lib_200_278.js HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=dIGXqCC2Ys0; VISITOR_INFO1_LIVE=OcC21w7rZww; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgFw%3D%3D
Source: global traffic	HTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://samfw.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c35c01a7-50cc-ca19-24f4-9ee2c909785f HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /z/i.match?p=b6&u=&google_push=AXcoOmQncXIYWN3x1RSSSV2mUsEXbAQM3XzRCOAE60StSGXPTVFxFduvn1-fzyT6KZsQ-TyBBjbwESR8r6kR0-biIQ7YUfSNkgRm2_dl3vzjLm0vQvM2EjvZOQMVp-RQaSrV4-onk3cadAnQ3-f8KqrqCbc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQncXIYWN3x1RSSSV2mUsEXbAQM3XzRCOAE60StSGXPTVFxFduvn1-fzyT6KZsQ-TyBBjbwESR8r6kR0-biIQ7YUfSNkgRm2_dl3vzjLm0vQvM2EjvZOQMVp-RQaSrV4-onk3cadAnQ3-f8KqrqCbc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/1.1Host: s.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ANON_ID=ainoeUt3erm6AxvVDRr1VbAHbA3d2UIbKBZaCPUFq
Source: global traffic	HTTP traffic detected: GET /z/i.match?p=b6&u=&google_push=AXcoOmRJNeiV5Sn2SBxXaY_dVwoHnU_vcxvtf9GathLKqJSBsi2Lqa1jOccNsTcgKvmyNv06npGjWUFbdyigfr6Hj7BStFi02MDDQ2OWuTBFRLYKtQvycHk1hk7Ey5n_brF6I47_J4gtFesIXxtOmEjRGMg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJNeiV5Sn2SBxXaY_dVwoHnU_vcxvtf9GathLKqJSBsi2Lqa1jOccNsTcgKvmyNv06npGjWUFbdyigfr6Hj7BStFi02MDDQ2OWuTBFRLYKtQvycHk1hk7Ey5n_brF6I47_J4gtFesIXxtOmEjRGMg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/1.1Host: s.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ANON_ID=aMnoeUR3YWM7UXuTwbpfZcPI9beNTFiZdaKeZaCP4Zce
Source: global traffic	HTTP traffic detected: GET /sn.ashx?google_push=AXcoOmSyQtO5j44w7IZXqwKVuxEH_EOJRcTGzJtM_tcs90xUROdyKXnRHEzUHHAMsT60CWm-zG2uL4z03TAQn_NcncV0_D-xlFAS0I7LtonanMcaet-GABfgT-subJSlVTPMD7JUFO2-PBRlfIRbhR5PNro HTTP/1.1Host: aep.mxptint.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mxpim=R4E331_1120F9417_D0B3AA3.1.65EB217F
Source: global traffic	HTTP traffic detected: GET /pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=triplelift HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTsynKZzTOkvR340W8gD6-UjYVNzbaul7x7-eFHlRwcQrxVOc9KCrZeGffDJGWG7dhNsNDE7gAPrP14-ovKUr496BWRpdvM_fleJ8RyWz4hG6vYMw6FefqvWNIcV_M92bdlIh2DxZ0XJg9v1Ajjgw HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sn.ashx?google_push=AXcoOmSHlqc8LqZTNFRRmzHUWanFuTqtOrMpNWxKAifJHwYnIcy7cG60OJMNKzM6WBM83XDrhC7m2MufjiIs9C3cHpQwHAyDsqB71bf73bKLDyLkKy3DOYa14Fkl6L6yKWePaUMMIJfoN5CQfsE9GU6aZ6g HTTP/1.1Host: aep.mxptint.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mxpim=R4E331_1120F9417_D0B3AA3.1.65EB217F
Source: global traffic	HTTP traffic detected: GET /i.match?p=b6&u=&google_push=AXcoOmR812IVn4s-Vv962FGYamsNRN7a2eZnAou2OlsTL6Jg0hp9_S5W7jyumpJiXsRFnuv2c0uRdhViLZe_C123byhROSwB5Jgj5DoX5vRnQAmcfIJiIuAUQqC3r-Us7KA8o3sAtKwhANQxCzhs-NJfgX8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR812IVn4s-Vv962FGYamsNRN7a2eZnAou2OlsTL6Jg0hp9_S5W7jyumpJiXsRFnuv2c0uRdhViLZe_C123byhROSwB5Jgj5DoX5vRnQAmcfIJiIuAUQqC3r-Us7KA8o3sAtKwhANQxCzhs-NJfgX8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/1.1Host: a.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ANON_ID=aMnoeUR3YWM7UXuTwbpfZcPI9beNTFiZdaKeZaCP4Zce
Source: global traffic	HTTP traffic detected: GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSuNgzqC4VNSXGrtL8hli1ensxvh74jqXicDMDKjmD38T8fJrtR7NVs775kqbEe9ypRdGJcfLWDgz51jkOlxB-XkL7xK3U-lVVlk6d2zA6oq9MjUkrG4PiOUohq4n3Y5kA7Gg_0VbQTJ1iSRWfcgJA HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pagead2.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /state/7666032;4560084;31923946;271;2B1EEE90-7887-52C3-668B-90F856957D49/?cachebuster=81409127 HTTP/1.1Host: ad-events.flashtalking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: flashtalkingad1="GUID=59113144433097"
Source: global traffic	HTTP traffic detected: GET /redir/?partnerid=76&partneruserid=&gdpr=0&gdpr_consent=&google_error=15 HTTP/1.1Host: rtb-csync.smartadserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://googleads.g.doubleclick.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pid=5739124417478682736; TestIfCookieP=ok; csync=76:GOOGLE_HOSTED_PI
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=74a613c122840c51017b37c2bb563d5e&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dviewomid&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&event_id=not-supported&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audience_id%3D81155880%26version_id%3D315%26iv_geo_dma%3D839%2
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=2ad9b5b0279c1971be502c2044780ac0&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dinit&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&size=728x90&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audience_id%3D81155880%26version_id%3D315%26iv_geo_dma%3D839%26iv_geo_country
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=186463e3ad99631b8167038d2a8781c1&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dviewomid&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&event_id=not-supported&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155880%26version_id%3D320%26iv_geo_dma%3D839
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=760224293b82caf41e186ec4453c4c81&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dinit&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&size=728x90&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155880%26version_id%3D320%26iv_geo_dma%3D839%26iv_geo_count
Source: global traffic	HTTP traffic detected: GET /pcs/view?xai=AKAOjstNG-7p2HSVOnQblltWqLhdN_utVVg6QxMv2G2G5_MN4k5PfA-myFT12pJWbHCTThkLuxYIzliqNXATW6b8uTBAolEU1COM-3Zo51bOxdUPC-ThwkcIpA26AhUynVRDOKLgKzmSxv7VF9ZUBUVbTm-RbMtd8s6Jsj5JDlH8an5rYXAMH0l6bo38IhVG7LD0zdk0OYjosUoXpP6GcbZv3qFNdt2oT999TPG-YU80kxe5YWge8Q8jG9w-BW17z3mlD1A1wE6ZMduj2oGwPB6ZeH2sIDDWh4TSZqm_MyetOtTU8laGL__X5lVtBRvdk0wo_RaGY24OBCDZaCsTTPKcZqnOyIfScaYfp18cAIwQjD0gDb-a0FGf6FgwGBp8eYoUASqEbKklHYVNhIN6bYyEuCtmo7HDkadUJC5l5QH8ZYdth1HCAMBhv1L8mFsMtyQ8P5wNkO0fY7NOpNPDDWMoo3yRiFlNZrx3QQOZxxh0mBLzOOYwAUPKBDPMXsX0NqVC-xZC_cumY3dmoNC140Kdi8atV5hyPqTgffLZwckZN6iTWjNT15N4UODN2tCoki12Um5f3LZLHi4DbfH_p43mpzvKc6RoB5sEw9YLka5B5LhbzgorDn98aMTbs8yTbvKScSbWHREW_2r39ixRJBRvRbdNi4zqEXR_Tbm4DOeHjL42nPrCOoOsAvh2qt7lgGLSKxO3WjU1XQ--ctokyMd8YOOUodKf5uY57zUsx4uueKHJbguMuB2B157w1Oi8UhW50RAzF5iNILUMq7f10wUFIbGVBxjjz7lfhB6oBbmwsUTaAsgWkb5qGhiQptxY1DKgj_HzDnh0W8iyPNqKP3C21OJxbls55PFWWNJFoeEvM5Hm-k1OT6ic4u2jOXbfh8XxYJ0U6lzgFxg3KD9tzid8KFmoZOgsYotN15NjfEhz-xcvqwjOXq5cKlYd5hjc-EIFC52nAZ4TqXS_RBytR3q1ulr_JJrYYfyzC_4OC2BFhhJIMr2txQ2G161SZX37QrDubWKDsVjiIuhVY87TWtUpvzb85hYEF4Wh6-e9gz7qXiUXcUNF0lVlUeGb0iLzbbvpQO_K77QxTjDoo0YNjBDJqQ2Wh1mjVALht5Y8idWhuagGQTIJbcd21T1e24x-XsISuKZeStPTZfLdaZGNugIEIy9r4fOBj8z_OAPxI_3xnB0L_BSTC_SxXD-rRCw1lP8TZ43K1spYUkd3CRy4RLgGfvmXCWSQh04_0a6Nq7VN5Kkq9Lkb7K_5ccP9kUkN6urOOjuS4ESVMssQX_r0-3MTa24RVmMr02CY_LKzbHHZ-bwmHkPPZqvOK_UgQyhAe2lHEwu8liu6yamFibvB0Gx1mVD8Q6Ew1M_OCNqewDqelaW2tcV-2vi6d6mm3HtW-6L_V9slbCv1MaZFuFlx8--f_DIm9c8wdaUXiZ7Qsy5svNIzm25ajbVhMqjhLDk69WaLaEhmEfUMs5dM9GcU6RJWsjgI4A&sai=AMfl-YQ-ssz6kNdrjHNgUuODeKPS38b3ZX5jYUT9QoTOIKjkGOTrXRQVlFgPi71UiMwLVeynEVZXkkZimBE0Y71SLYh6gipt0J1neVfGaT8N_wT8QuLDT8qwHhN0PLhIostvos2K0B-CDAcRP_aB5OeTZ_IyDA24RTtARpu_Mn7gUZNb_b7sMd0XzYyvZHSVVFIwZQpqUUlR3ZH8CYh3wr1gq1-Fei9XVVRHypdkEqaoSmgf9Kys6G7x83THZepdrHn77ksWOEQqvjfpmXoWvFAP&sig=Cg0ArKJSzMTKROzrPaDeEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1500&cbvp=1&cstd=1488&cisv=r20240306.18726&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&arae=1&ftch=1&adurl= HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: event-source, not-trigger, not-navigation-sourceReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmxXBvU_dbUpq-svf17gFxHuMz1mb_4mtszY_t
Source: global traffic	HTTP traffic detected: GET /pcs/view?xai=AKAOjst5Ad4tazuGlc48Rs6QPu9s-OQv3KqTDjgApc7HlCa7FP3-ITVX-VmocY_mW05m5Wk_GvnkfnUrHaDSik_C3BgLgFqwNx33hcil1YpHp_kDDWbyl9OzGLIfSrG7RukBoewiWyawT_or7KOZiB-kzAhCqiAU0VM_fnQCTIvQLovzJVNliZpMvRbIXM4j1SBn0rDCFfZCepzDEVNHFpymqKAW48bcvh-fO1MYvfq_aEx7oKq3P-hMp8EDk2POl7JG9Q4Mta4QkAIsJ14E_EfM3jLl4Zy6JUIqs0Ng8bm3aFEneqIxt7vYzK32gjma-avsrPcSXulMKvPFMob2ef_viWvIGXi9i9No5KgSzetQYUdYX0fOTs9vi66qnDfzKruktphIVxBokMJwJQDcliHZc6lalF8HQfwRlX2qMhcxSxkx_kUV7pmBALk2UyPDDRUqjp_Gho0nMGnbE6wAFakIboVNPW8LwHHT3jtsjvRDuVxp2DtsFJklVOoT7uJALCpviLNGp4C-hmZ0xEeCVon0NA_wY-AnhrXrS51ttOKlUMQ5hDx0hE4856rj3EHdbkxbnOQrzm_BwwrNGL87fjhmdALB1vxOI0n1wAhvkgeFhSLxfSS-5YHnCsQiApWaRm_-3f-jFCA98CBu0A9AhdRVbFxxYJHwXS6VQIPBqouFrHgqkEl2-fR7ywWHqARg9m1hUBbbKoYtVRITZHt2EPpe_f5Onp2wZeoG_GRya3VIGFCOEV7CVZYoljLTs6PcH7zES_Gb5TpyW7I5F2xvCSA5D9HC6DRIWhCOWc48odDH0fHgcszB3uSk2ORUeL_0t0ZW7uu_BdF_KooEqD5BxXMnAsOIgHFqecpYqiQWSOJc7tjdPdMIJFdJoCthxIkDClPBrKxViKnt6kzU5yNXNmhjPRnfk4EJT-aXU-g76NB-fdDQGpYxLHjsRJ-0K02eQVmNbKmLaumnEJHLkH0f2MqJt1K_vewvA0TKtDVBjxFmyUSytjCqNvxR6dpkZ_IHCAPCNsbucTOXF-E_fDAecrzVC4lSwx607gq3Z2KuMCFiUcJtSc4vqjmBKw9S5r-OAwnivXnWWiUNqsPgu77pUY3kT2CJKALx0KSlXPFzTudpLDYCQi3vjtKEqZFKH_fsxLxIzsV0ovTc17KXjEjbptZ-lxE5wYVnqwPm4gA-xPZjAZBKXR6XU8duoKXhU1_t90jQJ24yPalzcxIjHboYb5w5KUXO6IO9xl7zv-YY4SJhbw4JRPBXc2wVYast98gHZXr3L0r7w3UQb_00tS3oUmlNuk4dQc57jqZCOtI_-G3OnEyfMNBydR83OhDa3kSJzjavh8vS3_HpI22pofKKEAfbftxrOXkXjciTqVHqOdy-MkfHD7GPmO5_zk_0iXnBOwxKOYe79Dz-seFa_qJHd5VnlBNoYY-pOW6a-Af_L3uZW34BxF9IruTYb79rmoLjwuiqOs-rggm1zib0ZQhiPgyr3hGeRRE&sai=AMfl-YTO9xwNNfKxeLlE3qo9Utm-kR43NXkN0rac7AzA64XauZ3uhOCKsXAKBp4__vZjdF-nmHRYdm-Q50kKf1XRVV_n3prm8upmfhA7HODjRMfi1WTpaQZomh4qTVuQN16At8GkRKenN3x9goj-8zn-GcHw0l1arPwG0OIU_zZ7qTCqe41ABB3Y_e60IGI626ueIoTIrtRiTQ-uWXmJmHiRDyeFvguItDDTqU8XwXRfMgjSpfZruQCu7ZcoOoEx-RSOAT9h3wzwyDDHvufK4kN4&sig=Cg0ArKJSzPxKRybEHimdEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1430&cbvp=1&cstd=1416&cisv=r20240306.85601&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&arae=1&ftch=1&adurl= HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: event-source;navigation-sourceReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmxXBvU_dbUpq-svf17gFxHuMz1mb_4mtszY_tRFGe9_IcyJLoV25Mk
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2/641959/analytics.js?dt=6419591531399173184001&ac=11362813&si=4792984&pc=334520467&pi=526568920&cr=170336220&dm=160x600&ai=6836545&ui=0&cb=2250431479&pp=N555803.2382313DOUBLECLICKBIDMAN&md=display HTTP/1.1Host: s.cdnsynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2/641959/analytics.js?dt=6419591531399173184001&ac=11362813&si=4792984&pc=334520467&pi=526568920&cr=170336220&dm=160x600&ai=6836545&ui=0&cb=899432974&pp=N555803.2382313DOUBLECLICKBIDMAN&md=display HTTP/1.1Host: s.cdnsynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=74a613c122840c51017b37c2bb563d5e&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dviewomid&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&event_id=not-supported&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audience_id%3D81155880%26version_id%3D315%26iv_geo_dma%3D839%2
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=2ad9b5b0279c1971be502c2044780ac0&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dinit&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&size=728x90&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audience_id%3D81155880%26version_id%3D315%26iv_geo_dma%3D839%26iv_geo_country
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=186463e3ad99631b8167038d2a8781c1&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dviewomid&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&event_id=not-supported&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155880%26version_id%3D320%26iv_geo_dma%3D839
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=760224293b82caf41e186ec4453c4c81&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dinit&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&size=728x90&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155880%26version_id%3D320%26iv_geo_dma%3D839%26iv_geo_count
Source: global traffic	HTTP traffic detected: GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001709914764-DT33QOHA-PE5T HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001709914764-DT33QOHA-PE5T&adnxs_id=$UID&gdpr=0 HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499; anj=dTM7k!M4/YDunaTF']wIg2ImVu$aG^!@wnf-Te9(SNOfY2^u31Es$]lCz3:_E:Ev`E:=1hE<L)rEsI`gx6V80GdD1J%q)3RQ:!y2; uids=eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NzIwMzgwMjQwMTI4MTkyMzMyNjY3IiwiZXhwaXJlcyI6IjIwMjQtMDYtMDZUMTQ6MzI6MzFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDMtMDhUMTQ6MzI6MzFaIn0=
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001709914764-DT33QOHA-PE5T&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRIWCgdzdng5dDUwEgsIgLvQ0tPh3zwQBRgBIAIoAjILCJqx0__p4d88EAU4AVoHc3Z4OXQ1MGAC
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001709914764-DT33QOHA-PE5T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001709914764-DT33QOHA-PE5T%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ebda?gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /xuid?mid=3335&xuid=8190380959160668499&dongle=4d58&gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eb2.3lift.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001709914764-DT33QOHA-PE5T HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KTPCACOOKIE=true
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?id=537072971&val=4380a510-b233-4451-a17c-ec53ca7f9b61&ttd_puid=9b8a7dda-4c66-71e3-e4fa-1c75a13ab3bf&gdpr=0&gdpr_consent= HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; pd=v2\|1709908345\|vMgavPkWgyiK
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001709914764-DT33QOHA-PE5T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001709914764-DT33QOHA-PE5T%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1709908355498; TapAd_DID=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50
Source: global traffic	HTTP traffic detected: GET /ups/58251/sync?redir=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w; IDSYNC=18yl~2h6e
Source: global traffic	HTTP traffic detected: GET /c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP/1.1Host: s.ad.smaato.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP/1.1Host: u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; pd=v2\|1709908345\|vMgavPkWgyiK; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141
Source: global traffic	HTTP traffic detected: GET /ium?sourceid=15&uid=06078ki7khlcj897beekalfh9k9g69e7faj24yu2ys0iw462gmmye0os6y6q06m2o&gdpr=0 HTTP/1.1Host: ssum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMPS=4165; CMID=ZesheMAoIYoAAGpiAIfemQAA; CMPRO=4165
Source: global traffic	HTTP traffic detected: GET /match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP/1.1Host: trace.mediago.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001709914764-DT33QOHA-PE5T%26auid%3DAU1D-0100-001709914764-DT33QOHA-PE5T HTTP/1.1Host: u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; pd=v2\|1709908345\|vMgavPkWgyiK; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141
Source: global traffic	HTTP traffic detected: GET /cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/sync?callerId=2 HTTP/1.1Host: ssbsync-us.smartadserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pid=5739124417478682736; TestIfCookieP=ok; csync=76:GOOGLE_HOSTED_PI
Source: global traffic	HTTP traffic detected: GET /amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sspsync/?ssp=1601&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadmedia.com%26id%3D%5BUID%5D HTTP/1.1Host: pixel.s3xified.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/481/8.gif?o=api&id5id=ID5oT5AzLFFdX7RWMfB22vhdQh4bq4yA8gpnVi5LGXHG1mKbzkQC8cGEXjjVpYkU65pinECNFrBqaIJevjqVxEHOg&gdpr_consent=undefined&gdpr=false HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#1
Source: global traffic	HTTP traffic detected: GET /usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D HTTP/1.1Host: rtb.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001709914764-DT33QOHA-PE5T%252526tapad_id%25253Dcbef3e7f-3c8c-4a58-9732-2ff8855e2b50%252C&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRIWCgdzdng5dDUwEgsIgLvQ0tPh3zwQBRgBIAEoAjILCIT03L_q4d88EAU4AVoHOGdreGI2bmAC
Source: global traffic	HTTP traffic detected: GET /tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID HTTP/1.1Host: sync-amz.ads.yieldmo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=8439fac3f96ea0754e22723d8fed3e3e&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dsubload&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&event_id=empty&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155880%26version_id%3D320%26iv_geo_dma%3D839%26iv_geo
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?id=537148856&val=ZeshfwADFVqoSwAk&_test=ZeshfwADFVqoSwAk HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; pd=v2\|1709908345\|vMgavPkWgyiK; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=vmg.com&id=eS00VEJwUmN4RTJ1S3I1eVhueGRTZG1lWGNqOVRISkxZM35B HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /getuid?https://id5-sync.com/c/481/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499; anj=dTM7k!M4/YDunaTF']wIg2ImVu$aG^!@wnf-Te9(SNOfY2^u31Es$]lCz3:_E:Ev`E:=1hE<L)rEsI`gx6V80GdD1J%q)3RQ:!y2; uids=eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NzIwMzgwMjQwMTI4MTkyMzMyNjY3IiwiZXhwaXJlcyI6IjIwMjQtMDYtMDZUMTQ6MzI6MzFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDMtMDhUMTQ6MzI6MzFaIn0=
Source: global traffic	HTTP traffic detected: GET /ads/studio/cached_libs/gsap_3.0.1_min.js HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/_preloader.gif HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ads/studio/cached_libs/createjs_2019.11.15_min.js HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.js HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=3lift.com&id=4720380240128192332667 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=1830&partner_device_id=4380a510-b233-4451-a17c-ec53ca7f9b61&ttd_puid=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001709914764-DT33QOHA-PE5T%2526tapad_id%253Dcbef3e7f-3c8c-4a58-9732-2ff8855e2b50%2C HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1709908355498; TapAd_DID=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50; TapAd_3WAY_SYNCS=
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=smart.com&id=5739124417478682736&gdpr=0&gdpr_consent= HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=sharethrough.com&id=90c3182a-6243-45b3-885d-af7711f563d1 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRIWCgdzdng5dDUwEgsIgLvQ0tPh3zwQBRgBIAEoAjILCIT03L_q4d88EAU4AVoHOGdreGI2bmAC
Source: global traffic	HTTP traffic detected: GET /usersync2/sharethrough HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005%22%2C%22zdxidn%22%3A%222069.5%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D%22%7D
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=8439fac3f96ea0754e22723d8fed3e3e&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dsubload&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&event_id=empty&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155880%26version_id%3D320%26iv_geo_dma%3D839%26iv_geo
Source: global traffic	HTTP traffic detected: GET /ads/studio/cached_libs/gsap_3.0.1_min.js HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Mon, 11 Nov 2019 18:08:13 GMT
Source: global traffic	HTTP traffic detected: GET /ads/studio/cached_libs/createjs_2019.11.15_min.js HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Fri, 15 Nov 2019 19:16:20 GMT
Source: global traffic	HTTP traffic detected: GET /c/481/2/7/2.gif?puid=8190380959160668499&gdpr=0&gdpr_consent= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#2; 3pi=
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=cnv.com&id=AAAKyY0HgAppZgMDP2_TAAAAAAA&expiration=1709994757&is_secure=true HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: checkForPermission=ok
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=openx.com&id=c35c01a7-50cc-ca19-24f4-9ee2c909785f HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=smaato.com&id=a92c8f51ae HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /ecm3?id=1A106869C3BF4A53A8EDCEB7340E5C8E&ex=simpli.fi&status=ok HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1709908356995 HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005%22%2C%22zdxidn%22%3A%222155%22%2C%22nxtrdr%22%3Afalse%7D
Source: global traffic	HTTP traffic detected: GET /ups/58294/sync?_origin=1&uid=b54efe53-940c-4baa-b7dd-dd7f369947d6 HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w; IDSYNC="18yl~2h6e:18y3~2h6e"
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=1955&partner_device_id=9df40e26-1761-4c64-ae1b-84a392b672b3 HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1709908355498; TapAd_DID=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50; TapAd_3WAY_SYNCS=1!1646
Source: global traffic	HTTP traffic detected: GET /ddm/trackimp/N1559147.150143GOOGLE.COM/B31158248.383787394;dc_trk_aid=574982309;dc_trk_cid=206973736;ord=1709914769655;dc_dbm_token=ALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1? HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmxXBvU_dbUpq-svf17gFxHuMz1mb_4mtszY_tRFGe9_IcyJLoV25Mk0HFae_0; APC=AfxxVi4Lp-dYqhgwt_3DYsXVG5GsEMERtitdanFuunytGhal61rkgQ; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /placement/1e5rub/uuid?cb=1709914769655&ivc_exdata=[ecp] HTTP/1.1Host: rtr.innovid.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid=9178bcc3-bf13-4411-ae23-56e15107bf98-20240308 09:32:27
Source: global traffic	HTTP traffic detected: GET /w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141; pd=v2\|1709908345.11\|iKvPvMgakWgy.bwuYhEgKg2
Source: global traffic	HTTP traffic detected: GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F429%2F6%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP/1.1Host: image6.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KTPCACOOKIE=true; KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2
Source: global traffic	HTTP traffic detected: GET /sync/gumgum?gdpr=&gdpr_consent= HTTP/1.1Host: pr-bh.ybp.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=4d2603579b8ba26c25949e15122cabe7&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dplay&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&event_id=adsize&website=samfw.com&publisher_id=4847&event_value=728x90&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audience_id%3D81155880%26version_id%3D315%26iv_geo_dma
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=c2c0397aeaae952c74c70a6ac38e9433&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dviewmraid&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&event_id=no-mraid&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26
Source: global traffic	HTTP traffic detected: GET /rjss/st/1888234/77512386/skeleton.js HTTP/1.1Host: pixel.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?ssp=gumgum2&user_id=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1&gdpr=&gdpr_consent=&us_privacy= HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=2a6acefd-2787-4350-b3ca-e8bc2b81c4bd; c=1709908344; tuuid_lu=1709908345; google_push=AXcoOmSHJnv6JBXd1RfUP1oW_fhLx8XW4xp6ugn33kHrnwXrmBHxf4vujDkZWX8zYpmfOCmhYn_3MOpRvEAQSXpVklcojVc2COjE5ZJNP6W4DLr79_-PJSz0AtI63JG9jvYJlulkMJFaJnVI2qs2MmqZiark
Source: global traffic	HTTP traffic detected: GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499; anj=dTM7k!M4/YDunaTF']wIg2ImVu$aG^!@wnf-Te9(SNOfY2^u31Es$]lCz3:_E:Ev`E:=1hE<L)rEsI`gx6V80GdD1J%q)3RQ:!y2; uids=eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NzIwMzgwMjQwMTI4MTkyMzMyNjY3IiwiZXhwaXJlcyI6IjIwMjQtMDYtMDZUMTQ6MzI6MzFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDMtMDhUMTQ6MzI6MzFaIn0=
Source: global traffic	HTTP traffic detected: GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/1.1Host: match.deepintent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1Host: sync.ipredictive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?nid=1&gdpr=&gdpr_consent= HTTP/1.1Host: sync.srv.stackadapt.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync/gumgum/?puid=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1Host: b1sync.zemanta.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ddm/trackimp/N1559147.150143GOOGLE.COM/B31158248.383787394;dc_trk_aid=574982309;dc_trk_cid=206973736;ord=1709914770926;dc_dbm_token=ALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1? HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmxXBvU_dbUpq-svf17gFxHuMz1mb_4mtszY_tRFGe9_IcyJLoV25Mk0HFae_0; APC=AfxxVi4Lp-dYqhgwt_3DYsXVG5GsEMERtitdanFuunytGhal61rkgQ; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=bd9a50a017aa8d226aa06b8941bc999c&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dplay&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&event_id=adsize&website=samfw.com&publisher_id=4847&event_value=728x90&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155880%26version_id%3D320%26iv_geo_d
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=62ddcf0d4dd9c163dd70980bcbbcdc49&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dviewmraid&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&event_id=no-mraid&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%
Source: global traffic	HTTP traffic detected: GET /placement/1e5rub/uuid?cb=1709914770926&ivc_exdata=[ecp] HTTP/1.1Host: rtr.innovid.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid="9178bcc3-bf13-4411-ae23-56e15107bf98-20240308 09:32:27"
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=4d2603579b8ba26c25949e15122cabe7&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dplay&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&event_id=adsize&website=samfw.com&publisher_id=4847&event_value=728x90&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audience_id%3D81155880%26version_id%3D315%26iv_geo_dma
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=c2c0397aeaae952c74c70a6ac38e9433&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dviewmraid&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&event_id=no-mraid&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26
Source: global traffic	HTTP traffic detected: GET /usersync?b=adf&i=9060652894245162056&gdpr=&gdpr_consent= HTTP/1.1Host: usersync.gumgum.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/1.1Host: bh.contextweb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/481/429/6/3.gif?puid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#2; 3pi=2#1709908358806#1768352869#8190380959160668499
Source: global traffic	HTTP traffic detected: GET /rjss/st/1888234/77512386/skeleton.js HTTP/1.1Host: pixel.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1&s=2&us_privacy= HTTP/1.1Host: b1sync.zemanta.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zuid=oNNaTvjtuLVmVbh6cFDR
Source: global traffic	HTTP traffic detected: GET /main.19.8.489.js HTTP/1.1Host: static.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync?b=opx&i=6cb7d9aa-6473-49b5-8381-0c98696ab2f9 HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /usersync?b=apn&i=8190380959160668499 HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /usersync?b=oth&i=y-kaab3WxE2pfKS8dVEONpLnRbHo9xIoP5V6Ww~A HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /usersync?b=sta&i=0-f6c33daf-fa03-5523-7878-ed8d536bfae2$ip$154.16.105.38 HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /usersync?b=vnt&i=4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZeshfwADFVqoSwAk HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: stx_user_id=90c3182a-6243-45b3-885d-af7711f563d1
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=bd9a50a017aa8d226aa06b8941bc999c&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dplay&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&event_id=adsize&website=samfw.com&publisher_id=4847&event_value=728x90&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155880%26version_id%3D320%26iv_geo_d
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=62ddcf0d4dd9c163dd70980bcbbcdc49&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dviewmraid&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&event_id=no-mraid&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRIWCgdzdng5dDUwEgsIgLvQ0tPh3zwQBRIbCgxzaGFyZXRocm91Z2gSCwiu7ICt1OHfPBAFGAEgASgCMgsIuuKD2urh3zwQBTgBWgxzaGFyZXRocm91Z2hgAg..
Source: global traffic	HTTP traffic detected: GET /sync/v1?gdpr=0&gdpr_consent= HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: stx_user_id=90c3182a-6243-45b3-885d-af7711f563d1
Source: global traffic	HTTP traffic detected: GET /usersync?b=pln&i=3lrO40cPjVaF&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355 HTTP/1.1Host: rtb.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /sync/v1?source_id=5b286190338513af73f09c28&source_user_id=4380a510-b233-4451-a17c-ec53ca7f9b61&gdpr=0&gdpr_consent= HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: stx_user_id=90c3182a-6243-45b3-885d-af7711f563d1
Source: global traffic	HTTP traffic detected: GET /usersync?b=zem&i=oNNaTvjtuLVmVbh6cFDR HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2a6acefd-2787-4350-b3ca-e8bc2b81c4bd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP/1.1Host: dsp.nrich.aiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cm-notify?pi=gumgum HTTP/1.1Host: creativecdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aux/idsync?proto=gumgum HTTP/1.1Host: tg.socdm.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /merge?pid=58&3pid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F1242%2F5%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP/1.1Host: ce.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync?b=ttd&i=4380a510-b233-4451-a17c-ec53ca7f9b61 HTTP/1.1Host: usersync.gumgum.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=gg.com&id=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP/1.1Host: ssbsync.smartadserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pid=5739124417478682736; TestIfCookieP=ok; csync=76:GOOGLE_HOSTED_PI
Source: global traffic	HTTP traffic detected: GET /rfw/st/1888234/77512386/skeleton.js?adsafe_url=https%3A%2F%2Fsamfw.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fsamfw.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:aa171ded-ba6e-abce-ee75-c3795d115645,c:6nYVnz,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-76fd75d69d-g2pk8,rg:or,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:veRzn1,mtim:1466,mot:0,app:0,maw:0,tdt:s,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1502,oid:b79a7f08-dd58-11ee-a4d8-a2865417dbd2,v:19.8.489,sp:1,st:0,fwm:1,wr:1050.964,sr:1280.1024,ov:0 HTTP/1.1Host: pixel.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=d31684949f656876cbf8ed3a5986c988&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dsubload&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&event_id=empty&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audie
Source: global traffic	HTTP traffic detected: GET /sca.17.6.2.js HTTP/1.1Host: static.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rfw/st/1888234/77512386/skeleton.js?adsafe_url=https%3A%2F%2Fsamfw.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fsamfw.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cec3eaf8-fde8-c176-d445-46d036303d7a,c:6nYVph,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-76fd75d69d-788ls,rg:or,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:veRzn1,mtim:501,mot:0,app:0,maw:0,tdt:s,fm:u6rO7Wq+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:561,oid:b84ae28b-dd58-11ee-8742-4e1000c06e0e,v:19.8.489,sp:1,st:0,fwm:1,wr:1050.964,sr:1280.1024,ov:0 HTTP/1.1Host: pixel.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync?b=sus&i=ZeshisCo5s4AAIV6WjAAAAAA HTTP/1.1Host: usersync.gumgum.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /merge?pid=58&3pid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F1242%2F5%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP/1.1Host: ce.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ljt_reader=ISXoARZHdraNBZy_RIWmot3X
Source: global traffic	HTTP traffic detected: GET /getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499; anj=dTM7k!M4/YDunaTF']wIg2ImVu$aG^!@wnf-Te9(SNOfY2^u31Es$]lCz3:_E:Ev`E:=1hE<L)rEsI`gx6V80GdD1J%q)3RQ:!y2; uids=eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NzIwMzgwMjQwMTI4MTkyMzMyNjY3IiwiZXhwaXJlcyI6IjIwMjQtMDYtMDZUMTQ6MzI6MzFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDMtMDhUMTQ6MzI6MzFaIn0=
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVo4,pingTime:-3,time:1532,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1532,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVo7,pingTime:-6,time:1535,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1535,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502%7D&tpiLookup=ao:samfw.com&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cm-notify?pi=gumgum&tc=1 HTTP/1.1Host: creativecdn.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: g=kKTAH2vxrCfdpJK4Z9uT_1709908362510; ts=1709908362
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=ym.com&id=VqmMR__OOM_VsuIl4lwX HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVpJ,pingTime:-2,time:1635,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:12599,bdZ:14390,beA:14392,beZ:14394,mfA:15859,cmA:15860,inA:15860,inZ:15867,prA:15867,prZ:15879,si:15893,poA:15899,poZ:15912,cmZ:15912,mfZ:15912,loA:15926,loZ:15933,ltA:16026,ltZ:16026,mdA:14394,mdZ:15770%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1635,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502,sinceFw:128,readyFired:true%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVpW,pingTime:-3,time:602,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:602,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Wq+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVpX,pingTime:-6,time:603,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:603,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Wq+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562%7D&tpiLookup=ao:samfw.com&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP/1.1Host: bh.contextweb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: V=3lrO40cPjVaF; pb_rtb_ev=3-1q49\|7bq.0.1; INGRESSCOOKIE=4b17474aa3cbae2b
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVqc,pingTime:-2,time:618,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:13708,bdZ:15270,beA:15272,beZ:15274,mfA:15774,cmA:15774,inA:15774,inZ:15776,prA:15776,prZ:15828,si:15834,poA:15838,poZ:15852,cmZ:15852,mfZ:15852,loA:15875,loZ:15879,ltA:15890,ltZ:15890,mdA:15276,mdZ:15606%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:618,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562,sinceFw:52,readyFired:true%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=baidu.com&id=22210ca75c508c952fbaj000ltirac8x HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=admedia.com&id=f8ddefa0c73b403da1f713829618a72a HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499; anj=dTM7k!M4/YDunaTF']wIg2ImVu$aG^!@wnf-Te9(SNOfY2^u31Es$]lCz3:_E:Ev`E:=1hE<L)rEsI`gx6V80GdD1J%q)3RQ:!y2; uids=eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NzIwMzgwMjQwMTI4MTkyMzMyNjY3IiwiZXhwaXJlcyI6IjIwMjQtMDYtMDZUMTQ6MzI6MzFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDMtMDhUMTQ6MzI6MzFaIn0=
Source: global traffic	HTTP traffic detected: GET /skeleton.js HTTP/1.1Host: static.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VqmMR__OOM_VsuIl4lwX HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRIWCgdzdng5dDUwEgsIgLvQ0tPh3zwQBRIbCgxzaGFyZXRocm91Z2gSCwiu7ICt1OHfPBAFGAEgASgCMgsI6OKc_urh3zwQBTgBWgZndW1ndW1gAg..
Source: global traffic	HTTP traffic detected: GET /w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141; pd=v2\|1709908345.11\|iKvPvMgakWgy.bwuYhEgKg2
Source: global traffic	HTTP traffic detected: GET /usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005%22%2C%22zdxidn%22%3A%222069.5%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D%22%7D
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=d31684949f656876cbf8ed3a5986c988&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dsubload&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&event_id=empty&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audie
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVqR,time:1705,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:51,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~100%5D,as:%5B51~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVIG,pingTime:1,time:2810,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D,%7Bpiv:100,vs:i,r:,t:1654%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1156,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1156~100%5D,as:%5B1156~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVIH,pingTime:1,time:2811,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D,%7Bpiv:100,vs:i,r:,t:1654%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1157,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1157~100%5D,as:%5B1157~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVIJ,pingTime:1,time:1767,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1149,o:618,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1149~100%5D,as:%5B1149~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVIJ,pingTime:1,time:1767,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1149,o:618,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1149~100%5D,as:%5B1149~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ecm3?id=AAGUw07L1kMAABVWe2Uo_A&ex=beeswax.com HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVIJ,pingTime:1,time:1767,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1149,o:618,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1149~100%5D,as:%5B1149~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562,metricId:veRzn1,cmr:t%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/481/1242/5/4.gif?puid=ISXoARZHdraNBZy_RIWmot3X&gdpr=0&gdpr_consent= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#2; 3pi=2#1709908358806#1768352869#8190380959160668499\|429#1709908361556#-689978729#5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2
Source: global traffic	HTTP traffic detected: GET /usersync?b=rth&i=M5S-5-4GfP8H9azDQeEeI-L_lKcAfJGbve3SuVj3myQ&pi=gumgum&tc=1 HTTP/1.1Host: usersync.gumgum.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /usersync?b=sad&i=5739124417478682736 HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10633330&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: image6.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2
Source: global traffic	HTTP traffic detected: GET /usersync/turn/3607227326741921297?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005%22%2C%22zdxidn%22%3A%222069.28%22%2C%22nxtrdr%22%3Afalse%7D
Source: global traffic	HTTP traffic detected: GET /sync?dsp_id=283&user_id=a6578dfb-acf6-458b-9208-af32b4769b92&expires=1&user_group=2&ssp=gumgum2&bsw_param=2a6acefd-2787-4350-b3ca-e8bc2b81c4bd&gdpr=&gdpr_consent=&gdpr_pd= HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=2a6acefd-2787-4350-b3ca-e8bc2b81c4bd; c=1709908344; tuuid_lu=1709908345; google_push=AXcoOmSHJnv6JBXd1RfUP1oW_fhLx8XW4xp6ugn33kHrnwXrmBHxf4vujDkZWX8zYpmfOCmhYn_3MOpRvEAQSXpVklcojVc2COjE5ZJNP6W4DLr79_-PJSz0AtI63JG9jvYJlulkMJFaJnVI2qs2MmqZiark
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?id=537072399&val=8190380959160668499 HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141; pd=v2\|1709908345.11\|iKvPvMgakWgy.bwuYhEgKg2
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVLZ,time:1969,type:e,im:%7Bimprf:%7Bttecl:3500,ecd:1369,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1351,o:618,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1351~100%5D,as:%5B1351~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:1303,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562,sis:1936%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVIH,pingTime:1,time:2811,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D,%7Bpiv:100,vs:i,r:,t:1654%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1157,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1157~100%5D,as:%5B1157~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502,metricId:veRzn1,cmr:t%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVLT,time:3009,type:e,im:%7Bimprf:%7Bttecl:4770,ecd:1469,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1355,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1355~100%5D,as:%5B1355~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:1316,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502,sis:2977%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVNS,pingTime:-10,time:3132,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjk4NHx8MTI4MHx8MXx8MXx8MjR8fDEwMjR8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NS80fHw1LzR8fDB8fDEyODA-,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTcuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1709914774600%7C%7C723f7a4513e9b401fdb68cd5cd94a099%7C%7C22210ca73bf1af2ec2eace74a96ee356%7C%7Cb831eb703221131fd83829319265a4b3%7C%7C7cef8c3ceda168ba13a221310f442791%7C%7C39002989f4cc704de1ce6807db15a89a%7C%7Caeaedbbb002887ab88a3101da4ea8d4d%7C%7C6cdccb57e0c458f959e288f5bad3feab%7C%7C1663701684%7D HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVXV,pingTime:-10,time:2709,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjk4NHx8MTI4MHx8MXx8MXx8MjR8fDEwMjR8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NS80fHw1LzR8fDB8fDEyODA-,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTcuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1709914774600%7C%7C723f7a4513e9b401fdb68cd5cd94a099%7C%7C22210ca73bf1af2ec2eace74a96ee356%7C%7Cb831eb703221131fd83829319265a4b3%7C%7C7cef8c3ceda168ba13a221310f442791%7C%7C39002989f4cc704de1ce6807db15a89a%7C%7Caeaedbbb002887ab88a3101da4ea8d4d%7C%7C6cdccb57e0c458f959e288f5bad3feab%7C%7C1663701684,sca:%7Bspg:aa171ded-ba6e-abce-ee75-c3795d115645%7D%7D HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v000/sync?userid=3lrO40cPjVaF&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0 HTTP/1.1Host: ads.yieldmo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: yieldmo_id=VqmMR__OOM_VsuIl4lwX%7C1709856000000%7C0; re_sync=pp%3D1188276%7Cunl%3D1188276%7Cc%3D1188276%7Ct%3D1188276%7Can%3D1188276
Source: global traffic	HTTP traffic detected: GET /v000/sync?tdid=4380a510-b233-4451-a17c-ec53ca7f9b61 HTTP/1.1Host: ads.yieldmo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: yieldmo_id=VqmMR__OOM_VsuIl4lwX%7C1709856000000%7C0; re_sync=pp%3D1188276%7Cunl%3D1188276%7Cc%3D1188276%7Ct%3D1188276%7Can%3D1188276
Source: global traffic	HTTP traffic detected: GET /v000/sync?userid=8190380959160668499&pn_id=an HTTP/1.1Host: ads.yieldmo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: yieldmo_id=VqmMR__OOM_VsuIl4lwX%7C1709856000000%7C0; re_sync=pp%3D1188276%7Cunl%3D1188276%7Cc%3D1188276%7Ct%3D1188276%7Can%3D1188276
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/CTAShadow.png?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync/turn/3607227326741921297?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005%22%2C%22zdxidn%22%3A%222069.28%22%2C%22nxtrdr%22%3Afalse%7D
Source: global traffic	HTTP traffic detected: GET /pcs/view?xai=AKAOjst5Ad4tazuGlc48Rs6QPu9s-OQv3KqTDjgApc7HlCa7FP3-ITVX-VmocY_mW05m5Wk_GvnkfnUrHaDSik_C3BgLgFqwNx33hcil1YpHp_kDDWbyl9OzGLIfSrG7RukBoewiWyawT_or7KOZiB-kzAhCqiAU0VM_fnQCTIvQLovzJVNliZpMvRbIXM4j1SBn0rDCFfZCepzDEVNHFpymqKAW48bcvh-fO1MYvfq_aEx7oKq3P-hMp8EDk2POl7JG9Q4Mta4QkAIsJ14E_EfM3jLl4Zy6JUIqs0Ng8bm3aFEneqIxt7vYzK32gjma-avsrPcSXulMKvPFMob2ef_viWvIGXi9i9No5KgSzetQYUdYX0fOTs9vi66qnDfzKruktphIVxBokMJwJQDcliHZc6lalF8HQfwRlX2qMhcxSxkx_kUV7pmBALk2UyPDDRUqjp_Gho0nMGnbE6wAFakIboVNPW8LwHHT3jtsjvRDuVxp2DtsFJklVOoT7uJALCpviLNGp4C-hmZ0xEeCVon0NA_wY-AnhrXrS51ttOKlUMQ5hDx0hE4856rj3EHdbkxbnOQrzm_BwwrNGL87fjhmdALB1vxOI0n1wAhvkgeFhSLxfSS-5YHnCsQiApWaRm_-3f-jFCA98CBu0A9AhdRVbFxxYJHwXS6VQIPBqouFrHgqkEl2-fR7ywWHqARg9m1hUBbbKoYtVRITZHt2EPpe_f5Onp2wZeoG_GRya3VIGFCOEV7CVZYoljLTs6PcH7zES_Gb5TpyW7I5F2xvCSA5D9HC6DRIWhCOWc48odDH0fHgcszB3uSk2ORUeL_0t0ZW7uu_BdF_KooEqD5BxXMnAsOIgHFqecpYqiQWSOJc7tjdPdMIJFdJoCthxIkDClPBrKxViKnt6kzU5yNXNmhjPRnfk4EJT-aXU-g76NB-fdDQGpYxLHjsRJ-0K02eQVmNbKmLaumnEJHLkH0f2MqJt1K_vewvA0TKtDVBjxFmyUSytjCqNvxR6dpkZ_IHCAPCNsbucTOXF-E_fDAecrzVC4lSwx607gq3Z2KuMCFiUcJtSc4vqjmBKw9S5r-OAwnivXnWWiUNqsPgu77pUY3kT2CJKALx0KSlXPFzTudpLDYCQi3vjtKEqZFKH_fsxLxIzsV0ovTc17KXjEjbptZ-lxE5wYVnqwPm4gA-xPZjAZBKXR6XU8duoKXhU1_t90jQJ24yPalzcxIjHboYb5w5KUXO6IO9xl7zv-YY4SJhbw4JRPBXc2wVYast98gHZXr3L0r7w3UQb_00tS3oUmlNuk4dQc57jqZCOtI_-G3OnEyfMNBydR83OhDa3kSJzjavh8vS3_HpI22pofKKEAfbftxrOXkXjciTqVHqOdy-MkfHD7GPmO5_zk_0iXnBOwxKOYe79Dz-seFa_qJHd5VnlBNoYY-pOW6a-Af_L3uZW34BxF9IruTYb79rmoLjwuiqOs-rggm1zib0ZQhiPgyr3hGeRRE&sai=AMfl-YTO9xwNNfKxeLlE3qo9Utm-kR43NXkN0rac7AzA64XauZ3uhOCKsXAKBp4__vZjdF-nmHRYdm-Q50kKf1XRVV_n3prm8upmfhA7HODjRMfi1WTpaQZomh4qTVuQN16At8GkRKenN3x9goj-8zn-GcHw0l1arPwG0OIU_zZ7qTCqe41ABB3Y_e60IGI626ueIoTIrtRiTQ-uWXmJmHiRDyeFvguItDDTqU8XwXRfMgjSpfZruQCu7ZcoOoEx-RSOAT9h3wzwyDDHvufK4kN4&sig=Cg0ArKJSzPxKRybEHimdEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=13438&vt=11&dtpt=12008&dett=3&cstd=1416&cisv=r20240306.85601&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&arae=1&ftch=1&adurl= HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: event-source;navigation-sourceReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmxXBvU_dbUpq-svf17gFxHuMz1mb_4mtszY_
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=5c9c90dc510362194d820d0a89c207a4&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dintrct&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?id=537073061&val=3607227326741921297&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141; pd=v2\|1709908345.11\|iKvPvMgakWgy.bwuYhEgKg2
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=7237ec58ba073b424df79d3f549701be&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dintrct&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audience_id%3D8115588
Source: global traffic	HTTP traffic detected: GET /pcs/view?xai=AKAOjstNG-7p2HSVOnQblltWqLhdN_utVVg6QxMv2G2G5_MN4k5PfA-myFT12pJWbHCTThkLuxYIzliqNXATW6b8uTBAolEU1COM-3Zo51bOxdUPC-ThwkcIpA26AhUynVRDOKLgKzmSxv7VF9ZUBUVbTm-RbMtd8s6Jsj5JDlH8an5rYXAMH0l6bo38IhVG7LD0zdk0OYjosUoXpP6GcbZv3qFNdt2oT999TPG-YU80kxe5YWge8Q8jG9w-BW17z3mlD1A1wE6ZMduj2oGwPB6ZeH2sIDDWh4TSZqm_MyetOtTU8laGL__X5lVtBRvdk0wo_RaGY24OBCDZaCsTTPKcZqnOyIfScaYfp18cAIwQjD0gDb-a0FGf6FgwGBp8eYoUASqEbKklHYVNhIN6bYyEuCtmo7HDkadUJC5l5QH8ZYdth1HCAMBhv1L8mFsMtyQ8P5wNkO0fY7NOpNPDDWMoo3yRiFlNZrx3QQOZxxh0mBLzOOYwAUPKBDPMXsX0NqVC-xZC_cumY3dmoNC140Kdi8atV5hyPqTgffLZwckZN6iTWjNT15N4UODN2tCoki12Um5f3LZLHi4DbfH_p43mpzvKc6RoB5sEw9YLka5B5LhbzgorDn98aMTbs8yTbvKScSbWHREW_2r39ixRJBRvRbdNi4zqEXR_Tbm4DOeHjL42nPrCOoOsAvh2qt7lgGLSKxO3WjU1XQ--ctokyMd8YOOUodKf5uY57zUsx4uueKHJbguMuB2B157w1Oi8UhW50RAzF5iNILUMq7f10wUFIbGVBxjjz7lfhB6oBbmwsUTaAsgWkb5qGhiQptxY1DKgj_HzDnh0W8iyPNqKP3C21OJxbls55PFWWNJFoeEvM5Hm-k1OT6ic4u2jOXbfh8XxYJ0U6lzgFxg3KD9tzid8KFmoZOgsYotN15NjfEhz-xcvqwjOXq5cKlYd5hjc-EIFC52nAZ4TqXS_RBytR3q1ulr_JJrYYfyzC_4OC2BFhhJIMr2txQ2G161SZX37QrDubWKDsVjiIuhVY87TWtUpvzb85hYEF4Wh6-e9gz7qXiUXcUNF0lVlUeGb0iLzbbvpQO_K77QxTjDoo0YNjBDJqQ2Wh1mjVALht5Y8idWhuagGQTIJbcd21T1e24x-XsISuKZeStPTZfLdaZGNugIEIy9r4fOBj8z_OAPxI_3xnB0L_BSTC_SxXD-rRCw1lP8TZ43K1spYUkd3CRy4RLgGfvmXCWSQh04_0a6Nq7VN5Kkq9Lkb7K_5ccP9kUkN6urOOjuS4ESVMssQX_r0-3MTa24RVmMr02CY_LKzbHHZ-bwmHkPPZqvOK_UgQyhAe2lHEwu8liu6yamFibvB0Gx1mVD8Q6Ew1M_OCNqewDqelaW2tcV-2vi6d6mm3HtW-6L_V9slbCv1MaZFuFlx8--f_DIm9c8wdaUXiZ7Qsy5svNIzm25ajbVhMqjhLDk69WaLaEhmEfUMs5dM9GcU6RJWsjgI4A&sai=AMfl-YQ-ssz6kNdrjHNgUuODeKPS38b3ZX5jYUT9QoTOIKjkGOTrXRQVlFgPi71UiMwLVeynEVZXkkZimBE0Y71SLYh6gipt0J1neVfGaT8N_wT8QuLDT8qwHhN0PLhIostvos2K0B-CDAcRP_aB5OeTZ_IyDA24RTtARpu_Mn7gUZNb_b7sMd0XzYyvZHSVVFIwZQpqUUlR3ZH8CYh3wr1gq1-Fei9XVVRHypdkEqaoSmgf9Kys6G7x83THZepdrHn77ksWOEQqvjfpmXoWvFAP&sig=Cg0ArKJSzMTKROzrPaDeEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=13741&vt=11&dtpt=12241&dett=3&cstd=1488&cisv=r20240306.18726&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&arae=1&ftch=1&adurl= HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: event-source=triggerReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmxXBvU_dbUpq-svf17gFxHuMz1mb_4mtszY_tRFGe9_IcyJ
Source: global traffic	HTTP traffic detected: GET /464246.gif?partner_uid=ce4c02bc-8121-4783-bb83-9c8698a1d267 HTTP/1.1Host: id.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookie-sync/id5?us_privacy= HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bito=AAGUw07L1kMAABVWe2Uo_A; bitoIsSecure=ok
Source: global traffic	HTTP traffic detected: GET /csync/RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-1fb849c2-33b3-499d-a32f-0d6c45043775-005 HTTP/1.1Host: sync.targeting.unrulymedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync?b=bsw&i=2a6acefd-2787-4350-b3ca-e8bc2b81c4bd&gdpr=&gdpr_consent=&us_privacy= HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://rtb.gumgum.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=3371&partner_device_id=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2 HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1709908355498; TapAd_DID=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50; TapAd_3WAY_SYNCS=1!1646
Source: global traffic	HTTP traffic detected: GET /usersync/turn/3607227326741921297?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005%22%2C%22nxtrdr%22%3Afalse%7D
Source: global traffic	HTTP traffic detected: GET /xuid?mid=7976&xuid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&dongle=u6nf&gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4720380240128192332667; tluid=4720380240128192332667
Source: global traffic	HTTP traffic detected: GET /dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&redir=true&gdpr=0&gdpr_consent= HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=1A106869C3BF4A53A8EDCEB7340E5C8E
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRIWCgdzdng5dDUwEgsIgLvQ0tPh3zwQBRIbCgxzaGFyZXRocm91Z2gSCwiu7ICt1OHfPBAFGAEgASgCMgsIgubYj-vh3zwQBTgBWgd5aWVsZG1vYAI.
Source: global traffic	HTTP traffic detected: GET /csync/RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-1fb849c2-33b3-499d-a32f-0d6c45043775-005 HTTP/1.1Host: sync.targeting.unrulymedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=pubmatic.com&id=PM_UID5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=5c9c90dc510362194d820d0a89c207a4&viewer_id=02b687fca012f4a7987b47b87fed0ae7&action=dintrct&session_id=7b6c65505adc6e33540db1f162d9b1d4&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=29c6c3b400ef0580cb1547197dda869c&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=320&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347856%26aid%3DABAjH0icaF4c33io6wNV2gJJleaU%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCZbIjeSHrZY7SB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBJACT9BA8avS_QVWbqMy2d53LGszvCmNJ6aNRKrT7d7ujoh_Y0Q5ygAoRMD0aifk-30rdof8kR8yUNopf0iiN5egxdEUbCrjAZwsJgAUbMzV1f3DMkb2ByFkuBNoGoYTfjs8I5JR_G1SnqEnPK1hEwDztQjEmbMB3gaNdVuW4_ezt3MKswwdQ_LjlQ8SmGF64bsfh2vt6bC4LzDMXmhDLV_xQc9sJgp5I10pcRqZJ_2VKd9qS-RsMlQwp5HMcVvoEBHFGfT_B4CAh_XSA_PeUqW0sQxA7uxCgkd-dtWH19HTEJ1Gp1tSmcHHefNH0VBzAa6S0mrMUV0QkeVSws2TdmyozgQV3Xoqk3jTTBTAvAuf1tXABPqpnZjTBOAEA4gFtP-B3k2QBgGgBk2AB6nn3_IDqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB0yAooCOgmAQIDAgICAoChIvf3BOliDmIb88OSEA4AKA5gLAcgLAYAMAaoNAlVT4g0TCO_jhvzw5IQDFdnc_QUdB4gND7ATkdnqFtATANgTDdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_23By_juUO9ilz1aSer55A5M0R7bA%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-CZeufPaxOcRWsvticQ4epSNbYx6dVu4_7uPk1kuxCG9aCiS82X64TshTxWs8-UVmS6_rygct5eUftxp8PCRaCHACc-VNY6u5WJRDgi2jUMn8enFVFOOs4mv54mxXMzlu5_TGd_hSzJVJ5WCvRgPtHN28L6hbonLzE_-Fdl9DTHhH0wMuE-eJMCTHonEj6w1YSr19JH-j0nFLPiAsMHELTFwItQB2jBqlpR7lm41STHHq4cBwM%2526cry%253D1%2526dbm_d%253DAKAmf-C3vxWHqZpHlyq0V38TLC1paNyNfaw8wy2Z43qOSwPyY-2rtZn1xPDeg7nw3AOn1A5gNFHbHQGPwH5PsFUwsX8BDSyGs28J7sSPbRnQFIFP_nlWPvVuJwGQMd6mrD9mjNpxtggE42C4c5mMkTaH2I_XWTrP2AS1Xl2zaPYZ4SBE-iZzzSWQUMZbCD6vFDKCuVTeJfknPvz-OkHjcv3guV8mU0RzxWHYCuBnfrnaTT_NTg1tgwRyuMuM3lFyP-GWgdjJoRFCjNtGSl6XWrDdXGVG9C_YuM6bBV-EoVBTxANjiLPjKcP_2UeyDmuh2ErSCJ_D1X5qQMTl7dBALhXVH_hAdQO8aJeLvzzfQ0hUOOHChPLbo_EJn_Kd09YcmYY6bjTPm_QLbmIqlF6IaTTsr0VhLO8Vz7b_J8DLPbJ3EaRYmg7_VzUBH3LXcuedgkXSGCu3Ecg5gFdobz0rHNITd9eo9U5gVHqRyarRec67QFlVB2Hmg17UIOUPufSeA3ruRSkQICZkXBRfOBBFI-2NCtw53ENFKY2oFc6UYt6a5MFsXiKIz_FEwOJduP5os3vpnhj4RNYmTcORcypoNenxgkbjwScxiyA_8PmNqLl9_vjTIb86Fr5SHSE8zvwPKYKh99fTxle3NCSwlmNqo7q25WTUriGZGqmZiq385vlQmhtuYkR_ucWC5_let9fgHBgzcUrIsusB%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ%26audience_id%3D81155
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f1.jpg?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1x1.gif?placement_tag_id=0&r=7237ec58ba073b424df79d3f549701be&viewer_id=75d64fef46dd1a205517b422abe0a8ce&action=dintrct&session_id=f4a575c3f61dca15f6dfdf8fac880352&client_id=8772&channel_id=3946706&project_state=2&video_id=1198450&project_hash=1ithci&placement_hash=1e5rub&impression_id=0aa1ad6b8ba543ddce40bc8ac991050e&website=samfw.com&publisher_id=4847&fver=4.6.4420&ver=4.6.4420&format=display&version_id=315&audience_id=81155880&campaign_id=185020&placements_group_id=3957870&advertiser_id=4186&ivc_exdata=cb%3D1709908347831%26aid%3DABAjH0jbaKaj_NHsZl5dTJukAgE0%26eid%3D1%26iseid%3D%26aasd%3Dgoogle.com%26apid%3Dpub-7383171830614216%26ivc_campaignid%3D20866695092%26ivc_click_through%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCrnmYeSHrZYzSB9m5998Ph5C2eL6Ssad2mdvn0vUR65v0_QgQASCN5L0pYMne6IbIo5AZoAGpr4-TKcgBCagDAcgDmwSqBI8CT9AUZA08nYU6cEBtTk-Y70pkLYQr5g4qNC9xY_9y7XhZAGwDg7TKRolCZo2FJYGsy0_V4l1KHsDuGCle338MubMXibHSsj04jYCuixBRvgJulXc5dErwc0KhlkC4AKfT5r4F0pFcICpzFCTrzJwZMjW7BAEKCdVZYNXlkC0A8rja0A7NaStJDnsI8Gi1bvNAUcp22jxjv9LVJ2vJUMaDGaQAcqBpc-m5oJ4Ta5JMYoaN1G5h2hwrixGNW10vMtoM2UdVOo2Yn-5KTnUZV65tfUGnz1EG4ur5TE56lGe9KSSPTeUtKV_ygKLZJb5D7CsAM6l3qN1rIOEccoHTyVeZsKowRDuYtjiHV47CjiiFpsAE-qmdmNME4AQDiAW0_4HeTZAGAaAGTYAHqeff8gOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHTICigI6CYBAgMCAgICgKEi9_cE6WIOYhvzw5IQDgAoDmAsByAsBgAwBqg0CVVPiDRMI7eOG_PDkhAMV2dz9BR0HiA0PsBOR2eoW0BMA2BMN2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwB7FLtqdcT_7fI_TR5RLn8ziScadjSPDltKgVHQbJ-vxSCl68plHoGkjQBObg7c_pnacV80cs0dEKckGAE%2526sig%253DAOD64_1YpzwQTb0kNPzIksqSzJMWGKt5Wg%2526client%253Dca-pub-7383171830614216%2526dbm_c%253DAKAmf-D3-cyqzYaGAD2ADQI65NWW3MQQ0iUOraCbqNEn0MTvhNbex-P_lhCV6lt-3M5rK9gDrRHXFYd1nUWMesj_4XvNPoi_Po0VGl9w3Var45psIXQGkk7bY1hLyfH9Bpv7K17Z0Yd89YwHIYh7edhxlYvMmYFw9OJ144hvrycJifhV450-cAky7gBorInWh_CYdMLXmYrE0wBD4nqUGkSew8knvfFhcWTyGUO5j6sy7ECUhRlI2GI%2526cry%253D1%2526dbm_d%253DAKAmf-Cp1h_MgNZFDwjND8fmFk5gdep0pwd9TwLt7c2ePW2vgssTfwpnjudYtq7Iqy447oMKz8uHhwl95WzkKo7-7B0POuK2pzqxB1xpks5camTZIHq_cbxVtRmOTF2LO_D_jJfH5Wtb84LMEPVfOvBoGFc-sgZuxftp8lZKLfTrnbFK688vLITgdp2zUMs4RMUkOL46LEVCLa2P5lY3cXYCG2VOX2UIOVxYuBqVNxUEgX_xvuhklGg1ss9Llr2ryuQ4tzEaFjzluLPRAyDHj54mqcfA6Mrf1Udy9AbicSw7Fa4yKNW0GZ7Qc2--jFrA506HG10sGZj_SuFpomuV15d-yu5QV43fCfLzWWfNgkZ5eHC--8DrvJo573w_SG8PDpb9qKs4Xottpt2bD4qOtcu_yDl8BH9zGiPgfJ9HWW8YtVtKNDufRw3N1V7MKiJ2L6yc6zU7eyQ4vWC380Kuvq0HY-mCznHbGQfiFoLYixQa7Hpexf86E2zRk8kfcJNmADzbadC7t4VWYOY59U2M9gydtfinoqHYt1W5FbQ00ctMmOS_iyyGfo4xIIGVyGaVgUPcHSxVT4sDLsrSc_-yoaZWbf6O8BwaZm1UM62iLmGyIVzkdwkgE1_tYQvZ6OsmEW2SoCCNVz1pt6-BHmPmN_6ppjhO3VvWAQ9zOiaRmlflmtTmTrjsVeho9J2RSqh-xVYz8GZ5WxYr%2526adurl%253D%26iv_target%3Dcon%26ivc_dbmtoken%3DALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjM8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICkgERaFxWFMR0fbRZntJXRg%26audience_id%3D8115588
Source: global traffic	HTTP traffic detected: GET /l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%205C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&rnd=RND HTTP/1.1Host: us01.z.antigena.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1000.gif?memo=CPaqHBIvCisIARCUaxokY2U0YzAyYmMtODEyMS00NzgzLWJiODMtOWM4Njk4YTFkMjY3EAAaDQiOw6yvBhIFCOgHEABCAEoA HTTP/1.1Host: id.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=4nLOwa0M2I6Nynbj13s5I0BXNxXyyhWAcDiQDN0vtqM=; pxrc=CAA=
Source: global traffic	HTTP traffic detected: GET /v000/sync?pn_id=unl&id=RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005 HTTP/1.1Host: ads.yieldmo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://match.sharethrough.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: yieldmo_id=VqmMR__OOM_VsuIl4lwX%7C1709856000000%7C0; re_sync=pp%3D1188276%7Cunl%3D1188276%7Cc%3D1188276%7Ct%3D1188276%7Can%3D1188276; ptrpp=3lrO40cPjVaF; ptrt=4380a510-b233-4451-a17c-ec53ca7f9b61; ptran=8190380959160668499
Source: global traffic	HTTP traffic detected: GET /k/155.gif?puid=AAGUw07L1kMAABVWe2Uo_A&id5AccountNum=155&numCascadesAllowed=9 HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#2; 3pi=2#1709908358806#1768352869#8190380959160668499\|1242#1709908364705#1123108976\|429#1709908361556#-689978729#5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; cf=gif; cip=481; cnac=4; car=5; gdpr=0\|
Source: global traffic	HTTP traffic detected: GET /sync/pubmatic/5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2?gdpr=0&gdpr_consent= HTTP/1.1Host: pr-bh.ybp.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w
Source: global traffic	HTTP traffic detected: GET /getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dcbef3e7f-3c8c-4a58-9732-2ff8855e2b50%252C%252C HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499; anj=dTM7k!M4/YDunaTF']wIg2ImVu$aG^!@wnf-Te9(SNOfY2^u31Es$]lCz3:_E:Ev`E:=1hE<L)rEsI`gx6V80GdD1J%q)3RQ:!y2; uids=eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NzIwMzgwMjQwMTI4MTkyMzMyNjY3IiwiZXhwaXJlcyI6IjIwMjQtMDYtMDZUMTQ6MzI6MzFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDMtMDhUMTQ6MzI6MzFaIn0=
Source: global traffic	HTTP traffic detected: GET /csync/RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005 HTTP/1.1Host: sync.targeting.unrulymedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sync-amz.ads.yieldmo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005%22%7D
Source: global traffic	HTTP traffic detected: GET /v000/sync?pn_id=unl&id=RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005 HTTP/1.1Host: ads.yieldmo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: yieldmo_id=VqmMR__OOM_VsuIl4lwX%7C1709856000000%7C0; re_sync=pp%3D1188276%7Cunl%3D1188276%7Cc%3D1188276%7Ct%3D1188276%7Can%3D1188276; ptrpp=3lrO40cPjVaF; ptrt=4380a510-b233-4451-a17c-ec53ca7f9b61; ptran=8190380959160668499
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15 HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; chkChromeAb67Sec=1; pi=156011:3; DPSync3=1709942400%3A248%7C1710460800%3A265%7C1711065600%3A263_201; SyncRTB3=1711065600%3A21_13_54_250_71_220
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4380a510-b233-4451-a17c-ec53ca7f9b61&gdpr=0&gdpr_consent= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; chkChromeAb67Sec=1; pi=156011:3; DPSync3=1709942400%3A248%7C1710460800%3A265%7C1711065600%3A263_201; SyncRTB3=1711065600%3A21_13_54_250_71_220
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; chkChromeAb67Sec=1; pi=156011:3; DPSync3=1709942400%3A248%7C1710460800%3A265%7C1711065600%3A263_201; SyncRTB3=1711065600%3A21_13_54_250_71_220
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1A106869C3BF4A53A8EDCEB7340E5C8E HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; chkChromeAb67Sec=1; pi=156011:3; DPSync3=1709942400%3A248%7C1710460800%3A265%7C1711065600%3A263_201; SyncRTB3=1711065600%3A21_13_54_250_71_220
Source: global traffic	HTTP traffic detected: GET /api/sync?pid=5324&it=1&iv=96f20ff031c5a5e687c60471d8dbf8e74f9885b89d22ab99c36219aae8ad77d9791426b5417dce21&_=2 HTTP/1.1Host: pippio.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://u.openx.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYWII,pingTime:5,time:6656,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D,%7Bpiv:100,vs:i,r:,t:1654%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:1534,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502,sis:2977%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYWIV,pingTime:5,time:6669,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D,%7Bpiv:100,vs:i,r:,t:1654%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5015,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5015~100%5D,as:%5B5015~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:1534,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502,sis:2977%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYWJ3,pingTime:5,time:5631,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5013,o:618,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5013~100%5D,as:%5B5013~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:942,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562,sis:1936%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYWJ5,pingTime:5,time:5633,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5015,o:618,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5015~100%5D,as:%5B5015~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:942,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562,sis:1936%7D&br=c HTTP/1.1Host: dt.adsafeprotected.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7b8fe3aedc5ab8c903fb13d2cc4c5081.safeframe.googlesyndication.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f10.jpg?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8190380959160668499&pt=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50%2C%2C HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1709908355498; TapAd_DID=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50; TapAd_3WAY_SYNCS=1!1646
Source: global traffic	HTTP traffic detected: GET /d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.ipredictive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cu=4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b\|1709908360240
Source: global traffic	HTTP traffic detected: GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45155983&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: image6.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; chkChromeAb67Sec=1; DPSync3=1709942400%3A248%7C1710460800%3A265%7C1711065600%3A263_201; SyncRTB3=1711065600%3A21_13_54_250_71_220; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; PugT=1709908367; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E
Source: global traffic	HTTP traffic detected: GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13703547&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: image6.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; chkChromeAb67Sec=1; DPSync3=1709942400%3A248%7C1710460800%3A265%7C1711065600%3A263_201; SyncRTB3=1711065600%3A21_13_54_250_71_220; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; PugT=1709908367; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E
Source: global traffic	HTTP traffic detected: GET /track/cmf/rubicon HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=4380a510-b233-4451-a17c-ec53ca7f9b61; TDCPM=CAESFQoGZ29vZ2xlEgsIuv2SvdPh3zwQBRIWCgdzdng5dDUwEgsIgLvQ0tPh3zwQBRIbCgxzaGFyZXRocm91Z2gSCwiu7ICt1OHfPBAFEhcKCHB1Ym1hdGljEgsImLrQ_NTh3zwQBRgBIAEoAjILCNqw06nr4d88EAU4AVoIcHVibWF0aWNgAg..
Source: global traffic	HTTP traffic detected: GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: simage4.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; chkChromeAb67Sec=1; DPSync3=1709942400%3A248%7C1710460800%3A265%7C1711065600%3A263_201; SyncRTB3=1711065600%3A21_13_54_250_71_220; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; PugT=1709908367; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E
Source: global traffic	HTTP traffic detected: GET /sync/rubicon/JLqG7Zj2iIy8r-ONr7GmRsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP/1.1Host: pr-bh.ybp.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f2.jpg?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/481/796/3/6.gif?puid=4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&gdpr=0&gdpr_consent= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#2; 3pi=2#1709908358806#1768352869#8190380959160668499\|1242#1709908364705#1123108976\|155#1709908367118#1602940757#AAGUw07L1kMAABVWe2Uo_A\|429#1709908361556#-689978729#5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2
Source: global traffic	HTTP traffic detected: GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP/1.1Host: aax-eu.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1Host: www.youtube.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CI62yQEIpLbJAQipncoBCNrwygEIlaHLAQiFoM0BCLnKzQEIitPNARj1yc0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=dIGXqCC2Ys0; VISITOR_INFO1_LIVE=OcC21w7rZww; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgFw%3D%3D
Source: global traffic	HTTP traffic detected: GET /rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1 HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMPS=4165; CMID=ZesheMAoIYoAAGpiAIfemQAA; CMPRO=4165
Source: global traffic	HTTP traffic detected: GET /cdn/prod/config?src=600&u=https%3A%2F%2Fsamfw.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsamfw.com%2F&domain=samfw.com&cw=1&lsw=1 HTTP/1.1Host: gum.criteo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adagio.js HTTP/1.1Host: script.4dex.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /e/dtb/bid?src=600&u=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&pid=r1iEvEqJbuCiL&cb=0&ws=1034x870&v=24.305.1002&t=800&slots=%5B%7B%22sd%22%3A%22samfw.com_245x600_sidebar_desktop%22%2C%22s%22%3A%5B%22240x600%22%2C%22160x600%22%2C%22120x600%22%2C%22200x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_245x600_sidebar_desktop%22%7D%2C%7B%22sd%22%3A%22samfw.com_728x90_responsive_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_728x90_desktop_1%22%7D%2C%7B%22sd%22%3A%22samfw.com_1000x100_sticky_anchorad_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_1000x100_sticky_anchorad_desktop%22%7D%2C%7B%22sd%22%3A%22samfw_com_160x600_siderbar_desktop_left%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_160x600_siderbar_desktop_left%22%7D%2C%7B%22sd%22%3A%22samfw_com_160x600_siderbar_desktop_right%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C22405468785%2Fsamfw.com_160x600_siderbar_desktop_right%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Windows%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22117%22%5D%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22117%22%5D%7D%5D%7D%7D%7D&sm=828ba536-dd41-4b52-b621-89833a9a5630&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1Host: aax.amazon-adsystem.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /g/asr?google_push=AXcoOmSJyoXmTpgSivOFSNgsyuJKuzSHHTnclGd1xxiJcBzZAPu_beQFglKtIXMrH8YsCmHHaFDj3Z-Yqy-11JNf6nRm4T_FBNnSfQemysu79RWEMInlr37FBGv9VgjHPVrWd3G6W7kf9-vloZqq8CNfjXd2fQ HTTP/1.1Host: aid.send.microad.jpConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TR=7be5eeb5821c578e77d052045966c268a9e02ea2ce02740d
Source: global traffic	HTTP traffic detected: GET /ecm3?id=LTIRAAXN-1U-DPLF&ex=d-rubiconproject.com&status=ok HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499; anj=dTM7k!M4/YDunaTF']wIg2ImVu$aG^!@wnf-Te9(SNOfY2^u31Es$]lCz3:_E:Ev`E:=1hE<L)rEsI`gx6V80GdD1J%q)3RQ:!y2; uids=eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NzIwMzgwMjQwMTI4MTkyMzMyNjY3IiwiZXhwaXJlcyI6IjIwMjQtMDYtMDZUMTQ6MzI6MzFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDMtMDhUMTQ6MzI6MzFaIn0=
Source: global traffic	HTTP traffic detected: GET /api/config/prebid HTTP/1.1Host: id5-sync.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#2; 3pi=2#1709908358806#1768352869#8190380959160668499\|1242#1709908364705#1123108976\|155#1709908367118#1602940757#AAGUw07L1kMAABVWe2Uo_A\|429#1709908361556#-689978729#5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2
Source: global traffic	HTTP traffic detected: GET /js/ld/publishertag.prebid.132.js HTTP/1.1Host: static.criteo.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookie-sync/pm?gdpr=0&gdpr_consent= HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bito=AAGUw07L1kMAABVWe2Uo_A; bitoIsSecure=ok
Source: global traffic	HTTP traffic detected: GET /usersync?b=mag&i=LTIRAAXN-1U-DPLF HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /g/asr?google_push=AXcoOmSjNteSjUM-h0sUb-U24b43ygMK2JQGCp8NaY1I4blImCsCjputNYFQ7sQyk_Hp4KlS_QqUf-WrNyz-lJWIcxEI6j1AFhXqTe6jMXhxGL_Y_YOnTmWZ2K_0tf3opXqIt3FSe4YwBjstjfbzzAm80uZBQQ HTTP/1.1Host: aid.send.microad.jpConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TR=7be5eeb5821c578e77d052045966c268a9e02ea2ce02740d
Source: global traffic	HTTP traffic detected: GET /cookie-sync/rp?bee_sync_partners=rp HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bito=AAGUw07L1kMAABVWe2Uo_A; bitoIsSecure=ok
Source: global traffic	HTTP traffic detected: GET /dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_push=AXcoOmSCiYmdISW8I7Z2a6zdcUVazctVxMFYwwtHiPM2mHlhFYZiIhq-devrIwHaDFy6BWn97y61Yg6YemWdmqwsNZ4N9ncLUwO8tquIe-3gnzwUNylbjOcKaqE3LGNHmZWnVyu7v9UfoYrrPeoWam1jAba7kQ HTTP/1.1Host: cms.quantserve.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: d=EBoBCQGpK4EA; mc=65eb2179-0f991-a4e93-17d85
Source: global traffic	HTTP traffic detected: GET /sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LTIRAAXN-1U-DPLF HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: stx_user_id=90c3182a-6243-45b3-885d-af7711f563d1
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f3.jpg?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=rubiconprojectHMT&id=R-S5NwIzR3-ULa75e_Ev1Q HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8190380959160668499&gdpr=0&gdpr_consent= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; PugT=1709908367; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; chkChromeAb67Sec=2; pi=156011:4; DPSync3=1710460800%3A265%7C1711065600%3A263_201_262_261_260_259%7C1709942400%3A248; SyncRTB3=1711065600%3A21_13_250_71_220_166_54_104_3_249%7C1710460800%3A223_2; SPugT=1709908367
Source: global traffic	HTTP traffic detected: GET /ecm3?id=LTIRAAXN-1U-DPLF&ex=d-rubiconproject.com&status=ok HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F203%2F2%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: dis.eu.criteo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP/1.1Host: pm.w55c.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: wfivefivec=j7DpxbFD1RIBgQ5; matchgoogle=5
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=3355&partner_device_id=LTIRAAXN-1U-DPLF HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1709908355498; TapAd_DID=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50; TapAd_3WAY_SYNCS=1!1646-2!1646
Source: global traffic	HTTP traffic detected: GET /setuid/magnite?uid=LTIRAAXN-1U-DPLF HTTP/1.1Host: prebid.a-mo.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?id=540245193&val=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141; pd=v2\|1709908345.11\|iKvPvMgakWgy.bwuYhEgKg2
Source: global traffic	HTTP traffic detected: GET /usersync?b=pbm&i=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2 HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1920574151252257451 HTTP/1.1Host: image2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; PugT=1709908367; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; chkChromeAb67Sec=2; pi=156011:4; DPSync3=1710460800%3A265%7C1711065600%3A263_201_262_261_260_259%7C1709942400%3A248; SyncRTB3=1711065600%3A21_13_250_71_220_166_54_104_3_249%7C1710460800%3A223_2; SPugT=1709908367
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f4.jpg?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ups/58292/sync?_origin=1&uid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&redir=true&gdpr=0&gdpr_consent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w; IDSYNC="18yl~2h6e:18y3~2h6e:18za~2h6e"
Source: global traffic	HTTP traffic detected: GET /cookie-sync/pm?gdpr=0&gdpr_consent= HTTP/1.1Host: match.prod.bidr.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bito=AAGUw07L1kMAABVWe2Uo_A; bitoIsSecure=ok
Source: global traffic	HTTP traffic detected: GET /d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.ipredictive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cu=4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b\|1709908360240
Source: global traffic	HTTP traffic detected: GET /insync?vxii_pid=10067&vxii_pdid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: thrtle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /live/liveCS.php?source=external&advId=100&advUuid=LTIRAAXN-1U-DPLF HTTP/1.1Host: live.primis.techConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=eW2Y1F9mgQ0b7eRukWi1DVNBUmkebVnnZl89Pxetg9fg11abL0YjFNASFLkqArzwJGLw_FSRMUePh8Do7EuE0ksEaH1nxaQBaYsa7lOOfTE.; receive-cookie-deprecation=1; uuid2=8190380959160668499; anj=dTM7k!M4/YDunaTF']wIg2ImVu$aG^!@wnf-Te9(SNOfY2^u31Es$]lCz3:_E:Ev`E:=1hE<L)rEsI`gx6V80GdD1J%q)3RQ:!y2; uids=eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NzIwMzgwMjQwMTI4MTkyMzMyNjY3IiwiZXhwaXJlcyI6IjIwMjQtMDYtMDZUMTQ6MzI6MzFaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDMtMDhUMTQ6MzI6MzFaIn0=
Source: global traffic	HTTP traffic detected: GET /merge?pid=80&3pid=LTIRAAXN-1U-DPLF HTTP/1.1Host: ce.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ljt_reader=ISXoARZHdraNBZy_RIWmot3X; _ljtrtb_58=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2
Source: global traffic	HTTP traffic detected: GET /cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP/1.1Host: match.prod.bidr.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bito=AAGUw07L1kMAABVWe2Uo_A; bitoIsSecure=ok
Source: global traffic	HTTP traffic detected: GET /dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP/1.1Host: pixel-sync.sitescout.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7DpxbFD1RIBgQ5&gdpr=0&gdpr_consent= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; chkChromeAb67Sec=2; pi=156011:4; DPSync3=1710460800%3A265%7C1711065600%3A263_201_262_261_260_259%7C1709942400%3A248; SyncRTB3=1711065600%3A21_13_250_71_220_166_54_104_3_249%7C1710460800%3A223_2; SPugT=1709908367; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; PugT=1709908370
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?id=540245193&val=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=48264283-e5e1-4e14-be2c-d49dc51d8042\|1709908344; univ_id=537072971\|4380a510-b233-4451-a17c-ec53ca7f9b61\|1709908356032141; pd=v2\|1709908345.11\|iKvPvMgakWgy.bwuYhEgKg2
Source: global traffic	HTTP traffic detected: GET /api/v1/dsync/Martin?exid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: crb.kargo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ecm3?ex=pubmatic.com&id=PM_UID5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ad-id=A-3RSMivGkXktTXrU2_9U_A; ad-privacy=0
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f5.jpg?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/481/203/2/7.gif?puid=820ba408-d736-42d6-b7be-5b1e3ae1766f&gdpr=0&gdpr_consent= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#2; 3pi=2#1709908358806#1768352869#8190380959160668499\|1242#1709908364705#1123108976\|155#1709908367118#1602940757#AAGUw07L1kMAABVWe2Uo_A\|796#1709908369651#1704558943\|429#1709908361556#-689978729#5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2
Source: global traffic	HTTP traffic detected: GET /ups/58292/sync?_origin=1&uid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&redir=true&gdpr=0&gdpr_consent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBH0h62UCEDlYWsSwSBY6zaZPCypOZAgFEgEBAQFy7GX1ZQAAAAAA_eMAAA&S=AQAAAs15r-oSxLBBEAEF4YDul-w; IDSYNC="18yl~2h6e:18y3~2h6e:18za~2h6e"
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8190380959160668499&gdpr=0&gdpr_consent= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; chkChromeAb67Sec=2; pi=156011:4; DPSync3=1710460800%3A265%7C1711065600%3A263_201_262_261_260_259%7C1709942400%3A248; SyncRTB3=1711065600%3A21_13_250_71_220_166_54_104_3_249%7C1710460800%3A223_2; SPugT=1709908367; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; PugT=1709908369
Source: global traffic	HTTP traffic detected: GET /sync?pid=187&uid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.bfmio.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53539409&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: image6.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; chkChromeAb67Sec=2; pi=156011:4; DPSync3=1710460800%3A265%7C1711065600%3A263_201_262_261_260_259%7C1709942400%3A248; SyncRTB3=1711065600%3A21_13_250_71_220_166_54_104_3_249%7C1710460800%3A223_2; SPugT=1709908367; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; PugT=1709908369
Source: global traffic	HTTP traffic detected: GET /rum?cm_dsp_id=45&external_user_id=&google_error=15 HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMPS=4165; CMID=ZesheMAoIYoAAGpiAIfemQAA; CMPRO=4165
Source: global traffic	HTTP traffic detected: GET /bh/rtset?ev=AAGUw07L1kMAABVWe2Uo_A&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1&gdpr=0 HTTP/1.1Host: bh.contextweb.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: V=3lrO40cPjVaF; INGRESSCOOKIE=4b17474aa3cbae2b; pb_rtb_ev=3-1q49\|7TZ.0.1\|7bq.0.1
Source: global traffic	HTTP traffic detected: GET /insync?vxii_pid=10067&vxii_pdid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: thrtle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /insync?gdpr=0&gdpr_consent=&vxii_pdid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b01444ea-533a-4492-a5d5-3f8ec2487e1a HTTP/1.1Host: thrtle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mc=eyJpZCI6ImIwMTQ0NGVhLTUzM2EtNDQ5Mi1hNWQ1LTNmOGVjMjQ4N2UxYSIsImwiOjE3MDk5MDgzNzE0NDcsInQiOjF9
Source: global traffic	HTTP traffic detected: GET /AdServer/SPug?partnerID=156078&xid=y-6XwdRERE2uXTutm7E2GBKdkkQZjGnjo-~A&gdpr=0 HTTP/1.1Host: image4.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; chkChromeAb67Sec=2; pi=156011:4; DPSync3=1710460800%3A265%7C1711065600%3A263_201_262_261_260_259%7C1709942400%3A248; SyncRTB3=1711065600%3A21_13_250_71_220_166_54_104_3_249%7C1710460800%3A223_2; SPugT=1709908367; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; PugT=1709908369
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3607227326741921297&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; chkChromeAb67Sec=2; pi=156011:4; DPSync3=1710460800%3A265%7C1711065600%3A263_201_262_261_260_259%7C1709942400%3A248; SyncRTB3=1711065600%3A21_13_250_71_220_166_54_104_3_249%7C1710460800%3A223_2; SPugT=1709908367; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; PugT=1709908369
Source: global traffic	HTTP traffic detected: GET /d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.ipredictive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cu=4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b\|1709908360240
Source: global traffic	HTTP traffic detected: GET /api/v1/dsync/Martin?exid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: crb.kargo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /redir?partneruserid=AAGUw07L1kMAABVWe2Uo_A&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP/1.1Host: rtb-csync.smartadserver.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pid=5739124417478682736; TestIfCookieP=ok; csync=76:GOOGLE_HOSTED_PI
Source: global traffic	HTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LTIRAAXN-1U-DPLF HTTP/1.1Host: sync.intentiq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?pid=187&uid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.bfmio.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=be36ca60-dd58-11ee-aac7-add6991b662a HTTP/1.1Host: simage2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; chkChromeAb67Sec=2; pi=156011:4; DPSync3=1710460800%3A265%7C1711065600%3A263_201_262_261_260_259%7C1709942400%3A248; SyncRTB3=1711065600%3A21_13_250_71_220_166_54_104_3_249%7C1710460800%3A223_2; SPugT=1709908367; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; PugT=1709908372
Source: global traffic	HTTP traffic detected: GET /cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AAGUw07L1kMAABVWe2Uo_A&pid=558502&do=add&gdpr=0 HTTP/1.1Host: match.prod.bidr.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bito=AAGUw07L1kMAABVWe2Uo_A; bitoIsSecure=ok
Source: global traffic	HTTP traffic detected: GET /AdServer/SPug?partnerID=156078&xid=y-6XwdRERE2uXTutm7E2GBKdkkQZjGnjo-~A&gdpr=0 HTTP/1.1Host: image4.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; PugT=1709908372; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15; SPugT=1709908372
Source: global traffic	HTTP traffic detected: GET /dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP/1.1Host: pixel-sync.sitescout.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ssi=92b1dec5-fe4c-40a7-8dfa-e8b7435de349#1709908371673
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&gdpr=0&gdpr_consent= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; SPugT=1709908367; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; PugT=1709908372; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3607227326741921297&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; SPugT=1709908367; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; PugT=1709908372; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f6.jpg?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /insync?gdpr=0&gdpr_consent=&vxii_pdid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b39b1281-c0fa-41f2-92e3-9ab0e0324caa HTTP/1.1Host: thrtle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: mc=eyJpZCI6ImIwMTQ0NGVhLTUzM2EtNDQ5Mi1hNWQ1LTNmOGVjMjQ4N2UxYSIsImwiOjE3MDk5MDgzNzIzMzMsInQiOjF9
Source: global traffic	HTTP traffic detected: GET /merge?pid=92&3pid=8190380959160668499&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F1246%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP/1.1Host: ce.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ljt_reader=ISXoARZHdraNBZy_RIWmot3X; _ljtrtb_58=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; ljtrtb=eJwFwUEKACAIBMC%2FeBcsVKzbovap6O%2FNXLKgTZarc6xkgyhrIRhSh90HolotMOl96AkKOw%3D%3D; _ljtrtb_80=LTIRAAXN-1U-DPLF
Source: global traffic	HTTP traffic detected: GET /AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: simage4.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15; SPugT=1709908372; KRTBCOOKIE_22=14911-3607227326741921297&KRTB&23150-3607227326741921297&KRTB&23527-3607227326741921297; PugT=1709908371
Source: global traffic	HTTP traffic detected: GET /ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP/1.1Host: pm.w55c.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: wfivefivec=j7DpxbFD1RIBgQ5; matchgoogle=5; matchpubmatic=5
Source: global traffic	HTTP traffic detected: GET /usersync/141?gdpr=0&gdpr_consent= HTTP/1.1Host: match.deepintent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CDIUSER=di_7ee510c67c9a4a02bf80e; CDIPARTNERS=%7B%221%22%3A%2220240308%22%7D
Source: global traffic	HTTP traffic detected: GET /cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5739124417478682736&gdpr=0&gdpr_consent= HTTP/1.1Host: match.prod.bidr.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bito=AAGUw07L1kMAABVWe2Uo_A; bitoIsSecure=ok
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=3203&partner_device_id=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1709908355498; TapAd_DID=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50; TapAd_3WAY_SYNCS=1!1646-2!1646
Source: global traffic	HTTP traffic detected: GET /usersync?b=pbm&i=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2 HTTP/1.1Host: usersync.gumgum.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: vst=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: global traffic	HTTP traffic detected: GET /pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP/1.1Host: cms.quantserve.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: d=EBoBCQGpK4EA; mc=65eb2179-0f991-a4e93-17d85
Source: global traffic	HTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LTIRAAXN-1U-DPLF&ckls=true&ci=LnkJ39QsJM&nc=false&trid=969168627 HTTP/1.1Host: sync1.intentiq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IQver=1.9; intentIQ=LnkJ39QsJM
Source: global traffic	HTTP traffic detected: GET /syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: synchroscript.deliveryengine.adswizz.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /712188.gif?partner_uid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent= HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=4nLOwa0M2I6Nynbj13s5I0BXNxXyyhWAcDiQDN0vtqM=; pxrc=CI7DrK8GEgUI6AcQABIFCOhHEAA=
Source: global traffic	HTTP traffic detected: GET /sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tuuid=2a6acefd-2787-4350-b3ca-e8bc2b81c4bd; c=1709908344; tuuid_lu=1709908345; google_push=AXcoOmSHJnv6JBXd1RfUP1oW_fhLx8XW4xp6ugn33kHrnwXrmBHxf4vujDkZWX8zYpmfOCmhYn_3MOpRvEAQSXpVklcojVc2COjE5ZJNP6W4DLr79_-PJSz0AtI63JG9jvYJlulkMJFaJnVI2qs2MmqZiark
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7DpxbFD1RIBgQ5&gdpr=0&gdpr_consent= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15; KRTBCOOKIE_22=14911-3607227326741921297&KRTB&23150-3607227326741921297&KRTB&23527-3607227326741921297; KRTBCOOKIE_1003=22761-be36ca60-dd58-11ee-aac7-add6991b662a&KRTB&23275-be36ca60-dd58-11ee-aac7-add6991b662a; KRTBCOOKIE_279=22890-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23011-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23355-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b; PugT=1709908373; SPugT=1709908372
Source: global traffic	HTTP traffic detected: GET /map/c=14701/tp=MTAI/tpid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2/gdpr=0/gdpr_consent= HTTP/1.1Host: bcp.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cc_dc=3; _cc_id=1644608f11bdd2b7e1fb22cdb6471929
Source: global traffic	HTTP traffic detected: GET /redir?partneruserid=AAGUw07L1kMAABVWe2Uo_A&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP/1.1Host: rtb-csync.smartadserver.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pid=5739124417478682736; TestIfCookieP=ok; csync=76:GOOGLE_HOSTED_PI\|127:AAGUw07L1kMAABVWe2Uo_A
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1920574151252257451 HTTP/1.1Host: image2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15; KRTBCOOKIE_22=14911-3607227326741921297&KRTB&23150-3607227326741921297&KRTB&23527-3607227326741921297; KRTBCOOKIE_1003=22761-be36ca60-dd58-11ee-aac7-add6991b662a&KRTB&23275-be36ca60-dd58-11ee-aac7-add6991b662a; KRTBCOOKIE_279=22890-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23011-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23355-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b; PugT=1709908373; SPugT=1709908372
Source: global traffic	HTTP traffic detected: GET /sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f7.jpg?1648428140970 HTTP/1.1Host: s0.2mdn.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP/1.1Host: creativecdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: g=kKTAH2vxrCfdpJK4Z9uT_1709908362510; ts=1709908362
Source: global traffic	HTTP traffic detected: GET /c/481/1246/1/8.gif?puid=ISXoARZHdraNBZy_RIWmot3X&gdpr=0&gdpr_consent= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://samfw.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: id5=efae6378-4ba2-7e69-9c81-e89168007d96#1709908353948#2; 3pi=2#1709908358806#1768352869#8190380959160668499\|1242#1709908364705#1123108976\|155#1709908367118#1602940757#AAGUw07L1kMAABVWe2Uo_A\|203#1709908372376#272692115#820ba408-d736-42d6-b7be-5b1e3ae1766f\|796#1709908369651#1704558943\|429#1709908361556#-689978729#5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&gdpr=0&gdpr_consent= HTTP/1.1Host: simage2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15; SPugT=1709908372; KRTBCOOKIE_22=14911-3607227326741921297&KRTB&23150-3607227326741921297&KRTB&23527-3607227326741921297; PugT=1709908371
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_7ee510c67c9a4a02bf80e HTTP/1.1Host: image2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15; KRTBCOOKIE_22=14911-3607227326741921297&KRTB&23150-3607227326741921297&KRTB&23527-3607227326741921297; KRTBCOOKIE_1003=22761-be36ca60-dd58-11ee-aac7-add6991b662a&KRTB&23275-be36ca60-dd58-11ee-aac7-add6991b662a; KRTBCOOKIE_279=22890-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23011-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23355-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b; PugT=1709908373; SPugT=1709908372
Source: global traffic	HTTP traffic detected: GET /AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: simage4.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15; KRTBCOOKIE_22=14911-3607227326741921297&KRTB&23150-3607227326741921297&KRTB&23527-3607227326741921297; KRTBCOOKIE_1003=22761-be36ca60-dd58-11ee-aac7-add6991b662a&KRTB&23275-be36ca60-dd58-11ee-aac7-add6991b662a; KRTBCOOKIE_279=22890-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23011-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23355-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b; PugT=1709908373; SPugT=1709908372
Source: global traffic	HTTP traffic detected: GET /bh/rtset?ev=AAGUw07L1kMAABVWe2Uo_A&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5739124417478682736%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP/1.1Host: bh.contextweb.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: V=3lrO40cPjVaF; INGRESSCOOKIE=4b17474aa3cbae2b; pb_rtb_ev=3-1q49\|7bq.0.1\|7TZ.0.1\|7dN.0.AAGUw07L1kMAABVWe2Uo_A
Source: global traffic	HTTP traffic detected: GET /AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6KxQfOyoAifzqVMn56gYf-r8DC3zqAJ65qy3nyfb HTTP/1.1Host: image2.pubmatic.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://ads.pubmatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KADUSERCOOKIE=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2; KRTBCOOKIE_377=6810-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22918-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&22926-4380a510-b233-4451-a17c-ec53ca7f9b61&KRTB&23031-4380a510-b233-4451-a17c-ec53ca7f9b61; KRTBCOOKIE_148=19421-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23486-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23489-uid:1A106869C3BF4A53A8EDCEB7340E5C8E&KRTB&23539-uid:1A106869C3BF4A53A8EDCEB7340E5C8E; KRTBCOOKIE_57=22776-8190380959160668499&KRTB&23339-8190380959160668499; KRTBCOOKIE_18=22947-1920574151252257451; KRTBCOOKIE_107=1471-uid:j7DpxbFD1RIBgQ5&KRTB&23421-uid:j7DpxbFD1RIBgQ5; chkChromeAb67Sec=3; pi=0:4; DPSync3=1711065600%3A201_262_258_256_263_261_260_259%7C1709942400%3A248_255%7C1710892800%3A257%7C1710460800%3A265; SyncRTB3=1710720000%3A63%7C1711065600%3A104_55_22_13_249_231_21_71_3_46_5_165_8_250_166_54_266_220%7C1710460800%3A223_2_15; KRTBCOOKIE_22=14911-3607227326741921297&KRTB&23150-3607227326741921297&KRTB&23527-3607227326741921297; KRTBCOOKIE_1003=22761-be36ca60-dd58-11ee-aac7-add6991b662a&KRTB&23275-be36ca60-dd58-11ee-aac7-add6991b662a; KRTBCOOKIE_279=22890-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23011-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b&KRTB&23355-4c4b5eef-f765-4ea9-949d-c8ece2a8fc8b; PugT=1709908373; SPugT=1709908372

Source: unknown

DNS traffic detected: queries for: samfw.com

Source: unknown

HTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHContent-type: text/xmlX-Agent-DeviceId: 01000A4109005EFEX-BM-CBT: 1696492382X-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x984X-BM-DeviceDimensionsLogical: 784x984X-BM-DeviceScale: 100X-BM-DTZ: 60X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Device-ClientSession: 7964DE11F2244989AF4CA95A808EA94CX-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109005EFEX-MSEdge-ExternalExp: bfbwsbcm0921cf,d-thshld42,websuganno_t2,wsbmsaqfuxt3,wsbqfasmsall_t,wsbqfminiserp500,wsbref-t,wsbuacfX-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=0; DaylightBias=-60; TimeZoneKeyName=GMT Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comContent-Length: 516Connection: Keep-AliveCache-Control: no-cacheCookie: SRCHUID=V=2&GUID=19565074ACE142FCABAF0CDCC0DFAAEB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231005; SRCHHPGUSR=SRCHLANG=en&LUT=1696492216762&IPMH=45187fb8&IPMID=1696492382078&HV=1696492289; CortanaAppUID=FE52A12E95B5DF3DB5902D0602A16B66; MUID=A92BA4E78D2946A0AFDA5029FA43D7A8; _SS=SID=21E2F496C67F672E2F62E737C76966EF&CPID=1696492383022&AC=1&CPH=644b7eae; _EDGE_S=SID=21E2F496C67F672E2F62E737C76966EF; MUIDB=A92BA4E78D2946A0AFDA5029FA43D7A8

Source: global traffic

HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Microsoft-Azure-Application-Gateway/v2Date: Fri, 08 Mar 2024 14:32:46 GMTContent-Type: text/htmlContent-Length: 581Connection: close

Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2181136473.00000000007F8000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertCSRSA4096RootG5.crt0E
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2055428150.0000000002780000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2623034609.0000000000796000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2216043015.0000000000796000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2623034609.0000000000796000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crtZ
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2216043015.0000000000796000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crti
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/NETFoundationProjectsCodeSigningCA2.crt0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://collab.lge.com/main/
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.00000000031B4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://collab.lge.com/main/display/FOTADeployment/LGUP
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertCSRSA4096RootG5.crl0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2055428150.0000000002780000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: lang2101.dll1.24.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/NETFoundationProjectsCodeSigningCA2.crl0F
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2055428150.0000000002780000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2623034609.000000000082B000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1779546119.000000000277D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/NETFoundationProjectsCodeSigningCA2.crl0=
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2181697945.0000000000834000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2182395414.0000000000834000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2623034609.0000000000834000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2216043015.0000000000834000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2627256153.0000000003338000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://factory-data-collect.lge.com/lgup_log_upload.php
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://factory-data-collect.lge.com/lgup_log_upload.phpfilemodelnamejson_dataresult
Source: SamFwTool.exe, 00000011.00000002.2630194836.0000000003A97000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://ip-api.com
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: http://james.newtonking.com/projects/json
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2010393920.000000000274C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1844864395.000000000274E000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1830936801.0000000002745000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1872348404.000000000274F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2101449843.0000000002749000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1789893738.0000000002744000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.0000000002742000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1836101852.0000000002747000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1843560315.0000000002740000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1801090296.0000000002744000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1881964758.0000000002748000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.0000000002746000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1821597364.000000000274A000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1850427810.000000000274E000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1834460243.0000000002742000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2038350236.0000000002749000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1999416064.0000000002746000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.000000000274A000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1788487655.0000000002743000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1786352832.0000000002743000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002742000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://msupdate.emodio.com/files/external/Windows6.1-KB968212-x64.msu.cabhttp://msupdate.emodio.com/
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2155036233.0000000002B78000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002B93000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000002.2212346680.00007FF65D1F1000.00000004.00000001.01000000.00000017.sdmp, Setup.exe, 0000001F.00000000.2185632937.00007FF65D1F1000.00000008.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000000.2490258338.00007FF65D1F1000.00000008.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000002.2628328843.00007FF65D1F1000.00000004.00000001.01000000.00000017.sdmp	String found in binary or memory: http://msupdate.emodio.com/files/external/Windows6.1-KB968212-x86.msu.cabhttp://msupdate.emodio.com/
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000000.1760940746.000000000040A000.00000008.00000001.01000000.00000014.sdmp	String found in binary or memory: http://nsis.sf.net/NSIS_Error
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000000.1760940746.000000000040A000.00000008.00000001.01000000.00000014.sdmp	String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2055428150.0000000002780000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0A
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0C
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0O
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0X
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.thawte.com0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp, ssudrmnet.sys0.24.dr, ssudqcfilter.sys.24.dr	String found in binary or memory: http://s.symcb.com/pca3-g5.crl0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp, ssudrmnet.sys0.24.dr, ssudqcfilter.sys.24.dr	String found in binary or memory: http://s.symcd.com0_
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://s1.symcb.com/pca3-g5.crl0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://s2.symcb.com0
Source: SamFwTool.exe, 00000011.00000002.2630194836.0000000003951000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sv.symcb.com/sv.crl0a
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sv.symcb.com/sv.crl0f
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sv.symcb.com/sv.crt0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sv.symcd.com0&
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp, ssudrmnet.sys0.24.dr, ssudqcfilter.sys.24.dr	String found in binary or memory: http://sw.symcb.com/sw.crl0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp, ssudrmnet.sys0.24.dr, ssudqcfilter.sys.24.dr	String found in binary or memory: http://sw.symcd.com0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp, ssudrmnet.sys0.24.dr, ssudqcfilter.sys.24.dr	String found in binary or memory: http://sw1.symcb.com/sw.crt0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: 7za.exe, 0000000B.00000002.1509893106.0000000002205000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://upx.sf.net
Source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.000000000277D000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002779000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.0000000002783000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.0000000002784000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.0000000002781000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2624832287.00000000009B0000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.000000000277F000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.000000000277C000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002778000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.0000000002789000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.0000000002787000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.0000000002782000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002777000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.digicert.com/CPS0
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.lge.com
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.openssl.org/support/faq.html
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.openssl.org/support/faq.html....................
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2155036233.000000000274C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.samsungmobile.comPRODUCT_WEB_SITE
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002744000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000000.2185241113.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 0000001F.00000002.2210591016.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000000.2490028732.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000002.2627842809.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp	String found in binary or memory: http://www.samsungmobile.comURLInfoAboutURLInfoAbout
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.symauth.com/cps0(
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.symauth.com/rpa00
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.winimage.com/zLibDll
Source: chromecache_1386.25.dr	String found in binary or memory: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fus
Source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/binaryformatter
Source: SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/dotnet-warnings/
Source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/serializationformat-binary-obsolete
Source: chromecache_1386.25.dr	String found in binary or memory: https://b1sync.zemanta.com/usersync/gumgum/?puid=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1&gdpr=&gdpr_c
Source: chromecache_1386.25.dr	String found in binary or memory: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=$
Source: SamFwTool.exe, 00000011.00000002.2677115943.0000000006E90000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2667462428.000000000691C000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2621026605.0000000001B2F000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2630194836.0000000003A97000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://bit.ly/samfwtool
Source: SamFwTool.exe, 00000011.00000002.2621026605.0000000001B2F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://bit.ly/samfwtoolLVH
Source: SamFwTool.exe, 00000011.00000002.2677115943.0000000006E90000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://bit.ly/samfwtoolO
Source: chromecache_1386.25.dr	String found in binary or memory: https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
Source: chromecache_1386.25.dr	String found in binary or memory: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84ZDdkN2FmOC00OGU1LTRmNjgtOGJhM
Source: chromecache_1386.25.dr	String found in binary or memory: https://creativecdn.com/cm-notify?pi=gumgum
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://curl.haxx.se/docs/http-cookies.html
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp, ssudrmnet.sys0.24.dr, ssudqcfilter.sys.24.dr	String found in binary or memory: https://d.symcb.com/cps0%
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp, ssudrmnet.sys0.24.dr, ssudqcfilter.sys.24.dr	String found in binary or memory: https://d.symcb.com/rpa0
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp, ssudrmnet.sys0.24.dr, ssudqcfilter.sys.24.dr	String found in binary or memory: https://d.symcb.com/rpa0)
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://dm01.ksut.lge.com:46110/b2e/b2e/common/
Source: 7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://dm01.ksut.lge.com:46110/b2e/b2e/common/signaturestatusresultresponsehttp://www.lge.comDevice
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: https://github.com/JamesNK/Newtonsoft.Json
Source: SamFwTool.exe, 00000011.00000002.2740780031.0000000016880000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: https://github.com/dotnet/corefx/tree/7601f4f6225089ffb291dc7d58293c7bbf5c5d4f
Source: SamFwTool.exe, 00000011.00000002.2740780031.0000000016880000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: https://github.com/dotnet/corefx/tree/7601f4f6225089ffb291dc7d58293c7bbf5c5d4f8
Source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/dotnet/roslyn/issues/46646
Source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/dotnet/roslyn/issues/46646~
Source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/dotnet/runtime
Source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/dotnet/runtime/issues/73124.
Source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/dotnet/runtime8
Source: SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2739697725.0000000016840000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.000000000569D000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/restsharp/RestSharp.git
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	String found in binary or memory: https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
Source: chromecache_1386.25.dr	String found in binary or memory: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Source: chromecache_1386.25.dr	String found in binary or memory: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dd
Source: chromecache_1174.25.dr	String found in binary or memory: https://p.ad.gt
Source: chromecache_1386.25.dr	String found in binary or memory: https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Source: chromecache_1567.25.dr, chromecache_1303.25.dr	String found in binary or memory: https://proton.ad.gt
Source: chromecache_1174.25.dr	String found in binary or memory: https://proton.ad.gt/ig
Source: chromecache_1386.25.dr	String found in binary or memory: https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1
Source: chromecache_1431.25.dr	String found in binary or memory: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Source: chromecache_1431.25.dr	String found in binary or memory: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js
Source: SamFwTool.exe, 00000011.00000002.2630194836.0000000003951000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://samfw.com
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1557795442.0000000000BE4000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1552773663.00000000024A4000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://samfw.com/
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1270197433.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1275834259.0000000003490000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://samfw.com/$https://samfw.com/$https://samfw.com/
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1552773663.00000000024A4000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://samfw.com/1RJ
Source: SamFwTool.exe, 00000011.00000002.2630194836.0000000003951000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://samfw.com/Odin/SAMSUNG_USB_Driver_for_Mobile_Phones.exe
Source: SamFwTool.exe, 00000011.00000002.2630194836.0000000003951000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://samfw.com/api/samfwfrp/version
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014AB2000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2620672177.00000000017E9000.00000004.00000010.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2733178401.0000000014921000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2736322417.0000000014AE5000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2630194836.0000000003A97000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2670735168.0000000006B1B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://samfw.com/frp
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1552773663.00000000024A4000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://samfw.com/iRJ
Source: chromecache_1386.25.dr	String found in binary or memory: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Source: chromecache_1386.25.dr	String found in binary or memory: https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
Source: chromecache_1386.25.dr	String found in binary or memory: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com
Source: chromecache_1386.25.dr	String found in binary or memory: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=$
Source: chromecache_1386.25.dr	String found in binary or memory: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
Source: chromecache_1386.25.dr	String found in binary or memory: https://tg.socdm.com/aux/idsync?proto=gumgum
Source: chromecache_1386.25.dr	String found in binary or memory: https://us-u.openx.net/w/1.0/cm?_=
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.digicert.com/CPS0
Source: chromecache_1431.25.dr	String found in binary or memory: https://www.hiscoxgroup.com/
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1271507585.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1272198142.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000000.1273630650.0000000000401000.00000020.00000001.01000000.00000005.sdmp	String found in binary or memory: https://www.innosetup.com/
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: https://www.newtonsoft.com/json
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: https://www.newtonsoft.com/jsonschema
Source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: https://www.nuget.org/packages/Newtonsoft.Json.Bson
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1271507585.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1272198142.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000000.1273630650.0000000000401000.00000020.00000001.01000000.00000005.sdmp	String found in binary or memory: https://www.remobjects.com/ps
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1557795442.0000000000B7D000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1270197433.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000002.1556346092.0000000000924000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1275834259.0000000003490000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000002.1555719616.000000000018C000.00000004.00000010.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1552773663.00000000023EC000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1551852974.000000000375E000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1554883432.0000000000922000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.virustotal.com/gui/file/72b4e02b59b6cf1bfec786e2b1acf98d31cdceb906beb115b52f3bbf07e02fb3
Source: chromecache_1386.25.dr	String found in binary or memory: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1&gdpr=&gdpr_c

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50730
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50747
Source: unknown	Network traffic detected: HTTP traffic on port 50440 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50740
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50741
Source: unknown	Network traffic detected: HTTP traffic on port 51262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 50738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50754
Source: unknown	Network traffic detected: HTTP traffic on port 51274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50759
Source: unknown	Network traffic detected: HTTP traffic on port 50980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50758
Source: unknown	Network traffic detected: HTTP traffic on port 50189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50752
Source: unknown	Network traffic detected: HTTP traffic on port 51319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 50439 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50768
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50760
Source: unknown	Network traffic detected: HTTP traffic on port 51376 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50762
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50761
Source: unknown	Network traffic detected: HTTP traffic on port 50612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50763
Source: unknown	Network traffic detected: HTTP traffic on port 51045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50510 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 50382 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 51077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 50783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 50931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50704
Source: unknown	Network traffic detected: HTTP traffic on port 50656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50705
Source: unknown	Network traffic detected: HTTP traffic on port 51340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50407 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51364 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50710
Source: unknown	Network traffic detected: HTTP traffic on port 51033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50313 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50716
Source: unknown	Network traffic detected: HTTP traffic on port 51159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50719
Source: unknown	Network traffic detected: HTTP traffic on port 50534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 50496 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 51225 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51307 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 50369 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 50420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50336
Source: unknown	Network traffic detected: HTTP traffic on port 51201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50386 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50339
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50338
Source: unknown	Network traffic detected: HTTP traffic on port 51327 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50333
Source: unknown	Network traffic detected: HTTP traffic on port 50632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50332
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50335
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50334
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50348
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50349
Source: unknown	Network traffic detected: HTTP traffic on port 50935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50342
Source: unknown	Network traffic detected: HTTP traffic on port 50987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50341
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50344
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50343
Source: unknown	Network traffic detected: HTTP traffic on port 50243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50346
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50345
Source: unknown	Network traffic detected: HTTP traffic on port 51184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50359
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51207
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50358
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51209
Source: unknown	Network traffic detected: HTTP traffic on port 50804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51200
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51204
Source: unknown	Network traffic detected: HTTP traffic on port 50374 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50357
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51201
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51202
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50419 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51218
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50369
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51219
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51216
Source: unknown	Network traffic detected: HTTP traffic on port 50255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 50685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 51172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50361
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51211
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50364
Source: unknown	Network traffic detected: HTTP traffic on port 51303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50363
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50368
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51212
Source: unknown	Network traffic detected: HTTP traffic on port 50923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50371
Source: unknown	Network traffic detected: HTTP traffic on port 51339 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50370
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50779
Source: unknown	Network traffic detected: HTTP traffic on port 51266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50770
Source: unknown	Network traffic detected: HTTP traffic on port 51025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50775
Source: unknown	Network traffic detected: HTTP traffic on port 50943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50304
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50303
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50787
Source: unknown	Network traffic detected: HTTP traffic on port 51057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50789
Source: unknown	Network traffic detected: HTTP traffic on port 50173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50780
Source: unknown	Network traffic detected: HTTP traffic on port 50702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50300
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50301
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50785
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50315
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50314
Source: unknown	Network traffic detected: HTTP traffic on port 50791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50317
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50316
Source: unknown	Network traffic detected: HTTP traffic on port 51360 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50318
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50792
Source: unknown	Network traffic detected: HTTP traffic on port 51245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50311
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50313
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50797
Source: unknown	Network traffic detected: HTTP traffic on port 51069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50349 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50327
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50320
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50321
Source: unknown	Network traffic detected: HTTP traffic on port 50432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51145
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50298
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50299
Source: unknown	Network traffic detected: HTTP traffic on port 51176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51151
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51152
Source: unknown	Network traffic detected: HTTP traffic on port 51210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51150
Source: unknown	Network traffic detected: HTTP traffic on port 50389 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51155
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51156
Source: unknown	Network traffic detected: HTTP traffic on port 50377 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51153
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51158
Source: unknown	Network traffic detected: HTTP traffic on port 50755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51162
Source: unknown	Network traffic detected: HTTP traffic on port 51347 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51160
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50537 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51161
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51166
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51167
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51165
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50390 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51168
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51169
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51170
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51174
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51171
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51172
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51359 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51175
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51176
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51179
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50481 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51184
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51185
Source: unknown	Network traffic detected: HTTP traffic on port 51209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51183
Source: unknown	Network traffic detected: HTTP traffic on port 50940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50253
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51103
Source: unknown	Network traffic detected: HTTP traffic on port 50456 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50574 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51112
Source: unknown	Network traffic detected: HTTP traffic on port 50639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51110
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51113
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown	Network traffic detected: HTTP traffic on port 50743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51335 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 50341 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50284
Source: unknown	Network traffic detected: HTTP traffic on port 50689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50286
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50292
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50291
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50293
Source: unknown	Network traffic detected: HTTP traffic on port 50562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50357 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50461 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51367 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50345 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50436 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51187
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51190
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51196
Source: unknown	Network traffic detected: HTTP traffic on port 50972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51193
Source: unknown	Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51197
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51198
Source: unknown	Network traffic detected: HTTP traffic on port 50321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51343 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50554 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51355 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50333 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443

Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.7:49704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.88.24:443 -> 192.168.2.7:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.16.68.112:443 -> 192.168.2.7:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.16.68.112:443 -> 192.168.2.7:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.7:49823 version: TLS 1.2

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe

Code function: 24_2_00405326 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,ShowWindow,ShowWindow,GetDlgItem,SendMessageA,SendMessageA,SendMessageA,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageA,CreatePopupMenu,AppendMenuA,GetWindowRect,TrackPopupMenu,SendMessageA,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageA,GlobalUnlock,SetClipboardData,CloseClipboard,

24_2_00405326

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ss_conn_usb_driver.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\VIA_USB_MDM_x86.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\ssaeadb.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\ssecunic.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\SHPACM.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\ssadbus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudeadb.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\VIA_USB_ETS_a64.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\secumdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudserd.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\ss_bus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\ssadadb.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\ssecmdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_MODEM\VIA_USB_MODEM.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_ETS\VIA_USB_ETS.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\ssaebus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\sscdserd.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_ETS\VIA_USB_ETS.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudadb.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\sscebus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\ccdcmbsa.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudsdb.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_HUB\VIA_USB_HUB.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\24_flashusbdriver\WIN32\flashusb.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_HUB\VIA_USB_HUB.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudnd5.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudrmnet.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\VIA_USB_MDM_a64.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\ssadserd.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\18_Zinia_Serial_Driver\WinXP\32\usb2ser.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\VIA_USB_ETS_x86.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\ViaUsbEts\ViaTelecomFile.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2E248BEDDBB2D85122423C41028BFD4	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\ssm_bus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\ssbcbus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\ssecobex.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudbus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\sssdmdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssuddmgr.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\18_Zinia_Serial_Driver\Win7\64\usb2ser.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\sscdbus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\24_flashusbdriver\X64\flashusb.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\sscdmdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\18_Zinia_Serial_Driver\Win7\32\usb2ser.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\SSUSBDownload.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ss_conn_usb_driver2.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudmdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\ssdudfu.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\ssaemdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\ssadndis.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\VIA_USB_SER_x86.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\ss_bbus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\sssdobex.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\ssaeunic.cat	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\SAMSUNG_Android.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\SHPUSB.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudncm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\ss_bmdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\18_Zinia_Serial_Driver\WinXP\64\usb2ser.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\ssecbus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\ss_mdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudrnds.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\secubus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudqcnet.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\ss_bserd.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\C7xxPhone.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudnet.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\ssecmgmt.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\sssdbus.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\sscemdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\ssadmdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\09_Hsp\HSPUSB.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\18_Zinia_Serial_Driver\Vista\64\usb2ser.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudobex.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\18_Zinia_Serial_Driver\Vista\32\usb2ser.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_MODEM\VIA_USB_MODEM.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\ccdcmbsax64.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\ssceserd.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\VIA_USB_SER_a64.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudmtp.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\ssm_mdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\11_HSP_Plus_Default\mbtusbser.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudmarv.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\ssbcmdm.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\ssudrmnetmp.cat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\sssdmgmt.cat	Jump to dropped file

System Summary

PE file contains section with special chars

Source: is-SLJ75.tmp.5.dr	Static PE information: section name: z"JPgV
Source: is-SLJ75.tmp.5.dr	Static PE information: section name: z"JPgV

Source: C:\SamFwTool\data\7za.exe

Code function: 11_2_00408484: DeviceIoControl,GetModuleHandleW,GetProcAddress,GetDiskFreeSpaceW,

11_2_00408484

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5CB460 GetTickCount,OpenSCManagerW,GetLastError,OpenServiceW,DeleteService,GetLastError,CloseServiceHandle,CloseServiceHandle,

31_2_00007FFB0D5CB460

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe

Code function: 24_2_00403312 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,

24_2_00403312

Source: C:\SamFwTool\data\7za.exe

File created: C:\SamFwTool\data\drivers\amd64\libusb0.sys

Jump to behavior

Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0043CB92	11_2_0043CB92
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0042007E	11_2_0042007E
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00464010	11_2_00464010
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048C020	11_2_0048C020
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_004480F1	11_2_004480F1
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_004681A0	11_2_004681A0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00488500	11_2_00488500
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0046C5B0	11_2_0046C5B0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00478740	11_2_00478740
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00468770	11_2_00468770
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00478850	11_2_00478850
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00408953	11_2_00408953
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00404E34	11_2_00404E34
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0047D018	11_2_0047D018
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0044D24E	11_2_0044D24E
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0044523D	11_2_0044523D
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00475350	11_2_00475350
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048D3A3	11_2_0048D3A3
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00481540	11_2_00481540
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048D531	11_2_0048D531
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00401584	11_2_00401584
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048D60B	11_2_0048D60B
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048D6F1	11_2_0048D6F1
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0047D780	11_2_0047D780
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0040196C	11_2_0040196C
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00455BF0	11_2_00455BF0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00471CB0	11_2_00471CB0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00475F30	11_2_00475F30
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00471FC0	11_2_00471FC0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00476030	11_2_00476030
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0047E140	11_2_0047E140
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0046A130	11_2_0046A130
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0042226F	11_2_0042226F
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00466290	11_2_00466290
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00472450	11_2_00472450
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0044E561	11_2_0044E561
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0045E5C9	11_2_0045E5C9
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00486710	11_2_00486710
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00486AF0	11_2_00486AF0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048AAF0	11_2_0048AAF0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0046AC80	11_2_0046AC80
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00466FD0	11_2_00466FD0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0046EFD0	11_2_0046EFD0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0042F14A	11_2_0042F14A
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0047B1C0	11_2_0047B1C0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0046F3E0	11_2_0046F3E0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00477390	11_2_00477390
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00487490	11_2_00487490
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00463560	11_2_00463560
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00473670	11_2_00473670
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0047F600	11_2_0047F600
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0045B838	11_2_0045B838
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0046F8C0	11_2_0046F8C0
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048B970	11_2_0048B970
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00477A20	11_2_00477A20
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048BB30	11_2_0048BB30
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00473C00	11_2_00473C00
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_01EB1470	17_2_01EB1470
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_01EB0848	17_2_01EB0848
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_01EBEA40	17_2_01EBEA40
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_01EB1980	17_2_01EB1980
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_01EB1D28	17_2_01EB1D28
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_01EB1460	17_2_01EB1460
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_01EB0819	17_2_01EB0819
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_01EBF618	17_2_01EBF618
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_05E60490	17_2_05E60490
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069A5EA8	17_2_069A5EA8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06960040	17_2_06960040
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069A5E99	17_2_069A5E99
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069A80FA	17_2_069A80FA
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069A8118	17_2_069A8118
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06960006	17_2_06960006
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069A7350	17_2_069A7350
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069A7360	17_2_069A7360
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069E69CE	17_2_069E69CE
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069E2194	17_2_069E2194
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069E4BF0	17_2_069E4BF0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069E4BE1	17_2_069E4BE1
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06A0B2E0	17_2_06A0B2E0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06A01EC9	17_2_06A01EC9
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06A07CA8	17_2_06A07CA8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06A0AB40	17_2_06A0AB40
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06A0B2D0	17_2_06A0B2D0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06A07C9F	17_2_06A07C9F
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_06A0AB30	17_2_06A0AB30
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098F0040	17_2_098F0040
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098F0CF0	17_2_098F0CF0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098F1660	17_2_098F1660
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098F11B8	17_2_098F11B8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098FD9E1	17_2_098FD9E1
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098FD9F6	17_2_098FD9F6
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098F001C	17_2_098F001C
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098FDA83	17_2_098FDA83
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098FDA6E	17_2_098FDA6E
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098F1660	17_2_098F1660
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098FD6A8	17_2_098FD6A8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_098FD6B0	17_2_098FD6B0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991A918	17_2_0991A918
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991C923	17_2_0991C923
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_09914050	17_2_09914050
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991B340	17_2_0991B340
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991F510	17_2_0991F510
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991B4E8	17_2_0991B4E8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991A910	17_2_0991A910
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_09911830	17_2_09911830
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_09911820	17_2_09911820
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_09914040	17_2_09914040
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991B331	17_2_0991B331
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_09915298	17_2_09915298
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_09915288	17_2_09915288
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_099154B8	17_2_099154B8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991B4D8	17_2_0991B4D8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_099154C8	17_2_099154C8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991F510	17_2_0991F510
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_09DBEC28	17_2_09DBEC28
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C931EB0	17_2_0C931EB0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C937088	17_2_0C937088
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C93B0B0	17_2_0C93B0B0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C93AA48	17_2_0C93AA48
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C935370	17_2_0C935370
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C931EAE	17_2_0C931EAE
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C932EC0	17_2_0C932EC0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C93B0A0	17_2_0C93B0A0
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C93B03F	17_2_0C93B03F
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C937078	17_2_0C937078
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C93AA39	17_2_0C93AA39
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C9333B8	17_2_0C9333B8
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C935361	17_2_0C935361
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C94040C	17_2_0C94040C
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C94FE70	17_2_0C94FE70
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C94F660	17_2_0C94F660
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C94F650	17_2_0C94F650
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C94FE60	17_2_0C94FE60
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C9A1504	17_2_0C9A1504
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C9A5481	17_2_0C9A5481
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_138E2080	17_2_138E2080
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_138E19E8	17_2_138E19E8
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Code function: 24_2_004067BE	24_2_004067BE
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C2210	31_2_00007FFB0D5C2210
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C7E10	31_2_00007FFB0D5C7E10
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5CA5E0	31_2_00007FFB0D5CA5E0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5E4DA0	31_2_00007FFB0D5E4DA0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C3E70	31_2_00007FFB0D5C3E70
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C4640	31_2_00007FFB0D5C4640
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5D5800	31_2_00007FFB0D5D5800
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5DEF08	31_2_00007FFB0D5DEF08
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5E8F48	31_2_00007FFB0D5E8F48
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5DE744	31_2_00007FFB0D5DE744
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5CBF40	31_2_00007FFB0D5CBF40
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5DE9C0	31_2_00007FFB0D5DE9C0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5CC270	31_2_00007FFB0D5CC270
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C3230	31_2_00007FFB0D5C3230
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C38B0	31_2_00007FFB0D5C38B0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5F397C	31_2_00007FFB0D5F397C
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C1990	31_2_00007FFB0D5C1990
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5ED408	31_2_00007FFB0D5ED408
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5DEC3C	31_2_00007FFB0D5DEC3C
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5E6C20	31_2_00007FFB0D5E6C20
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5E72F0	31_2_00007FFB0D5E72F0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5D1B80	31_2_00007FFB0D5D1B80
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5EF35C	31_2_00007FFB0D5EF35C
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C4B30	31_2_00007FFB0D5C4B30
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C592210	33_2_00007FFB1C592210
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C597E10	33_2_00007FFB1C597E10
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C59A5E0	33_2_00007FFB1C59A5E0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5B4DA0	33_2_00007FFB1C5B4DA0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C593E70	33_2_00007FFB1C593E70
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C594640	33_2_00007FFB1C594640
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5AEF08	33_2_00007FFB1C5AEF08
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5AE744	33_2_00007FFB1C5AE744
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5B8F48	33_2_00007FFB1C5B8F48
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C59BF40	33_2_00007FFB1C59BF40
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5A5800	33_2_00007FFB1C5A5800
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5938B0	33_2_00007FFB1C5938B0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5C397C	33_2_00007FFB1C5C397C
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C591990	33_2_00007FFB1C591990
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5AE9C0	33_2_00007FFB1C5AE9C0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C59C270	33_2_00007FFB1C59C270
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C593230	33_2_00007FFB1C593230
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5B72F0	33_2_00007FFB1C5B72F0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5A1B80	33_2_00007FFB1C5A1B80
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5BF35C	33_2_00007FFB1C5BF35C
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C594B30	33_2_00007FFB1C594B30
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5BD408	33_2_00007FFB1C5BD408
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5AEC3C	33_2_00007FFB1C5AEC3C
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5B6C20	33_2_00007FFB1C5B6C20

Source: Joe Sandbox View	Dropped File: C:\SamFwTool\data\7z.exe 254CF6411D38903B2440819F7E0A847F0CFEE7F8096CFAD9E90FEA62F42B0C23
Source: Joe Sandbox View	Dropped File: C:\SamFwTool\data\7za.exe (copy) E6855553350FA6FB23E05839C7F3EF140DAD29D9A0E3495DE4D1B17A9FBF5CA4

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: String function: 00007FFB0D5C1F20 appears 113 times
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: String function: 00007FFB0D5C2040 appears 33 times
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: String function: 00007FFB1C592040 appears 33 times
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: String function: 00007FFB1C591F20 appears 113 times
Source: C:\SamFwTool\data\7za.exe	Code function: String function: 0048CC90 appears 684 times
Source: C:\SamFwTool\data\7za.exe	Code function: String function: 00401C9A appears 215 times

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp.1.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: is-9RCVD.tmp.5.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: WdfCoInstaller01009.dll.11.dr	Static PE information: Resource name: RT_RCDATA type: Microsoft Cabinet archive data, many, 1639755 bytes, 2 files, at 0x44 +A "Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe" +A "Microsoft Kernel-Mode Driver Framework Install-v1.9-Vista.msu", flags 0x4, ID 12343, number 1, extra bytes 20 in head, 51 datablocks, 0x1503 compression
Source: winusbcoinstaller2.dll.11.dr	Static PE information: Resource name: RT_RCDATA type: Microsoft Cabinet archive data, Microsoft Standalone Update, 256987 bytes, 4 files, at 0x44 +A "WSUSSCAN.cab" +A "Windows6.0-KB971286-x64.cab", flags 0x4, number 1, extra bytes 20 in head, 9 datablocks, 0x1 compression
Source: winusbcoinstaller2.dll.11.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (GUI) Intel 80386, for MS Windows
Source: WdfCoInstaller01009.dll0.11.dr	Static PE information: Resource name: RT_RCDATA type: Microsoft Cabinet archive data, many, 1384567 bytes, 2 files, at 0x44 +A "Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe" +A "Microsoft Kernel-Mode Driver Framework Install-v1.9-Vista.msu", flags 0x4, ID 12343, number 1, extra bytes 20 in head, 43 datablocks, 0x1503 compression
Source: winusbcoinstaller2.dll0.11.dr	Static PE information: Resource name: RT_RCDATA type: Microsoft Cabinet archive data, Microsoft Standalone Update, 240840 bytes, 4 files, at 0x44 +A "WSUSSCAN.cab" +A "Windows6.0-KB971286-x86.cab", flags 0x4, number 1, extra bytes 20 in head, 8 datablocks, 0x1 compression
Source: winusbcoinstaller2.dll0.11.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (GUI) Intel 80386, for MS Windows

Source: linux-adk.exe.11.dr	Static PE information: Number of sections : 15 > 10
Source: cygusb-1.0.dll.11.dr	Static PE information: Number of sections : 11 > 10
Source: cygwin1.dll.11.dr	Static PE information: Number of sections : 13 > 10
Source: adbsl.exe.11.dr	Static PE information: Number of sections : 17 > 10

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1557795442.0000000000BB8000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamekernel32j% vs SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1271507585.00000000027E8000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFileName vs SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1272198142.000000007FE35000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFileName vs SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000000.1269748840.00000000004C6000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFileName vs SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Binary or memory string: OriginalFileName vs SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: mpr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: winsta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: shfolder.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: msftedit.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: globinputhost.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: explorerframe.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: sfc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: sfc_os.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: linkinfo.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: ntshrui.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: cscapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Section loaded: apphelp.dll	Jump to behavior
Source: C:\SamFwTool\data\7za.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: version.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: msftedit.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: globinputhost.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: rasapi32.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: rasman.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: rtutils.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: windows.shell.servicehostbuilder.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: ieframe.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: mlang.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: policymanager.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: fastprox.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: ncobjapi.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Windows\System32\wbem\WmiPrvSE.exe	Section loaded: esscli.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: version.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: shfolder.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: cryptnet.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: dgderapi.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: oledlg.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: oleacc.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: devrtl.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: spinf.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: drvstore.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: dgderapi.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: oledlg.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: oleacc.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: devrtl.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: spinf.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: drvstore.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: textshaping.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Section loaded: wintypes.dll

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI

Source: is-SLJ75.tmp.5.dr	Static PE information: Section: z"JPgV ZLIB complexity 1.0003092800976139
Source: adb.exe.11.dr	Static PE information: Section: .data ZLIB complexity 0.989774056993392
Source: WdfCoInstaller01009.dll.11.dr	Static PE information: Section: .rsrc ZLIB complexity 0.9985629322738576
Source: WdfCoInstaller01009.dll0.11.dr	Static PE information: Section: .rsrc ZLIB complexity 0.9981172708256713

Source: ssecbus.sys.24.dr	Binary string: UseInstanceNumberForSymLink\Device\\DosDevices\##xxxPublishedDeviceNameSavedInstanceNumberMCCIUSB_CallUSBD_UnStall-0+ #no floats yet0123456789abcdefpzn pznp0zn{NULL}0X0x +-0MCCIUSB_CallUSBD_UnStall_AsyncGET_PIPE_IO_POLICYSET_PIPE_IO_POLICYCONTROL_TRANSFER_EXSYNC_CLEAR_STALLSYNC_RESET_PIPEGET_MS_FEATURE_DESCRIPTORSET_DESCRIPTOR_TO_INTERFACEGET_DESCRIPTOR_FROM_INTERFACEGET_INTERFACEGET_CONFIGURATIONSET_DESCRIPTOR_TO_ENDPOINTGET_DESCRIPTOR_FROM_ENDPOINTSET_FEATURE_TO_OTHERCLEAR_FEATURE_TO_OTHERGET_STATUS_FROM_OTHERVENDOR_OTHERCLASS_OTHERSYNC_RESET_PIPE_AND_CLEAR_STALLRESERVE_0X001DCLASS_ENDPOINTCLASS_INTERFACECLASS_DEVICEVENDOR_ENDPOINTVENDOR_INTERFACEVENDOR_DEVICERESERVED_0X0016GET_STATUS_FROM_ENDPOINTGET_STATUS_FROM_INTERFACEGET_STATUS_FROM_DEVICECLEAR_FEATURE_TO_ENDPOINTCLEAR_FEATURE_TO_INTERFACECLEAR_FEATURE_TO_DEVICESET_FEATURE_TO_ENDPOINTSET_FEATURE_TO_INTERFACESET_FEATURE_TO_DEVICESET_DESCRIPTOR_TO_DEVICEGET_DESCRIPTOR_FROM_DEVICEISOCH_TRANSFERBULK_OR_INTERRUPT_TRANSFERCONTROL_TRANSFERGET_CURRENT_FRAME_NUMBERSET_FRAME_LENGTHGET_FRAME_LENGTHRELEASE_FRAME_LENGTH_CONTROLTAKE_FRAME_LENGTH_CONTROLABORT_PIPESELECT_INTERFACESELECT_CONFIGURATIONMCCIUSB_CallUSBD
Source: ssecbus.sys.24.dr	Binary string: YCPTSR-\DosDevices\ssecbus#\Device\ssecbus#
Source: secumdm.sys.24.dr	Binary string: MCCIUSB_DebugLevelMCCIUSB_DebugLevelConfigurationConfigurationEnableCR6394EnableCR6394EnableCR3840EnableCR3840RemovableChildrenRemovableChildrenSSIdleDetectionIntervalSSIdleDetectionIntervalEnableSelectiveSuspendEnableSelectiveSuspendAllowRemoteWakeupAllowRemoteWakeupEnableCR3329EnableCR3329MinimumIntPipeIntervalMinimumIntPipeIntervalMCPCOperationalModeMCPCOperationalModeMCPCOperationalLinkMCPCOperationalLinkMCCIUSB_StopBulkStreamMCCIUSB_CallUSBD_UnStallMCCIUSB_GetPortStatusMCCIUSB_CallUSBDMCCIUSB_CallUSBD_UnStall_Async_TimedMCCIUSB_CallUSBD_UnStall_AsyncMCCIUSB_IoCallDriverSynchUseInstanceNumberForSymLink\Device\##xxxPublishedDeviceNameSavedInstanceNumber;J
Source: ssecmgmt.sys0.24.dr	Binary string: \Device\ssecmgmt###
Source: VIA_USB_SER.sys0.24.dr	Binary string: %ws%d\Device\AcmSerialPortsModemPortNameSERIALCOMM%ws%ws\DosDevices\
Source: ssecmgmt.sys0.24.dr	Binary string: sReceiveQueueSizeInitialLineControlInitialBaudRateAllowSuspendWhileOpenDisableCommPortRegistrationSuppressDataMaskingMinGetEncapsulatedSizeWantClearFeaturePriorToClassOpenNeedInitialTxPipeResetEnablePurgeHeuristicsEnableMdmStatusHeuristicsEnableSurpriseRemovalHeuristicsEnableSuspendHibernateHeuristicsOverrideTimeoutDelayMSEnableCloseProcessingHeuristicsEnableXonXoffProcessingHeuristicsDelaySetLinkUntilOpenEnableWriteHeuristicsEnableOpenCloseNotificationControlEnableSelectiveSuspendHeuristicsEnableCR3027EnableRxBulkStreamnRxBulkStreamObjectsPortNameIdentifierOverrideDefaultPortSettingsNOEMS%lu,%lc,%ld,%ls%ls:Ports\DosDevices\AltModemStatus\TspMCCICDC_StopNotificationProcessingExGenMCPCOperationalLinkMCPCOperationalModeMinimumIntPipeIntervalEnableCR3329AllowRemoteWakeupEnableSelectiveSuspendSSIdleDetectionIntervalRemovableChildrenEnableCR3840EnableCR6394MCCIUSB_CallUSBDMCCIUSB_CallUSBD_UnStallMCCIUSB_GetPortStatusMCCIUSB_CallUSBD_UnStall_Async_TimedMCCIUSB_CallUSBD_UnStall_AsyncSavedInstanceNumberPublishedDeviceNamexxx##\Device\UseInstanceNumberForSymLinkMCCIUSB_CyclePort-+ 00x0X{NULL}p0zn pznpzn GET_PIPE_IO_POLICYSET_PIPE_IO_POLICYCONTROL_TRANSFER_EXSYNC_CLEAR_STALLSYNC_RESET_PIPEGET_MS_FEATURE_DESCRIPTORSET_DESCRIPTOR_TO_INTERFACEGET_DESCRIPTOR_FROM_INTERFACEGET_INTERFACEGET_CONFIGURATIONSET_DESCRIPTOR_TO_ENDPOINTGET_DESCRIPTOR_FROM_ENDPOINTSET_FEATURE_TO_OTHERCLEAR_FEATURE_TO_OTHERGET_STATUS_FROM_OTHERVENDOR_OTHERCLASS_OTHERSYNC_RESET_PIPE_AND_CLEAR_STALLRESERVE_0X001DCLASS_ENDPOINTCLASS_INTERFACECLASS_DEVICEVENDOR_ENDPOINTVENDOR_INTERFACEVENDOR_DEVICERESERVED_0X0016GET_STATUS_FROM_ENDPOINTGET_STATUS_FROM_INTERFACEGET_STATUS_FROM_DEVICECLEAR_FEATURE_TO_ENDPOINTCLEAR_FEATURE_TO_INTERFACECLEAR_FEATURE_TO_DEVICESET_FEATURE_TO_ENDPOINTSET_FEATURE_TO_INTERFACESET_FEATURE_TO_DEVICESET_DESCRIPTOR_TO_DEVICEGET_DESCRIPTOR_FROM_DEVICEISOCH_TRANSFERBULK_OR_INTERRUPT_TRANSFERCONTROL_TRANSFERGET_CURRENT_FRAME_NUMBERSET_FRAME_LENGTHGET_FRAME_LENGTHRELEASE_FRAME_LENGTH_CONTROLTAKE_FRAME_LENGTH_CONTROLABORT_PIPESELECT_INTERFACESELECT_CONFIGURATION%BConfigurationMCCIUSB_CyclePortExRSDS
Source: secumdm.sys.24.dr	Binary string: \DosDevices\secumdm###\Device\secumdm###
Source: ssudrmnet.sys0.24.dr	Binary string: \Device\%ws%d_%d

Source: SamFwTool.exe, 00000011.00000002.2621026605.0000000001A6E000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: ;.VBpU

Source: classification engine

Classification label: mal44.phis.troj.evad.winEXE@93/1957@762/100

Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00408545 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,FindCloseChangeNotification,	11_2_00408545
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0041A03A __EH_prolog,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,	11_2_0041A03A
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Code function: 24_2_00403312 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,	24_2_00403312
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5CB5D0 CreateToolhelp32Snapshot,GetLastError,Process32FirstW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,AdjustTokenPrivileges,GetLastError,OpenProcess,WaitForSingleObject,GetLastError,TerminateProcess,CloseHandle,GetLastError,Process32NextW,	31_2_00007FFB0D5CB5D0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5CE860 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,	31_2_00007FFB0D5CE860
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C59B5D0 CreateToolhelp32Snapshot,GetLastError,Process32FirstW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,AdjustTokenPrivileges,GetLastError,OpenProcess,WaitForSingleObject,GetLastError,TerminateProcess,CloseHandle,GetLastError,Process32NextW,	33_2_00007FFB1C59B5D0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C59E860 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,	33_2_00007FFB1C59E860

Source: C:\SamFwTool\data\7za.exe

Code function: 11_2_00408484 DeviceIoControl,GetModuleHandleW,GetProcAddress,GetDiskFreeSpaceW,

11_2_00408484

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: lstrcatW,lstrcatW,OpenSCManagerW,CreateServiceW,GetLastError,CloseServiceHandle,CloseServiceHandle,GetLastError,	31_2_00007FFB0D5CA250
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: OpenSCManagerW,GetLastError,CreateServiceW,GetLastError,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,	31_2_00007FFB0D5D10E0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: OpenSCManagerW,GetLastError,CreateServiceW,GetLastError,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,	33_2_00007FFB1C5A10E0
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: lstrcatW,lstrcatW,OpenSCManagerW,CreateServiceW,GetLastError,CloseServiceHandle,CloseServiceHandle,GetLastError,	33_2_00007FFB1C59A250

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5CB5D0 CreateToolhelp32Snapshot,GetLastError,Process32FirstW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,AdjustTokenPrivileges,GetLastError,OpenProcess,WaitForSingleObject,GetLastError,TerminateProcess,CloseHandle,GetLastError,Process32NextW,

31_2_00007FFB0D5CB5D0

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe

Code function: 24_2_0040216B CoCreateInstance,MultiByteToWideChar,

24_2_0040216B

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5C2DB0 LoadResource,LockResource,SizeofResource,

31_2_00007FFB0D5C2DB0

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5C7E10 GetModuleHandleW,GetProcAddress,GetSystemInfo,DriverPackagePreinstallW,DriverPackagePreinstallW,OpenSCManagerW,GetLastError,OpenServiceW,GetLastError,CloseServiceHandle,ChangeServiceConfigW,GetLastError,CloseServiceHandle,CloseServiceHandle,

31_2_00007FFB0D5C7E10

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

File created: C:\Users\user\AppData\Local\Programs

Jump to behavior

Source: C:\SamFwTool\SamFwTool.exe	Mutant created: NULL
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3724:120:WilError_03
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Mutant created: \Sessions\1\BaseNamedObjects\SSsetup
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7632:120:WilError_03

Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

File created: C:\Users\user~1\AppData\Local\Temp\is-IT8DV.tmp

Jump to behavior

Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

File read: C:\Users\user\Desktop\desktop.ini

Jump to behavior

Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization

Jump to behavior

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Virustotal: Detection: 25%

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

String found in binary or memory: /LOADINF="filename"

Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

File read: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Process created: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp "C:\Users\user~1\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp" /SL5="$20428,58690757,832512,C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe"
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process created: C:\SamFwTool\data\7za.exe "C:\SamFwTool\data\7za.exe" x "C:\SamFwTool\data.7z" -o"C:\SamFwTool\" * -r -aoa
Source: C:\SamFwTool\data\7za.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process created: C:\SamFwTool\SamFwTool.exe C:\SamFwTool\SamFwTool.exe
Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\Windows\System32\cmd.exe "C:\Windows\Sysnative\cmd.exe" /c driverquery /FO list
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\driverquery.exe driverquery /FO list
Source: C:\Windows\System32\driverquery.exe	Process created: C:\Windows\System32\wbem\WmiPrvSE.exe C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bit.ly/samfwtool
Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe "C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5580 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5652 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Process created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe "C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe" -chk_inst_ui -user
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Process created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe "C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe" -user -escape_full
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Process created: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp "C:\Users\user~1\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp" /SL5="$20428,58690757,832512,C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process created: C:\SamFwTool\data\7za.exe "C:\SamFwTool\data\7za.exe" x "C:\SamFwTool\data.7z" -o"C:\SamFwTool\" * -r -aoa	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process created: C:\SamFwTool\SamFwTool.exe C:\SamFwTool\SamFwTool.exe	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\Windows\System32\cmd.exe "C:\Windows\Sysnative\cmd.exe" /c driverquery /FO list	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bit.ly/samfwtool	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe "C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe"	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\driverquery.exe driverquery /FO list	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5580 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5652 --field-trial-handle=1676,i,5551109192392557757,18134882960467297251,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Process created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe "C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe" -chk_inst_ui -user	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Process created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe "C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe" -user -escape_full	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InProcServer32

Jump to behavior

Source: SamFw Tool.lnk.5.dr	LNK file: ..\..\..\..\..\SamFwTool\SamFwTool.exe
Source: SamFw Tool.lnk0.5.dr	LNK file: ..\..\..\SamFwTool\SamFwTool.exe

Source: C:\SamFwTool\SamFwTool.exe

File written: C:\SamFwTool\settings.ini

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

Window found: window name: TMainForm

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Automated click: Install
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Automated click: Next
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Automated click: Next >
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Automated click: I agree to the terms and conditions of the licence agreement. (A)
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Automated click: I agree to the terms and conditions of the licence agreement. (A)
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Automated click: Next >

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

File opened: C:\Windows\SysWOW64\MSFTEDIT.DLL

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Window detected: Number of UI elements: 15
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Window detected: Number of UI elements: 15

Source: C:\SamFwTool\SamFwTool.exe

File opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll

Jump to behavior

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Static file information: File size 59530215 > 1048576

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_bus\ss_whnt\objfre_w2K_x86\i386\ss_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2234433954.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_cm95\objfre_w2K_x86\i386\ssm_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2280580198.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Japanese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2038350236.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Chinese (Simplified).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1888075461.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\English (US).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1996610467.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Italian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2026128373.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_bus\ss_bus\objfre_w2K_x86\i386\ss_bus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2226416075.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Indonesian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2122935769.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\English (US).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1999416064.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_mdfl\objfre_w2K_x86\i386\ssm_mdfl.pdbL source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2283295839.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Portuguese (Brazil).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2088656272.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Indonesian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2124341456.0000000002744000.00000004.00000020.00020000.00000000.sdmp, lang2101.dll1.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Russian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2109799665.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Arabic.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1850427810.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdm\objfre_wlh_amd64\amd64\sscemdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2355604327.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdbus\objfre_wxp_x86\i386\sscdbus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2305533763.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecr\objfre_w2K_x86\i386\sscecr.pdbM source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2343223544.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdfl\objfre_wxp_x86\i386\sscdmdfl.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2308035714.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Hebrew.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1795298925.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Italian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2024120732.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\English (US).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1990743420.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscevcr\free\SSCEVCR.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2338694322.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Norwegian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2055428150.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Italian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2013266082.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdserd\objfre_wlh_amd64\amd64\sscdserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2319707790.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Slovak.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1813873839.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdirpro\sscdinstall\objfre_wnet_amd64\amd64\Setup.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2321835857.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: sfxcab.pdb source: WinUSBCoInstaller.dll0.24.dr
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_cmnt\objfre_w2K_x86\i386\ssm_cm.pdbla source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2281399092.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\French (France).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1789893738.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Hungarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1805071239.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdbus\objfre_wlh_amd64\amd64\sscdbus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2315202150.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\sscecmnt\objfre_wxp_x86\i386\sscecm.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2342171396.000000000274D000.00000004.00000020.00020000.00000000.sdmp, sscecmnt.sys.24.dr
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdwhnt\objfre_wlh_amd64\amd64\sscdwh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2320584992.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Malay.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1842228742.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Polish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2078355304.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_bus\ss_whnt\objfre_w2K_x86\i386\ss_wh.pdbS source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2234433954.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /home/runner/work/RestSharp/RestSharp/src/RestSharp/obj/Release/net471/RestSharp.pdb source: SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2739697725.0000000016840000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.000000000569D000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\French (France).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1788487655.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecm95\objfre_w2K_x86\i386\sscecm.pdbIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exeR source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2341193904.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Vietnamese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1834460243.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Dropbox\qud_builds\builds\1.00.61\QUD\HY11\QMI\win\qcwwan\filter\Release\qcusbfilter.pdb source: ssudqcfilter.sys.24.dr
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_comm\free\SS_COMM.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2235536033.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecm95\objfre_w2K_x86\i386\sscecm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2341193904.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdcmnt\objfre_wxp_x86\i386\sscdcm.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2307035908.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Romanian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2106471219.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: d:\kma_cc\kma_vi~3\hz-pct~1\driver\win\src\driver\viausb~1\objfre_wxp_x86\i386\VIA_USB_SER.pdb source: VIA_USB_SER.sys0.24.dr
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\sscebus\sscewh95\objfre_w2K_x86\i386\sscewh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2348378029.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_bus\ss_bus\objfre_wlh_amd64\amd64\ss_bus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2240659232.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscevcd\free\sscevcd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2337818097.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_mdfl\objfre_w2K_x86\i386\ssm_mdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2283295839.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_mdm\objfre_w2K_x86\i386\ssm_mdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2285304413.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /_/artifacts/obj/System.Text.Json/Release/net462/System.Text.Json.pdb source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_irpro\ssm_install\objfre_wnet_amd64\amd64\Setup.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2294244511.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Portuguese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2099318032.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Hindi.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2137541979.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: WdfCoInstaller01009.pdb source: WdfCoInstaller01009.dll0.11.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Chinese (Hong Kong).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1869194866.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Czech.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1900280263.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\ssceserd\objfre_wlh_amd64\amd64\ssceserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2357937178.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\Uninstall.pdbO source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2155036233.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /_/artifacts/obj/System.Text.Json/Release/net462/System.Text.Json.pdbSHA256Qb source: SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Turkish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1830936801.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v4_50_3\u32\brand\elkins\ssecmgmt\ssecmgmt\objfre_wlh_amd64\amd64\ssecmgmt.pdb source: ssecmgmt.sys0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Norwegian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2062744193.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\shrewsbury\ssadbus\ssadwhnt\objfre_wxp_x86\i386\ssadwh.pdb source: ssadwhnt.sys.24.dr
Source:	Binary string: Z:\b\HTE\QDART\QDART_MFG\BSP_Storage\QSaharaServer\Release\QSaharaServer.pdbp source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Czech.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1902788392.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Chinese (Simplified).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1881964758.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: costura.costura.pdb.compressed source: SamFwTool.exe, 00000011.00000002.2630194836.0000000003951000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_cm95\objfre_w2K_x86\i386\ssm_cm.pdbIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exe source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2280580198.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_mdm\ssm_cmnt\objfre_wlh_amd64\amd64\ssm_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2296241734.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Turkish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1833108343.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Romanian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2107610879.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\UKrainian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2129759084.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Greek.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1970530394.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceirpro\ssceinstall\objfre_wnet_amd64\amd64\Setup.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2360499738.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Portuguese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2101449843.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\build\workspace\msscs_19_git-pipeline_master\src\platforms\windows\Release\ss_conn_service2.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Dutch.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2050907418.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002744000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000000.2185241113.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 0000001F.00000002.2210591016.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000000.2490028732.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000002.2627842809.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Arabic.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1844864395.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Bulgarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1852655193.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdserd\objfre_wxp_x86\i386\sscdserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2310795188.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdm\objfre_wxp_x86\i386\sscemdm.pdbP source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2345299710.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Korean.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2042407089.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\German.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1963396839.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_bus\ss_whnt\objfre_wlh_amd64\amd64\ss_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2247160594.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Dutch.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2049678686.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_mdm\ss_mdfl\objfre_w2K_x86\i386\ss_mdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2231056467.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceirpro\ssceinstall\objfre_wnet_amd64\amd64\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2360499738.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_mdm\ss_cmnt\objfre_w2K_x86\i386\ss_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2228605017.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_cr\objfre_w2K_x86\i386\ss_cr.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2230031010.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Croatian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1807480724.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: winusbcoinstaller.pdbH source: WinUSBCoInstaller.dll0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Japanese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2040911503.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdb source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp
Source:	Binary string: DIFXAPI.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2162915136.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D:\jenkins\build\workspace\miflash_git\out\Release\bin\recovery.pdb source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_irpro\ss_install\objfre_wnet_amd64\amd64\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2239442053.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Portuguese (Brazil).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2080884413.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_irpro\ssm_install\objfre_wnet_amd64\amd64\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2294244511.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Bulgarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1858058118.0000000002749000.00000004.00000020.00020000.00000000.sdmp, lang0201.dll1.24.dr
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\sscebus\sscewh95\objfre_w2K_x86\i386\sscewh.pdbIoGetAttachedDeviceReferencentoskrnl.exeIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exe source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2348378029.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Czech.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1895849240.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdfl\objfre_wxp_x86\i386\sscemdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2344319539.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdm\objfre_wxp_x86\i386\sscdmdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2309035434.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Slovak.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1811594594.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Greek.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1984324459.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Polish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2073752513.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdfl\objfre_wlh_amd64\amd64\sscdmdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2317803781.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Vietnamese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1838531098.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Spanish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1781583931.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_bus\ssm_whnt\objfre_w2K_x86\i386\ssm_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2287783600.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Romanian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2104339558.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Thai.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1823496705.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Vietnamese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1836101852.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Polish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2077021316.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_cm95\objfre_w2K_x86\i386\ss_cm.pdbIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exe source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2227310801.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\build\workspace\msscs_19_git-pipeline_master\src\platforms\windows\Release\ss_conn_service2.pdb6 source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2625270861.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_irpro\ss_install\objfre_wnet_amd64\amd64\Setup.pdbH source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2239442053.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdfl\objfre_wxp_x86\i386\sscdmdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2308035714.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Spanish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1780513234.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: winusbcoinstaller.pdb source: WinUSBCoInstaller.dll0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Chinese (Hong Kong).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1872348404.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\French (Canada).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1790910619.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Croatian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1806393271.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Arabic.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1845971650.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Hebrew.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1796992218.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\build\workspace\msscs_2.5\msscs\trunk\src\platforms\windows\Release\ss_conn_service.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\UKrainian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2127412053.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdwhnt\objfre_wxp_x86\i386\sscdwh.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2314115041.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_3\u32\brand\elkins\ssecbus\ssecbus\objfre_w2K_x86\i386\ssecbus.pdb8 source: ssecbus.sys.24.dr
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_bus\ss_wh95\objfre_w2K_x86\i386\ss_wh.pdbIoGetAttachedDeviceReferencentoskrnl.exeIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exe source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2233484567.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\dgderapi.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2165145612.000000000274D000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000002.2213433769.00007FFB0D5F5000.00000002.00000001.01000000.00000018.sdmp, Setup.exe, 00000021.00000002.2629681524.00007FFB1C5C5000.00000002.00000001.01000000.00000018.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdm\objfre_wxp_x86\i386\sscemdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2345299710.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdm\objfre_wlh_amd64\amd64\sscdmdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2318826431.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\English (UK).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2002091284.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_cr\objfre_w2K_x86\i386\ssm_cr.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2282347015.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscebus\objfre_wlh_amd64\amd64\sscebus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2352444362.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdcmnt\objfre_wxp_x86\i386\sscdcm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2307035908.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\build\workspace\msscs_2.5\msscs\trunk\src\platforms\windows\Release\ss_conn_service.pdb- source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Hungarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1802549328.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdfl\objfre_wlh_amd64\amd64\sscemdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2354427691.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Chinese (Traditional).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1867451078.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Spanish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1779546119.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscemdm\sscemdfl\objfre_wxp_x86\i386\sscemdfl.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2344319539.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\ssceserd\objfre_wxp_x86\i386\ssceserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2346483099.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Hindi.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2134360695.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /home/runner/work/RestSharp/RestSharp/src/RestSharp/obj/Release/net471/RestSharp.pdbSHA256 source: SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2739697725.0000000016840000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.000000000569D000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Korean.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2046404611.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Turkish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1828164046.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\French (France).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1787263721.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Danish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1946843505.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: Z:\b\HTE\QDART\QDART_MFG\BSP_Storage\QSaharaServer\Release\QSaharaServer.pdb source: 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506557170.0000000003520000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_mdm\ss_mdfl\objfre_wlh_amd64\amd64\ss_mdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2242403851.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\English (UK).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2010393920.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\English (UK).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2005671327.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscebus\objfre_wxp_x86\i386\sscebus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2340147198.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\French (Canada).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1793958127.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_bus\ss_bus\objfre_w2K_x86\i386\ss_bus.pdbP' source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2226416075.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Malay.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1843560315.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdirpro\sscdinstall\objfre_wnet_amd64\amd64\Setup.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2321835857.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_bus\ssm_bus\objfre_wlh_amd64\amd64\ssm_bus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2295324708.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscewhnt\objfre_wxp_x86\i386\sscewh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2351207016.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\Uninstall.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2155036233.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\German.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1966944470.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_3\u32\brand\elkins\ssecbus\ssecbus\objfre_w2K_x86\i386\ssecbus.pdb source: ssecbus.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Thai.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1821597364.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscewhnt\objfre_wlh_amd64\amd64\sscewh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2358976404.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Croatian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1808556486.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_vcd\free\ssm_vcd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2291869220.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Finnish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1784534884.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\German.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1957232899.000000000274D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Finnish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1786352832.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_vcr\free\SS_VCR.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2237902615.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Norwegian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2069461595.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_14\u32\brand\searsburg\ssaemdm\ssaemdfl\objfre_w2K_x86\i386\ssaemdfl.pdb source: ssaemdfl.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Slovak.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1809808631.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\sscebus\sscewhnt\objfre_wxp_x86\i386\sscewh.pdbN source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2351207016.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Portuguese (Brazil).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2083064630.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Dutch.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2052842971.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Korean.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2043923540.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Chinese (Simplified).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1885258833.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Thai.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1826849286.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_mdm\ss_mdm\objfre_w2K_x86\i386\ss_mdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2232455070.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\French (Canada).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1792519625.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\shrewsbury\ssadbus\ssadwhnt\objfre_wxp_x86\i386\ssadwh.pdbN source: ssadwhnt.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Japanese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2039876918.0000000002743000.00000004.00000020.00020000.00000000.sdmp, lang1101.dll0.24.dr
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_bus\ssm_wh95\objfre_w2K_x86\i386\ssm_wh.pdbIoGetAttachedDeviceReferencentoskrnl.exeIoGetDeviceInterfaceAliasntoskrnl.exeIoGetDeviceInterfacesntoskrnl.exeIoOpenDeviceRegistryKeyntpnp.sysIoOpenDeviceRegistryKeyntoskrnl.exeIoRegisterDeviceInterfacentoskrnl.exeIoRegisterPlugPlayNotificationntoskrnl.exeIoReportTargetDeviceChangentoskrnl.exeIoSetDeviceInterfaceStatentoskrnl.exePoCallDriverntoskrnl.exePoRegisterDeviceForIdleDetectionntoskrnl.exePoRegisterSystemStatentoskrnl.exePoRequestPowerIrpntoskrnl.exePoSetPowerStatentoskrnl.exePoSetSystemStatentoskrnl.exePoStartNextPowerIrpntoskrnl.exePoUnregisterSystemStatentoskrnl.exe_purecallntoskrnl.exeQ source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2286886085.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\dgderdrv.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2160616595.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\ssceserd\objfre_wxp_x86\i386\ssceserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2346483099.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdmdm\sscdmdm\objfre_wxp_x86\i386\sscdmdm.pdbP source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2309035434.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_52_5\u32\brand\selenium\secumdm\secumdm\objfre_w2K_x86\i386\secumdm.pdb source: secumdm.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Danish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1936666289.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Chinese (Traditional).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1865359820.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\sscecmnt\objfre_wxp_x86\i386\sscecm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2342171396.000000000274D000.00000004.00000020.00020000.00000000.sdmp, sscecmnt.sys.24.dr
Source:	Binary string: h:\cvb\s53014\u32\brand\semseyite\ssceserd\sscecmnt\objfre_wlh_amd64\amd64\sscecm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2353417099.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\A\_work\156\s\corefx\bin\obj\AnyOS.AnyCPU.Release\System.Threading.Tasks.Extensions\netfx\System.Threading.Tasks.Extensions.pdb source: SamFwTool.exe, 00000011.00000002.2740780031.0000000016880000.00000004.08000000.00040000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecr\objfre_w2K_x86\i386\sscecr.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2343223544.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_bus\ssm_wh95\objfre_w2K_x86\i386\ssm_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2286886085.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_cm95\objfre_w2K_x86\i386\ss_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2227310801.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_14\u32\brand\searsburg\ssaemdm\ssaemdfl\objfre_w2K_x86\i386\ssaemdfl.pdbL source: ssaemdfl.sys.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Finnish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1783089924.0000000002747000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: /_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdbSHA256 source: SamFwTool.exe, 00000011.00000002.2748389517.0000000017B08000.00000004.08000000.00040000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_bus\ssm_bus\objfre_w2K_x86\i386\ssm_bus.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2279515171.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Russian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2118480192.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Chinese (Traditional).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1861223407.0000000002745000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\x64\Release\Setup.pdbW source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002744000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000000.2185241113.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 0000001F.00000002.2210591016.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000000.2490028732.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000002.2627842809.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdbus\sscdwhnt\objfre_wxp_x86\i386\sscdwh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2314115041.0000000002749000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Indonesian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2121171614.0000000002746000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Malay.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1841048704.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: sfxcab.pdbU source: WinUSBCoInstaller.dll0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Hindi.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2133379357.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_12\u32\brand\siberian\ssm_mdm\ssm_cmnt\objfre_w2K_x86\i386\ssm_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2281399092.0000000002742000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Hungarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1801090296.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_mdm\ssm_mdm\objfre_wlh_amd64\amd64\ssm_mdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2297958903.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V4_50_7\u32\brand\semseyite\ssceserd\sscecomm\free\SSCECOMM.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2335935501.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdcmnt\objfre_wlh_amd64\amd64\sscdcm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2316516410.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_mdm\ssm_mdfl\objfre_wlh_amd64\amd64\ssm_mdfl.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2297016259.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_mdm\ss_vcd\free\ss_vcd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2236727853.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_vcr\free\SSM_VCR.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2293231410.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Danish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1949159728.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_mdm\ss_mdm\objfre_wlh_amd64\amd64\ss_mdm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2244215488.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: DIFXAPI.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2162915136.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Portuguese.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2096946337.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: E:\sandbox\USBWIN32-V4_50_7\u32\brand\simmental\ss_bus\ss_wh95\objfre_w2K_x86\i386\ss_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2233484567.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Swedish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1820113404.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_00\u32\brand\simmental\ss_mdm\ss_cmnt\objfre_wlh_amd64\amd64\ss_cm.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2241085318.0000000002740000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Chinese (Hong Kong).pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1878517575.000000000274A000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Greek.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1976373597.0000000002741000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\UKrainian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2131902879.0000000002744000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Bulgarian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1855524104.0000000002745000.00000004.00000020.00020000.00000000.sdmp, lang0201.dll0.24.dr
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Russian.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2113794693.0000000002748000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\Release\Swedish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1815114810.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: h:\cvb\s53014\u32\brand\swallowtail\sscdserd\sscdserd\objfre_wxp_x86\i386\sscdserd.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2310795188.000000000274C000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: j:\v5_12\u32\brand\siberian\ssm_bus\ssm_whnt\objfre_wlh_amd64\amd64\ssm_wh.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2298728548.000000000359F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: J:\V5_00\u32\brand\simmental\ss_mdm\ss_mdfl\objfre_w2K_x86\i386\ss_mdfl.pdbL source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2231056467.000000000274B000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: H:\aantal\sbox_4_40_4\u32\brand\siberian\ssm_mdm\ssm_comm\free\SSM_COMM.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2289955481.000000000274E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\x64\Release\Swedish.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1816861392.000000000274F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\eline_release_fix_security_issue\samsung\dersdk\win\src\inst_file_v2\lang\ARM64\Release\Hebrew.pdb source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.1799064031.0000000002743000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Jenkins\workspace\peline_Release_for_support_win11\samsung\ssud\win\build\drivers\mss_drivers\x64\Release\ssudrmnet.pdb source: ssudrmnet.sys0.24.dr

Data Obfuscation

Yara detected Costura Assembly Loader

Source: Yara match	File source: 00000011.00000002.2702805083.000000000F440000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000011.00000002.2630194836.0000000003951000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000011.00000000.1534059786.0000000000662000.00000002.00000001.01000000.00000009.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: SamFwTool.exe PID: 8036, type: MEMORYSTR

Source: is-SLJ75.tmp.5.dr

Static PE information: 0x834792E8 [Mon Oct 17 23:12:40 2039 UTC]

Source: C:\SamFwTool\data\7za.exe

Code function: 11_2_0043A692 GetCurrentProcess,GetProcessTimes,fputs,memset,GetModuleHandleW,GetProcAddress,GetProcAddress,LoadLibraryW,GetProcAddress,GetCurrentProcess,GetProcAddress,GetCurrentProcess,fputs,__aulldiv,fputs,

11_2_0043A692

Source: initial sample

Static PE information: section where entry point is pointing to: Wfffea8c

Source: install_x64.exe.11.dr	Static PE information: real checksum: 0x0 should be: 0xc9db2
Source: adb.exe.11.dr	Static PE information: real checksum: 0x0 should be: 0x288c7e
Source: d.exe.11.dr	Static PE information: real checksum: 0x0 should be: 0xaeff9
Source: fastboot.exe.11.dr	Static PE information: real checksum: 0x0 should be: 0x15a238
Source: 7zax64.exe.11.dr	Static PE information: real checksum: 0x0 should be: 0x114171
Source: cygusb-1.0.dll.11.dr	Static PE information: real checksum: 0x2a531 should be: 0x240fc
Source: cyggcc_s-1.dll.11.dr	Static PE information: real checksum: 0x1e951 should be: 0x1df30
Source: lg.exe.11.dr	Static PE information: real checksum: 0x0 should be: 0x83b4af
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp.1.dr	Static PE information: real checksum: 0x0 should be: 0x3120b9
Source: is-9T7V6.tmp.5.dr	Static PE information: real checksum: 0x0 should be: 0xab84f
Source: 7z.exe.11.dr	Static PE information: real checksum: 0x0 should be: 0x93692
Source: install_x86.exe.11.dr	Static PE information: real checksum: 0x0 should be: 0xad737
Source: is-9RCVD.tmp.5.dr	Static PE information: real checksum: 0x0 should be: 0x31a29d

Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Static PE information: section name: .didata
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp.1.dr	Static PE information: section name: .didata
Source: is-9RCVD.tmp.5.dr	Static PE information: section name: .didata
Source: is-SLJ75.tmp.5.dr	Static PE information: section name: z"JPgV
Source: is-SLJ75.tmp.5.dr	Static PE information: section name: z"JPgV
Source: is-SLJ75.tmp.5.dr	Static PE information: section name: Wfffea8c
Source: is-9T7V6.tmp.5.dr	Static PE information: section name: .sxdata
Source: adb.exe.11.dr	Static PE information: section name: .buildid
Source: adb.exe.11.dr	Static PE information: section name: .gcc_exc
Source: adbsl.exe.11.dr	Static PE information: section name: /4
Source: adbsl.exe.11.dr	Static PE information: section name: /19
Source: adbsl.exe.11.dr	Static PE information: section name: /31
Source: adbsl.exe.11.dr	Static PE information: section name: /45
Source: adbsl.exe.11.dr	Static PE information: section name: /57
Source: adbsl.exe.11.dr	Static PE information: section name: /70
Source: adbsl.exe.11.dr	Static PE information: section name: /81
Source: adbsl.exe.11.dr	Static PE information: section name: /92
Source: cyggcc_s-1.dll.11.dr	Static PE information: section name: .buildid
Source: cyggcc_s-1.dll.11.dr	Static PE information: section name: /4
Source: cyggcc_s-1.dll.11.dr	Static PE information: section name: /14
Source: cygusb-1.0.dll.11.dr	Static PE information: section name: .buildid
Source: cygusb-1.0.dll.11.dr	Static PE information: section name: /4
Source: cygusb-1.0.dll.11.dr	Static PE information: section name: /14
Source: cygwin1.dll.11.dr	Static PE information: section name: /4
Source: cygwin1.dll.11.dr	Static PE information: section name: .buildid
Source: cygwin1.dll.11.dr	Static PE information: section name: /19
Source: cygwin1.dll.11.dr	Static PE information: section name: /38
Source: cygwin1.dll.11.dr	Static PE information: section name: .cygheap
Source: linux-adk.exe.11.dr	Static PE information: section name: .buildid
Source: linux-adk.exe.11.dr	Static PE information: section name: /4
Source: linux-adk.exe.11.dr	Static PE information: section name: /14
Source: linux-adk.exe.11.dr	Static PE information: section name: /29
Source: linux-adk.exe.11.dr	Static PE information: section name: /41
Source: linux-adk.exe.11.dr	Static PE information: section name: /55
Source: linux-adk.exe.11.dr	Static PE information: section name: /67
Source: linux-adk.exe.11.dr	Static PE information: section name: /78
Source: linux-adk.exe.11.dr	Static PE information: section name: /89
Source: fastboot.exe.11.dr	Static PE information: section name: .buildid
Source: fastboot.exe.11.dr	Static PE information: section name: .gcc_exc

Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048CC90 push eax; ret	11_2_0048CCAE
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_0048D040 push eax; ret	11_2_0048D06E
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00477E40 push ecx; mov dword ptr [esp], ecx	11_2_00477E41
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_05E63560 pushad ; ret	17_2_05E636E1
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069AA618 push dword ptr [ebp+eax-18h]; iretd	17_2_069AA61D
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_069EEF40 push es; ret	17_2_069EEF56
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_099010D0 push esp; retf	17_2_099010D1
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991C91F pushad ; iretd	17_2_0991C922
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0991A174 push E8FFFFFCh; retf	17_2_0991A179
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_09DA410C push BA915BC7h; retf	17_2_09DA4111
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0BFE50AA push eax; mov dword ptr [esp], ecx	17_2_0BFE50B4
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C9361E0 push eax; mov dword ptr [esp], edx	17_2_0C9361F4
Source: C:\SamFwTool\SamFwTool.exe	Code function: 17_2_0C94BAC0 pushad ; iretd	17_2_0C94BAC1

Source: is-SLJ75.tmp.5.dr

Static PE information: section name: z"JPgV entropy: 7.999876100661392

Persistence and Installation Behavior

Sample is not signed and drops a device driver

Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusb0.sys	Jump to behavior
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusbK.sys	Jump to behavior
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\libusb0.sys	Jump to behavior
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\libusbK.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\dgderdrv.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_bus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cm95.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cr.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_mdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_mdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_wh95.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_whnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_bus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_cmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_mdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_mdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_whnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_bus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cm95.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cr.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_mdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_mdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_wh95.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_whnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_bus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_cmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_mdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_mdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_whnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdcmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdcmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscebus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecm95.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecr.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscemdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscemdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\ssceserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscewh95.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscewhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscebus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscecmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscemdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscemdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\ssceserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscewhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcm95.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcr.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmgmt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdobex.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdwh95.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdcmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmgmt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdobex.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbccmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbccr.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbccmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bcmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bcmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\sseccmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\sseccrnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmgmt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecnd5.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecobex.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecunic.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\sseccmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\sseccrnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmgmt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecnd5.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecobex.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecunic.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\09_Hsp\i386\hspusb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\09_Hsp\amd64\hspusb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpacm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpacmfilter.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpusb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpacm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpacmfilter.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpusb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\11_HSP_Plus_Default\i386\mbtusbser.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\11_HSP_Plus_Default\amd64\mbtusbser.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\i386\SSUSBDownload.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\amd64\SSUSBDownload.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\ccdcmbsa.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\ccdcmbsao.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\usbser_lowerfltsa.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\usbser_lowerfltsaj.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\ccdcmbsaox64.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\ccdcmbsax64.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\usbser_lowerfltsax64.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\usbser_lowerfltsax64j.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadadb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadcmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadadb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadcmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secubus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secucmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secucrnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secumdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secumdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secuwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secubus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secucmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secucrnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secumdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secumdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secuwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_MODEM\VIA_USB_MODEM.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\ViaUsbEts\ViaUsbEts.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_ETS\VIA_USB_ETS.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_MODEM\VIA_USB_MODEM.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_ETS\VIA_USB_ETS.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\i386\ssdudfu.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\i386\ssduwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\amd64\ssdudfu.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\amd64\ssduwhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaeadb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaebus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaecmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaecrnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaemdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaemdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaend5.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaeunic.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaewhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaeadb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaebus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaecmnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaecrnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaemdfl.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaemdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaend5.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaeunic.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaewhnt.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\NT32\C7xPHNX3.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\XP64\C7xPHNX6.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\VT32\C7xPHNV3.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\VT64\C7xPHNV6.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\W732\C7xPHN73.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\W764\C7xPHN76.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\24_flashusbdriver\WIN32\FlashUsb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\24_flashusbdriver\X64\flashusb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudbus2.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudqcnet.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssuddmgr.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudnd5.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudobex.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudeadb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudrmnet.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudrmnetmp.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ss_conn_usb_driver.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudqcfilter.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudncm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudnet.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ss_conn_usb_driver2.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudbus2.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudqcnet.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssuddmgr.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudnd5.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudobex.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudeadb.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudrmnet.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudrmnetmp.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ss_conn_usb_driver.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudqcfilter.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudncm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudnet.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ss_conn_usb_driver2.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudbus.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudbus2.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssuddmgr.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudmdm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudnd5.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudobex.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudserd.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudrmnet.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudrmnetmp.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ss_conn_usb_driver.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudncm.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudnet.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ss_conn_usb_driver2.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\VIA_USB_ETS_SS.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\VIA_USB_SER.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\VIA_USB_ETS_SS.sys	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\VIA_USB_SER.sys	Jump to behavior

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_MODEM\VIA_USB_MODEM.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\sseccmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1601.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdvcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdwh95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\i386\ssduwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcm95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0902.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\adbsl.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\libusbK.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0201.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	File created: C:\SamFwTool\SamFwTool.exe (copy)	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\WdfCoInstaller01007.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0403.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secumdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang2101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudncm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudeadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\SamFwTool.exe	File created: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	File created: C:\Users\user\AppData\Local\Temp\is-S9RK9.tmp\_isetup\_setup64.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	File created: C:\SamFwTool\is-SLJ75.tmp	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\fastboot.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudrmnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang3E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudbus2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang3901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ss_conn_usb_driver.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_bus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcomm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang010E.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdobex.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\winusbcoinstaller2.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\WdfCoInstaller01005.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_MODEM\VIA_USB_MODEM.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaeadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssuddmgr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang2201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\VT32\C7xPHNV3.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\nmwcdclsx64.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\amd64\ssduwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudqcnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\dgderapi.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secumdfl.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\bin\cygusb-1.0.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang2A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_mdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\amd64\ssdudfu.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0C03.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secubus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_mdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudqcfilter.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1F01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaemdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\sseccrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0402.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ss_conn_launcher.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmgmt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_mdfl.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusb0_x86.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_bus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0C03.dll	Jump to dropped file
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	File created: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudncm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\VIA_USB_ETS_SS.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadadb.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\lg.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\ccdcmbsao.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\ViaUsbEts\ViaUsbEts.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_bus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\usbser_lowerfltsax64.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecunic.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaecmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang3901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdbus.sys	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	File created: C:\SamFwTool\data\is-9T7V6.tmp	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcmdm.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\libusb0.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1a04.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0E01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\adb.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0C01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\fld.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\ViaClassCoInstaller.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\AdbWinUsbApi.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_mdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang010E.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	File created: C:\SamFwTool\unins000.exe (copy)	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\amd64\SSUSBDownload.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\dgderdrv.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\W764\C7xPHN76.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\AdbWinApi.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Uninstall.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	File created: C:\SamFwTool\data\7za.exe (copy)	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaemdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscewhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbccmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_mdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaend5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscewhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ss_conn_usb_driver2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscemdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secumdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_mdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\nmwcdcls.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\sseccmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1a04.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpacm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscebus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cm95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0C01.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	File created: C:\SamFwTool\is-9RCVD.tmp	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusb0.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_vcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secuwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaeCoInstaller01005.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_whnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmgmt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusbK.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secubus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscemdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaend5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscebus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\libusb0_x86.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_mdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ss_conn_usb_driver.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ss_conn_usb_driver2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\filecheck.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0C01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1a04.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_whnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscewh95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ss_conn_usb_driver2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0B01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secumdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0B01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudqcfilter.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1602.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secuwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaeunic.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0C03.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaebus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_comm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secucmnt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\libusbK.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cm95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudqcnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\XP64\C7xPHNX6.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1b01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_mdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\WdfCoInstaller01007.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\WinUSBCoInstaller.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\VIA_USB_SER.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0B01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusbK_x86.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\usbser_lowerfltsax64j.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\09_Hsp\amd64\hspusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpacmfilter.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang2201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang010E.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbccr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\11_HSP_Plus_Default\amd64\mbtusbser.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secucrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaemdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\W732\C7xPHN73.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0402.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\ssceserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaeCoInstaller01005.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_wh95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\09_Hsp\i386\hspusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\ssceserd.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\7z.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecunic.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\ccdcmbsaox64.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\WdfCoInstaller01005.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudbus2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1301.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\CreateMutex.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaemdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\AccessControl.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\VIA_USB_SER.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscemdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1601.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_cmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_vcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecomm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaecmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang3901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1601.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_wh95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1F01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaewhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_cmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\recovery.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\11_HSP_Plus_Default\i386\mbtusbser.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\sseccrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcbus.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\bin\cygwin1.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscevcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaecrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbccmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_whnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscevcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang2101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\SamsungDeXEasySetup.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang2101.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\d.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_vcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\24_flashusbdriver\WIN32\FlashUsb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudrmnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang2201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssuddmgr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ss_conn_usb_driver.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\usbser_lowerfltsa.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\VT64\C7xPHNV6.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ss_conn_launcher.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang2A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0403.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0403.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ss_conn_launcher.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_ETS\VIA_USB_ETS.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_ETS\VIA_USB_ETS.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssuddmgr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudbus2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0601.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_vcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmgmt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecm95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscemdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaewhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaebus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\winusbcoinstaller2.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0701.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang2A01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\bin\linux-adk.exe	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\7zax64.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudrmnetmp.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\usbser_lowerfltsaj.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1b01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\libusb0.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0902.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang3E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\DIFxAPI.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudncm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang3E01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\LGUP_Cmd.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\i386\ssdudfu.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0402.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1F01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudeadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\24_flashusbdriver\X64\flashusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaecrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\VIA_USB_ETS_SS.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secucmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1301.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\WinUSBCoInstaller.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1602.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1602.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\qs.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\ccdcmbsax64.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1301.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0601.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusb0.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0902.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\bin\cyggcc_s-1.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmgmt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaeunic.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0601.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_comm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1b01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudrmnetmp.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusbK.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudrmnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\i386\SSUSBDownload.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\NT32\C7xPHNX3.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secucrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscecmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0701.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1001.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\x86\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\ccdcmbsa.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\ViaClassCoInstaller.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\install_x86.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpacm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_whnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdvcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpacmfilter.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0801.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\LGUP_Common.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaeadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudobex.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\amd64\libusb-1.0_x86.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1001.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_bus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0701.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudrmnetmp.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	File created: C:\SamFwTool\data\drivers\install_x64.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1001.dll	Jump to dropped file

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_comm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_vcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_vcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_comm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_vcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_vcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecomm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscevcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscevcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcomm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdvcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File created: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdvcr.vxd	Jump to dropped file

Source: C:\SamFwTool\data\7za.exe

File created: C:\SamFwTool\data\bin\cygwin1.dll

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

File created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SamFw Tool.lnk

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5CA5E0 lstrcatW,lstrcatW,OpenSCManagerW,OpenServiceW,QueryServiceStatusEx,GetTickCount,Sleep,QueryServiceStatusEx,GetTickCount,GetTickCount,StartServiceW,QueryServiceStatusEx,GetTickCount,Sleep,QueryServiceStatusEx,GetTickCount,GetTickCount,GetLastError,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,GetLastError,CloseServiceHandle,CloseServiceHandle,GetLastError,GetLastError,GetLastError,GetLastError,CloseServiceHandle,CloseServiceHandle,GetLastError,CloseServiceHandle,GetLastError,

31_2_00007FFB0D5CA5E0

Source: C:\SamFwTool\SamFwTool.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdate	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Registry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot	Jump to behavior

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 Blob

Jump to behavior

Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\driverquery.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

Queries sensitive Plug and Play Device Information (via WMI, Win32_PnPEntity, often done to detect virtual machines)

Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"
Source: C:\SamFwTool\SamFwTool.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_PnPEntity Where Status="OK"

Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 1EB0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 3950000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 5950000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 6A40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 6030000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 7A40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 6160000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 8A40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: AA40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: BA40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 63B0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: CA40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 6A40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 7A40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: F670000 memory reserve \| memory write watch	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Memory allocated: 11670000 memory reserve \| memory write watch	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5D3E60 SetupDiGetClassDevsW,SetupDiEnumDeviceInfo,SetupDiGetDeviceRegistryPropertyW,GetLastError,GetLastError,LocalFree,LocalAlloc,SetupDiGetDeviceRegistryPropertyW,GetLastError,LocalFree,SetupDiEnumDeviceInfo,GetLastError,GetLastError,GetLastError,SetupDiDestroyDeviceInfoList,

31_2_00007FFB0D5D3E60

Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 268435455	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 600000	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599875	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599766	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599641	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599531	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599422	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599313	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599188	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599063	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598953	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598844	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598719	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598610	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598485	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598360	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598235	Jump to behavior

Source: C:\SamFwTool\SamFwTool.exe	Window / User API: threadDelayed 2997			Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Window / User API: threadDelayed 5914			Jump to behavior

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_MODEM\VIA_USB_MODEM.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\sseccmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1601.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdvcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdwh95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\i386\ssduwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcm95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0902.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\adbsl.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\x86\libusbK.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\WdfCoInstaller01007.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0403.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secumdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang2101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudncm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudeadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdfl.sys	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-S9RK9.tmp\_isetup\_setup64.tmp	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\fastboot.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudrmnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang3E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudbus2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ss_conn_usb_driver.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang3901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_bus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcomm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang010E.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0E01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\winusbcoinstaller2.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\WdfCoInstaller01005.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_MODEM\VIA_USB_MODEM.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaeadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssuddmgr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang2201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\VT32\C7xPHNV3.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\nmwcdclsx64.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\amd64\ssduwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudqcnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secumdfl.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\bin\cygusb-1.0.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang2A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_mdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\amd64\ssdudfu.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0C03.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secubus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_mdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1F01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudqcfilter.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaemdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\sseccrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0402.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ss_conn_launcher.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmgmt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_mdfl.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\libusb0_x86.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_bus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0C03.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudncm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\VIA_USB_ETS_SS.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\lg.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\ccdcmbsao.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\ViaUsbEts\ViaUsbEts.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_bus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\usbser_lowerfltsax64.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecunic.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang3901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaecmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcmdm.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\x86\libusb0.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1a04.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0E01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\adb.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0C01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\fld.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\ViaClassCoInstaller.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\AdbWinUsbApi.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_mdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang010E.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Dropped PE file which has not been started: C:\SamFwTool\unins000.exe (copy)	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\amd64\SSUSBDownload.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\dgderdrv.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\W764\C7xPHN76.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudserd.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\AdbWinApi.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Uninstall.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaemdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscewhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbccmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_mdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaend5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscewhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ss_conn_usb_driver2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscemdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secumdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_mdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\nmwcdcls.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\sseccmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1a04.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpacm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscebus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cm95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0C01.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Dropped PE file which has not been started: C:\SamFwTool\is-9RCVD.tmp	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0A01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\libusb0.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_vcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secuwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaeCoInstaller01005.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_whnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmgmt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\libusbK.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secubus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscemdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscebus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaend5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\x86\libusb0_x86.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_mdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ss_conn_usb_driver.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ss_conn_usb_driver2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0C01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\filecheck.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1a04.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_whnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscewh95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ss_conn_usb_driver2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0B01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secumdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0B01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudqcfilter.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1602.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secuwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaeunic.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0C03.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaebus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_comm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secucmnt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\x86\libusbK.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cm95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudqcnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\XP64\C7xPHNX6.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1b01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_mdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\WdfCoInstaller01007.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\WinUSBCoInstaller.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\VIA_USB_SER.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0B01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\libusbK_x86.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\usbser_lowerfltsax64j.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\09_Hsp\amd64\hspusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang2201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpacmfilter.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang010E.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbccr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\11_HSP_Plus_Default\amd64\mbtusbser.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\i386\secucrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaemdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\W732\C7xPHN73.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0402.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\ssceserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaeCoInstaller01005.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_wh95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\amd64\ss_bcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\09_Hsp\i386\hspusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\ssceserd.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\7z.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\ccdcmbsaox64.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecunic.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\WdfCoInstaller01005.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudbus2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1301.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\CreateMutex.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1D01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaemdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\AccessControl.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\VIA_USB_SER.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscemdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1601.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_cmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_vcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecomm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaecmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang3901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1601.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_wh95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1F01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaewhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_cr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_cmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\recovery.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\07_Schorl\i386\ss_bmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\11_HSP_Plus_Default\i386\mbtusbser.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\sseccrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscevcd.vxd	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\bin\cygwin1.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaecrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdcmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbccmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_whnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscevcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang2101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\SamsungDeXEasySetup.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang2101.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\d.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_vcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\24_flashusbdriver\WIN32\FlashUsb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\amd64\sssdmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudrmnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang2201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssuddmgr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ss_conn_usb_driver.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\usbser_lowerfltsa.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\VT64\C7xPHNV6.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ss_conn_launcher.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang2A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0403.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0403.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ss_conn_launcher.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\i386\VIA_USB_ETS\VIA_USB_ETS.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssuddmgr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\19_VIA_driver\amd64\VIA_USB_ETS\VIA_USB_ETS.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudbus2.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0601.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_vcd.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\amd64\ssecmgmt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecm95.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscemdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaewhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaebus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\x86\winusbcoinstaller2.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang2A01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0701.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\bin\linux-adk.exe	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\7zax64.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudrmnetmp.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\usbser_lowerfltsaj.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1b01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\x86\libusb0.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\i386\sscecmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0902.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudnd5.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang3E01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudncm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang3E01.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\LGUP_Cmd.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\20_NXP_Driver\i386\ssdudfu.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0402.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1F01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudeadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cr.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\24_flashusbdriver\X64\flashusb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaecrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\x86\VIA_USB_ETS_SS.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1301.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secucmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\WinUSBCoInstaller.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\03_Swallowtail\i386\sscdserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1602.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1602.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\qs.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\ccdcmbsax64.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\amd64\ssbcmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\16_Shrewsbury\i386\ssadserd.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1301.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0601.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\libusb0.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0902.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmgmt.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\bin\cyggcc_s-1.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\amd64\ssaeunic.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\i386\ssm_comm.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0601.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1b01.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudrmnetmp.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\libusbK.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudrmnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\i386\SSUSBDownload.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\22_WiBro_WiMAX\NT32\C7xPHNX3.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\17_EMP_Chipset2\amd64\secucrnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\04_semseyite\amd64\sscecmnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdmdm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\08_EMPChipset\i386\ssecwhnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0901.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0701.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\setup64.dat	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1001.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\x86\WdfCoInstaller01009.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudnet.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\26_VIA_driver2\amd64\ViaClassCoInstaller.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\ccdcmbsa.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\install_x86.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\amd64\shpacm.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_whnt.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdvcr.vxd	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\10_HSP_Plus_ko\i386\shpacmfilter.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0801.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1101.dll	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\LGUP_Common.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\05_Sloan\i386\sssdobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\arm64\ssudbus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1101.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0401.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\21_Searsburg\i386\ssaeadb.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudobex.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\amd64\libusb-1.0_x86.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang1201.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang1001.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\amd64\ssudobex.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\06_Spencer\i386\ssbcmdfl.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\i386\lang0501.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_bus.sys	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\amd64\lang0701.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\25_escape\i386\ssudrmnetmp.sys	Jump to dropped file
Source: C:\SamFwTool\data\7za.exe	Dropped PE file which has not been started: C:\SamFwTool\data\drivers\install_x64.exe	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang1001.dll	Jump to dropped file
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\lang\arm64\lang0501.dll	Jump to dropped file

Source: C:\SamFwTool\data\7za.exe	API coverage: 8.4 %
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	API coverage: 2.8 %
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	API coverage: 3.4 %

Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -7378697629483816s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -268435455s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -600000s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -599875s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -599766s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -599641s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -599531s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -599422s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -599313s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -599188s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -599063s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -598953s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -598844s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -598719s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -598610s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -598485s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -598360s >= -30000s	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe TID: 1352	Thread sleep time: -598235s >= -30000s	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe TID: 7572	Thread sleep time: -30000s >= -30000s	Jump to behavior

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed

Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00405F7B __EH_prolog,FindFirstFileW,FindFirstFileW,FindFirstFileW,	11_2_00405F7B
Source: C:\SamFwTool\data\7za.exe	Code function: 11_2_00407CEC FindFirstFileW,	11_2_00407CEC
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Code function: 24_2_00406435 FindFirstFileA,FindClose,	24_2_00406435
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Code function: 24_2_00405889 GetTempPathA,DeleteFileA,lstrcatA,lstrcatA,lstrlenA,FindFirstFileA,FindNextFileA,FindClose,	24_2_00405889
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	Code function: 24_2_004027A1 FindFirstFileA,	24_2_004027A1
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5ED614 FindFirstFileExA,	31_2_00007FFB0D5ED614
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C8E10 GetWindowsDirectoryW,FindFirstFileW,SetupOpenInfFileW,SetupCloseInfFile,DriverPackageUninstallW,FindNextFileW,FindClose,GetLastError,	31_2_00007FFB0D5C8E10
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5D5A50 GetWindowsDirectoryW,FindFirstFileW,GetLastError,GetLastError,GetLocalTime,MoveFileW,GetLastError,FindNextFileW,FindClose,GetLastError,GetLastError,	31_2_00007FFB0D5D5A50
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5C4B30 SHCreateDirectoryExW,GetLocalTime,GetSystemInfo,GetVersionExW,GetWindowsDirectoryW,GetSystemDirectoryW,GetSystemDirectoryW,FindFirstFileW,GetLastError,GetLastError,GetFileVersionInfoSizeW,GetFileVersionInfoW,VerQueryValueW,VerQueryValueW,FindFirstFileW,GetLastError,GetLastError,	31_2_00007FFB0D5C4B30
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5BD614 FindFirstFileExA,	33_2_00007FFB1C5BD614
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C598E10 GetWindowsDirectoryW,FindFirstFileW,SetupOpenInfFileW,SetupCloseInfFile,DriverPackageUninstallW,FindNextFileW,FindClose,GetLastError,	33_2_00007FFB1C598E10
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5A5A50 GetWindowsDirectoryW,FindFirstFileW,GetLastError,GetLastError,GetLocalTime,MoveFileW,GetLastError,FindNextFileW,FindClose,GetLastError,GetLastError,	33_2_00007FFB1C5A5A50
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C594B30 SHCreateDirectoryExW,GetLocalTime,GetSystemInfo,GetVersionExW,GetWindowsDirectoryW,GetSystemDirectoryW,GetSystemDirectoryW,FindFirstFileW,GetLastError,GetLastError,GetFileVersionInfoSizeW,GetFileVersionInfoW,VerQueryValueW,VerQueryValueW,FindFirstFileW,GetLastError,GetLastError,	33_2_00007FFB1C594B30

Source: C:\SamFwTool\data\7za.exe

Code function: 11_2_00406996 __EH_prolog,GetLogicalDriveStringsW,GetLogicalDriveStringsW,GetLogicalDriveStringsW,

11_2_00406996

Source: C:\SamFwTool\data\7za.exe

Code function: 11_2_00408CED GetSystemInfo,

11_2_00408CED

Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 268435455	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 600000	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599875	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599766	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599641	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599531	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599422	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599313	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599188	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 599063	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598953	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598844	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598719	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598610	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598485	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598360	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Thread delayed: delay time: 598235	Jump to behavior

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\Local\Temp\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\Local\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\	Jump to behavior
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	File opened: C:\Users\user~1\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\	Jump to behavior

Source: SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Microsoft Hyper-V Virtualization Infrast
Source: SamFwTool.exe, 00000011.00000002.2679909229.0000000007003000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure Driver{4d36e97d-e325-11ce-bfc1-08002be10318}Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualization Infrastructure DriverSystemROOT\VID\0000VidOKWin32_ComputerSystemuser-PCLMEM@
Source: SamFwTool.exe, 00000011.00000002.2734200507.0000000014998000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PCCLMEMp
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014A4F000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PCuLMEMP
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006CE0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: -08002be10318}Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualization Infrastructure DriverSystemROOT\VID\0000VidOKWin32_ComputerSystemuser-PC
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014AB2000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure Driver{4d36e97d-e325-11ce-bfc1-08002be10318}Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualization Infrastructure DriverSystemROOT\VID\0000VidOKWin32_ComputerSystemuser-PCLMEM
Source: SamFwTool.exe, 00000011.00000002.2669862636.0000000006A9C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCWin32_
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014AE5000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCring[]Win32_PnPEntityUSB Input DeviceUSB\VID_0E0F&PID_0003&MI_01\6&13A33973&0&0001System.String[](Standard system devices)USB Input DeviceHIDClassUSB\VID_0E0F&PID_0003&MI_01\6&13A33973&0&0001HidUsbOKWin32_ComputerSystemuser-PCz_
Source: driverquery.exe, 00000015.00000003.1641264401.000002153D123000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_SystemDrivervmciWin32_SystemDriverWin32_ComputerSystemuser-PCRunningOKvmcivmcivmciUnknownUnknownUnknown32\dr
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1554883432.000000000090D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2181697945.0000000000834000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2216043015.0000000000796000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2182395414.0000000000834000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2623034609.0000000000796000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2623034609.0000000000834000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2216043015.0000000000834000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006F81000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PCID="ACPI\\PNP0B0
Source: driverquery.exe, 00000015.00000003.1641264401.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000003.1641081974.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000003.1641689982.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000002.1642328558.000002153D147000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Microsoft Hyper-V Virtual PCI Bus
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PC5C-61C
Source: SamFwTool.exe, 00000011.00000002.2684804225.000000000A09E000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: q$VMware Virtual disk SCSI Disk Device
Source: SamFwTool.exe, 00000011.00000002.2684804225.000000000A0E4000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2684804225.000000000A09E000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: q$Microsoft Hyper-V Generation Counter
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCLUME\{
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006FB3000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PCTDESK-PCCLMEM
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006F81000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PC-PCPNLMEM(
Source: SamFwTool.exe, 00000011.00000002.2734200507.0000000014998000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityNECVMWar VMware SATA CD00{4d36e965-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityCD-ROM DriveSCSI\CDROM&VEN_NECVMWAR&PROD_7KNEDKL2_SATA_CD00\4&224F42EF&0&000000System.String[](Standard CD-ROM drives)NECVMWar VMware SATA CD00CDROMSCSI\CDROM&VEN_NECVMWAR&PROD_F22M952Z_SATA_CD00\4&224F42EF&0&000000cdromOKWin32_ComputerSystemuser-PCELMEMh
Source: SamFwTool.exe, 00000011.00000002.2670735168.0000000006AF3000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PC
Source: SamFwTool.exe, 00000011.00000002.2675826716.0000000006D83000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PCSWD\\RADIO\\{3DBG
Source: SamFwTool.exe, 00000011.00000002.2684804225.000000000A0E4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: q$Microsoft Hyper-V Generation Counter0>
Source: SamFwTool.exe, 00000011.00000002.2682942311.0000000007191000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2736322417.0000000014B05000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2670735168.0000000006B1B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PC
Source: SamFwTool.exe, 00000011.00000002.2672322584.0000000006BC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: War VMware SATA CD00{4d36e65-
Source: SamFwTool.exe, 00000011.00000002.2734200507.0000000014998000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityNECVMWar VMware SATA CD00{4d36e965-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityCD-ROM DriveSCSI\CDROM&VEN_NECVMWAR&PROD_7KNEDKL2_SATA_CD00\4&224F42EF&0&000000System.String[](Standard CD-ROM drives)NECVMWar VMware SATA CD00CDROMSCSI\CDROM&VEN_NECVMWAR&PROD_F22M952Z_SATA_CD00\4&224F42EF&0&000000cdromOKWin32_ComputerSystemuser-PCLMEMh
Source: SamFwTool.exe, 00000011.00000002.2673116555.0000000006CA0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCHZ\\_0
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014A4F000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2736322417.0000000014AB2000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2667462428.000000000691C000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2675826716.0000000006D83000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure Driver{4d36e97d-e325-11ce-bfc1-08002be10318}Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualization Infrastructure DriverSystemROOT\VID\0000VidOKWin32_ComputerSystemuser-PC
Source: driverquery.exe, 00000015.00000003.1641264401.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000003.1641081974.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000003.1641689982.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000002.1642328558.000002153D147000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: per-V Virtual PCI BusMicrosoft Hyper-V Virtual PCI BusMicrosoft Hyper-V Virt
Source: SamFwTool.exe, 00000011.00000002.2667462428.000000000691C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure Driver{4d36e97d-e325-11ce-bfc1-08002be10318}Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualization Infrastructure DriverSystemROOT\VID\0000VidOKWin32_ComputerSystemuser-PCNTDESK-PC
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1554883432.0000000000922000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: To remove false warnings, please add the SamFw tool to your antivirus software's ignore list. If you are not confident, we recommend you use the SamFw tool on virtual machines like VMWare, or VirtualBox or switch to leading anti-virus software like Kaspersky, or McAfee...
Source: SamFwTool.exe, 00000011.00000002.2684804225.000000000A0E4000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2684804225.000000000A09E000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: q6Microsoft Hyper-V Virtualization Infrastructure Driver
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1554883432.0000000000922000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: s like VMWare, or Virtua
Source: SamFwTool.exe, 00000011.00000002.2682942311.0000000007191000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2669862636.0000000006A9C000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2736322417.0000000014B05000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2677115943.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2736322417.0000000014AE5000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2675826716.0000000006D83000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2735585302.0000000014A0C000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2678054659.0000000006FB3000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Microsoft Hyper-V Generation Counter
Source: SamFwTool.exe, 00000011.00000002.2674309084.0000000006CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: NECVMWar VMware SATA CD00
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014B05000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCL
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006FB3000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMware Virtual disk SCSI Disk Device
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1554883432.0000000000922000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: s like VMWare, or VirtualBox or switch to leading anti-virus software like Kaspersky, or McAfee...
Source: SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V Vi\
Source: SamFwTool.exe, 00000011.00000002.2672707171.0000000006C09000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: em.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZ
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014A4F000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2674604144.0000000006CE0000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2736322417.0000000014AB2000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2667462428.000000000691C000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2675826716.0000000006D83000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2679909229.0000000007003000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
Source: driverquery.exe, 00000015.00000003.1641264401.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000003.1641081974.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000003.1641689982.000002153D147000.00000004.00000020.00020000.00000000.sdmp, driverquery.exe, 00000015.00000002.1642328558.000002153D147000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Microsoft Hyper-V Virt
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006FB3000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PComputerSystemuser-PC
Source: SamFwTool.exe, 00000011.00000002.2674309084.0000000006CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMware VMCI Bus Device
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006CE0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Microsoft Hyper-V Vi
Source: SamFwTool.exe, 00000011.00000002.2621026605.0000000001B2F000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PCTDESK-PCMEM
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006FB3000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \REGISTRY\USER\S-1-5-21-2246122658-3693405117-2476756634-1003_Classes\WOW6432Node\CLSID\{CF4CC405-E2C5-4DDD-B3CE-5E7582D8C9FA}\InprocServer327d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCRONTDELMEM(
Source: driverquery.exe, 00000015.00000003.1641264401.000002153D123000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_SystemDrivervmciWin32_SystemDriverWin32_ComputerSystemFRONTDESK-PCRunningOKvmcivmcivmciUnknownUnknownUnknownEM
Source: SamFwTool.exe, 00000011.00000002.2672322584.0000000006BC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: PnPEntityVMware Virtual dik S
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014AB2000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure Driver{4d36e97d-e325-11ce-bfc1-08002be10318}Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualization Infrastructure DriverSystemROOT\VID\0000VidOKWin32_ComputerSystemuser-PCSKLMEM@
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006CE0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: "PCI\\VEN_8086&DEV_7191&SUBSYS_00000000&REV_01\\3&61AAA01&0&08"Microsoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualiza
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006FB3000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PCRONTDESK-PCM(
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014AB2000.00000004.00000020.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2675826716.0000000006D83000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure Driver{4d36e97d-e325-11ce-bfc1-08002be10318}Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualization Infrastructure DriverSystemROOT\VID\0000VidOKWin32_ComputerSystemuser-PCELMEM
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014B05000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: M drives)NECVMWar VMware SATA
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PC="ROOT)D
Source: SamFwTool.exe, 00000011.00000002.2672322584.0000000006BC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMware Virtual di
Source: SamFwTool.exe, 00000011.00000002.2674309084.0000000006CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMware, Inc.
Source: SamFwTool.exe, 00000011.00000002.2674309084.0000000006CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PCLMEM
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PC
Source: SamFwTool.exe, 00000011.00000002.2674309084.0000000006CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PCTDESK-PC
Source: SamFwTool.exe, 00000011.00000002.2672707171.0000000006C09000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PCESK-
Source: SamFwTool.exe, 00000011.00000002.2675826716.0000000006D83000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCIDLMEM(
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006F15000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: stem.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PC10"
Source: SamFwTool.exe, 00000011.00000002.2677115943.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCDESK-PC
Source: SamFwTool.exe, 00000011.00000002.2677115943.0000000006E90000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PC-PCK-PCLMEM
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCctor Bus{4
Source: SamFwTool.exe, 00000011.00000002.2677115943.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCDESK-PCB/
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014AB2000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus Device{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZG6&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FSystem.String[]VMware, Inc.VMware VMCI Bus DeviceSystemPCI\LXTKHUKS&DEV_0740&SUBSYS_074015AD&REV_10\3&61AAA01&0&3FvmciOKWin32_ComputerSystemuser-PCDLMEMP
Source: SamFwTool.exe, 00000011.00000002.2734200507.0000000014998000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PCLMEMp
Source: SamFwTool.exe, 00000011.00000002.2684804225.000000000A0E4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: VMware VMCI Bus Device0>
Source: SamFwTool.exe, 00000011.00000002.2670735168.0000000006B1B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCMiniport (PPT
Source: SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrast
Source: SamFwTool.exe, 00000011.00000002.2667462428.0000000006912000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: SamFwTool.exe, 00000011.00000002.2736322417.0000000014B05000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: NECVMWar VMware SATA
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006CE0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ftMicrosoft Hyper-V Vi
Source: SamFwTool.exe, 00000011.00000002.2684804225.000000000A0E4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: q$VMware Virtual disk SCSI Disk Device0>
Source: SamFwTool.exe, 00000011.00000002.2735585302.0000000014A0C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCring[]Win32_PnPEntityLocal Print QueueSWD\PRINTENUM\{12FB14E7-9D55-42C4-9CE2-DC18D7D64935}System.String[]MicrosoftOneNote (Desktop)PrintQueueSWD\PRINTENUM\{12FB14E7-9D55-42C4-9CE2-DC18D7D64935}OKWin32_ComputerSystemuser-PCNTDESK-PCp
Source: SamFwTool.exe, 00000011.00000002.2675826716.0000000006D83000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PC000"crosof
Source: SamFwTool.exe, 00000011.00000002.2674309084.0000000006CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityNECVMWar VMware SATA CD00{4d36e965-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityCD-ROM DriveSCSI\CDROM&VEN_NECVMWAR&PROD_7KNEDKL2_SATA_CD00\4&224F42EF&0&000000System.String[](Standard CD-ROM drives)NECVMWar VMware SATA CD00CDROMSCSI\CDROM&VEN_NECVMWAR&PROD_F22M952Z_SATA_CD00\4&224F42EF&0&000000cdromOKWin32_ComputerSystemuser-PC
Source: SamFwTool.exe, 00000011.00000002.2672322584.0000000006BC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: War VMware SATA CD00
Source: SamFwTool.exe, 00000011.00000002.2669862636.0000000006A9C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCmv2:Wi
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006CE0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Microsoft Hyper-V Virtu_
Source: SamFwTool.exe, 00000011.00000002.2735585302.0000000014A0C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PC-PC
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PCuser-PCP0LMEM0
Source: SamFwTool.exe, 00000011.00000002.2734200507.0000000014998000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityNECVMWar VMware SATA CD00{4d36e965-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityCD-ROM DriveSCSI\CDROM&VEN_NECVMWAR&PROD_7KNEDKL2_SATA_CD00\4&224F42EF&0&000000System.String[](Standard CD-ROM drives)NECVMWar VMware SATA CD00CDROMSCSI\CDROM&VEN_NECVMWAR&PROD_F22M952Z_SATA_CD00\4&224F42EF&0&000000cdromOKWin32_ComputerSystemuser-PCTLMEMh
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006D2C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PC-PCNTDESLMEM(
Source: SamFwTool.exe, 00000011.00000002.2678054659.0000000006F81000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware Virtual disk SCSI Disk Device{4d36e967-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityDisk driveSCSI\DISK&VEN_Z6PLVRVT&PROD_VIRTUAL_DISK\4&1656F219&0&000000System.String[](Standard disk drives)VMware Virtual disk SCSI Disk DeviceDiskDriveSCSI\DISK&VEN_L4BO23L6&PROD_VIRTUAL_DISK\4&1656F219&0&000000diskOKWin32_ComputerSystemuser-PCuser-PCLMEM0
Source: SamFwTool.exe, 00000011.00000002.2674604144.0000000006CE0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Microsoft Hyper-V Virtualiza
Source: SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000002.1555719616.000000000018C000.00000004.00000010.00020000.00000000.sdmp	Binary or memory string: To remove false warnings, please add the SamFw tool to your antivirus software's ignore list. If you are not confident, we recommend you use the SamFw tool on virtual machines like VMWare,
Source: SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityMicrosoft Hyper-V Generation Counter{4d36e97d-e325-11ce-bfc1-08002be10318}System.String[]Win32_PnPEntityMicrosoft Hyper-V Generation CounterACPI\VMW0001\7System.String[]MicrosoftMicrosoft Hyper-V Generation CounterSystemACPI\VMW0001\7gencounterOKWin32_ComputerSystemuser-PCPEntit
Source: SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityRoot Print Queue{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}System.String[]Win32_PnPEntityLocal Print QueueSWD\PRINTENUM\PRINTQUEUESSystem.String[]MicrosoftRoot Print QueuePrintQueueSWD\PRINTENUM\PRINTQUEUESOKWin32_ComputerSystemuser-PCHyper-V Vi\
Source: SamFwTool.exe, 00000011.00000002.2674309084.0000000006CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Win32_PnPEntityVMware VMCI Bus DevicePCI\BL7AYZ
Source: SamFwTool.exe, 00000011.00000002.2671256814.0000000006B35000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Driver{4d36e97d-e325-11ce-bfc1-08002be10318}Win32_PnPEntityMicrosoft Hyper-V Virtualization Infrastructure DriverROOT\VID\0000System.String[]MicrosoftMicrosoft Hyper-V Virtualization Infrastructure DriverSystemROOT\VID\0000VidOKWin3%

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	API call chain: ExitProcess graph end node
Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	API call chain: ExitProcess graph end node

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp

Process information queried: ProcessInformation

Jump to behavior

Source: C:\SamFwTool\SamFwTool.exe

Process queried: DebugPort

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5D9060 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

31_2_00007FFB0D5D9060

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5D8140 GetLastError,IsDebuggerPresent,OutputDebugStringW,

31_2_00007FFB0D5D8140

Source: C:\SamFwTool\data\7za.exe

11_2_0043A692

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5EE5E4 GetProcessHeap,

31_2_00007FFB0D5EE5E4

Source: C:\SamFwTool\SamFwTool.exe

Process token adjusted: Debug

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5D8DBC SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	31_2_00007FFB0D5D8DBC
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5D9060 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	31_2_00007FFB0D5D9060
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 31_2_00007FFB0D5E124C RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	31_2_00007FFB0D5E124C
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5A8DBC SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	33_2_00007FFB1C5A8DBC
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5A9060 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	33_2_00007FFB1C5A9060
Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe	Code function: 33_2_00007FFB1C5B124C RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	33_2_00007FFB1C5B124C

Source: C:\SamFwTool\SamFwTool.exe

Memory allocated: page read and write | page guard

Jump to behavior

Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\Windows\System32\cmd.exe "C:\Windows\Sysnative\cmd.exe" /c driverquery /FO list	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://bit.ly/samfwtool	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Process created: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe "C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe"	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\driverquery.exe driverquery /FO list	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5D5800 InitializeSecurityDescriptor,InitializeAcl,LookupAccountNameW,AddAccessAllowedAce,LookupAccountNameW,AddAccessAllowedAce,LookupAccountNameW,AddAccessAllowedAce,SetSecurityDescriptorDacl,LocalFree,SetFileSecurityW,

31_2_00007FFB0D5D5800

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5C2590 AllocateAndInitializeSid,GetLastError,AllocateAndInitializeSid,GetLastError,AllocateAndInitializeSid,GetLastError,AllocateAndInitializeSid,GetLastError,SetEntriesInAclW,SetNamedSecurityInfoW,FreeSid,FreeSid,FreeSid,FreeSid,LocalFree,

31_2_00007FFB0D5C2590

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

Code function: 31_2_00007FFB0D5F37D0 cpuid

31_2_00007FFB0D5F37D0

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

31_2_00007FFB0D5D3E60

Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\SamFwTool\SamFwTool.exe VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll VolumeInformation	Jump to behavior
Source: C:\SamFwTool\SamFwTool.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior

Source: C:\SamFwTool\data\7za.exe

Code function: 11_2_00408F0E GetSystemTimeAsFileTime,

11_2_00408F0E

Source: C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\Setup.exe

31_2_00007FFB0D5D5800

Source: C:\SamFwTool\data\7za.exe

Code function: 11_2_00478060 GetVersionExW,

11_2_00478060

Source: C:\SamFwTool\SamFwTool.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe

Registry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 Blob

Jump to behavior

Source: Setup.exe, 00000021.00000002.2627842809.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp	Binary or memory string: %s\%s_%04d%02d%02d.log%02u/%02u-%02u:%02u:%02u \INF\\SYSTEM32\(%d) %sDeleteFileExGetNativeSystemInfoOS Version : OS_WIN_WINDOWS10GetOSVersionOS Version : OS_WIN_WINDOWS8.1OS Version : OS_WIN_8OS Version : OS_WIN_WINDOWS2012OS Version : OS_WIN_7OS Version : OS_WIN_SRV2008R2OS Version : OS_WIN_VISTAOS Version : OS_WIN_LONGHORNOS Version : OS_WIN_2003OS Version : OS_WIN_XPOS Version : OS_WIN_2000OS Version : OS_WIN_NT si.wProcessorArchitecture = 0x%x OS Version : OS_WIN_95OS Version : OS_WIN_98OS Version : OS_WIN_98_SEOS Version : OS_WIN_METRUEFALSECopy %s to %s (%s)MyCopyDriverFile...Remove Directory : %sMyDeletePathdelete file : %s++ Hardware ID : %sDetectDeviceFind H/W ID : %sGetSystemWow64DirectoryAsetting reg fail [create key] - (key : %s) (value_name: %s) - [retval : 0x%x, %d]SetRegBINARYValuesetting reg success [set value] - (key : %s) (value_name: %s)setting reg fail [set value] - (key : %s) (value_name: %s) - [retval : 0x%x, %d]setting reg fail [create key] - (key : %s) (value_name: %s) (value: %s) - [retval : 0x%x, %d]SetRegStrValuesetting reg success [set value] - (key : %s) (value_name: %s) (value: %s)setting reg fail [set value] - (key : %s) (value_name: %s) (value: %s) - [retval : 0x%x, %d]setting reg fail [create key] - (key : %s) (value_name: %s) (value: 0x%x) - [retval : 0x%x, %d]SetRegDWORDValuesetting reg success [set value] - (key : %s) (value_name: %s) (value: 0x%x)setting reg fail [set value] - (key : %s) (value_name: %s) (value: 0x%x) - [retval : 0x%x, %d]SetRegStringValueCreateProcess failed %d
Source: SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2155036233.000000000274C000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: kernel32.dll%s\%s_%04d%02d%02d.log%02u/%02u-%02u:%02u:%02u Samsung\USB Drivers\INF\\SYSTEM32\(%d) %sDeleteFileExGetNativeSystemInfoOS Version : OS_WIN_WINDOWS10GetOSVersionOS Version : OS_WIN_WINDOWS8.1OS Version : OS_WIN_WINDOWS8OS Version : OS_WIN_WINDOWS2012OS Version : OS_WIN_SRV2008R2OS Version : OS_WIN_7OS Version : OS_WIN_VISTAOS Version : OS_WIN_LONGHORNOS Version : OS_WIN_2003OS Version : OS_WIN_XPOS Version : OS_WIN_2000OS Version : OS_WIN_NT si.wProcessorArchitecture = 0x%x OS Version : OS_WIN_95OS Version : OS_WIN_98OS Version : OS_WIN_98_SEOS Version : OS_WIN_ME. Delete DriverFiles = %s MyDeletePath..GetSystemWow64DirectoryAsetting reg fail [create key] - (key : %s) (value_name: %s) - [retval : 0x%x, %d]SetRegBINARYValuesetting reg success [set value] - (key : %s) (value_name: %s)setting reg fail [set value] - (key : %s) (value_name: %s) - [retval : 0x%x, %d]setting reg fail [create key] - (key : %s) (value_name: %s) (value: %s) - [retval : 0x%x, %d]SetRegStrValuesetting reg success [set value] - (key : %s) (value_name: %s) (value: %s)setting reg fail [set value] - (key : %s) (value_name: %s) (value: %s) - [retval : 0x%x, %d]SeShutdownPrivilege+ %wsWindows 10 greaterGetVersionWithVersionHelper OS_VERSION_WIN10 OS_VERSION_WIN8.1 OS_VERSION_WIN8 OS_VERSION_WIN7 OS_VERSION_VISTA OS_VERSION_2003 OS_VERSION_WINXP OS Type : VER_NT_WORKSTATION OS Type : VER_NT_SERVER"
Source: Setup.exe	Binary or memory string: OS Version : OS_WIN_XP
Source: Setup.exe, 00000021.00000002.2629681524.00007FFB1C5C5000.00000002.00000001.01000000.00000018.sdmp	Binary or memory string: \VarFileInfo\Translation\StringFileInfo\%08lx\%sDeviceNotEnoughBandwidthDeviceHubNestedTooDeeplyDeviceInLegacyHubNULLNoStatusBadStatusGoodStatusUsbLowSpeedUsbFullSpeedUsbHighSpeedHostControllerInfoRootHubInfoExternalHubInfoDeviceInfoUndefinedPortMassStorageMTPSeBackupPrivilegeSeRestorePrivilegeOS Version : OS_WIN_WINDOWS10GetOSVersionOS Version : OS_WIN_WINDOWS8.1OS Version : OS_WIN_8OS Version : OS_WIN_WINDOWS2012OS Version : OS_WIN_7OS Version : OS_WIN_SRV2008R2OS Version : OS_WIN_VISTAOS Version : OS_WIN_LONGHORNOS Version : OS_WIN_2003OS Version : OS_WIN_XPOS Version : OS_WIN_2000OS Version : OS_WIN_NT si.wProcessorArchitecture = 0x%x OS Version : OS_WIN_95OS Version : OS_WIN_98OS Version : OS_WIN_98_SEOS Version : OS_WIN_MEconn\ss_conn_service.execonn\ss_conn_service2.exe
Source: Setup.exe	Binary or memory string: OS Version : OS_WIN_7
Source: Setup.exe, 00000021.00000002.2628154940.00007FF65D1C2000.00000008.00000001.01000000.00000017.sdmp	Binary or memory string: STRING_MTP_SITE_WIN_VISTA_XP_64
Source: Setup.exe, 00000021.00000002.2628154940.00007FF65D1C2000.00000008.00000001.01000000.00000017.sdmp	Binary or memory string: STRING_MTP_SITE_WIN_VISTA_XP_32
Source: Setup.exe	Binary or memory string: OS Version : OS_WIN_8
Source: Setup.exe	Binary or memory string: OS Version : OS_WIN_VISTA

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	1 Native API	1 DLL Side-Loading	1 DLL Side-Loading	11 Disable or Modify Tools	OS Credential Dumping	1 System Time Discovery	Remote Services	1 Archive Collected Data	3 Ingress Tool Transfer	Exfiltration Over Other Network Medium	1 System Shutdown/Reboot
Credentials	Domains	Default Accounts	2 Command and Scripting Interpreter	22 Windows Service	1 Access Token Manipulation	1 Deobfuscate/Decode Files or Information	LSASS Memory	1 Peripheral Device Discovery	Remote Desktop Protocol	1 Clipboard Data	11 Encrypted Channel	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	12 Service Execution	1 Registry Run Keys / Startup Folder	22 Windows Service	4 Obfuscated Files or Information	Security Account Manager	1 Account Discovery	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Non-Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	11 Process Injection	2 Software Packing	NTDS	5 File and Directory Discovery	Distributed Component Object Model	Input Capture	5 Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	1 Registry Run Keys / Startup Folder	1 Timestomp	LSA Secrets	136 System Information Discovery	SSH	Keylogging	Fallback Channels	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 DLL Side-Loading	Cached Domain Credentials	2 Query Registry	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	11 Masquerading	DCSync	241 Security Software Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	1 Modify Registry	Proc Filesystem	141 Virtualization/Sandbox Evasion	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement
Network Topology	Malvertising	Exploit Public-Facing Application	Command and Scripting Interpreter	At	At	141 Virtualization/Sandbox Evasion	/etc/passwd and /etc/shadow	2 Process Discovery	Direct Cloud VM Connections	Data Staged	Web Protocols	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Internal Defacement
IP Addresses	Compromise Infrastructure	Supply Chain Compromise	PowerShell	Cron	Cron	1 Access Token Manipulation	Network Sniffing	1 Application Window Discovery	Shared Webroot	Local Data Staging	File Transfer Protocols	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	External Defacement
Network Security Appliances	Domains	Compromise Software Dependencies and Development Tools	AppleScript	Launchd	Launchd	11 Process Injection	Input Capture	3 System Owner/User Discovery	Software Deployment Tools	Remote Data Staging	Mail Protocols	Exfiltration Over Unencrypted Non-C2 Protocol	Firmware Corruption

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	25%	Virustotal		Browse
SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe	17%	ReversingLabs	Win32.Trojan.Znyonm

Dropped Files

Source	Detection	Scanner	Label
C:\SamFwTool\is-SLJ75.tmp	100%	Avira	HEUR/AGEN.1313293
C:\SamFwTool\is-SLJ75.tmp	100%	Joe Sandbox ML
C:\SamFwTool\SamFwTool.exe (copy)	38%	ReversingLabs	Win32.Trojan.Generic
C:\SamFwTool\data\7z.exe	0%	ReversingLabs
C:\SamFwTool\data\7za.exe (copy)	0%	ReversingLabs
C:\SamFwTool\data\7zax64.exe	0%	ReversingLabs
C:\SamFwTool\data\AdbWinApi.dll	0%	ReversingLabs
C:\SamFwTool\data\AdbWinUsbApi.dll	3%	ReversingLabs
C:\SamFwTool\data\LGUP_Cmd.exe	0%	ReversingLabs
C:\SamFwTool\data\LGUP_Common.dll	0%	ReversingLabs
C:\SamFwTool\data\adb.exe	0%	ReversingLabs
C:\SamFwTool\data\adbsl.exe	0%	ReversingLabs
C:\SamFwTool\data\bin\cyggcc_s-1.dll	0%	ReversingLabs
C:\SamFwTool\data\bin\cygusb-1.0.dll	0%	ReversingLabs
C:\SamFwTool\data\bin\cygwin1.dll	0%	ReversingLabs
C:\SamFwTool\data\bin\linux-adk.exe	0%	ReversingLabs
C:\SamFwTool\data\d.exe	0%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\WdfCoInstaller01009.dll	3%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\libusb-1.0_x86.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\libusb0.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\libusb0.sys	0%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\libusb0_x86.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\libusbK.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\libusbK.sys	0%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\libusbK_x86.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\amd64\winusbcoinstaller2.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\install_x64.exe	0%	ReversingLabs
C:\SamFwTool\data\drivers\install_x86.exe	0%	ReversingLabs
C:\SamFwTool\data\drivers\x86\WdfCoInstaller01009.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\x86\libusb0.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\x86\libusb0.sys	0%	ReversingLabs
C:\SamFwTool\data\drivers\x86\libusb0_x86.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\x86\libusbK.dll	0%	ReversingLabs
C:\SamFwTool\data\drivers\x86\libusbK.sys	0%	ReversingLabs
C:\SamFwTool\data\drivers\x86\winusbcoinstaller2.dll	0%	ReversingLabs
C:\SamFwTool\data\fastboot.exe	0%	ReversingLabs
C:\SamFwTool\data\fld.exe	0%	ReversingLabs
C:\SamFwTool\data\is-9T7V6.tmp	0%	ReversingLabs
C:\SamFwTool\data\lg.exe	0%	ReversingLabs
C:\SamFwTool\data\qs.exe	0%	ReversingLabs
C:\SamFwTool\data\recovery.exe	0%	ReversingLabs
C:\SamFwTool\driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe	0%	ReversingLabs
C:\SamFwTool\is-9RCVD.tmp	0%	ReversingLabs
C:\SamFwTool\is-SLJ75.tmp	38%	ReversingLabs	Win32.Trojan.Generic
C:\SamFwTool\unins000.exe (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\is-S9RK9.tmp\_isetup\_setup64.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\AccessControl.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\CreateMutex.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\setup64.dat	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_bus.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_cmnt.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_mdfl.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_mdm.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\amd64\ss_whnt.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_bus.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cm95.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cmnt.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_comm.vxd	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_cr.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_mdfl.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_mdm.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_vcd.vxd	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_vcr.vxd	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_wh95.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\01_Simmental\i386\ss_whnt.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\setup64.dat	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_bus.sys	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsa873B.tmp\Samsung\USB Drivers\02_Siberian\amd64\ssm_cmnt.sys	0%	ReversingLabs

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
id5-sync.com	0%	Virustotal	Browse
sync.intentiq.com	0%	Virustotal	Browse
sync1.intentiq.com	0%	Virustotal	Browse
match.prod.bidr.io	0%	Virustotal	Browse
ats-eks.us-west-2.dcs-online-targeting-prd.aws.oath.cloud	0%	Virustotal	Browse
pixel.onaudience.com	0%	Virustotal	Browse
m.deepintent.com	0%	Virustotal	Browse
cdn.hadronid.net	0%	Virustotal	Browse
cadmus.script.ac	0%	Virustotal	Browse
bttrack.com	0%	Virustotal	Browse
oa.openxcdn.net	0%	Virustotal	Browse
static.cloudflareinsights.com	0%	Virustotal	Browse
kube-stats-prod-oh-lbj.inbake.com	0%	Virustotal	Browse
lb.eu-1-id5-sync.com	0%	Virustotal	Browse
rotator-prod-oh-lb.inbake.com	0%	Virustotal	Browse
samfw.com	0%	Virustotal	Browse
user-data-us-west.bidswitch.net	0%	Virustotal	Browse
eu8.heatmap.it	0%	Virustotal	Browse
thrtle.com	0%	Virustotal	Browse
cdn.id5-sync.com	0%	Virustotal	Browse
ipv4.imgur.map.fastly.net	0%	Virustotal	Browse
ad.mrtnsvr.com	0%	Virustotal	Browse
rtb.adentifi.com	1%	Virustotal	Browse
aragorn-prod-oh-lb.inbake.com	0%	Virustotal	Browse
aep.mxptint.net	0%	Virustotal	Browse
ghb-adtelligent-com.geodns.me	0%	Virustotal	Browse
spug33000-fpb.pubmnet.com	1%	Virustotal	Browse
trace.mediago.io	0%	Virustotal	Browse
sync.ipredictive.com	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=	0%	URL Reputation	safe
https://cdn.id5-sync.com/api/1.0/id5-api.js	0%	URL Reputation	safe
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=	0%	URL Reputation	safe
https://a.audrte.com/p	0%	URL Reputation	safe
https://stpd.cloud/saas/3171	0%	Avira URL Cloud	safe
https://samfw.com/assets/img/logo.png	0%	Avira URL Cloud	safe
https://id5-sync.com/c/481/203/2/7.gif?puid=820ba408-d736-42d6-b7be-5b1e3ae1766f&gdpr=0&gdpr_consent=	0%	Avira URL Cloud	safe
https://samfw.com/api/samfwtool/v2/service-status	0%	Avira URL Cloud	safe
about:blank	0%	Avira URL Cloud	safe
http://www.samsungmobile.comURLInfoAboutURLInfoAbout	0%	Avira URL Cloud	safe
https://www.innosetup.com/	0%	Avira URL Cloud	safe
https://s.cdnsynd.com/2/641959/analytics.js?dt=6419591531399173184001&ac=11362813&si=4792984&pc=334520467&pi=526568920&cr=170336220&dm=160x600&ai=6836545&ui=0&cb=2250431479&pp=N555803.2382313DOUBLECLICKBIDMAN&md=display	0%	Avira URL Cloud	safe
https://vanced.me/assets/img/logo.svg	0%	Avira URL Cloud	safe
https://p.ad.gt	0%	Avira URL Cloud	safe
https://oa.openxcdn.net/esp.js	0%	Avira URL Cloud	safe
https://id5-sync.com/c/481/1246/1/8.gif?puid=ISXoARZHdraNBZy_RIWmot3X&gdpr=0&gdpr_consent=	0%	Avira URL Cloud	safe
https://a.audrte.com/a?adform_uid=9060652894245162056&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D	0%	Avira URL Cloud	safe
https://samfw.com/1RJ	0%	Avira URL Cloud	safe
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1&gdpr=&gdpr_c	0%	Avira URL Cloud	safe
https://samfw.com/assets/css/lazy.css	0%	Avira URL Cloud	safe
https://prebid-stag.setupad.net/openrtb2/auction	0%	Avira URL Cloud	safe
https://samfw.com/assets/img/favicon.ico	0%	Avira URL Cloud	safe
https://id5-sync.com/api/esp/increment?counter=no-config	0%	Avira URL Cloud	safe
https://samfw.com/	0%	Avira URL Cloud	safe
https://prebid-stag.setupad.net/cookie_sync	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
d3f1y6rso5ozvw.cloudfront.net	18.154.144.115	true	false		high
um.simpli.fi	35.230.38.116	true	false		high
rtb-csync-use1.smartadserver.com	216.22.16.40	true	false		high
bidder.da1.vip.prod.criteo.com	74.119.118.151	true	false		high
global.px.quantserve.com	192.184.68.228	true	false		high
id5-sync.com	141.95.33.120	true	false	0%, Virustotal, Browse	unknown
us-east-eb2.3lift.com	35.71.139.29	true	false		high
live.rezync.com	18.164.174.54	true	false		high
bttrack.com	64.38.119.43	true	false	0%, Virustotal, Browse	unknown
ad-interactions-prod-lb-1289981577.us-west-1.elb.amazonaws.com	54.241.104.80	true	false		high
cdn.w55c.net	52.11.39.206	true	false		high
crb.kargo.com	52.200.154.160	true	false		high
cdn.hadronid.net	172.67.36.110	true	false	0%, Virustotal, Browse	unknown
cm116.appier.org	139.162.117.143	true	false		high
www.google.com	142.250.101.103	true	false		high
syncelb-240036109.us-east-1.elb.amazonaws.com	3.232.54.57	true	false		high
sync.intentiq.com	99.84.203.112	true	false	0%, Virustotal, Browse	unknown
lb.eu-1-id5-sync.com	162.19.138.116	true	false	0%, Virustotal, Browse	unknown
id.rlcdn.com	35.244.154.8	true	false		high
bcp.crwdcntrl.net	52.9.18.211	true	false		high
sync1.intentiq.com	99.84.203.60	true	false	0%, Virustotal, Browse	unknown
match.adsrvr.org	35.71.131.137	true	false		high
rtactivateloadbalancer-2076579973.us-east-1.elb.amazonaws.com	34.195.193.82	true	false		high
match.prod.bidr.io	52.24.195.72	true	false	0%, Virustotal, Browse	unknown
pagead-googlehosted.l.google.com	142.251.2.132	true	false		high
creativecdn.com	185.184.8.90	true	false		high
googleads4.g.doubleclick.net	142.250.141.155	true	false		high
ats-eks.us-west-2.dcs-online-targeting-prd.aws.oath.cloud	34.214.251.32	true	false	0%, Virustotal, Browse	unknown
m.deepintent.com	8.18.47.7	true	false	0%, Virustotal, Browse	unknown
events-ssc.33across.com	34.117.239.71	true	false		high
pixel-sync.sitescout.com	34.36.216.150	true	false		high
pixel.onaudience.com	141.94.171.214	true	false	0%, Virustotal, Browse	unknown
d2ctznuk6ro1vp.cloudfront.net	18.164.174.66	true	false		high
aragorn-prod-oh-lb.inbake.com	3.140.173.35	true	false	0%, Virustotal, Browse	unknown
d162h6x3rxav67.cloudfront.net	99.84.203.103	true	false		high
d1ykf07e75w7ss.cloudfront.net	13.225.149.74	true	false		high
dmca-images.b-cdn.net	138.199.9.104	true	false		high
sjc-direct-bgp.contextweb.com	74.214.196.131	true	false		high
youtube-ui.l.google.com	142.251.2.136	true	false		high
rotator-prod-oh-lb.inbake.com	3.129.134.21	true	false	0%, Virustotal, Browse	unknown
ssum-sec.casalemedia.com	172.64.151.101	true	false		high
googleads.g.doubleclick.net	142.251.2.155	true	false		high
ads.travelaudience.com	35.190.0.66	true	false		high
bit.ly	67.199.248.10	true	false		high
setupad-d.openx.net	35.244.159.8	true	false		high
d1dvhck2p605dz.cloudfront.net	13.226.210.30	true	false		high
config.aps.amazon-adsystem.com	13.226.225.57	true	false		high
cadmus.script.ac	104.18.22.145	true	false	0%, Virustotal, Browse	unknown
static.cloudflareinsights.com	104.16.56.101	true	false	0%, Virustotal, Browse	unknown
kube-stats-prod-oh-lbj.inbake.com	18.116.221.226	true	false	0%, Virustotal, Browse	unknown
user-data-us-west.bidswitch.net	35.212.133.238	true	false	0%, Virustotal, Browse	unknown
oa.openxcdn.net	34.102.146.192	true	false	0%, Virustotal, Browse	unknown
de.tynt.com	67.202.105.32	true	false		high
samfw.com	104.21.88.24	true	false	0%, Virustotal, Browse	unknown
gum.da1.vip.prod.criteo.com	74.119.118.149	true	false		high
hde.tynt.com	67.202.105.34	true	false		high
eu8.heatmap.it	149.202.77.192	true	false	0%, Virustotal, Browse	unknown
scontent.xx.fbcdn.net	31.13.65.7	true	false		high
idsync.rlcdn.com	35.244.154.8	true	false		high
rtb.adentifi.com	54.161.137.68	true	false	1%, Virustotal, Browse	unknown
ad.mrtnsvr.com	34.102.163.6	true	false	0%, Virustotal, Browse	unknown
sync.srv.stackadapt.com	54.225.140.70	true	false		high
synchroscript.deliveryengine.adswizz.com	18.154.206.58	true	false		high
thrtle.com	52.204.113.215	true	false	0%, Virustotal, Browse	unknown
rw-yieldmo-com-1857737650.us-west-2.elb.amazonaws.com	44.227.252.94	true	false		high
io-cookie-sync-1725936127.us-east-1.elb.amazonaws.com	52.72.183.217	true	false		high
cdn.id5-sync.com	104.22.53.86	true	false	0%, Virustotal, Browse	unknown
ipv4.imgur.map.fastly.net	146.75.92.193	true	false	0%, Virustotal, Browse	unknown
pixel.tapad.com	34.111.113.62	true	false		high
match-us-west-1-ecs.sharethrough.com	54.215.97.222	true	false		high
a.nel.cloudflare.com	35.190.80.1	true	false		high
pippio.com	107.178.254.65	true	false		high
sync.ipredictive.com	54.167.240.199	true	false	0%, Virustotal, Browse	unknown
tagan.adlightning.com	99.84.203.69	true	false		high
s.amazon-adsystem.com	52.46.128.147	true	false		high
ad.doubleclick.net	142.251.2.149	true	false		high
aax-eu.amazon-adsystem.com	52.95.126.138	true	false		high
aep.mxptint.net	38.99.107.14	true	false	0%, Virustotal, Browse	unknown
firewall-external-1941599784.us-west-2.elb.amazonaws.com	52.89.89.131	true	false		high
spug33000-fpb.pubmnet.com	104.36.113.111	true	false	1%, Virustotal, Browse	unknown
ghb-adtelligent-com.geodns.me	185.83.69.58	true	false	0%, Virustotal, Browse	unknown
ssbsync-use1.smartadserver.com	23.105.14.101	true	false		high
trace.mediago.io	35.208.249.213	true	false	0%, Virustotal, Browse	unknown
rtbc-uw1.doubleverify.com	35.201.101.243	true	false		high
us-west-tlx.3lift.com	52.9.151.107	true	false		high
outspot2-ams.adx.opera.com	82.145.213.8	true	false		high
ius.ctnsnet.com	35.186.193.173	true	false		high
ib.anycast.adnxs.com	104.254.151.69	true	false		high
dsp.nrich.ai	51.68.39.188	true	false		unknown
ssbsync-usw1.smartadserver.com	23.83.76.39	true	false		high
us01.z.antigena.com	40.76.134.238	true	false		unknown
uipus.semasio.net	50.57.31.206	true	false		high
jsdelivr.map.fastly.net	151.101.65.229	true	false		unknown
d2avimlm6gq3h9.cloudfront.net	18.154.140.237	true	false		high
i.ytimg.com	142.251.2.119	true	false		high
tpsc-uw1.doubleverify.com	35.201.101.243	true	false		high
stpd.cloud	104.18.31.49	true	false		unknown
d20qwf0wrdtevy.cloudfront.net	204.246.191.50	true	false		high
1x1.a-mo.net	34.237.174.231	true	false		unknown
node.setupad.com	159.89.25.223	true	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://match.adsrvr.org/track/cmf/google?google_push=AXcoOmQdu3_aY6betbIDyrNjL5XmO_QvumlHlsiXhTkExvZziqhzWSventkZbKiGkXUB5yZHnOIn1swvfw454F8vH_lj9wEyrWkfvvwfZinLTcXO1oasfgKkBE6WdNavM_rOmuKo0lURKLk73fGwnZ7a1M3q	false		high
https://crb.kargo.com/api/v1/dsync/Martin?exid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent=	false		high
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45155983&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=	false		high
https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f8.jpg?1648428140970	false		high
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D	false		high
https://cdn.id5-sync.com/api/1.0/id5-api.js	false	URL Reputation: safe	unknown
https://idsync.rlcdn.com/420486.gif?partner_uid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2	false		high
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID	false		high
https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.html?ev=01_250	false		high
https://id5-sync.com/c/481/203/2/7.gif?puid=820ba408-d736-42d6-b7be-5b1e3ae1766f&gdpr=0&gdpr_consent=	false	Avira URL Cloud: safe	unknown
https://dt.adsafeprotected.com/dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVIH,pingTime:1,time:2811,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D,%7Bpiv:100,vs:i,r:,t:1654%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1157,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1157~100%5D,as:%5B1157~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502%7D&br=c	false		high
https://samfw.com/api/samfwtool/v2/service-status	false	Avira URL Cloud: safe	unknown
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=	false		high
https://stpd.cloud/saas/3171	false	Avira URL Cloud: safe	unknown
about:blank	false	Avira URL Cloud: safe	low
https://i.imgur.com/RvgYHYp.gif	false		high
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LTIRAAXN-1U-DPLF	false		high
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9060652894245162056	false		high
https://samfw.com/assets/img/logo.png	false	Avira URL Cloud: safe	unknown
https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/index.js	false		high
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID	false		high
https://pr-bh.ybp.yahoo.com/sync/rubicon/JLqG7Zj2iIy8r-ONr7GmRsn5EUdSAgOZEtemQ7w0kco?csrc=	false		high
https://dt.adsafeprotected.com/dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVIJ,pingTime:1,time:1767,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D,%7Bpiv:100,vs:i,r:,t:618%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1149,o:618,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D,%7Bsl:i,t:618,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1149~100%5D,as:%5B1149~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562%7D&br=c	false		high
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGUw07L1kMAABVWe2Uo_A&gdpr=0	false		high
https://usersync.gumgum.com/usersync?b=zem&i=oNNaTvjtuLVmVbh6cFDR	false		high
https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f9.jpg?1648428140970	false		high
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=	false	URL Reputation: safe	unknown
https://dt.adsafeprotected.com/dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYVLT,time:3009,type:e,im:%7Bimprf:%7Bttecl:4770,ecd:1469,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1355,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1355~100%5D,as:%5B1355~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:1316,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502,sis:2977%7D&br=c	false		high
https://s.cdnsynd.com/2/641959/analytics.js?dt=6419591531399173184001&ac=11362813&si=4792984&pc=334520467&pi=526568920&cr=170336220&dm=160x600&ai=6836545&ui=0&cb=2250431479&pp=N555803.2382313DOUBLECLICKBIDMAN&md=display	false	Avira URL Cloud: safe	unknown
https://dt.adsafeprotected.com/dt?advEntityId=1888234&asId=aa171ded-ba6e-abce-ee75-c3795d115645&tv=%7Bc:6nYZoM,pingTime:15,time:16952,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1501%7D,%7Bpiv:0,vs:o,r:l,t:1531%7D,%7Bpiv:100,vs:i,r:,t:1654%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:15298,o:1654,n:1531,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1501,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:o,t:1531,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D,%7Bsl:i,t:1654,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15298~100%5D,as:%5B15298~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:910,fm:u6rO7Fy+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g.1888234-77512386%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1g,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1502,sis:2977%7D&br=c	false		high
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=R-S5NwIzR3-ULa75e_Ev1Q	false		high
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4380a510-b233-4451-a17c-ec53ca7f9b61&ttd_puid=cbef3e7f-3c8c-4a58-9732-2ff8855e2b50%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001709914764-DT33QOHA-PE5T%2526tapad_id%253Dcbef3e7f-3c8c-4a58-9732-2ff8855e2b50%2C	false		high
https://i.imgur.com/removed.png	false		high
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID	false		high
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&_li_chk=true&previous_uuid=1a624015f881469488b498c61ea9e38e	false		high
https://www.youtube.com/s/player/c48a9559/www-embed-player.vflset/www-embed-player.js	false		high
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=	false		high
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS00VEJwUmN4RTJ1S3I1eVhueGRTZG1lWGNqOVRISkxZM35B	false		high
https://www.youtube.com/s/player/c48a9559/www-player.css	false		high
https://tlx.3lift.com/header/auction?lib=prebid&v=7.27.0&referrer=https%3A%2F%2Fsamfw.com%2Fblog%2Fsamfw-frp-tool-1-0-remove-samsung-frp-one-click&tmax=1000	false		high
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=8190380959160668499	false		high
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LTIRAAXN-1U-DPLF&ts=1709908417&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=	false		high
https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f5.jpg?1648428140970	false		high
https://vanced.me/assets/img/logo.svg	false	Avira URL Cloud: safe	unknown
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F203%2F2%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D	false		high
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1	false		high
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js	false		high
https://oa.openxcdn.net/esp.js	false	Avira URL Cloud: safe	unknown
https://io.narrative.io/?companyId=673&id=pubmatic_id:5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2	false		high
https://a.nel.cloudflare.com/report/v3?s=B17llyXVPdrOtIu7ysBRZWZjcW27NYZ2B1HQjkyBSEA4QMki4IN1P541H0ZB8vTgZu01g%2FCntT7caJf8%2Fjm4oghza1fTJXz%2F93oLmHAukT1SeSTAS2vYtzJi3Lgd%2FujB5hQwWtF2WAK2	false		high
https://a.audrte.com/p	false	URL Reputation: safe	unknown
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_push=AXcoOmSCiYmdISW8I7Z2a6zdcUVazctVxMFYwwtHiPM2mHlhFYZiIhq-devrIwHaDFy6BWn97y61Yg6YemWdmqwsNZ4N9ncLUwO8tquIe-3gnzwUNylbjOcKaqE3LGNHmZWnVyu7v9UfoYrrPeoWam1jAba7kQ	false		high
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=	false		high
https://id5-sync.com/c/481/1246/1/8.gif?puid=ISXoARZHdraNBZy_RIWmot3X&gdpr=0&gdpr_consent=	false	Avira URL Cloud: safe	unknown
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2	false		unknown
https://rtr.innovid.com/placement/1e5rub/uuid?cb=1709914769655&ivc_exdata=[ecp]	false		high
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js	false		high
https://match.adsrvr.org/track/cmf/openx?oxid=9b8a7dda-4c66-71e3-e4fa-1c75a13ab3bf&gdpr=0	false		high
https://ad.doubleclick.net/ddm/trackimp/N1559147.150143GOOGLE.COM/B31158248.383787394;dc_trk_aid=574982309;dc_trk_cid=206973736;ord=1709914770926;dc_dbm_token=ALN3mbMAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQItP-B3k2oArWH25oEsAKm1YjkA0AB0gIqGAEiEwjO8on88OSEAxXZ3P0FHQeIDQ8oATABOJnb59L1EUACSAFYiIEgELnEv4ICjwOtJqgsCvHcmL71mZKjSQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?	false		high
https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001709914764-DT33QOHA-PE5T&adnxs_id=$UID&gdpr=0	false		high
https://idsync.rlcdn.com/362358.gif?google_error=15	false		high
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=06078ki7khlcj897beekalfh9k9g69e7faj24yu2ys0iw462gmmye0os6y6q06m2o&gdpr=0	false		high
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=	false		high
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=	false		high
https://a.audrte.com/a?adform_uid=9060652894245162056&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D	false	Avira URL Cloud: safe	unknown
https://dt.adsafeprotected.com/dt?advEntityId=1888234&asId=cec3eaf8-fde8-c176-d445-46d036303d7a&tv=%7Bc:6nYVpW,pingTime:-3,time:602,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:561%7D,%7Bpiv:0,vs:o,r:l,t:601%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:602,n:601,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:561,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~1,0~0%5D,as:%5B100~728.90%5D%7D%7D,%7Bsl:o,t:601,wc:10.10.1050.964,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u6rO7Wq+11%7C12%7C13%7C14%7C151%7C1611%7C16121%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1e%7C1f111%7C1f112%7C1f113%7C1f114%7C1f115%7C1f116%7C1f117%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1h.1888234-77512386%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1j4%7C1k11%7C1k12%7C1k13%7C1l,idMap:1h,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:562%7D&br=c	false		high
https://sync.1rx.io/usersync/turn/3607227326741921297?dspret=1&gdpr=0&gdpr_consent=&us_privacy=	false		high
https://samfw.com/assets/img/favicon.ico	false	Avira URL Cloud: safe	unknown
https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D	false		high
https://s0.2mdn.net/sadbundle/11205660019898997013/Hiscox_Cinemagraph_160x600/Photographer160_f7.jpg?1648428140970	false		high
https://samfw.com/assets/css/lazy.css	false	Avira URL Cloud: safe	unknown
https://bidder.criteo.com/cdb?ptv=132&profileId=185&av=34&wv=7.27.0&bundle=TYhaCV9nVVFoR2c5NFVHUFltVkRjNzg5Nk9ZbnJ6RGRWWWlwdmM1ODBSMWZSQkMydmxZYXMyY3JRb3ZFY1ZYJTJCJTJCbXV4OTlHR0Fsbkc4Y0JPQlJERHhFM1NERVZBRVR3WUJhRFJ4dUZCeW1nNWZ2OHE2R0k4dyUyRkRlSFZJVmxDZUpSMVdPNA&cb=91087972851	false		high
https://id5-sync.com/api/esp/increment?counter=no-config	false	Avira URL Cloud: safe	unknown
https://rtb-csync.smartadserver.com/redir?partneruserid=AAGUw07L1kMAABVWe2Uo_A&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0	false		high
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&gdpr=0&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64	false		high
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15	false		high
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1fb849c2-33b3-499d-a32f-0d6c45043775-005	false		high
https://prebid-stag.setupad.net/openrtb2/auction	false	Avira URL Cloud: safe	unknown
https://pixel.adsafeprotected.com/rjss/st/1888234/77512386/skeleton.js	false		high
http://ip-api.com/json	false		high
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=VqmMR__OOM_VsuIl4lwX	false		high
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X	false		high
https://prebid-stag.setupad.net/cookie_sync	false	Avira URL Cloud: safe	unknown
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001709914764-DT33QOHA-PE5T	false		high
https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}	false		high
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:j7DpxbFD1RIBgQ5&gdpr=0&gdpr_consent=	false		high
https://dsp.adkernel.com/sync?exchange=11&google_push=AXcoOmQYKS8QqRtJRwmyYkAY40af5KbY6m6WT7Klw8-3x38n0qdRen-Ys-EwfJ_yGLLsFFLD3T9uxSj6dadXu8SsQwVOQfXNS_CM-kcZ08Boefw71NAjEyW4_mD1SIjScxwkZ5Y8eTxR9EKvwOXrdZUcdFWJJw	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://bit.ly/samfwtoolLVH	SamFwTool.exe, 00000011.00000002.2621026605.0000000001B2F000.00000004.00000020.00020000.00000000.sdmp	false		high
http://www.samsungmobile.comURLInfoAboutURLInfoAbout	SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2145689657.0000000002744000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 0000001F.00000000.2185241113.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 0000001F.00000002.2210591016.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000000.2490028732.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp, Setup.exe, 00000021.00000002.2627842809.00007FF65D0A4000.00000002.00000001.01000000.00000017.sdmp	false	Avira URL Cloud: safe	unknown
https://www.innosetup.com/	SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1271507585.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1272198142.000000007FB40000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000000.1273630650.0000000000401000.00000020.00000001.01000000.00000005.sdmp	false	Avira URL Cloud: safe	unknown
http://collab.lge.com/main/display/FOTADeployment/LGUP	7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.00000000031B4000.00000004.00000020.00020000.00000000.sdmp	false		high
https://p.ad.gt	chromecache_1174.25.dr	false	Avira URL Cloud: safe	unknown
https://samfw.com/1RJ	SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1552773663.00000000024A4000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.symauth.com/cps0(	7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	false		high
http://nsis.sf.net/NSIS_Error	SAMSUNG_USB_Driver_for_Mobile_Phones.exe, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000002.2620268681.000000000040A000.00000004.00000001.01000000.00000014.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000000.1760940746.000000000040A000.00000008.00000001.01000000.00000014.sdmp	false		high
http://www.symauth.com/rpa00	7za.exe, 0000000B.00000003.1506620414.0000000002CBA000.00000004.00000020.00020000.00000000.sdmp, 7za.exe, 0000000B.00000003.1506620414.0000000003212000.00000004.00000020.00020000.00000000.sdmp, SAMSUNG_USB_Driver_for_Mobile_Phones.exe, 00000018.00000003.2168336764.00000000027FB000.00000004.00000020.00020000.00000000.sdmp	false		high
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_8d7d7af8-48e5-4f68-8ba1-543518a4cac1&gdpr=&gdpr_c	chromecache_1386.25.dr	false	Avira URL Cloud: safe	unknown
https://github.com/dotnet/runtime8	SamFwTool.exe, 00000011.00000002.2635860894.000000000585C000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2741686949.00000000168A0000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp	false		high
https://github.com/restsharp/RestSharp.git	SamFwTool.exe, 00000011.00000002.2635860894.0000000005717000.00000004.00000800.00020000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2739697725.0000000016840000.00000004.08000000.00040000.00000000.sdmp, SamFwTool.exe, 00000011.00000002.2635860894.000000000569D000.00000004.00000800.00020000.00000000.sdmp	false		high
https://samfw.com/	SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe, 00000001.00000003.1557795442.0000000000BE4000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp, 00000005.00000003.1552773663.00000000024A4000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
52.85.41.231	unknown	United States	16509	AMAZON-02US	false
34.195.193.82	rtactivateloadbalancer-2076579973.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
34.237.174.231	1x1.a-mo.net	United States	14618	AMAZON-AESUS	false
104.18.24.173	a.tribalfusion.com	United States	13335	CLOUDFLARENETUS	false
216.22.16.8	unknown	United States	30633	LEASEWEB-USA-WDCUS	false
104.26.9.178	unknown	United States	13335	CLOUDFLARENETUS	false
147.28.146.89	dc13-prebid.a-mx.net	United States	3130	RGNET-SEARGnetSeattleWestinEE	false
35.71.131.137	match.adsrvr.org	United States	237	MERIT-AS-14US	false
54.153.74.245	unknown	United States	16509	AMAZON-02US	false
13.226.210.107	unknown	United States	16509	AMAZON-02US	false
13.226.225.57	config.aps.amazon-adsystem.com	United States	16509	AMAZON-02US	false
74.125.137.149	static.doubleclick.net	United States	15169	GOOGLEUS	false
107.178.254.65	pippio.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
52.8.161.245	unknown	United States	16509	AMAZON-02US	false
67.231.251.190	pixel.s3xified.com	United States	40244	TURNKEY-INTERNETUS	false
52.9.139.67	unknown	United States	16509	AMAZON-02US	false
52.32.41.9	unknown	United States	16509	AMAZON-02US	false
141.95.98.64	unknown	Germany	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
34.237.39.192	unknown	United States	14618	AMAZON-AESUS	false
104.254.151.36	unknown	United States	29990	ASN-APPNEXUS	false
69.90.133.51	ums.acuityplatform.com	Canada	13768	COGECO-PEER1CA	false
211.120.53.200	tg.dr.socdm.com	Japan	4694	IDCFIDCFrontierIncJP	false
18.161.6.54	unknown	United States	3	MIT-GATEWAYSUS	false
141.94.171.214	pixel.onaudience.com	Germany	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
3.232.54.57	syncelb-240036109.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
141.94.102.171	u.heatmap.it.direct.cdn.anycast.me	Germany	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
172.67.36.110	cdn.hadronid.net	United States	13335	CLOUDFLARENETUS	false
172.67.132.116	iccid.info	United States	13335	CLOUDFLARENETUS	false
52.9.18.211	bcp.crwdcntrl.net	United States	16509	AMAZON-02US	false
67.199.248.10	bit.ly	United States	396982	GOOGLE-PRIVATE-CLOUDUS	false
35.186.154.107	cm-supply-web.gammaplatform.com	United States	15169	GOOGLEUS	false
35.230.38.116	um.simpli.fi	United States	15169	GOOGLEUS	false
52.95.126.138	aax-eu.amazon-adsystem.com	United States	16509	AMAZON-02US	false
74.214.196.131	sjc-direct-bgp.contextweb.com	United States	19189	PULSEPOINTUS	false
31.13.65.7	scontent.xx.fbcdn.net	Ireland	32934	FACEBOOKUS	false
146.75.92.193	ipv4.imgur.map.fastly.net	Sweden	30051	SCCGOVUS	false
204.237.133.120	pug-sv3c.pubmnet.com	United States	62713	AS-PUBMATICUS	false
34.102.163.6	ad.mrtnsvr.com	United States	15169	GOOGLEUS	false
104.26.9.169	unknown	United States	13335	CLOUDFLARENETUS	false
23.83.76.39	ssbsync-usw1.smartadserver.com	United States	395954	LEASEWEB-USA-LAX-11US	false
44.195.157.207	lynx-prod-beacon-alb-498367235.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
147.28.129.37	unknown	United States	3130	RGNET-SEARGnetSeattleWestinEE	false
162.19.138.116	lb.eu-1-id5-sync.com	United States	209	CENTURYLINK-US-LEGACY-QWESTUS	false
54.241.104.80	ad-interactions-prod-lb-1289981577.us-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
52.24.195.72	match.prod.bidr.io	United States	16509	AMAZON-02US	false
34.255.73.132	a.audrte.com	United States	16509	AMAZON-02US	false
18.204.113.12	unknown	United States	14618	AMAZON-AESUS	false
35.212.212.222	dorpat.geo.iponweb.net	United States	19527	GOOGLE-2US	false
35.190.0.66	ads.travelaudience.com	United States	15169	GOOGLEUS	false
104.26.8.178	prebid-stag.setupad.net	United States	13335	CLOUDFLARENETUS	false
74.119.118.134	static.da1.vip.prod.criteo.net	United States	19750	AS-CRITEOUS	false
74.119.118.138	widget.da1.vip.prod.criteo.com	United States	19750	AS-CRITEOUS	false
52.11.41.99	unknown	United States	16509	AMAZON-02US	false
18.116.221.226	kube-stats-prod-oh-lbj.inbake.com	United States	3	MIT-GATEWAYSUS	false
18.217.243.163	unknown	United States	16509	AMAZON-02US	false
8.18.47.7	m.deepintent.com	United States	32662	GMCRUS	false
35.212.133.238	user-data-us-west.bidswitch.net	United States	19527	GOOGLE-2US	false
142.251.2.119	i.ytimg.com	United States	15169	GOOGLEUS	false
18.154.140.237	d2avimlm6gq3h9.cloudfront.net	United States	16509	AMAZON-02US	false
18.164.169.8	unknown	United States	3	MIT-GATEWAYSUS	false
18.154.206.2	s.ad.smaato.net	United States	16509	AMAZON-02US	false
104.21.19.118	lgrom.com	United States	13335	CLOUDFLARENETUS	false
52.13.195.246	unknown	United States	16509	AMAZON-02US	false
40.76.134.238	us01.z.antigena.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
150.136.26.45	adserver.technoratimedia.com	United States	31898	ORACLE-BMC-31898US	false
54.156.63.88	unknown	United States	14618	AMAZON-AESUS	false
74.119.118.149	gum.da1.vip.prod.criteo.com	United States	19750	AS-CRITEOUS	false
104.18.36.155	unknown	United States	13335	CLOUDFLARENETUS	false
54.235.155.213	idaas-ext.cph.liveintent.com	United States	14618	AMAZON-AESUS	false
202.233.84.1	aid.send.microad.jp	Japan	131957	MICROADMicroAdIncJP	false
142.251.2.104	unknown	United States	15169	GOOGLEUS	false
52.89.89.131	firewall-external-1941599784.us-west-2.elb.amazonaws.com	United States	16509	AMAZON-02US	false
52.72.183.217	io-cookie-sync-1725936127.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
82.145.213.8	outspot2-ams.adx.opera.com	United Kingdom	39832	NO-OPERANO	false
52.204.113.215	thrtle.com	United States	14618	AMAZON-AESUS	false
185.83.69.58	ghb-adtelligent-com.geodns.me	United Kingdom	55081	24SHELLSUS	false
74.119.118.151	bidder.da1.vip.prod.criteo.com	United States	19750	AS-CRITEOUS	false
172.64.151.101	ssum-sec.casalemedia.com	United States	13335	CLOUDFLARENETUS	false
54.201.39.127	unknown	United States	16509	AMAZON-02US	false
64.74.236.191	unknown	United States	22075	AS-OUTBRAINUS	false
204.246.191.50	d20qwf0wrdtevy.cloudfront.net	United States	16509	AMAZON-02US	false
192.184.68.166	unknown	United States	27281	QUANTCASTUS	false
67.202.105.32	de.tynt.com	United States	32748	STEADFASTUS	false
35.208.249.213	trace.mediago.io	United States	19527	GOOGLE-2US	false
172.67.201.20	ipsw.pro	United States	13335	CLOUDFLARENETUS	false
44.197.153.86	unknown	United States	14618	AMAZON-AESUS	false
13.226.210.30	d1dvhck2p605dz.cloudfront.net	United States	16509	AMAZON-02US	false
104.26.8.169	script.4dex.io	United States	13335	CLOUDFLARENETUS	false
67.202.105.34	hde.tynt.com	United States	32748	STEADFASTUS	false
104.254.151.68	unknown	United States	29990	ASN-APPNEXUS	false
104.254.151.69	ib.anycast.adnxs.com	United States	29990	ASN-APPNEXUS	false
35.186.193.173	ius.ctnsnet.com	United States	15169	GOOGLEUS	false
34.111.113.62	pixel.tapad.com	United States	15169	GOOGLEUS	false
52.9.151.107	us-west-tlx.3lift.com	United States	16509	AMAZON-02US	false
34.102.146.192	oa.openxcdn.net	United States	15169	GOOGLEUS	false
13.226.225.72	tags.crwdcntrl.net	United States	16509	AMAZON-02US	false
69.194.240.13	sync.1rx.io	United States	6336	TURN-US-ASNUS	false
18.119.85.154	unknown	United States	3	MIT-GATEWAYSUS	false
34.96.70.87	invstatic101.creativecdn.com	United States	15169	GOOGLEUS	false

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1405429
Start date and time:	2024-03-08 15:30:17 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 13m 55s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	34
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe
Detection:	MAL
Classification:	mal44.phis.troj.evad.winEXE@93/1957@762/100
EGA Information:	Successful, ratio: 80%
HCA Information:	Successful, ratio: 73% Number of executed functions: 112 Number of non-executed functions: 189
Cookbook Comments:	Found application associated with file extension: .exe

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 23.214.95.202, 192.229.211.108, 23.214.95.209, 74.125.137.94, 142.251.2.113, 142.251.2.100, 142.251.2.138, 142.251.2.101, 142.251.2.102, 142.251.2.139, 142.251.2.84, 34.104.35.123, 142.251.2.95, 142.251.2.94, 142.251.2.97, 142.250.101.157, 142.250.101.155, 142.250.101.156, 142.250.101.154, 142.250.141.94, 142.250.141.102, 142.250.141.100, 142.250.141.113, 142.250.141.138, 142.250.141.101, 142.250.141.139, 74.125.137.95, 185.167.164.53, 185.167.164.52, 208.111.153.40, 23.62.226.254, 23.62.226.239, 142.251.2.132, 13.107.42.14, 23.35.29.115, 23.196.113.27, 104.18.35.167, 172.64.152.89, 23.38.227.156, 74.125.137.154, 74.125.137.156, 74.125.137.157, 74.125.137.155, 96.16.69.63, 38.71.2.236, 38.71.2.235, 20.253.86.149, 104.22.5.69, 104.22.4.69, 172.67.23.234, 96.16.68.240, 23.200.60.11, 151.101.2.49, 151.101.194.49, 151.101.66.49, 151.101.130.49, 205.180.87.210, 159.127.41.114, 205.180.87.146, 205.180.86.178, 205.180.86.210, 159.127.41.210, 205.180.87.178, 8.39.36.142, 8.39
Excluded domains from analysis (whitelisted): tags.bluekai.com.edgekey.net, bfp.global.ipv4.dotomi.weighted.com.akadns.net, secure2.cdn.fastclick.net.edgekey.net, uipglob.trafficmanager.net, slscr.update.microsoft.com, a-us-west.rfihub.com.akadns.net, usersync-geo-global.usersync-prod-sas.akadns.net, clientservices.googleapis.com, p.ad.gt.cdn.cloudflare.net, tps-geo.dvgtm.akadns.net, seg.ad.gt.cdn.cloudflare.net, e7614.g.akamaiedge.net, l-0005.l-msedge.net, e9126.x.akamaiedge.net, cdn.doubleverify.com.edgesuite.net, clients2.google.com, ocsp.digicert.com, a.ad.gt.cdn.cloudflare.net, update.googleapis.com, www.gstatic.com, aws-ohio-jrtr.rtr.innovid.com.akadns.net, rtb-csync-geo.usersync-prod-sas.akadns.net, www.google-analytics.com, e9957.e4.akamaiedge.net, fonts.googleapis.com, fs.microsoft.com, e8960.b.akamaiedge.net, content-autofill.googleapis.com, pixel-us-east.rubiconproject.net.akadns.net, cacerts.digicert.com, cdn.flashtalking.com.edgekey.net, pagead2.googlesyndication.com, edgedl.me.gvt1.com, servedby
Execution Graph export aborted for target SamFwTool.exe, PID 8036 because it is empty
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing disassembly code.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryAttributesFile calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtReadVirtualMemory calls found.

Simulations

Behavior and APIs

Time	Type	Description
17:18:38	API Interceptor	4257x Sleep call for process: SamFwTool.exe modified
17:19:39	API Interceptor	1x Sleep call for process: SAMSUNG_USB_Driver_for_Mobile_Phones.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
104.26.9.178	SamFwFRPTool.exe	Get hash	malicious	Unknown	Browse
104.26.9.178	SamFwFRPTool.exe	Get hash	malicious	Unknown	Browse
34.195.193.82	http://canettech.com	Get hash	malicious	Unknown	Browse
104.18.24.173	http://biadshome.com	Get hash	malicious	Unknown	Browse
	http://canettech.com	Get hash	malicious	Unknown	Browse
	https://truj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse
	Your Monday, Feb 19, 2024 - Wednesday, Feb 21, 2024 Stay at Sheraton Plaza STLPS.eml	Get hash	malicious	Unknown	Browse
	http://justbartanews.com	Get hash	malicious	Unknown	Browse
	I4i6z8T1j9j8N5349890049902.zip	Get hash	malicious	Unknown	Browse
	https://nsj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse
	https://winscp.net/eng/download.php	Get hash	malicious	Unknown	Browse
	https://nmj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse
	http://www.die-senioren.de	Get hash	malicious	Unknown	Browse
147.28.146.89	https://aolserv.pages.dev/robots.txtIP:	Get hash	malicious	HTMLPhisher	Browse
	http://justbartanews.com	Get hash	malicious	Unknown	Browse
	https://nmj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse
	http://abrow.xyz	Get hash	malicious	Unknown	Browse
	https://gbhs.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse
	https://k-e-v.no/?s=%22%2F%3C%2Fscript%3E%3Cscript%3Ewindow%5B%27location%27%5D%5B%27replace%27%5D%28%5B%27h%27%2C%27t%27%2C%27t%27%2C%27p%27%2C%27s%27%2C%27%3A%27%2C%27%2F%27%2C%27%2F%27%2C%27w%27%2C%27w%27%2C%27w%27%2C%27.%27%2C%27w%27%2C%27h%27%2C%27t%27%2C%27e%27%2C%27n%27%2C%27v%27%2C%27l%27%2C%27p%27%2C%27e%27%2C%27.%27%2C%27c%27%2C%27o%27%2C%27m%27%2C%27%2F%27%2C%27a%27%2C%27c%27%2C%27T%27%2C%27c%27%2C%27l%27%2C%272%27%2C%27k%27%2C%27T%27%2C%27m%27%2C%27P%27%2C%27S%27%2C%27J%27%2C%27i%27%2C%27_%27%2C%27L%27%2C%27d%27%2C%27_%27%2C%27m%27%2C%27h%27%2C%27p%27%2C%27L%27%2C%27w%27%2C%27y%27%2C%27Z%27%2C%27e%27%2C%27d%27%2C%27s%27%2C%27u%27%2C%27P%27%2C%27V%27%2C%27d%27%2C%275%27%2C%275%27%2C%27q%27%2C%27f%27%2C%27t%27%2C%27s%27%2C%272%27%2C%27r%27%2C%27Y%27%2C%27e%27%2C%27_%27%2C%27S%27%2C%27b%27%2C%27Q%27%2C%27X%27%2C%271%27%2C%27b%27%2C%27Z%27%2C%27F%27%2C%27Q%27%2C%27T%27%2C%27N%27%2C%27z%27%2C%27T%27%2C%271%27%2C%27A%27%2C%27s%27%2C%27c%27%2C%27d%27%2C%27I%27%2C%27I%27%2C%27X%27%2C%27G%27%2C%27w%27%2C%27i%27%2C%27c%27%2C%27D%27%2C%27t%27%2C%27e%27%2C%27y%27%2C%27V%27%2C%27V%27%2C%278%27%2C%27v%27%2C%27Z%27%2C%27E%27%2C%27f%27%2C%27f%27%2C%27Y%27%2C%27C%27%2C%27e%27%2C%27o%27%2C%27Y%27%2C%27X%27%2C%27g%27%2C%27~%27%2C%27~%27%5D%5B%27join%27%5D%28%27%27%29%29%2Cdocument%5B%27body%27%5D%5B%27style%27%5D%5B%27opacity%27%5D%3D0x0%3B%3C%2Fscript%3E	Get hash	malicious	Unknown	Browse
	https://hd-elg.pages.dev/	Get hash	malicious	HTMLPhisher	Browse
	https://www.google.com/url?rct=j&sa=t&url=https://cricfit.com/know-everything-about-nassau-county-international-cricket-stadium-new-yorks-grand-venue/&ct=ga&cd=CAEYACoTMzQ2MjY3NDU4MDM1MTU0MjcyNjIaNDg2YTljMDhmODczN2NiODpjb206ZW46VVM&usg=AOvVaw1XZtMH-kXd__m5Ea_T5csP	Get hash	malicious	Unknown	Browse
	https://see-eim.pages.dev/login_files/loga	Get hash	malicious	HTMLPhisher	Browse
	https://yahu.pages.dev/	Get hash	malicious	HTMLPhisher	Browse
216.22.16.8	https://nsj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse
	https://bs2ymnyy.r.us-east-1.awstrack.me/L0/https:%2F%2Fwww.makeuseof.com%2Fbest-microsd-cards%2F%3Futm_medium=newsletter%26utm_campaign=MUO-202402241330%26utm_source=MUO-NL%26user=ZXN0ZWJhbmlAYmVpbi5jb20/1/0100018ddc8709dd-db5c6276-f168-46be-97cc-8849598df3f3-000000/akKk3944VhM--mUZHrRBDhLJ60s=362	Get hash	malicious	Unknown	Browse
	https://nhh1.pages.dev/	Get hash	malicious	HTMLPhisher	Browse
	https://ow.ly/VN8S50QnOus	Get hash	malicious	Unknown	Browse
	https://realfightermag.com/login	Get hash	malicious	Unknown	Browse
	https://tpyqb.com/login	Get hash	malicious	Unknown	Browse
	https://unica.md/c/index/myaccount/	Get hash	malicious	Unknown	Browse
	https://conexaoufo.com/en/salyut-7-space-angels-sighted-by-russian-cosmonauts/?fbclid=IwAR0M6Prz4YudFXb6qx6hSSNhDH_aQ50t8dMsDeG9zxGInfhVplAejrcwSlg	Get hash	malicious	Unknown	Browse
	https://arthurrlemus.wixsite.com/micr/office	Get hash	malicious	Unknown	Browse
	http://amazonnb.shop/	Get hash	malicious	HTMLPhisher	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
bidder.da1.vip.prod.criteo.com	http://www.tinyurl.com/stationnement-infraction	Get hash	malicious	Unknown	Browse	74.119.118.151
	https://monydine.co/category/work/index.html	Get hash	malicious	Unknown	Browse	74.119.118.151
	http://dalinoxin.de	Get hash	malicious	Unknown	Browse	74.119.118.151
	http://104.192.3.74	Get hash	malicious	Unknown	Browse	74.119.118.151
	http://dalinoxin.de	Get hash	malicious	Unknown	Browse	74.119.118.151
	https://komposty.cz/.dps/index/myaccount/	Get hash	malicious	Unknown	Browse	74.119.118.151
	https://www.erhealthplans.com/RKduHZzY/d?url=pblfmwjrj3kxjoWIqcHUd0IhrjmdDp9PHmkGgoqwR3GqcWGZHZ#pblfmwjrj3kxjoWIqcHUd0IhrjmdDp9PHmkGgoqwR3GqcWGZHZMAYYY2hyaXN0aWUuYmFlejFAc3NzcHIuY29t	Get hash	malicious	Unknown	Browse	74.119.118.151
	http://iplogger.com	Get hash	malicious	HTMLPhisher	Browse	74.119.118.151
	https://rosmodem.wordpress.com	Get hash	malicious	HTMLPhisher	Browse	74.119.118.151
	b64.htm	Get hash	malicious	Unknown	Browse	74.119.118.151
d3f1y6rso5ozvw.cloudfront.net	PDFViewer_46615443.msi	Get hash	malicious	Unknown	Browse	3.161.188.22
	https://filf.pages.dev/	Get hash	malicious	HTMLPhisher	Browse	13.32.208.14
	https://hasvp.apinvoicesquickbookapp.top/?pgn=ptmetcm5hZ2xlQG9sZHBsYW5rdHJhaWxiYW5rLmNvbQ==	Get hash	malicious	Unknown	Browse	13.32.208.14
rtb-csync-use1.smartadserver.com	http://biadshome.com	Get hash	malicious	Unknown	Browse	23.105.12.173
	http://canettech.com	Get hash	malicious	Unknown	Browse	216.22.16.40
	https://nonyheter.net/?_=%2F%23KJWqMdlUlBn8PPpbUQ%2FoyYTnfw%3D%3D	Get hash	malicious	Unknown	Browse	23.105.12.136
	https://truj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse	216.22.16.72
	https://aolserv.pages.dev/robots.txtIP:	Get hash	malicious	HTMLPhisher	Browse	23.105.14.106
	https://aolserv.pages.dev/robots.txtIP:	Get hash	malicious	HTMLPhisher	Browse	23.105.14.105
	http://justbartanews.com	Get hash	malicious	Unknown	Browse	216.22.16.9
	https://nsj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse	216.22.16.8
	https://winscp.net/eng/download.php	Get hash	malicious	Unknown	Browse	23.105.12.150
	https://www.ungrbly.cn/	Get hash	malicious	Unknown	Browse	216.22.16.57
global.px.quantserve.com	http://biadshome.com	Get hash	malicious	Unknown	Browse	192.184.68.134
	http://canettech.com	Get hash	malicious	Unknown	Browse	192.184.69.201
	https://truj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse	192.184.68.149
	https://aolserv.pages.dev/robots.txtIP:	Get hash	malicious	HTMLPhisher	Browse	192.184.68.254
	https://aolserv.pages.dev/robots.txtIP:	Get hash	malicious	HTMLPhisher	Browse	192.184.68.166
	http://justbartanews.com	Get hash	malicious	Unknown	Browse	192.184.68.254
	I4i6z8T1j9j8N5349890049902.zip	Get hash	malicious	Unknown	Browse	192.184.68.254
	http://coastiesmag.com.au	Get hash	malicious	Unknown	Browse	192.184.68.166
	https://nsj.pages.dev/robots.txt	Get hash	malicious	HTMLPhisher	Browse	192.184.68.254
	https://web-mail-attaccount-ver005115.weeblysite.com/IP:	Get hash	malicious	Unknown	Browse	192.184.68.166
id5-sync.com	http://justbartanews.com	Get hash	malicious	Unknown	Browse	104.22.53.86
	Enrollment PO, from United Way of the Midlands.eml	Get hash	malicious	Unknown	Browse	162.19.138.116
	https://today-currently-24-2-1024.weeblysite.com/	Get hash	malicious	Unknown	Browse	141.95.98.64
	http://dkdeep.com/?placement%5C=Facebook_Desktop_Feed&adset_name%5C=26&ad_name%5C=1_267069722828906&fb%5C=267069722828906&ad_id%5C=120206568353510682&buyer%5C=mk&netProbitiya2k23%5C=w0tth3b3stGmev3R&pre%5C=celeb1&fbclid%5C=IwAR2SLF2yfFVFau_BLIzVYgyo3FnJIWRI2bBRkxat54PFXlIdShtFrFBG6Pg	Get hash	malicious	Unknown	Browse	104.22.52.86
	https://dkdeep.com/	Get hash	malicious	Unknown	Browse	104.22.52.86
	http://abrow.xyz	Get hash	malicious	Unknown	Browse	172.67.38.106
	https://file.io/DEhOHv7umoCj	Get hash	malicious	Unknown	Browse	172.67.38.106
	https://k-e-v.no/?s=%22%2F%3C%2Fscript%3E%3Cscript%3Ewindow%5B%27location%27%5D%5B%27replace%27%5D%28%5B%27h%27%2C%27t%27%2C%27t%27%2C%27p%27%2C%27s%27%2C%27%3A%27%2C%27%2F%27%2C%27%2F%27%2C%27w%27%2C%27w%27%2C%27w%27%2C%27.%27%2C%27w%27%2C%27h%27%2C%27t%27%2C%27e%27%2C%27n%27%2C%27v%27%2C%27l%27%2C%27p%27%2C%27e%27%2C%27.%27%2C%27c%27%2C%27o%27%2C%27m%27%2C%27%2F%27%2C%27a%27%2C%27c%27%2C%27T%27%2C%27c%27%2C%27l%27%2C%272%27%2C%27k%27%2C%27T%27%2C%27m%27%2C%27P%27%2C%27S%27%2C%27J%27%2C%27i%27%2C%27_%27%2C%27L%27%2C%27d%27%2C%27_%27%2C%27m%27%2C%27h%27%2C%27p%27%2C%27L%27%2C%27w%27%2C%27y%27%2C%27Z%27%2C%27e%27%2C%27d%27%2C%27s%27%2C%27u%27%2C%27P%27%2C%27V%27%2C%27d%27%2C%275%27%2C%275%27%2C%27q%27%2C%27f%27%2C%27t%27%2C%27s%27%2C%272%27%2C%27r%27%2C%27Y%27%2C%27e%27%2C%27_%27%2C%27S%27%2C%27b%27%2C%27Q%27%2C%27X%27%2C%271%27%2C%27b%27%2C%27Z%27%2C%27F%27%2C%27Q%27%2C%27T%27%2C%27N%27%2C%27z%27%2C%27T%27%2C%271%27%2C%27A%27%2C%27s%27%2C%27c%27%2C%27d%27%2C%27I%27%2C%27I%27%2C%27X%27%2C%27G%27%2C%27w%27%2C%27i%27%2C%27c%27%2C%27D%27%2C%27t%27%2C%27e%27%2C%27y%27%2C%27V%27%2C%27V%27%2C%278%27%2C%27v%27%2C%27Z%27%2C%27E%27%2C%27f%27%2C%27f%27%2C%27Y%27%2C%27C%27%2C%27e%27%2C%27o%27%2C%27Y%27%2C%27X%27%2C%27g%27%2C%27~%27%2C%27~%27%5D%5B%27join%27%5D%28%27%27%29%29%2Cdocument%5B%27body%27%5D%5B%27style%27%5D%5B%27opacity%27%5D%3D0x0%3B%3C%2Fscript%3E	Get hash	malicious	Unknown	Browse	104.22.53.86
	https://www.tbsnews.net/coronavirus-chronicle/covid-19-bangladesh/private-hospitals-allegedly-overcharging-covid-19-test,	Get hash	malicious	Unknown	Browse	141.95.33.120
	PDFViewer_46615443.msi	Get hash	malicious	Unknown	Browse	162.19.138.118

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
AMAZON-02US	https://helpcenter.d3kh636vc2mh51.amplifyapp.com/	Get hash	malicious	Unknown	Browse	204.246.191.13
	Purchase Order.exe	Get hash	malicious	FormBook	Browse	52.76.171.10
	5l3ceBK5bh.elf	Get hash	malicious	Unknown	Browse	34.249.145.219
	http://z69p5gc0nk570ejit1fq6apix.ndsgfsjgffsnj.homes/4fdVxq8477PoaJ379hnzhvayyao8624EOSKQEYSWPRERBU64SNSB1959860q24	Get hash	malicious	Phisher	Browse	52.92.236.112
	2Vo0yjO6j7.elf	Get hash	malicious	Unknown	Browse	54.171.230.55
	http://www.newpress.fr/lm/lm.php?tk=RElESUVSCUJFUlJZCUNTTCBDT05TRUlMCWJlcnJ5QGNzbGNvbnNlaWwuZnIJTGEgUmV2dWUgUkgmTSBOwrA4Mgk2NglBYm9ubmVzUkhNXzgyCTExOTkJY2xpY2sJeWVzCW5v&url=https://gamma.app/public/2024-COLLABORATION-PROJECT-imm0dxdffvhxeq0	Get hash	malicious	Unknown	Browse	13.33.21.3
	https://www.wealthguff.com/readme.html	Get hash	malicious	HTMLPhisher	Browse	13.226.225.110
	https://039bd379.sibforms.com/serve/MUIFAEkJ7ofVJJdL1scXqdos3qTFWees21m7pIwKkAqI3gGeATlrBC1h_Y-y55zGlHuQOww3zH8T7kUf72e1WXbEx2n_G_TVaZPQD3xFgdAtp8H6LiEVk2neUHNYDcEAut4WYYbGszqYbxMWPw5DEyzLAy2y15YU_DVW10LMTSYdPCO_9jAFvUxz1WvHIV-YwdAprLjS-nmFPslK	Get hash	malicious	Unknown	Browse	108.129.63.17
	hp5NcrrHi1.exe	Get hash	malicious	Njrat	Browse	3.124.67.191
	hXXps://jnxm2%5B.%5Dcom/cr	Get hash	malicious	Unknown	Browse	3.131.199.178
CLOUDFLARENETUS	SecuriteInfo.com.Unwanted-Program.0056626f1.515.26855.exe	Get hash	malicious	Unknown	Browse	1.14.216.26
	https://helpcenter.d3kh636vc2mh51.amplifyapp.com/	Get hash	malicious	Unknown	Browse	1.1.1.1
	http://url2866.dtmail.dispatchtrack.io/ls/click?upn=u001.j89nnJmC0Yt4StPMs6esyZq7eVYTnnxESRp3qxrSpug-3DNCM4_kOYkAfP9ZdiiIHhO2TotxlgWKd7AseZUT3Y8DbhAMk-2BxhDTPN2estp3LcE-2BGAnrcdFTO284bUGiAmw7ZycQTqOZzaSqZciO3yY3u6XUugxEo2zET515mnYeWUgLzc4QSRNQTEncwi19yIB3VmNXqOVXCh7ISTU-2F899y3wiEoEj5SSo6lu1lT1Wxb-2BN8a0Q1brXoXO8OnijNq2Fe4GW-2BflQ-3D-3D	Get hash	malicious	HTMLPhisher	Browse	104.21.234.145
	https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20231111_hr_hot_jobs_more&href=https://javi.us-southeast-1.linodeobjects.com/javipena.html#hollandit@hollandco.com	Get hash	malicious	HTMLPhisher	Browse	104.17.25.14
	Purchase Order.exe	Get hash	malicious	FormBook	Browse	172.67.156.246
	Undeliverable IMPORTANT TAX RETURN DOCUMENT AVAILABLE LCAPOZZO #Ud83d#Udcd1 - 2 16 2024.eml	Get hash	malicious	HTMLPhisher	Browse	172.64.41.3
	https://dik.si/KdUqu	Get hash	malicious	Unknown	Browse	104.21.64.92
	tennessee minor consent laws 30463.js	Get hash	malicious	Unknown	Browse	104.21.72.213
	tennessee minor consent laws 30463.js	Get hash	malicious	Unknown	Browse	104.26.2.145
	PROFORMA INVOICE.doc	Get hash	malicious	Unknown	Browse	104.21.25.202
AMAZON-AESUS	Undeliverable IMPORTANT TAX RETURN DOCUMENT AVAILABLE LCAPOZZO #Ud83d#Udcd1 - 2 16 2024.eml	Get hash	malicious	HTMLPhisher	Browse	52.22.41.97
	http://z69p5gc0nk570ejit1fq6apix.ndsgfsjgffsnj.homes/4fdVxq8477PoaJ379hnzhvayyao8624EOSKQEYSWPRERBU64SNSB1959860q24	Get hash	malicious	Phisher	Browse	107.20.51.105
	http://www.newpress.fr/lm/lm.php?tk=RElESUVSCUJFUlJZCUNTTCBDT05TRUlMCWJlcnJ5QGNzbGNvbnNlaWwuZnIJTGEgUmV2dWUgUkgmTSBOwrA4Mgk2NglBYm9ubmVzUkhNXzgyCTExOTkJY2xpY2sJeWVzCW5v&url=https://gamma.app/public/2024-COLLABORATION-PROJECT-imm0dxdffvhxeq0	Get hash	malicious	Unknown	Browse	52.73.254.52
	https://tracker.club-os.com////campaign/click?19969ms19969gId444d738c6bd137e6a03157c6c728cbc659e734fc398&test=false&target=crosshar%25E3%2580%2582ru%25E3%2580%2582com/ada/19969%2F%2FZGF2ZS5zdGFuZGVuQGFtZXkuY28udWs=&	Get hash	malicious	Unknown	Browse	3.215.101.173
	Frija.exe	Get hash	malicious	Unknown	Browse	44.210.187.6
	https://gamma.app/public/2024-COLLABORATION-PROPOSAL-xb2dpd47uapkkng	Get hash	malicious	Unknown	Browse	44.196.102.4
	349f1d7b.msi	Get hash	malicious	Unknown	Browse	54.235.117.67
	45332a39.msi	Get hash	malicious	Unknown	Browse	3.222.92.158
	45332a39.msi	Get hash	malicious	Unknown	Browse	3.222.92.158
	unnamed.html	Get hash	malicious	Unknown	Browse	54.208.123.169
AMAZON-AESUS	Undeliverable IMPORTANT TAX RETURN DOCUMENT AVAILABLE LCAPOZZO #Ud83d#Udcd1 - 2 16 2024.eml	Get hash	malicious	HTMLPhisher	Browse	52.22.41.97
	http://z69p5gc0nk570ejit1fq6apix.ndsgfsjgffsnj.homes/4fdVxq8477PoaJ379hnzhvayyao8624EOSKQEYSWPRERBU64SNSB1959860q24	Get hash	malicious	Phisher	Browse	107.20.51.105
	http://www.newpress.fr/lm/lm.php?tk=RElESUVSCUJFUlJZCUNTTCBDT05TRUlMCWJlcnJ5QGNzbGNvbnNlaWwuZnIJTGEgUmV2dWUgUkgmTSBOwrA4Mgk2NglBYm9ubmVzUkhNXzgyCTExOTkJY2xpY2sJeWVzCW5v&url=https://gamma.app/public/2024-COLLABORATION-PROJECT-imm0dxdffvhxeq0	Get hash	malicious	Unknown	Browse	52.73.254.52
	https://tracker.club-os.com////campaign/click?19969ms19969gId444d738c6bd137e6a03157c6c728cbc659e734fc398&test=false&target=crosshar%25E3%2580%2582ru%25E3%2580%2582com/ada/19969%2F%2FZGF2ZS5zdGFuZGVuQGFtZXkuY28udWs=&	Get hash	malicious	Unknown	Browse	3.215.101.173
	Frija.exe	Get hash	malicious	Unknown	Browse	44.210.187.6
	https://gamma.app/public/2024-COLLABORATION-PROPOSAL-xb2dpd47uapkkng	Get hash	malicious	Unknown	Browse	44.196.102.4
	349f1d7b.msi	Get hash	malicious	Unknown	Browse	54.235.117.67
	45332a39.msi	Get hash	malicious	Unknown	Browse	3.222.92.158
	45332a39.msi	Get hash	malicious	Unknown	Browse	3.222.92.158
	unnamed.html	Get hash	malicious	Unknown	Browse	54.208.123.169

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
1138de370e523e824bbca92d049a3777	SecuriteInfo.com.Unwanted-Program.0056626f1.515.26855.exe	Get hash	malicious	Unknown	Browse	104.98.116.138
	http://s.viisupport.com	Get hash	malicious	Unknown	Browse	104.98.116.138
	https://hawaiioimt-my.sharepoint.com/:b:/g/personal/randall_tn_haraguchi_hawaii_gov/EVB4eGIJi-dAl8iNlneDkboBsFU-wPnRWcZpoGQiORMrnw?e=5hGfMr	Get hash	malicious	Unknown	Browse	104.98.116.138
	https://www.wealthguff.com/readme.html	Get hash	malicious	HTMLPhisher	Browse	104.98.116.138
	https://039bd379.sibforms.com/serve/MUIFAEkJ7ofVJJdL1scXqdos3qTFWees21m7pIwKkAqI3gGeATlrBC1h_Y-y55zGlHuQOww3zH8T7kUf72e1WXbEx2n_G_TVaZPQD3xFgdAtp8H6LiEVk2neUHNYDcEAut4WYYbGszqYbxMWPw5DEyzLAy2y15YU_DVW10LMTSYdPCO_9jAFvUxz1WvHIV-YwdAprLjS-nmFPslK	Get hash	malicious	Unknown	Browse	104.98.116.138
	https://mine-notmine--staging-spky7fhz.web.app/myaob.html	Get hash	malicious	HTMLPhisher	Browse	104.98.116.138
	http://45.77.119.33/	Get hash	malicious	Unknown	Browse	104.98.116.138
	https://s.yam.com/XwRW3	Get hash	malicious	Unknown	Browse	104.98.116.138
	https://www.cnwvhwkf.dynv6.net/	Get hash	malicious	Unknown	Browse	104.98.116.138
	https://www.cmpfkiiu.dynv6.net/	Get hash	malicious	Unknown	Browse	104.98.116.138
28a2c9bd18a11de089ef85a160da29e4	SecuriteInfo.com.Unwanted-Program.0056626f1.515.26855.exe	Get hash	malicious	Unknown	Browse	13.85.23.86 96.16.68.112
	http://s.viisupport.com	Get hash	malicious	Unknown	Browse	13.85.23.86 96.16.68.112
	https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20231111_hr_hot_jobs_more&href=https://javi.us-southeast-1.linodeobjects.com/javipena.html#hollandit@hollandco.com	Get hash	malicious	HTMLPhisher	Browse	13.85.23.86 96.16.68.112
	http://lin01.bid	Get hash	malicious	Unknown	Browse	13.85.23.86 96.16.68.112
	https://hawaiioimt-my.sharepoint.com/:b:/g/personal/randall_tn_haraguchi_hawaii_gov/EVB4eGIJi-dAl8iNlneDkboBsFU-wPnRWcZpoGQiORMrnw?e=5hGfMr	Get hash	malicious	Unknown	Browse	13.85.23.86 96.16.68.112
	http://z69p5gc0nk570ejit1fq6apix.ndsgfsjgffsnj.homes/4fdVxq8477PoaJ379hnzhvayyao8624EOSKQEYSWPRERBU64SNSB1959860q24	Get hash	malicious	Phisher	Browse	13.85.23.86 96.16.68.112
	https://johngrahamholdings-my.sharepoint.com:443/:f:/g/personal/dara_mathieson_graham_co_uk/Es-RfPRifQFFhpngEkR1k74BbWXmJdx5QXmQMSo751DJKA?e=5%3a9jeyW9&at=9	Get hash	malicious	HTMLPhisher	Browse	13.85.23.86 96.16.68.112
	http://www.newpress.fr/lm/lm.php?tk=RElESUVSCUJFUlJZCUNTTCBDT05TRUlMCWJlcnJ5QGNzbGNvbnNlaWwuZnIJTGEgUmV2dWUgUkgmTSBOwrA4Mgk2NglBYm9ubmVzUkhNXzgyCTExOTkJY2xpY2sJeWVzCW5v&url=https://gamma.app/public/2024-COLLABORATION-PROJECT-imm0dxdffvhxeq0	Get hash	malicious	Unknown	Browse	13.85.23.86 96.16.68.112
	https://www.wealthguff.com/readme.html	Get hash	malicious	HTMLPhisher	Browse	13.85.23.86 96.16.68.112
	https://eom5047fryi.jp.larksuite.com/wiki/AH4lwtOAuiOE8BkYNAIjCmirpIc	Get hash	malicious	Unknown	Browse	13.85.23.86 96.16.68.112
3b5074b1b5d032e5620f69f9f700ff0e	xKU0DfnA7U.exe	Get hash	malicious	Unknown	Browse	104.21.88.24
	http://lin01.bid	Get hash	malicious	Unknown	Browse	104.21.88.24
	xKU0DfnA7U.exe	Get hash	malicious	Unknown	Browse	104.21.88.24
	tennessee minor consent laws 30463.js	Get hash	malicious	Unknown	Browse	104.21.88.24
	tennessee minor consent laws 30463.js	Get hash	malicious	Unknown	Browse	104.21.88.24
	oferta.docm	Get hash	malicious	Unknown	Browse	104.21.88.24
	oferta.docm	Get hash	malicious	Unknown	Browse	104.21.88.24
	d4aPkwgwn5.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	104.21.88.24
	Slack3.21.2 (2).exe	Get hash	malicious	Unknown	Browse	104.21.88.24
	Advanced_IP_Scanner_2.5.4594.1.exe	Get hash	malicious	Unknown	Browse	104.21.88.24

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\SamFwTool\data\7z.exe	MDE_File_Sample_aa447845a64e29145a9489f43972beebcb33cfba.zip	Get hash	malicious	Unknown	Browse
C:\SamFwTool\data\7za.exe (copy)	MDE_File_Sample_aa447845a64e29145a9489f43972beebcb33cfba.zip	Get hash	malicious	Unknown	Browse
	PDFCreator-5_1_2-Setup.exe	Get hash	malicious	Unknown	Browse
	PDFCreator-5_1_2-Setup.exe	Get hash	malicious	Unknown	Browse
	PDFCreator-5_1_2-Setup.exe	Get hash	malicious	Unknown	Browse
	PDFCreator-5_1_1-Setup.exe	Get hash	malicious	Unknown	Browse
	PDFCreator-5_1_1-Setup.exe	Get hash	malicious	Unknown	Browse
	https://www.pdfforge.org/pdfcreator/download	Get hash	malicious	Unknown	Browse
	https://download.pdfforge.org/download/pdfcreator/PDFCreator-stable?download	Get hash	malicious	Unknown	Browse
	PDFCreator-5_0_3-Setup.exe	Get hash	malicious	Unknown	Browse
	PDFCreator-4_4_3-Setup.exe	Get hash	malicious	Unknown	Browse

Process:	C:\Users\user\AppData\Local\Temp\is-IT8DV.tmp\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.tmp
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Fri Mar 8 13:31:26 2024, mtime=Fri Mar 8 13:31:27 2024, atime=Sun Jan 28 17:38:22 2024, length=16781856, window=hide
Category:	dropped
Size (bytes):	667
Entropy (8bit):	4.548114731695612
Encrypted:	false
SSDEEP:	12:8mZt6V8IXhTTytcbpl9n6SN9jEjADugeJ9WWz8iJAiJzBmV:8mg+cbpXN5QADqJ9WWzRJFJtm
MD5:	6934985CBE30920587B4700F6554F0F3
SHA1:	623119107AC1D8941351A1F10312C222856F6664
SHA-256:	5A478177788DE8CE8C6A6F5C7FE142A0DF858D5C25478AC80109CEF61441241C
SHA-512:	ED3DDBBC92A6AAEB54296CEB28B2B27362BF3C725C49C76B5B4E479C110E8A7B00A2119CC4224E9CF32498F234B8F0F2C6EB6C01BC7D3CC1060FB800F4A632D2
Malicious:	false
Preview:	L..................F.... .....fMeq....FNeq.....+.R.. ............................P.O. .:i.....+00.../C:\...................\.1.....hX.s..SAMFWT~1..D......hX.shX.s....).........................S.a.m.F.w.T.o.o.l.....h.2. ...<X. .SAMFWT~1.EXE..L......hX.shX.s....E.........................S.a.m.F.w.T.o.o.l...e.x.e.......I...............-.......H...........n..b.....C:\SamFwTool\SamFwTool.exe..&.....\.....\.....\.....\.....\.S.a.m.F.w.T.o.o.l.\.S.a.m.F.w.T.o.o.l...e.x.e...C.:.\.S.a.m.F.w.T.o.o.l.`.......X.......376483...........hT..CrF.f4... ..../Tc...,......hT..CrF.f4... ..../Tc...,......E.......9...1SPS..mD..pH.H@..=x.....h....H.....K...YM...?................

Process:	C:\SamFwTool\data\7za.exe
File Type:	PE32+ executable (console) x86-64, for MS Windows
Category:	dropped
Size (bytes):	545280
Entropy (8bit):	6.193820907481558
Encrypted:	false
SSDEEP:	12288:GvP+BNSebhEFoUbElY7dx0Gyz1batvex:1hiFoUbEwdngx
MD5:	FE522D8659618E3A50AAFD8AC1518638
SHA1:	7D1B392121DA91393F69D124928F9FE50D62F785
SHA-256:	254CF6411D38903B2440819F7E0A847F0CFEE7F8096CFAD9E90FEA62F42B0C23
SHA-512:	FBBCB853B77AC038E4B7F7668E9FEFDC7BA3592C6899CDDFD72125D68D0B2D6B858BAA3987907D58A5333EA9A4D5EB0AB8B7535A6263738F96212A6146C49B81
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: MDE_File_Sample_aa447845a64e29145a9489f43972beebcb33cfba.zip, Detection: malicious, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......`.m.$...$...$...Ru~.%...Rux./...$.......Rum.j......%...Run.4.......%...Ru..%...Ru{.%...Rich$...........PE..d....r.b.........."..........................@...........................................`.....................................................x....p...........o......................................................................@............................text...N........................... ..`.rdata..............................@..@.data....-..........................@....pdata...o.......p..................@..@.rsrc........p.......:..............@..@.reloc..8............B..............@..B........................................................................................................................................................................................................................................................................

Process:	C:\SamFwTool\SamFwTool.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Category:	dropped
Size (bytes):	37294232
Entropy (8bit):	7.999962745994726
Encrypted:	true
SSDEEP:	786432:incVpEp/wcHSL3UgLUpozRqaupIf5uSGbmqdPvGK6H:OQEpIcw7LOozfMDIT
MD5:	885D3969D9A9839DF09987A2F0D4F267
SHA1:	29C12A8A40701845CFE8711FE7E234754F63E26E
SHA-256:	88752175759625257FC0158A627E7D2FBC47B9EC0AE33090629FEA3441D22D77
SHA-512:	EBC5BD3571CEBFBEFCBF6D3E4103BC37632D649BDDECA608806B8022E4C0126D1E7FB9E4BC1B389FD038FE1A2C02D8D8F2A6F21910B08FEA5CE5D5AF92517884
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1)..PG..PG..PG._...PG..PF.IPG._...PG.sw..PG..VA..PG.Rich.PG.........PE..L.....$_.................b...........3............@.................................h.9...@.................................8............#..........p.8.(G...........................................................................................text....`.......b.................. ..`.rdata..t............f..............@..@.data...8............z..............@....ndata.......P...........................rsrc....#.......$..................@..@................................................................................................................................................................................................................................................................................................................................................................

Process:	C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	modified
Size (bytes):	3199488
Entropy (8bit):	6.325057614962127
Encrypted:	false
SSDEEP:	49152:2WGtLBcXqFpBR6SVb8kq4pgquLMMji4NYxtJpkxhGjIHTbQ333TY:6tLutqgwh4NYxtJpkxhGj333T
MD5:	C40A8A7891124F63F741EE4E36AE459C
SHA1:	12FBE834DD5D52CDB4DDDCA392604721872D259D
SHA-256:	7E865F2AB27C2CDC895CC42BA887C4968A85619D435D74C556CC8F8CE47E615C
SHA-512:	F7043FC31CD692EB52B00A24F3085609B0C616B04B7EC0FF22C7D34D27C34C07EC7F27424256FEC2CF975DDC277C2005CC96E3668BF11AD112DB77B750E9D92A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L......c.................L,.........hf,......p,...@...........................1...........@......@....................-.......-..9...................................................................................-.......-......................text.... ,......",................. ..`.itext...(...@,.....&,............. ..`.data...X....p,......P,.............@....bss.....y....-..........................idata...9....-..:....,.............@....didata.......-.......-.............@....edata........-......-.............@..@.tls....L.....-..........................rdata..]............,-.............@..@.rsrc.................-.............@..@..............1.......0.............@..@........................................................

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2130), with no line terminators
Category:	downloaded
Size (bytes):	2130
Entropy (8bit):	5.598637316605287
Encrypted:	false
SSDEEP:	48:C1EVawjVNgeXfNmC8t5nMJOB0a0BBQeSSMqB0TjC/Yq:C1EVnjVNgeXH8tsoyucYq
MD5:	60E05CEDCB3514129190D90FB427AA18
SHA1:	5E57F056B523A324DE8F4351CE7A1F83ED5415F5
SHA-256:	75C9AE57535CE65523F3A4FA37F1F99BA5D9FFFBF2CF1B56826B4044DD244374
SHA-512:	446532D5090F0DC5948A0CE7E24078FB7C0DFEAE7CF71BEEA8AD58451CA25BC9CDD82C2FAC926503CFFFDC4FE0AEAB47419EB781DB2BDC27D80D9ADF8E3D57EF
Malicious:	false
Reputation:	unknown
URL:	https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22227541&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Preview:	PubMatic.loadAsyncImagePixel('https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2');PubMatic.loadAsyncImagePixel('https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2');PubMatic.loadAsyncImagePixel('https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&sInitiator=external&gdpr=0&gdpr_consent=');PubMatic.loadAsyncImagePixel('https://pixel.onaudience.com/?partner=214&mapped=5C9EC19C-5A04-4DA8-A0DF-661A8DE458A2&gdpr=0&gdpr_consent=');PubMatic.loadAsyncIframePixel('https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel');PubMatic.loadAsyncIframePixel('https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D');PubMatic.loadAsyncIframePixel('https://beacon.lynx.cognitivlabs.

Entrypoint:	0x4b5eec
Entrypoint Section:	.itext
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
DLL Characteristics:	DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Time Stamp:	0x63ECF218 [Wed Feb 15 14:54:16 2023 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	6
OS Version Minor:	1
File Version Major:	6
File Version Minor:	1
Subsystem Version Major:	6
Subsystem Version Minor:	1
Import Hash:	e569e6f445d32ba23766ad67d1e3787f

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0xc4000	0x9a	.edata
IMAGE_DIRECTORY_ENTRY_IMPORT	0xc2000	0xfdc	.idata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0xc7000	0x11000	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0xc6000	0x18	.rdata
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0xc22f4	0x254	.idata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0xc3000	0x1a4	.didata
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0xb39e4	0xb3a00	43af0a9476ca224d8e8461f1e22c94da	False	0.34525867693110646	data	6.357635049994181	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.itext	0xb5000	0x1688	0x1800	185e04b9a1f554e31f7f848515dc890c	False	0.54443359375	data	5.971425428435973	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.data	0xb7000	0x37a4	0x3800	cab2107c933b696aa5cf0cc6c3fd3980	False	0.36097935267857145	data	5.048648594372454	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.bss	0xbb000	0x6de8	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.idata	0xc2000	0xfdc	0x1000	e7d1635e2624b124cfdce6c360ac21cd	False	0.3798828125	data	5.029087481102678	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.didata	0xc3000	0x1a4	0x200	8ced971d8a7705c98b173e255d8c9aa7	False	0.345703125	data	2.7509822285969876	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.edata	0xc4000	0x9a	0x200	8d4e1e508031afe235bf121c80fd7d5f	False	0.2578125	data	1.877162954504408	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.tls	0xc5000	0x18	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rdata	0xc6000	0x5d	0x200	8f2f090acd9622c88a6a852e72f94e96	False	0.189453125	data	1.3838943752217987	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.rsrc	0xc7000	0x11000	0x11000	f2c506d4c35b9e67e87ce9122eabc891	False	0.18580537683823528	data	3.693572443024652	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
RT_ICON	0xc7678	0xa68	Device independent bitmap graphic, 64 x 128 x 4, image size 2048	English	United States	0.1174924924924925
RT_ICON	0xc80e0	0x668	Device independent bitmap graphic, 48 x 96 x 4, image size 1152	English	United States	0.15792682926829268
RT_ICON	0xc8748	0x2e8	Device independent bitmap graphic, 32 x 64 x 4, image size 512	English	United States	0.23387096774193547
RT_ICON	0xc8a30	0x128	Device independent bitmap graphic, 16 x 32 x 4, image size 128	English	United States	0.39864864864864863
RT_ICON	0xc8b58	0x1628	Device independent bitmap graphic, 64 x 128 x 8, image size 4096, 256 important colors	English	United States	0.08339210155148095
RT_ICON	0xca180	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colors	English	United States	0.1023454157782516
RT_ICON	0xcb028	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colors	English	United States	0.10649819494584838
RT_ICON	0xcb8d0	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colors	English	United States	0.10838150289017341
RT_ICON	0xcbe38	0x12e5	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced	English	United States	0.8712011577424024
RT_ICON	0xcd120	0x4228	Device independent bitmap graphic, 64 x 128 x 32, image size 16896	English	United States	0.05668398677373642
RT_ICON	0xd1348	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 9600	English	United States	0.08475103734439834
RT_ICON	0xd38f0	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 4224	English	United States	0.09920262664165103
RT_ICON	0xd4998	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 1088	English	United States	0.2047872340425532
RT_STRING	0xd4e00	0x360	data			0.34375
RT_STRING	0xd5160	0x260	data			0.3256578947368421
RT_STRING	0xd53c0	0x45c	data			0.4068100358422939
RT_STRING	0xd581c	0x40c	data			0.3754826254826255
RT_STRING	0xd5c28	0x2d4	data			0.39226519337016574
RT_STRING	0xd5efc	0xb8	data			0.6467391304347826
RT_STRING	0xd5fb4	0x9c	data			0.6410256410256411
RT_STRING	0xd6050	0x374	data			0.4230769230769231
RT_STRING	0xd63c4	0x398	data			0.3358695652173913
RT_STRING	0xd675c	0x368	data			0.3795871559633027
RT_STRING	0xd6ac4	0x2a4	data			0.4275147928994083
RT_RCDATA	0xd6d68	0x10	data			1.5
RT_RCDATA	0xd6d78	0x2c4	data			0.6384180790960452
RT_RCDATA	0xd703c	0x2c	data			1.1818181818181819
RT_GROUP_ICON	0xd7068	0xbc	data	English	United States	0.6170212765957447
RT_VERSION	0xd7124	0x584	data	English	United States	0.254957507082153
RT_MANIFEST	0xd76a8	0x7a8	XML 1.0 document, ASCII text, with CRLF line terminators	English	United States	0.3377551020408163

DLL	Import
kernel32.dll	GetACP, GetExitCodeProcess, LocalFree, CloseHandle, SizeofResource, VirtualProtect, VirtualFree, GetFullPathNameW, ExitProcess, HeapAlloc, GetCPInfoExW, RtlUnwind, GetCPInfo, GetStdHandle, GetModuleHandleW, FreeLibrary, HeapDestroy, ReadFile, CreateProcessW, GetLastError, GetModuleFileNameW, SetLastError, FindResourceW, CreateThread, CompareStringW, LoadLibraryA, ResetEvent, GetVersion, RaiseException, FormatMessageW, SwitchToThread, GetExitCodeThread, GetCurrentThread, LoadLibraryExW, LockResource, GetCurrentThreadId, UnhandledExceptionFilter, VirtualQuery, VirtualQueryEx, Sleep, EnterCriticalSection, SetFilePointer, LoadResource, SuspendThread, GetTickCount, GetFileSize, GetStartupInfoW, GetFileAttributesW, InitializeCriticalSection, GetSystemWindowsDirectoryW, GetThreadPriority, SetThreadPriority, GetCurrentProcess, VirtualAlloc, GetSystemInfo, GetCommandLineW, LeaveCriticalSection, GetProcAddress, ResumeThread, GetVersionExW, VerifyVersionInfoW, HeapCreate, GetWindowsDirectoryW, VerSetConditionMask, GetDiskFreeSpaceW, FindFirstFileW, GetUserDefaultUILanguage, lstrlenW, QueryPerformanceCounter, SetEndOfFile, HeapFree, WideCharToMultiByte, FindClose, MultiByteToWideChar, LoadLibraryW, SetEvent, CreateFileW, GetLocaleInfoW, GetSystemDirectoryW, DeleteFileW, GetLocalTime, GetEnvironmentVariableW, WaitForSingleObject, WriteFile, ExitThread, DeleteCriticalSection, TlsGetValue, GetDateFormatW, SetErrorMode, IsValidLocale, TlsSetValue, CreateDirectoryW, GetSystemDefaultUILanguage, EnumCalendarInfoW, LocalAlloc, GetUserDefaultLangID, RemoveDirectoryW, CreateEventW, SetThreadLocale, GetThreadLocale
comctl32.dll	InitCommonControls
version.dll	GetFileVersionInfoSizeW, VerQueryValueW, GetFileVersionInfoW
user32.dll	CreateWindowExW, TranslateMessage, CharLowerBuffW, CallWindowProcW, CharUpperW, PeekMessageW, GetSystemMetrics, SetWindowLongW, MessageBoxW, DestroyWindow, CharUpperBuffW, CharNextW, MsgWaitForMultipleObjects, LoadStringW, ExitWindowsEx, DispatchMessageW
oleaut32.dll	SysAllocStringLen, SafeArrayPtrOfIndex, VariantCopy, SafeArrayGetLBound, SafeArrayGetUBound, VariantInit, VariantClear, SysFreeString, SysReAllocStringLen, VariantChangeType, SafeArrayCreate
netapi32.dll	NetWkstaGetInfo, NetApiBufferFree
advapi32.dll	ConvertStringSecurityDescriptorToSecurityDescriptorW, RegQueryValueExW, AdjustTokenPrivileges, GetTokenInformation, ConvertSidToStringSidW, LookupPrivilegeValueW, RegCloseKey, OpenProcessToken, RegOpenKeyExW

Name	Ordinal	Address
TMethodImplementationIntercept	3	0x4541a8
__dbk_fcall_wrapper	2	0x40d0a0
dbkFCallWrapperAddr	1	0x4be63c

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:31:38 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=T44AyLgHntceSxX&MD=kaTvHc9V HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-03-08 14:31:38 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 4c52516b-62a5-4b48-b3af-d5ef29aac824 MS-RequestId: 42a76ee7-5f68-4d25-aae0-9908b4aab5a5 MS-CV: N4p9jyzj9keRB871.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Fri, 08 Mar 2024 14:31:38 GMT Connection: close Content-Length: 24490
2024-03-08 14:31:38 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-03-08 14:31:38 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:31:39 UTC	2205	OUT	POST /threshold/xls.aspx HTTP/1.1 Origin: https://www.bing.com Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init Accept: / Accept-Language: en-CH Content-type: text/xml X-Agent-DeviceId: 01000A4109005EFE X-BM-CBT: 1696492382 X-BM-DateFormat: dd/MM/yyyy X-BM-DeviceDimensions: 784x984 X-BM-DeviceDimensionsLogical: 784x984 X-BM-DeviceScale: 100 X-BM-DTZ: 60 X-BM-Market: CH X-BM-Theme: 000000;0078d7 X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E X-Device-ClientSession: 7964DE11F2244989AF4CA95A808EA94C X-Device-isOptin: false X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A} X-Device-OSSKU: 48 X-Device-Touch: false X-DeviceID: 01000A4109005EFE X-MSEdge-ExternalExp: bfbwsbcm0921cf,d-thshld42,websuganno_t2,wsbmsaqfuxt3,wsbqfasmsall_t,wsbqfminiserp500,wsbref-t,wsbuacf X-MSEdge-ExternalExpType: JointCoord X-PositionerType: Desktop X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI X-Search-CortanaAvailableCapabilities: None X-Search-SafeSearch: Moderate X-Search-TimeZone: Bias=0; DaylightBias=-60; TimeZoneKeyName=GMT Standard Time X-UserAgeClass: Unknown Accept-Encoding: gzip, deflate, br User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 Host: www.bing.com Content-Length: 516 Connection: Keep-Alive Cache-Control: no-cache Cookie: SRCHUID=V=2&GUID=19565074ACE142FCABAF0CDCC0DFAAEB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231005; SRCHHPGUSR=SRCHLANG=en&LUT=1696492216762&IPMH=45187fb8&IPMID=1696492382078&HV=1696492289; CortanaAppUID=FE52A12E95B5DF3DB5902D0602A16B66; MUID=A92BA4E78D2946A0AFDA5029FA43D7A8; _SS=SID=21E2F496C67F672E2F62E737C76966EF&CPID=1696492383022&AC=1&CPH=644b7eae; _EDGE_S=SID=21E2F496C67F672E2F62E737C76966EF; MUIDB=A92BA4E78D2946A0AFDA5029FA43D7A8
2024-03-08 14:31:39 UTC	1	OUT	Data Raw: 3c Data Ascii: <
2024-03-08 14:31:39 UTC	515	OUT	Data Raw: 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 41 39 32 42 41 34 45 37 38 44 32 39 34 36 41 30 41 46 44 41 35 30 32 39 46 41 34 33 44 37 41 38 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 37 35 31 45 39 44 31 37 45 34 43 44 34 32 45 42 41 41 36 41 45 35 39 41 36 45 44 35 43 32 32 41 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 42 6f 78 4d 6f 64 65 6c 22 2c 22 46 49 44 22 3a 22 43 49 Data Ascii: ClientInstRequest><CID>A92BA4E78D2946A0AFDA5029FA43D7A8</CID><Events><E><T>Event.ClientInst</T><IG>751E9D17E4CD42EBAA6AE59A6ED5C22A</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.BoxModel","FID":"CI
2024-03-08 14:31:39 UTC	476	IN	HTTP/1.1 204 No Content Access-Control-Allow-Origin: * Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version X-MSEdge-Ref: Ref A: 3075A23F92DF48E59866E487F7280253 Ref B: LAXEDGE1711 Ref C: 2024-03-08T14:31:39Z Date: Fri, 08 Mar 2024 14:31:39 GMT Connection: close Alt-Svc: h3=":443"; ma=93600 X-CDN-TraceID: 0.86746268.1709908299.3afa9ace

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:31:49 UTC	222	OUT	GET /api/samfwfrp/version HTTP/1.1 Accept: application/json, text/json, text/x-json, text/javascript, application/xml, text/xml User-Agent: SamFwFRP/4.9 Host: samfw.com Accept-Encoding: gzip Connection: Keep-Alive
2024-03-08 14:31:49 UTC	758	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:31:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close vary: Accept-Encoding Cache-Control: no-cache, private x-ratelimit-limit: 200 x-ratelimit-remaining: 199 access-control-allow-origin: * strict-transport-security: max-age=31536000 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2QD%2Bvb3kFHN3VULRKFlYDlTig41fbVe3VVs3KxBbeRzY%2BTEcR%2BMDpxYHHFTM2FM9YWpYp5NdTqGSKqiYRQLzWiZ5q%2F9TJM167zxbOQBR0oeAtvFC9I0fzIge%2Bk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 861387f49fbc0add-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:31:49 UTC	573	IN	Data Raw: 32 33 36 0d 0a 7b 22 69 70 22 3a 22 31 35 34 2e 31 36 2e 31 30 35 2e 33 38 22 2c 22 63 6f 64 65 22 3a 22 32 30 30 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 34 2e 39 22 2c 22 6d 64 35 22 3a 22 4f 70 50 32 72 79 46 5a 33 37 68 72 66 44 70 6f 50 39 59 6d 52 56 71 77 6d 63 4d 4a 4a 46 61 44 2b 38 38 37 33 54 62 75 66 57 45 3d 22 2c 22 63 68 61 6e 67 65 6c 6f 67 22 3a 22 20 5b 4d 41 49 4e 5d 5c 72 5c 6e 20 2d 20 4f 70 74 69 6d 69 7a 65 20 72 65 61 64 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 66 61 73 74 65 72 5c 72 5c 6e 20 2d 20 46 69 78 20 4d 54 50 20 72 65 62 6f 6f 74 20 73 6f 6d 65 74 69 6d 65 20 72 65 74 75 72 6e 20 46 41 49 4c 5c 72 5c 6e 5c 72 5c 6e 20 5b 53 41 4d 53 55 4e 47 5d 5c 72 5c 6e 20 2d 20 41 64 64 20 46 52 50 20 32 30 32 34 20 28 55 53 41 20 6d 6f Data Ascii: 236{"ip":"154.16.105.38","code":"200","version":"4.9","md5":"OpP2ryFZ37hrfDpoP9YmRVqwmcMJJFaD+8873TbufWE=","changelog":" [MAIN]\r\n - Optimize read information faster\r\n - Fix MTP reboot sometime return FAIL\r\n\r\n [SAMSUNG]\r\n - Add FRP 2024 (USA mo
2024-03-08 14:31:49 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:31:52 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-03-08 14:31:52 UTC	494	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (sac/2518) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Cache-Control: public, max-age=17615 Date: Fri, 08 Mar 2024 14:31:52 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:31:53 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-03-08 14:31:53 UTC	530	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0Fz4RYwAAAACZW8dCTzveR7lI76J6Z2l5U0pDRURHRTA1MTgAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm Cache-Control: public, max-age=17610 Date: Fri, 08 Mar 2024 14:31:53 GMT Content-Length: 55 Connection: close X-CID: 2
2024-03-08 14:31:53 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:31:59 UTC	80	OUT	GET /Odin/SAMSUNG_USB_Driver_for_Mobile_Phones.exe HTTP/1.1 Host: samfw.com
2024-03-08 14:31:59 UTC	735	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:31:59 GMT Content-Type: application/octet-stream Content-Length: 37294232 Connection: close last-modified: Sat, 18 Jun 2022 05:53:33 GMT etag: "62ad685d-2391098" strict-transport-security: max-age=31536000 Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZnyqSH6qPgeYIKKUU8euymmYesL0F5viQl68Wj7sbVbKevAcqWYYbHxd2EFpMf%2FHBNwQHhrybcS4MgUmx7TMg%2Flg4OceuU8SaXXH5ulFMV1AySFRAIFZGUWINE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 861388337f5909ed-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:31:59 UTC	634	IN	Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ad 31 29 81 e9 50 47 d2 e9 50 47 d2 e9 50 47 d2 2a 5f 18 d2 eb 50 47 d2 e9 50 46 d2 49 50 47 d2 2a 5f 1a d2 e6 50 47 d2 bd 73 77 d2 e3 50 47 d2 2e 56 41 d2 e8 50 47 d2 52 69 63 68 e9 50 47 d2 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 a7 d6 24 5f 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 62 00 00 00 d0 01 00 00 04 00 00 12 33 00 00 00 10 00 00 00 80 00 00 00 00 40 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1)PGPGPG_PGPFIPG_PGswPG.VAPGRichPGPEL$_b3@
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: @@
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: ff 35 f4 3e 42 00 68 30 75 00 00 ff 35 0c 3f 42 00 ff 15 64 81 40 00 50 68 02 04 00 00 ff 74 24 18 ff 15 60 82 40 00 85 f6 7d 92 33 c0 5e c2 08 00 b8 ff ff ff 7f eb f5 8b 44 24 04 8b 0d 34 47 42 00 6a 00 ff 74 81 6c e8 69 ff ff ff c2 04 00 68 08 a8 40 00 ff 74 24 08 e8 b7 3d 00 00 c2 04 00 55 8b ec 81 ec d0 01 00 00 a1 28 47 42 00 53 56 8b 75 08 57 6a 07 59 8d 7d d4 89 45 f8 33 db f3 a5 8b 45 d8 8b 55 dc 8b f0 8b fa c1 e6 0a b9 00 50 42 00 89 5d fc c1 e7 0a 03 f1 03 f9 8d 4d d8 89 0d 44 b8 40 00 8b 4d d4 83 c1 fe 83 f9 41 0f 87 d1 15 00 00 ff 24 8d 6c 2a 40 00 53 50 e8 51 3d 00 00 e9 eb 0e 00 00 ff 05 ec 3e 42 00 39 5d f8 0f 84 dc 0e 00 00 53 ff 15 28 82 40 00 e9 d0 0e 00 00 50 e8 b0 fe ff ff 48 53 50 e8 c4 fe ff ff e9 9b 15 00 00 53 50 e8 17 3d 00 00 e9 Data Ascii: 5>Bh0u5?Bd@Pht$`@}3^D$4GBjtlih@t$=U(GBSVuWjY}E3EUPB]MD@MA$l*@SPQ=>B9]S(@PHSPSP=
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: ec e9 33 11 00 00 6a f0 e8 95 12 00 00 ff 75 dc 50 e8 47 3f 00 00 e9 13 11 00 00 6a 01 e8 80 12 00 00 50 e8 83 47 00 00 e9 c7 0c 00 00 6a 02 e8 4c 12 00 00 6a 03 89 45 c4 89 55 c8 e8 3f 12 00 00 59 8b f8 8b 45 c4 59 6a 01 89 7d 84 89 55 88 89 45 08 e8 4a 12 00 00 50 89 45 d0 e8 4a 47 00 00 39 5d c8 88 1e 75 03 89 45 08 39 5d 08 0f 84 ba 10 00 00 8b 4d 84 3b cb 7d 0b 8d 3c 08 3b fb 0f 8c a8 10 00 00 3b f8 7e 02 8b f8 8b 45 d0 03 c7 50 56 e8 fd 46 00 00 39 5d 08 7d 0e 56 e8 08 47 00 00 01 45 08 79 03 89 5d 08 8b 45 08 3d 00 04 00 00 0f 8d 75 10 00 00 88 1c 30 e9 6d 10 00 00 6a 20 e8 da 11 00 00 6a 31 8b f0 e8 d1 11 00 00 39 5d e8 50 56 75 12 ff 15 18 81 40 00 85 c0 75 7a 8b 45 e0 e9 4f 10 00 00 ff 15 1c 81 40 00 eb ec 33 ff 47 57 e8 a7 11 00 00 68 00 04 00 Data Ascii: 3juPG?jPGjLjEU?YEYj}UEJPEJG9]uE9]M;}<;;~EPVF9]}VGEy]E=u0mj j19]PVu@uzEO@3GWh
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: 75 dc 8a c8 80 e1 01 c6 05 1f b8 40 00 01 88 0d 1c b8 40 00 8a c8 80 e1 02 24 04 68 24 b8 40 00 88 0d 1d b8 40 00 a2 1e b8 40 00 e8 9f 42 00 00 68 08 b8 40 00 ff 15 58 80 40 00 e9 5b 07 00 00 53 e8 e1 0c 00 00 6a 01 8b f0 89 55 c8 e8 d5 0c 00 00 39 5d e4 59 59 89 55 c8 50 56 75 0b ff 15 30 82 40 00 e9 6c 0b 00 00 ff 15 58 82 40 00 e9 61 0b 00 00 53 e8 cf 0c 00 00 6a 31 8b f0 e8 c6 0c 00 00 6a 22 8b d8 e8 bd 0c 00 00 6a 15 8b f8 e8 b4 0c 00 00 6a ec e8 02 f5 ff ff 8b 45 e8 89 45 94 8b 45 f8 89 45 98 8b 45 e4 89 45 ac 8a 06 f6 d8 1b c0 89 5d a0 23 c6 89 45 9c 8a 07 f6 d8 1b c0 c7 45 a8 00 a8 42 00 23 c7 89 45 a4 8d 45 90 50 e8 47 38 00 00 85 c0 0f 84 5b 08 00 00 f6 45 94 40 0f 84 ec 0a 00 00 ff 75 c8 e8 c9 45 00 00 ff 75 c8 eb 45 53 e8 4d 0c 00 00 8b f0 56 Data Ascii: u@@$h$@@@Bh@X@[SjU9]YYUPVu0@lX@aSj1j"jjEEEEEE]#EEB#EEPG8[E@uEuESMV
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: ff ff 66 a1 10 a0 40 00 6a 01 66 89 45 0a e8 dd 07 00 00 6a 12 8b f8 e8 d4 07 00 00 6a dd 89 45 c8 e8 ca 07 00 00 50 68 ff 03 00 00 8d 45 0a 56 50 ff 75 c8 57 ff 15 4c 81 40 00 80 3e 0a e9 1a f3 ff ff 39 5d e8 8b f2 75 2b 6a 02 e8 df 07 00 00 8b f0 3b f3 0f 84 86 03 00 00 6a 33 e8 8e 07 00 00 50 56 ff 15 14 80 40 00 56 8b f8 ff 15 10 80 40 00 eb 16 6a 22 e8 74 07 00 00 8b 4d e8 d1 f9 51 50 56 e8 25 08 00 00 8b f8 3b fb 0f 84 e9 05 00 00 e9 49 03 00 00 8b 75 e8 8b f8 8b 45 ec 6a 02 89 45 c8 e8 46 07 00 00 6a 11 89 45 88 e8 3c 07 00 00 6a 02 50 57 c7 45 fc 01 00 00 00 e8 bc 07 00 00 3b c3 89 45 08 0f 84 ad 05 00 00 33 c0 83 fe 01 bf 08 ac 40 00 75 0e 6a 23 e8 0e 07 00 00 57 e8 11 3c 00 00 40 83 fe 04 75 15 6a 03 e8 d9 06 00 00 59 a3 08 ac 40 00 56 89 95 78 Data Ascii: f@jfEjjEPhEVPuWL@>9]u+j;j3PV@V@j"tMQPV%;IuEjEFjE<jPWE;E3@uj#W<@ujY@Vx
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: 89 55 88 89 45 dc eb 10 ff 75 e8 8d 46 18 50 e8 09 38 00 00 80 4e 09 01 8b 45 e0 8b 4d dc 89 0c 86 39 5d e4 0f 84 f9 00 00 00 ff 75 c4 e8 14 e8 ff ff e9 ec 00 00 00 53 e8 38 02 00 00 83 f8 20 59 89 55 c8 0f 83 3e fe ff ff 39 5d e4 74 29 39 5d e0 74 12 50 e8 08 e9 ff ff 53 53 e8 57 e8 ff ff e9 bd 00 00 00 53 e8 3f e9 ff ff 50 57 e8 75 36 00 00 e9 ab 00 00 00 39 5d e0 74 15 8b 15 34 47 42 00 8b 4d dc 89 8c 82 94 00 00 00 e9 91 00 00 00 8b 0d 34 47 42 00 ff b4 81 94 00 00 00 57 e8 78 37 00 00 eb 7c 6a 05 e8 e5 3a 00 00 6a 22 8b f0 e8 e0 01 00 00 3b f3 74 38 8d 4d bc 51 50 e8 18 37 00 00 59 85 c0 59 7c 28 8d 45 08 50 53 ff 75 e4 8d 45 bc 50 ff d6 85 c0 7c 16 ff 75 08 57 e8 e1 36 00 00 59 59 ff 75 08 ff 15 94 82 40 00 eb 30 c7 45 fc 01 00 00 00 88 1f eb 25 8b Data Ascii: UEuFP8NEM9]uS8 YU>9]t)9]tPSSWS?PWu69]t4GBM4GBWx7\|j:j";t8MQP7YY\|(EPSuEP\|uW6YYu@0E%
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: 00 6a 05 50 a3 e0 f8 41 00 ff 15 30 82 40 00 5e c3 55 8b ec 83 ec 28 53 56 33 db 57 89 5d f8 89 5d fc ff 15 e8 80 40 00 be 00 bc 42 00 68 00 04 00 00 05 e8 03 00 00 56 53 a3 30 47 42 00 ff 15 e0 80 40 00 6a 03 68 00 00 00 80 56 e8 79 2d 00 00 8b f8 83 ff ff 89 7d f4 89 3d 18 a0 40 00 75 0a b8 04 a1 40 00 e9 d6 01 00 00 56 be 00 ac 42 00 56 e8 ba 31 00 00 56 e8 93 2b 00 00 50 68 00 c0 42 00 e8 a9 31 00 00 53 57 ff 15 f0 80 40 00 3b c3 a3 e4 f8 41 00 8b f0 0f 86 e5 00 00 00 bb d8 b8 40 00 a1 38 47 42 00 8b fe f7 d8 1b c0 25 00 7e 00 00 05 00 02 00 00 3b f0 72 02 8b f8 57 53 e8 5e 03 00 00 85 c0 0f 84 20 01 00 00 83 3d 38 47 42 00 00 75 7a 6a 1c 8d 45 d8 53 50 e8 a2 2c 00 00 8b 45 d8 a9 f0 ff ff ff 75 72 81 7d dc ef be ad de 75 69 81 7d e8 49 6e 73 74 75 60 Data Ascii: jPA0@^U(SV3W]]@BhVS0GB@jhVy-}=@u@VBV1V+PhB1SW@;A@8GB%~;rWS^ =8GBuzjESP,Eur}ui}Instu`
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: 00 bd 00 a0 42 00 50 55 e8 cb 2c 00 00 80 3d 00 a0 42 00 22 c7 05 20 47 42 00 00 00 40 00 8b c5 75 0a c6 44 24 14 22 b8 01 a0 42 00 ff 74 24 14 50 e8 65 26 00 00 50 ff 15 10 82 40 00 89 44 24 1c e9 c0 00 00 00 80 f9 20 75 06 40 80 38 20 74 fa 80 38 22 c6 44 24 14 20 75 06 40 c6 44 24 14 22 80 38 2f 0f 85 8c 00 00 00 40 80 38 53 75 16 8a 48 01 80 f9 20 74 04 3a cb 75 0a c7 05 e0 47 42 00 01 00 00 00 0f be 0d 83 a1 40 00 0f be 15 82 a1 40 00 c1 e1 08 0b ca 0f be 15 81 a1 40 00 c1 e1 08 0b ca 0f be 15 80 a1 40 00 c1 e1 08 0b ca 39 08 75 11 8a 48 04 80 f9 20 74 04 3a cb 75 05 83 4c 24 20 04 0f be 0d 7b a1 40 00 0f be 15 7a a1 40 00 c1 e1 08 0b ca 0f be 15 79 a1 40 00 c1 e1 08 0b ca 0f be 15 78 a1 40 00 c1 e1 08 0b ca 39 48 fe 74 1c ff 74 24 14 50 e8 9b 25 00 Data Ascii: BPU,=B" GB@uD$"Bt$Pe&P@D$ u@8 t8"D$ u@D$"8/@8SuH t:uGB@@@@9uH t:uL$ {@z@y@x@9Htt$P%
2024-03-08 14:31:59 UTC	1369	IN	Data Raw: 00 80 e8 5f 26 00 00 57 68 00 b0 42 00 e8 89 27 00 00 e8 40 02 00 00 a1 3c 47 42 00 bd 00 a4 42 00 83 e0 20 55 a3 c0 47 42 00 c7 05 dc 47 42 00 00 00 01 00 e8 cc 21 00 00 85 c0 0f 85 81 00 00 00 8b 4e 48 3b cb 74 7a 8b 56 4c a1 78 47 42 00 bf c0 36 42 00 53 03 d0 57 03 c8 52 51 ff 76 44 e8 01 26 00 00 a0 c0 36 42 00 3a c3 74 54 3c 22 75 0f bf c1 36 42 00 6a 22 57 e8 c3 20 00 00 88 18 57 e8 0e 27 00 00 8d 44 38 fc 3b c7 76 26 68 f8 a1 40 00 50 ff 15 18 81 40 00 85 c0 75 16 57 ff 15 f4 80 40 00 83 f8 ff 74 04 a8 10 75 06 57 e8 a9 20 00 00 57 e8 5c 20 00 00 50 55 e8 bd 26 00 00 55 e8 3d 21 00 00 85 c0 75 0c ff b6 18 01 00 00 55 e8 3a 27 00 00 68 40 80 00 00 53 53 6a 01 6a 67 ff 35 20 47 42 00 ff 15 4c 82 40 00 a3 08 3f 42 00 83 7e 50 ff bf c0 3e 42 00 74 7f Data Ascii: _&WhB'@<GBB UGBGB!NH;tzVLxGB6BSWRQvD&6B:tT<"u6Bj"W W'D8;v&h@P@uW@tuW W\ PU&U=!uU:'h@SSjjg5 GBL@?B~P>Bt

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:03 UTC	337	OUT	POST /api/samfwtool/v2/service-status HTTP/1.1 Accept: application/json, text/json, text/x-json, text/javascript, application/xml, text/xml User-Agent: SamFwFRP/4.9 Content-Type: multipart/form-data; boundary="660e4e3b-8a0c-44c9-b5b3-40699318ffb4" Host: samfw.com Content-Length: 172 Expect: 100-continue Accept-Encoding: gzip
2024-03-08 14:32:03 UTC	25	IN	HTTP/1.1 100 Continue
2024-03-08 14:32:03 UTC	40	OUT	Data Raw: 2d 2d 36 36 30 65 34 65 33 62 2d 38 61 30 63 2d 34 34 63 39 2d 62 35 62 33 2d 34 30 36 39 39 33 31 38 66 66 62 34 0d 0a Data Ascii: --660e4e3b-8a0c-44c9-b5b3-40699318ffb4
2024-03-08 14:32:03 UTC	88	OUT	Data Raw: 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 70 6c 61 69 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 61 70 69 6b 65 79 0d 0a 0d 0a Data Ascii: Content-Type: text/plain; charset=utf-8Content-Disposition: form-data; name=apikey
2024-03-08 14:32:03 UTC	44	OUT	Data Raw: 0d 0a 2d 2d 36 36 30 65 34 65 33 62 2d 38 61 30 63 2d 34 34 63 39 2d 62 35 62 33 2d 34 30 36 39 39 33 31 38 66 66 62 34 2d 2d 0d 0a Data Ascii: --660e4e3b-8a0c-44c9-b5b3-40699318ffb4--
2024-03-08 14:32:04 UTC	844	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close vary: Accept-Encoding Cache-Control: no-cache, private x-ratelimit-limit: 200 x-ratelimit-remaining: 198 access-control-allow-origin: * strict-transport-security: max-age=31536000 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ko39lGYu3gEyOS6k7GEejMEIr8179F4WVcx0N7qOwwviO84VJruNqCGOXntME349QMMyHW0MM%2Bx60Wz2E3hR9zLGFd8pgtrbVHcG%2FTnBjf0a5MZpiDmgdh2R51M%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8613884dd9770adb-LAS alt-svc: h3=":443"; ma=86400 58 TgvoqwB9x7RvFFJMUPyk9SBsp0jkdE/uA1xRJo13qaN8C4/imjNQdV/3cayXDYf321cODdjhvGsLU4lO66wOpg==
2024-03-08 14:32:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:08 UTC	658	OUT	GET /samfwtool HTTP/1.1 Host: bit.ly Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-08 14:32:09 UTC	532	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Fri, 08 Mar 2024 14:32:09 GMT Content-Type: text/html; charset=utf-8 Content-Length: 157 Cache-Control: private, max-age=90 Content-Security-Policy: referrer always; Location: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click Referrer-Policy: unsafe-url Set-Cookie: _bit=o28ew9-b649af4c4c6e21f8ac-004; Domain=bit.ly; Expires=Wed, 04 Sep 2024 14:32:09 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-03-08 14:32:09 UTC	157	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 42 69 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6d 66 77 2e 63 6f 6d 2f 62 6c 6f 67 2f 73 61 6d 66 77 2d 66 72 70 2d 74 6f 6f 6c 2d 31 2d 30 2d 72 65 6d 6f 76 65 2d 73 61 6d 73 75 6e 67 2d 66 72 70 2d 6f 6e 65 2d 63 6c 69 63 6b 22 3e 6d 6f 76 65 64 20 68 65 72 65 3c 2f 61 3e 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Bitly</title></head><body><a href="https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click">moved here</a></body></html>

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:09 UTC	704	OUT	GET /blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click HTTP/1.1 Host: samfw.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-08 14:32:10 UTC	1145	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close vary: Accept-Encoding Cache-Control: no-cache, private set-cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; expires=Fri, 08-Mar-2024 16:32:10 GMT; Max-Age=7200; path=/; samesite=lax set-cookie: samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D; expires=Fri, 08-Mar-2024 16:32:10 GMT; Max-Age=7200; path=/; httponly; samesite=lax strict-transport-security: max-age=31536000 CF-Cache-Status: DYNAMIC
2024-03-08 14:32:10 UTC	399	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 32 45 38 6c 32 34 59 72 38 43 42 63 63 70 25 32 46 72 65 75 6f 32 69 4d 39 59 6f 52 57 34 32 25 32 46 48 4f 4a 58 6a 63 7a 58 49 6b 6d 37 61 6b 62 66 59 49 6e 34 77 7a 30 43 52 64 77 6c 62 4a 46 69 6f 56 33 58 4c 69 38 5a 64 7a 68 6e 32 51 57 69 75 64 70 70 4c 64 51 70 51 53 50 33 4a 37 45 4b 55 49 73 69 63 6a 53 4b 54 6a 31 6f 32 74 68 42 66 42 39 30 48 51 44 4a 4f 25 32 42 37 6f 45 25 33 44 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d 0a 4e 45 4c 3a 20 Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2E8l24Yr8CBccp%2Freuo2iM9YoRW42%2FHOJXjczXIkm7akbfYIn4wz0CRdwlbJFioV3XLi8Zdzhn2QWiudppLdQpQSP3J7EKUIsicjSKTj1o2thBfB90HQDJO%2B7oE%3D"}],"group":"cf-nel","max_age":604800}NEL:
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 36 36 63 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 53 61 6d 46 77 20 54 6f 6f 6c 20 34 2e 39 20 2d 20 52 65 6d 6f 76 65 20 53 61 6d 73 75 6e 67 20 46 52 50 20 6f 6e 65 20 63 6c 69 63 6b 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 53 61 6d 46 77 20 54 6f 6f 6c 20 34 2e 39 20 2d 20 52 65 6d 6f 76 65 20 53 61 6d 73 75 6e 67 20 46 52 50 20 6f 6e 65 20 63 6c 69 63 6b 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 73 69 74 65 5f 6e 61 6d 65 22 20 63 6f 6e 74 65 6e 74 3d 22 53 Data Ascii: 66c0<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><title>SamFw Tool 4.9 - Remove Samsung FRP one click</title><meta property="og:title" content="SamFw Tool 4.9 - Remove Samsung FRP one click" /><meta property="og:site_name" content="S
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 20 70 72 6f 70 65 72 74 79 3d 22 66 62 3a 61 64 6d 69 6e 73 22 20 63 6f 6e 74 65 6e 74 3d 22 31 30 30 30 34 35 35 30 34 32 31 37 30 30 36 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 66 62 3a 61 64 6d 69 6e 73 22 20 63 6f 6e 74 65 6e 74 3d 22 31 30 30 30 30 33 31 37 30 39 38 38 36 36 36 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 66 62 3a 70 61 67 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 34 35 31 39 34 34 36 34 35 33 38 33 32 32 36 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 77 65 62 73 69 74 65 22 20 2f 3e 0a 3c Data Ascii: property="fb:admins" content="100045504217006" /><meta property="fb:admins" content="100003170988666" /><meta property="fb:pages" content="451944645383226" /><meta property="og:locale" content="en_US" /><meta property="og:type" content="website" /><
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 74 6f 61 73 74 72 2e 6a 73 2f 6c 61 74 65 73 74 2f 74 6f 61 73 74 72 2e 6d 69 6e 2e 63 73 73 22 20 69 6e 74 65 67 72 69 74 79 3d 22 73 68 61 35 31 32 2d 76 4b 4d 78 38 55 6e 58 6b 36 30 7a 55 77 79 55 6e 55 50 4d 33 48 62 51 6f 38 51 66 6d 4e 78 37 2b 6c 74 77 38 50 6d 35 7a 4c 75 73 6c 31 58 49 66 77 63 78 6f 38 44 62 57 43 71 4d 47 4b 61 57 65 4e 78 57 41 38 79 72 78 35 76 33 53 61 56 70 4d 76 52 33 43 41 3d 3d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 72 65 66 65 72 72 65 72 70 6f 6c 69 63 79 3d Data Ascii: .css"><link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css" integrity="sha512-vKMx8UnXk60zUwyUnUPM3HbQo8QfmNx7+ltw8Pm5zLusl1XIfwcxo8DbWCqMGKaWeNxWA8yrx5v3SaVpMvR3CA==" crossorigin="anonymous" referrerpolicy=
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 68 3a 20 37 32 38 70 78 3b 20 68 65 69 67 68 74 3a 20 39 30 70 78 3b 20 7d 20 7d 20 2f 2a 37 39 35 2a 2f 0d 0a 20 20 20 20 20 20 40 6d 65 64 69 61 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 36 30 30 70 78 29 20 7b 20 2e 72 65 73 70 6f 6e 61 64 20 7b 20 77 69 64 74 68 3a 20 39 37 30 70 78 3b 20 68 65 69 67 68 74 3a 20 39 30 70 78 3b 20 7d 20 7d 20 2f 2a 39 37 30 2a 2f 0d 0a 20 20 20 20 20 20 2e 63 61 72 64 2d 68 65 61 64 65 72 2d 68 65 6c 70 7b 0d 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 36 30 64 65 67 2c 20 23 36 39 36 37 36 36 2c 20 23 61 38 61 38 61 38 29 3b 0d 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 2e 63 61 72 64 Data Ascii: h: 728px; height: 90px; } } /795/ @media(min-width: 1600px) { .responad { width: 970px; height: 90px; } } /970/ .card-header-help{ background: linear-gradient(60deg, #696766, #a8a8a8); color: #fff; } .card
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 0d 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0d 0a 20 20 20 20 20 20 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0d 0a 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0d 0a 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 37 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0d 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 66 66 36 36 30 30 3b 0d 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 31 30 70 78 20 61 75 74 6f 3b 0d 0a 20 20 20 20 20 20 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0d 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0d 0a 20 20 20 20 20 20 7d 0d 0a 20 20 20 Data Ascii: display: block; overflow: hidden; position: relative; line-height: 27px; font-size: 14px; color: #ff6600; margin: 10px auto; cursor: pointer; font-weight: 600; }
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 64 69 61 20 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 36 30 30 70 78 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 2e 73 74 69 63 6b 79 62 75 74 74 6f 6e 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 40 6d 65 64 69 61 20 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 34 30 30 70 78 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 2e 73 74 69 63 6b 62 6f 74 74 6f 6d 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 66 69 78 65 64 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 6a 75 73 74 69 66 Data Ascii: dia only screen and (max-width: 600px) { .stickybutton{ display: none; } } @media screen and (min-width: 1400px) { .stickbottom { position: fixed; display: flex; justif
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 0d 0a 20 20 70 3d 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 61 29 5b 30 5d 3b 70 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 6d 2c 70 29 3b 0d 0a 20 20 7d 29 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 2c 27 73 63 72 69 70 74 27 2c 27 68 74 74 70 73 3a 2f 2f 75 2e 68 65 61 74 6d 61 70 2e 69 74 2f 6c 6f 67 2e 6a 73 27 29 3b 0d 0a 20 20 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 31 36 33 38 39 38 37 32 35 2d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 77 69 6e 64 6f 77 2e 64 Data Ascii: p=e.getElementsByTagName(a)[0];p.parentNode.insertBefore(m,p); })(window,document,'script','https://u.heatmap.it/log.js'); </script><script async src="https://www.googletagmanager.com/gtag/js?id=UA-163898725-1"></script><script> window.d
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 39 2c 32 32 34 30 35 34 36 38 37 38 35 2f 73 61 6d 66 77 2e 63 6f 6d 5f 31 30 30 30 78 31 30 30 5f 73 74 69 63 6b 79 5f 61 6e 63 68 6f 72 61 64 5f 64 65 73 6b 74 6f 70 27 2c 20 5b 5b 31 30 30 30 2c 31 30 30 5d 2c 5b 39 37 30 2c 39 30 5d 2c 5b 37 32 38 2c 39 30 5d 2c 5b 39 39 30 2c 39 30 5d 2c 5b 39 37 30 2c 35 30 5d 2c 5b 39 36 30 2c 39 30 5d 2c 5b 39 35 30 2c 39 30 5d 2c 5b 39 38 30 2c 39 30 5d 5d 2c 20 27 73 61 6d 66 77 2e 63 6f 6d 5f 31 30 30 30 78 31 30 30 5f 73 74 69 63 6b 79 5f 61 6e 63 68 6f 72 61 64 5f 72 65 73 70 6f 6e 73 69 76 65 27 29 2e 61 64 64 53 65 72 76 69 63 65 28 67 6f 6f 67 6c 65 74 61 67 2e 70 75 62 61 64 73 28 29 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 67 6f 6f 67 6c 65 74 61 67 2e 64 65 66 69 6e 65 53 6c 6f 74 28 27 2f 31 34 Data Ascii: 9,22405468785/samfw.com_1000x100_sticky_anchorad_desktop', [[1000,100],[970,90],[728,90],[990,90],[970,50],[960,90],[950,90],[980,90]], 'samfw.com_1000x100_sticky_anchorad_responsive').addService(googletag.pubads()); googletag.defineSlot('/14
2024-03-08 14:32:10 UTC	1369	IN	Data Raw: 2c 33 32 30 5d 2c 5b 33 30 30 2c 33 30 30 5d 2c 5b 33 33 36 2c 32 38 30 5d 2c 5b 33 32 30 2c 32 35 30 5d 2c 5b 33 32 30 2c 33 33 36 5d 5d 2c 20 27 73 61 6d 66 77 2e 63 6f 6d 5f 37 32 38 78 39 30 5f 72 65 73 70 6f 6e 73 69 76 65 5f 31 27 29 2e 61 64 64 53 65 72 76 69 63 65 28 67 6f 6f 67 6c 65 74 61 67 2e 70 75 62 61 64 73 28 29 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 69 6e 74 65 72 73 74 69 74 69 61 6c 53 6c 6f 74 20 3d 20 67 6f 6f 67 6c 65 74 61 67 2e 64 65 66 69 6e 65 4f 75 74 4f 66 50 61 67 65 53 6c 6f 74 28 27 2f 31 34 37 32 34 36 31 38 39 2c 32 32 34 30 35 34 36 38 37 38 35 2f 73 61 6d 66 77 2e 63 6f 6d 5f 69 6e 74 65 72 73 74 69 74 69 61 6c 27 2c 20 67 6f 6f 67 6c 65 Data Ascii: ,320],[300,300],[336,280],[320,250],[320,336]], 'samfw.com_728x90_responsive_1').addService(googletag.pubads()); } var interstitialSlot = googletag.defineOutOfPageSlot('/147246189,22405468785/samfw.com_interstitial', google

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Memory Dumps

Unpacked PEs

Sigma Signatures

System Summary

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Spreading

Software Vulnerabilities

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

E-Banking Fraud

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SamFw Tool.lnk

C:\ProgramData\Samsung\USB Driver Installer\default-0.log

C:\SamFwTool\SamFwTool.exe (copy)

C:\SamFwTool\data.7z (copy)

C:\SamFwTool\data\7z.exe

C:\SamFwTool\data\7za.exe (copy)

C:\SamFwTool\data\7zax64.exe

C:\SamFwTool\data\AdbWinApi.dll

C:\SamFwTool\data\AdbWinUsbApi.dll

C:\SamFwTool\data\FacRst.apk

C:\SamFwTool\data\L.apk

C:\SamFwTool\data\LGUP_Cmd.exe

Windows Analysis Report
SecuriteInfo.com.Win32.Trojan.Agent.M47LP3.18905.20801.exe

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	1288	OUT	GET /assets/css/lazy.css HTTP/1.1 Host: samfw.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
2024-03-08 14:32:11 UTC	814	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: close Cache-Control: max-age=43200 Cf-Bgj: minify Cf-Polished: origSize=47866 etag: W/"5f75bb7a-bafa" expires: Fri, 08 Mar 2024 19:45:50 GMT last-modified: Thu, 01 Oct 2020 11:20:26 GMT strict-transport-security: max-age=31536000 vary: Accept-Encoding CF-Cache-Status: HIT Age: 24381 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnI8kJ0cmLuoOMXv%2F9YfeHWNk85ZnLC8J28DlpDmj6O8AY1BT8PzC6UZ5ehZC2aWdZr%2BntuxRHw7ZaZuZj%2Bg5Z6Y2eKAuK44RaSN4nz3YAwyJ%2FZXBtlxkhHm47I%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8613887f4fc109ff-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	555	IN	Data Raw: 33 39 62 31 0d 0a ef bb bf 40 69 6d 70 6f 72 74 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 61 6c 65 77 61 79 3a 33 30 30 2c 34 30 30 2c 35 30 30 2c 36 30 30 2c 37 30 30 29 3b 40 6b 65 79 66 72 61 6d 65 73 20 72 6f 74 61 74 65 7b 66 72 6f 6d 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 20 74 72 61 6e 73 6c 61 74 65 28 2d 31 30 70 78 29 20 72 6f 74 61 74 65 28 30 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 36 30 64 65 67 29 20 74 72 61 6e 73 6c 61 74 65 28 2d 31 30 70 78 29 20 72 6f 74 61 74 65 28 2d 33 36 30 64 65 67 29 7d 7d 2e 62 67 2d 70 72 69 6d 61 72 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 61 31 Data Ascii: 39b1@import url(https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700);@keyframes rotate{from{transform:rotate(0) translate(-10px) rotate(0)}to{transform:rotate(360deg) translate(-10px) rotate(-360deg)}}.bg-primary{background-color:#4a1
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 67 2d 6e 65 75 74 72 61 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 67 2d 64 61 72 6b 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 64 31 63 31 64 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 66 69 6c 74 65 72 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 63 6f 6e 74 65 6e 74 3a 22 22 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 62 6f 74 74 6f 6d 3a 30 3b 6c 65 66 74 3a 30 3b 72 69 67 68 74 3a 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 3b 6f 70 61 63 69 74 79 3a 2e 34 35 7d 2e 66 69 6c 74 65 72 2e 66 69 6c 74 65 72 2d Data Ascii: e{background-color:#fff!important}.bg-neutral{background-color:#fff!important}.bg-dark{background-color:#1d1c1d!important}.filter{display:block;content:"";position:absolute;top:0;bottom:0;left:0;right:0;background-color:#212529;opacity:.45}.filter.filter-
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 69 6e 6b 2c 2e 6e 61 76 62 61 72 20 2e 6e 61 76 62 61 72 2d 6e 61 76 3e 61 2e 62 74 6e 2e 62 74 6e 2d 6c 69 6e 6b 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 62 74 6e 2e 62 74 6e 2d 6c 69 6e 6b 3a 61 63 74 69 76 65 2c 2e 62 74 6e 2e 62 74 6e 2d 6c 69 6e 6b 3a 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e 2e 62 74 6e 2d 6c 69 6e 6b 3a 66 6f 63 75 73 2c 2e 62 74 6e 2e 62 74 6e 2d 6c 69 6e 6b 3a 68 6f 76 65 72 2c 2e 6e 61 76 62 61 72 20 2e 6e 61 76 62 61 72 2d 6e 61 76 3e 61 2e 62 74 6e 2e 62 74 6e 2d 6c 69 6e 6b 3a 61 63 74 69 76 65 2c 2e 6e 61 76 62 61 72 20 2e 6e 61 76 62 61 72 2d 6e 61 76 3e 61 2e 62 74 6e 2e 62 74 6e 2d 6c 69 6e 6b 3a 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 6e 61 76 62 61 72 20 2e Data Ascii: ink,.navbar .navbar-nav>a.btn.btn-link{background-color:transparent}.btn.btn-link:active,.btn.btn-link:active:focus,.btn.btn-link:focus,.btn.btn-link:hover,.navbar .navbar-nav>a.btn.btn-link:active,.navbar .navbar-nav>a.btn.btn-link:active:focus,.navbar .
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 67 67 6c 65 3a 66 6f 63 75 73 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 70 72 69 6d 61 72 79 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 62 31 38 35 32 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 34 62 31 38 35 32 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 7d 2e 62 74 6e 2d 70 72 69 6d 61 72 79 3a 6e 6f 74 28 5b 64 61 74 61 2d 61 63 74 69 6f 6e 5d 29 3a 68 6f 76 65 72 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 7d 2e 62 74 6e 2d 70 72 69 6d 61 72 79 20 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 62 74 6e 2d 70 72 69 6d 61 72 79 2e 64 69 73 61 62 6c 65 64 2c 2e 62 74 6e 2d 70 72 69 6d 61 72 79 3a 64 Data Ascii: ggle:focus,.show>.btn-primary:not(:disabled).dropdown-toggle:hover{background-color:#4b1852;border:1px solid #4b1852;box-shadow:none}.btn-primary:not([data-action]):hover{box-shadow:none}.btn-primary fieldset[disabled],.btn-primary.disabled,.btn-primary:d
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 6c 65 64 29 3a 61 63 74 69 76 65 2c 2e 62 74 6e 2d 73 75 63 63 65 73 73 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 73 75 63 63 65 73 73 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 61 63 74 69 76 65 3a 68 6f 76 65 72 2c 2e 62 74 6e 2d 73 75 63 63 65 73 73 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 73 75 63 63 65 73 73 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 68 6f 76 65 72 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 73 75 63 63 65 73 73 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 73 75 63 63 65 73 73 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 64 72 6f 70 64 6f 77 6e 2d Data Ascii: led):active,.btn-success:not(:disabled):active:focus,.btn-success:not(:disabled):active:hover,.btn-success:not(:disabled):focus,.btn-success:not(:disabled):hover,.show>.btn-success:not(:disabled).dropdown-toggle,.show>.btn-success:not(:disabled).dropdown-
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 65 63 62 32 32 66 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 65 63 62 32 32 66 7d 2e 62 74 6e 2d 77 61 72 6e 69 6e 67 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 61 63 74 69 76 65 2c 2e 62 74 6e 2d 77 61 72 6e 69 6e 67 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 77 61 72 6e 69 6e 67 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 61 63 74 69 76 65 3a 68 6f 76 65 72 2c 2e 62 74 6e 2d 77 61 72 6e 69 6e 67 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 61 63 74 69 76 65 2c 2e 62 74 6e 2d 77 61 72 6e 69 6e 67 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 77 61 72 6e 69 6e 67 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 61 63 Data Ascii: ecb22f;border:1px solid #ecb22f}.btn-warning:not(:disabled).active,.btn-warning:not(:disabled).active:focus,.btn-warning:not(:disabled).active:hover,.btn-warning:not(:disabled):active,.btn-warning:not(:disabled):active:focus,.btn-warning:not(:disabled):ac
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 63 74 69 6f 6e 5d 29 3a 68 6f 76 65 72 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 7d 2e 62 74 6e 2d 64 61 6e 67 65 72 20 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 62 74 6e 2d 64 61 6e 67 65 72 2e 64 69 73 61 62 6c 65 64 2c 2e 62 74 6e 2d 64 61 6e 67 65 72 3a 64 69 73 61 62 6c 65 64 2c 2e 62 74 6e 2d 64 61 6e 67 65 72 5b 64 69 73 61 62 6c 65 64 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 30 31 65 35 62 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 65 30 31 65 35 62 7d 2e 62 74 6e 2d 77 68 69 74 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 66 66 7d 2e 62 74 6e 2d 77 68 69 74 65 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 Data Ascii: ction]):hover{box-shadow:none}.btn-danger fieldset[disabled],.btn-danger.disabled,.btn-danger:disabled,.btn-danger[disabled]{background-color:#e01e5b;border:1px solid #e01e5b}.btn-white{background-color:#fff;border:1px solid #fff}.btn-white:not(:disabled)
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 66 6f 63 75 73 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 6e 65 75 74 72 61 6c 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 30 66 30 66 30 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 7d 2e 62 74 6e 2d 6e 65 75 74 72 61 6c 3a 6e 6f 74 28 5b 64 61 74 61 2d 61 63 74 69 6f 6e 5d 29 3a 68 6f 76 65 72 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 7d 2e 62 74 6e 2d 6e 65 75 74 72 61 6c 20 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 62 74 6e 2d 6e 65 75 74 72 61 6c 2e 64 69 73 61 62 6c 65 64 2c 2e 62 74 6e Data Ascii: ropdown-toggle:focus,.show>.btn-neutral:not(:disabled).dropdown-toggle:hover{background-color:#f0f0f0;border:1px solid #f0f0f0;box-shadow:none}.btn-neutral:not([data-action]):hover{box-shadow:none}.btn-neutral fieldset[disabled],.btn-neutral.disabled,.btn
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 76 65 3a 68 6f 76 65 72 2c 2e 62 74 6e 2d 64 61 72 6b 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 64 61 72 6b 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 68 6f 76 65 72 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 64 61 72 6b 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 64 61 72 6b 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 66 6f 63 75 73 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 64 61 72 6b 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 33 31 36 31 38 3b 62 6f 72 64 65 72 Data Ascii: ve:hover,.btn-dark:not(:disabled):focus,.btn-dark:not(:disabled):hover,.show>.btn-dark:not(:disabled).dropdown-toggle,.show>.btn-dark:not(:disabled).dropdown-toggle:focus,.show>.btn-dark:not(:disabled).dropdown-toggle:hover{background-color:#131618;border
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 66 6f 63 75 73 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 73 65 63 6f 6e 64 61 72 79 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 37 31 64 35 63 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 30 37 31 64 35 63 7d 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 73 75 63 63 65 73 73 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 30 30 37 61 35 62 3b 63 6f 6c 6f 72 3a 23 30 30 37 61 35 62 7d 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 73 75 63 63 65 73 73 2e 61 63 74 69 76 65 2c 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 73 75 63 63 65 73 73 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 73 Data Ascii: dropdown-toggle:focus,.show>.btn-outline-secondary.dropdown-toggle:hover{background-color:#071d5c;border-color:#071d5c}.btn-outline-success{border:1px solid #007a5b;color:#007a5b}.btn-outline-success.active,.btn-outline-success.active:focus,.btn-outline-s

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	1314	OUT	GET /assets/vendor/bootstrap/bootstrap.min.css?v=4 HTTP/1.1 Host: samfw.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
2024-03-08 14:32:11 UTC	774	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: close last-modified: Wed, 08 Mar 2023 19:28:48 GMT vary: Accept-Encoding etag: W/"6408e1f0-260e8" expires: Fri, 08 Mar 2024 15:32:56 GMT Cache-Control: max-age=43200 strict-transport-security: max-age=31536000 CF-Cache-Status: HIT Age: 39555 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icMZLm8Qm3RBmXpvFq35a%2BODpmPpHnVKzQ2m6P%2FmYMnARSI15bcq%2Byk5UKVGcA9kjbXZl0D%2FXajrm4w%2BK552q%2BRleKul7Tf6e9FOZmo5sdFFXueN87lSgJUElgk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8613887f0ab60ad9-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	595	IN	Data Raw: 37 63 61 62 0d 0a 2f 2a 21 0d 0d 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 33 2e 31 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0d 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 0d 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0d 0d 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0d 0d 0a 20 2a 2f 3a 72 6f 6f 74 7b 2d 2d 62 6c 75 65 3a 23 30 30 37 62 66 66 3b 2d 2d 69 Data Ascii: 7cab/! Bootstrap v4.3.1 (https://getbootstrap.com/) * Copyright 2011-2019 The Bootstrap Authors * Copyright 2011-2019 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */:root{--blue:#007bff;--i
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 3a 30 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 73 6d 3a 35 37 36 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 6d 64 3a 37 36 38 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 6c 67 3a 39 39 32 70 78 3b 2d 2d 62 72 65 61 6b 70 6f 69 6e 74 2d 78 6c 3a 31 32 30 30 70 78 3b 2d 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 2d 73 61 6e 73 2d 73 65 72 69 66 3a 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 42 6c 69 6e 6b 4d 61 63 53 79 73 74 65 6d 46 6f 6e 74 2c 22 53 65 67 6f 65 20 55 49 22 2c 52 6f 62 6f 74 6f 2c 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 41 72 69 61 6c 2c 22 4e 6f 74 6f 20 53 61 6e 73 22 2c 73 61 6e 73 2d 73 65 72 69 66 2c 22 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 22 2c 22 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 22 2c 22 53 65 67 Data Ascii: :0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Seg
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 64 6c 2c 6f 6c 2c 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 7d 6f 6c 20 6f 6c 2c 6f 6c 20 75 6c 2c 75 6c 20 6f 6c 2c 75 6c 20 75 6c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 7d 64 74 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 64 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 35 72 65 6d 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 62 6c 6f 63 6b 71 75 6f 74 65 7b 6d 61 72 67 69 6e 3a 30 20 30 20 31 72 65 6d 7d 62 2c 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 65 72 7d 73 6d 61 6c 6c 7b 66 6f 6e 74 2d 73 69 7a 65 3a 38 30 25 7d 73 75 62 2c 73 75 70 Data Ascii: nt-style:normal;line-height:inherit}dl,ol,ul{margin-top:0;margin-bottom:1rem}ol ol,ol ul,ul ol,ul ul{margin-bottom:0}dt{font-weight:700}dd{margin-bottom:.5rem;margin-left:0}blockquote{margin:0 0 1rem}b,strong{font-weight:bolder}small{font-size:80%}sub,sup
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 72 69 74 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74 7b 6f 76 65 72 66 6c 6f 77 3a 76 69 73 69 62 6c 65 7d 62 75 74 74 6f 6e 2c 73 65 6c 65 63 74 7b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 6e 6f 6e 65 7d 73 65 6c 65 63 74 7b 77 6f 72 64 2d 77 72 61 70 3a 6e 6f 72 6d 61 6c 7d 5b 74 79 70 65 3d 62 75 74 74 6f 6e 5d 2c 5b 74 79 70 65 3d 72 65 73 65 74 5d 2c 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 2c 62 75 74 74 6f 6e 7b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 62 75 74 74 6f 6e 7d 5b 74 79 70 65 3d 62 75 74 74 6f 6e 5d 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2c 5b 74 79 70 65 3d 72 65 73 65 74 5d 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2c 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 2c 62 75 74 Data Ascii: rit}button,input{overflow:visible}button,select{text-transform:none}select{word-wrap:normal}[type=button],[type=reset],[type=submit],button{-webkit-appearance:button}[type=button]:not(:disabled),[type=reset]:not(:disabled),[type=submit]:not(:disabled),but
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 2e 68 31 2c 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 35 72 65 6d 7d 2e 68 32 2c 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 72 65 6d 7d 2e 68 33 2c 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 37 35 72 65 6d 7d 2e 68 34 2c 68 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 7d 2e 68 35 2c 68 35 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 7d 2e 68 36 2c 68 36 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 72 65 6d 7d 2e 6c 65 61 64 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 33 30 30 7d 2e 64 69 73 70 6c 61 79 2d 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 36 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 33 30 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d Data Ascii: ine-height:1.2}.h1,h1{font-size:2.5rem}.h2,h2{font-size:2rem}.h3,h3{font-size:1.75rem}.h4,h4{font-size:1.5rem}.h5,h5{font-size:1.25rem}.h6,h6{font-size:1rem}.lead{font-size:1.25rem;font-weight:300}.display-1{font-size:6rem;font-weight:300;line-height:1.2}
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 64 69 6e 67 3a 2e 32 72 65 6d 20 2e 34 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 38 37 2e 35 25 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 72 65 6d 7d 6b 62 64 20 6b 62 64 7b 70 61 64 64 69 6e 67 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 70 72 65 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 38 37 2e 35 25 3b 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 7d 70 72 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 69 6e 68 65 72 69 74 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 6e 6f 72 6d 61 6c 7d 2e 70 72 65 2d 73 63 72 6f 6c Data Ascii: ding:.2rem .4rem;font-size:87.5%;color:#fff;background-color:#212529;border-radius:.2rem}kbd kbd{padding:0;font-size:100%;font-weight:700}pre{display:block;font-size:87.5%;color:#212529}pre code{font-size:inherit;color:inherit;word-break:normal}.pre-scrol
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 2d 6d 64 2d 35 2c 2e 63 6f 6c 2d 6d 64 2d 36 2c 2e 63 6f 6c 2d 6d 64 2d 37 2c 2e 63 6f 6c 2d 6d 64 2d 38 2c 2e 63 6f 6c 2d 6d 64 2d 39 2c 2e 63 6f 6c 2d 6d 64 2d 61 75 74 6f 2c 2e 63 6f 6c 2d 73 6d 2c 2e 63 6f 6c 2d 73 6d 2d 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 30 2c 2e 63 6f 6c 2d 73 6d 2d 31 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 32 2c 2e 63 6f 6c 2d 73 6d 2d 32 2c 2e 63 6f 6c 2d 73 6d 2d 33 2c 2e 63 6f 6c 2d 73 6d 2d 34 2c 2e 63 6f 6c 2d 73 6d 2d 35 2c 2e 63 6f 6c 2d 73 6d 2d 36 2c 2e 63 6f 6c 2d 73 6d 2d 37 2c 2e 63 6f 6c 2d 73 6d 2d 38 2c 2e 63 6f 6c 2d 73 6d 2d 39 2c 2e 63 6f 6c 2d 73 6d 2d 61 75 74 6f 2c 2e 63 6f 6c 2d 78 6c 2c 2e 63 6f 6c 2d 78 6c 2d 31 2c 2e 63 6f 6c 2d 78 6c 2d 31 30 2c 2e 63 6f 6c 2d 78 6c 2d 31 31 2c 2e 63 6f 6c 2d 78 6c 2d 31 32 2c 2e Data Ascii: -md-5,.col-md-6,.col-md-7,.col-md-8,.col-md-9,.col-md-auto,.col-sm,.col-sm-1,.col-sm-10,.col-sm-11,.col-sm-12,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9,.col-sm-auto,.col-xl,.col-xl-1,.col-xl-10,.col-xl-11,.col-xl-12,.
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 2d 31 3b 6f 72 64 65 72 3a 2d 31 7d 2e 6f 72 64 65 72 2d 6c 61 73 74 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 31 33 3b 6f 72 64 65 72 3a 31 33 7d 2e 6f 72 64 65 72 2d 30 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 30 3b 6f 72 64 65 72 3a 30 7d 2e 6f 72 64 65 72 2d 31 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 31 3b 6f 72 64 65 72 3a 31 7d 2e 6f 72 64 65 72 2d 32 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 32 3b 6f 72 64 65 72 3a 32 7d 2e 6f 72 64 65 72 2d 33 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 33 3b 6f 72 64 65 72 3a 33 7d 2e 6f 72 64 65 72 2d 34 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 34 3b 6f 72 64 65 72 3a 34 7d 2e 6f 72 64 65 72 2d 35 7b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 Data Ascii: ms-flex-order:-1;order:-1}.order-last{-ms-flex-order:13;order:13}.order-0{-ms-flex-order:0;order:0}.order-1{-ms-flex-order:1;order:1}.order-2{-ms-flex-order:2;order:2}.order-3{-ms-flex-order:3;order:3}.order-4{-ms-flex-order:4;order:4}.order-5{-ms-flex-or
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 31 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 69 64 74 68 3a 34 31 2e 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 73 6d 2d 36 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 35 30 25 3b 66 6c 65 78 3a 30 20 30 20 35 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 35 30 25 7d 2e 63 6f 6c 2d 73 6d 2d 37 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 35 38 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 35 38 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 35 38 2e 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 73 6d 2d 38 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 36 36 2e 36 36 36 36 36 37 25 3b 66 6c 65 78 3a 30 20 30 20 36 36 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 69 64 74 68 3a 36 36 2e 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 73 6d 2d 39 7b 2d 6d 73 2d 66 6c 65 78 3a 30 Data Ascii: 1.666667%;max-width:41.666667%}.col-sm-6{-ms-flex:0 0 50%;flex:0 0 50%;max-width:50%}.col-sm-7{-ms-flex:0 0 58.333333%;flex:0 0 58.333333%;max-width:58.333333%}.col-sm-8{-ms-flex:0 0 66.666667%;flex:0 0 66.666667%;max-width:66.666667%}.col-sm-9{-ms-flex:0
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 39 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 37 35 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 31 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 33 2e 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 73 6d 2d 31 31 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 39 31 2e 36 36 36 36 36 37 25 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 36 38 70 78 29 7b 2e 63 6f 6c 2d 6d 64 7b 2d 6d 73 2d 66 6c 65 78 2d 70 72 65 66 65 72 72 65 64 2d 73 69 7a 65 3a 30 3b 66 6c 65 78 2d 62 61 73 69 73 3a 30 3b 2d 6d 73 2d 66 6c 65 78 2d 70 6f 73 69 74 69 76 65 3a 31 3b 66 6c 65 78 2d 67 72 6f 77 3a 31 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 63 6f 6c 2d 6d 64 2d 61 75 74 6f 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 61 Data Ascii: 667%}.offset-sm-9{margin-left:75%}.offset-sm-10{margin-left:83.333333%}.offset-sm-11{margin-left:91.666667%}}@media (min-width:768px){.col-md{-ms-flex-preferred-size:0;flex-basis:0;-ms-flex-positive:1;flex-grow:1;max-width:100%}.col-md-auto{-ms-flex:0 0 a

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	1288	OUT	GET /assets/css/demo.css HTTP/1.1 Host: samfw.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
2024-03-08 14:32:11 UTC	817	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: close Cache-Control: max-age=43200 Cf-Bgj: minify Cf-Polished: origSize=5604 etag: W/"60616c90-15e4" expires: Fri, 08 Mar 2024 19:45:50 GMT last-modified: Mon, 29 Mar 2021 05:58:40 GMT strict-transport-security: max-age=31536000 vary: Accept-Encoding CF-Cache-Status: HIT Age: 24381 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTAWyJWNpfhjwy1L%2BsW%2Fjay8lXswzyp3hcPq%2Fx%2BfnC7AfkiYhymh2V6QLToZlKApkWbzVXJ2i0shZM%2BAO435jUPswqxcxJhCch0SQEDabE0HEyJOoDc6r0g%2BK9I%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8613887f7f6569e6-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	552	IN	Data Raw: 31 35 38 31 0d 0a 40 6b 65 79 66 72 61 6d 65 73 20 72 6f 74 61 74 65 7b 66 72 6f 6d 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 20 74 72 61 6e 73 6c 61 74 65 28 2d 31 30 70 78 29 20 72 6f 74 61 74 65 28 30 64 65 67 29 7d 74 6f 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 33 36 30 64 65 67 29 20 74 72 61 6e 73 6c 61 74 65 28 2d 31 30 70 78 29 20 72 6f 74 61 74 65 28 2d 33 36 30 64 65 67 29 7d 7d 2e 73 70 61 63 65 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 72 65 6d 7d 2e 69 6e 64 65 78 20 2e 73 65 63 74 69 6f 6e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 72 65 6d 7d 2e 69 6e 64 65 78 20 2e 73 65 63 74 69 6f 6e 20 2e 68 65 61 64 65 72 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 72 65 6d 7d 2e 69 6e 64 65 78 20 2e 73 65 63 74 69 6f 6e 20 Data Ascii: 1581@keyframes rotate{from{transform:rotate(0deg) translate(-10px) rotate(0deg)}to{transform:rotate(360deg) translate(-10px) rotate(-360deg)}}.space{margin-top:5rem}.index .section{margin-top:2rem}.index .section .header{margin-top:4rem}.index .section
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 6b 67 72 6f 75 6e 64 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 32 30 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 2e 2e 2f 69 6d 67 2f 70 75 72 70 6c 65 2e 6a 70 67 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 63 65 6e 74 65 72 20 63 65 6e 74 65 72 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 63 6f 76 65 72 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 31 30 30 25 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 69 6e 64 65 78 20 2e 62 75 62 62 6c 65 73 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 69 6e 64 65 78 20 2e 62 75 62 62 6c 65 73 20 2e 62 75 62 62 6c 65 2d 31 7b 74 6f 70 3a 33 32 72 65 6d 3b 6c 65 66 74 3a 32 72 65 6d 7d 2e 69 6e 64 Data Ascii: kground{min-height:200px;background-image:url(../img/purple.jpg);background-position:center center;background-size:cover;position:relative;width:100%;z-index:1}.index .bubbles{position:relative;width:100%}.index .bubbles .bubble-1{top:32rem;left:2rem}.ind
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 65 78 20 2e 69 6e 74 72 6f 7b 70 61 64 64 69 6e 67 3a 34 72 65 6d 20 30 7d 2e 69 6e 64 65 78 20 2e 69 6e 74 72 6f 20 2e 64 65 73 63 7b 70 61 64 64 69 6e 67 3a 31 72 65 6d 20 30 20 33 72 65 6d 7d 2e 69 6e 64 65 78 20 2e 63 6f 6c 6f 72 7b 6d 61 72 67 69 6e 3a 31 2e 35 72 65 6d 20 30 7d 2e 69 6e 64 65 78 20 2e 63 6f 6c 6f 72 20 2e 73 77 61 74 63 68 7b 77 69 64 74 68 3a 31 30 30 70 78 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 6d 61 72 67 69 6e 3a 2e 35 72 65 6d 20 30 20 31 72 65 6d 7d 2e 69 6e 64 65 78 20 2e 63 6f 6c 6f 72 20 2e 74 69 74 6c 65 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 72 65 6d 7d 2e 69 6e 64 65 78 20 2e 62 75 74 74 6f 6e 73 20 2e 62 74 6e 7b Data Ascii: ex .intro{padding:4rem 0}.index .intro .desc{padding:1rem 0 3rem}.index .color{margin:1.5rem 0}.index .color .swatch{width:100px;height:100px;border-radius:50%;margin:.5rem 0 1rem}.index .color .title{font-weight:500;font-size:1.1rem}.index .buttons .btn{
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 63 6f 76 65 72 3b 6d 61 72 67 69 6e 3a 31 72 65 6d 20 30 7d 2e 6c 61 6e 64 69 6e 67 20 2e 68 65 61 64 65 72 7b 70 61 64 64 69 6e 67 3a 31 72 65 6d 20 30 7d 2e 6c 61 6e 64 69 6e 67 20 2e 66 65 61 74 75 72 65 73 7b 70 61 64 64 69 6e 67 3a 34 72 65 6d 20 30 20 37 72 65 6d 7d 2e 6c 61 6e 64 69 6e 67 20 2e 66 65 61 74 75 72 65 73 20 2e 66 65 61 74 75 72 65 7b 70 61 64 64 69 6e 67 3a 2e 39 72 65 6d 7d 2e 6c 61 6e 64 69 6e 67 20 2e 62 6c 6f 67 2d 70 6f 73 74 73 7b 70 61 64 64 69 6e 67 3a 35 72 65 6d 20 30 7d 2e 6c 61 6e 64 69 6e 67 20 2e 62 6c 6f 67 2d 70 6f 73 74 73 20 2e 74 65 78 74 2d 63 65 6e 74 65 72 7b 70 61 64 64 69 6e 67 3a Data Ascii: background-repeat:no-repeat;background-size:cover;margin:1rem 0}.landing .header{padding:1rem 0}.landing .features{padding:4rem 0 7rem}.landing .features .feature{padding:.9rem}.landing .blog-posts{padding:5rem 0}.landing .blog-posts .text-center{padding:
2024-03-08 14:32:11 UTC	854	IN	Data Raw: 6d 20 61 3a 66 6f 63 75 73 2c 2e 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 20 2e 73 69 64 65 62 61 72 20 2e 73 69 64 65 62 61 72 2d 73 74 69 63 6b 79 20 2e 6e 61 76 20 2e 6e 61 76 2d 69 74 65 6d 20 61 3a 61 63 74 69 76 65 2c 2e 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 20 2e 73 69 64 65 62 61 72 20 2e 73 69 64 65 62 61 72 2d 73 74 69 63 6b 79 20 2e 6e 61 76 20 2e 6e 61 76 2d 69 74 65 6d 20 61 2e 61 63 74 69 76 65 7b 63 6f 6c 6f 72 3a 23 30 64 34 38 37 36 7d 2e 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 20 2e 73 69 64 65 62 61 72 20 2e 73 69 64 65 62 61 72 2d 73 74 69 63 6b 79 20 2e 6e 61 76 20 2e 6e 61 76 2d 69 74 65 6d 20 61 3a 61 63 74 69 76 65 2c 2e 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 20 2e 73 69 64 65 62 61 72 20 2e 73 69 64 65 62 61 72 2d 73 74 69 63 6b 79 Data Ascii: m a:focus,.documentation .sidebar .sidebar-sticky .nav .nav-item a:active,.documentation .sidebar .sidebar-sticky .nav .nav-item a.active{color:#0d4876}.documentation .sidebar .sidebar-sticky .nav .nav-item a:active,.documentation .sidebar .sidebar-sticky
2024-03-08 14:32:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	1296	OUT	GET /assets/css/autocomplete.css HTTP/1.1 Host: samfw.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
2024-03-08 14:32:11 UTC	800	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: text/css Content-Length: 658 Connection: close Cache-Control: max-age=43200 Cf-Bgj: minify Cf-Polished: origSize=1019 etag: "5db5cd10-3fb" expires: Fri, 08 Mar 2024 19:45:50 GMT last-modified: Sun, 27 Oct 2019 17:00:00 GMT strict-transport-security: max-age=31536000 CF-Cache-Status: HIT Age: 24381 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMeTfSYulxKQG1lVyG98TNZWETv63bNr%2BiJn5UNN%2FFeVTzDSf6H6OYqMOIKWNNQ7tQoJyWiiq2U%2B0KNBWGQevjLUuvLuDHBV2p5dxsz7Em3TsH9xCjtyySHcMgQ%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8613887f6d790add-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	569	IN	Data Raw: ef bb bf 20 2e 61 75 74 6f 63 6f 6d 70 6c 65 74 65 2d 73 75 67 67 65 73 74 69 6f 6e 73 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 3b 6f 76 65 72 66 6c 6f 77 3a 61 75 74 6f 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 31 70 78 20 34 70 78 20 33 70 78 20 72 67 62 61 28 35 30 2c 35 30 2c 35 30 2c 2e 36 34 29 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 31 70 78 20 34 70 78 20 33 70 78 20 72 Data Ascii: .autocomplete-suggestions{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1px solid #999;background:#fff;cursor:default;overflow:auto;-webkit-box-shadow:1px 4px 3px rgba(50,50,50,.64);-moz-box-shadow:1px 4px 3px r
2024-03-08 14:32:11 UTC	89	IN	Data Raw: 35 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 63 6f 6c 6f 72 3a 23 30 30 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 73 6f 6c 69 64 20 23 30 30 30 7d Data Ascii: 5px;font-weight:700;font-size:16px;color:#000;display:block;border-bottom:1px solid #000}

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	1289	OUT	GET /assets/css/flags.css HTTP/1.1 Host: samfw.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
2024-03-08 14:32:11 UTC	818	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: close Cache-Control: max-age=43200 Cf-Bgj: minify Cf-Polished: origSize=10321 etag: W/"5f7c422a-2851" expires: Fri, 08 Mar 2024 19:45:51 GMT last-modified: Tue, 06 Oct 2020 10:08:42 GMT strict-transport-security: max-age=31536000 vary: Accept-Encoding CF-Cache-Status: HIT Age: 24380 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8%2BLHWVKTkI%2FEInpk8AtkNY1UPPXM2sjB9bhRiwMmM%2FPK3CpMnU%2Bf38I0TH2ZB5E2QtzGkRoEbjWphoOBk6ktfIqlyzQcNuksJIQuhOqGOwFNtck0i%2F%2BZZYK1UE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8613887f8d9809fd-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	551	IN	Data Raw: 32 38 35 30 0d 0a 73 70 61 6e 2e 66 6c 61 67 7b 77 69 64 74 68 3a 34 34 70 78 3b 68 65 69 67 68 74 3a 33 30 70 78 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 69 6d 67 2e 66 6c 61 67 7b 77 69 64 74 68 3a 33 30 70 78 7d 2e 66 6c 61 67 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2e 2e 2f 69 6d 67 2f 66 6c 61 67 73 5f 72 65 73 70 6f 6e 73 69 76 65 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 31 30 30 25 7d 2e 66 6c 61 67 2d 61 64 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 2e 34 31 33 32 32 33 25 7d 2e 66 6c 61 67 2d 61 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 2e 38 32 36 34 34 36 25 7d 2e 66 6c 61 67 2d 61 66 7b 62 61 63 6b 67 Data Ascii: 2850span.flag{width:44px;height:30px;display:inline-block}img.flag{width:30px}.flag{background:url(../img/flags_responsive.png) no-repeat;background-size:100%}.flag-ad{background-position:0 .413223%}.flag-ae{background-position:0 .826446%}.flag-af{backg
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 69 74 69 6f 6e 3a 30 20 34 2e 31 33 32 32 33 31 25 7d 2e 66 6c 61 67 2d 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 34 2e 35 34 35 34 35 35 25 7d 2e 66 6c 61 67 2d 61 73 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 34 2e 39 35 38 36 37 38 25 7d 2e 66 6c 61 67 2d 61 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 35 2e 33 37 31 39 30 31 25 7d 2e 66 6c 61 67 2d 61 75 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 35 2e 37 38 35 31 32 34 25 7d 2e 66 6c 61 67 2d 61 77 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 36 2e 31 39 38 33 34 37 25 7d 2e 66 6c 61 67 2d 61 7a 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 36 Data Ascii: ition:0 4.132231%}.flag-ar{background-position:0 4.545455%}.flag-as{background-position:0 4.958678%}.flag-at{background-position:0 5.371901%}.flag-au{background-position:0 5.785124%}.flag-aw{background-position:0 6.198347%}.flag-az{background-position:0 6
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 69 6f 6e 3a 30 20 31 37 2e 37 36 38 35 39 35 25 7d 2e 66 6c 61 67 2d 63 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 31 38 2e 31 38 31 38 31 38 25 7d 2e 66 6c 61 67 2d 63 6d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 31 38 2e 35 39 35 30 34 31 25 7d 2e 66 6c 61 67 2d 63 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 31 39 2e 30 30 38 32 36 34 25 7d 2e 66 6c 61 67 2d 63 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 31 39 2e 34 32 31 34 38 38 25 7d 2e 66 6c 61 67 2d 63 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 31 39 2e 38 33 34 37 31 31 25 7d 2e 66 6c 61 67 2d 63 75 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e Data Ascii: ion:0 17.768595%}.flag-cl{background-position:0 18.181818%}.flag-cm{background-position:0 18.595041%}.flag-cn{background-position:0 19.008264%}.flag-co{background-position:0 19.421488%}.flag-cr{background-position:0 19.834711%}.flag-cu{background-position
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 33 31 2e 34 30 34 39 35 39 25 7d 2e 66 6c 61 67 2d 67 68 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 33 31 2e 38 31 38 31 38 32 25 7d 2e 66 6c 61 67 2d 67 69 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 33 32 2e 32 33 31 34 30 35 25 7d 2e 66 6c 61 67 2d 67 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 33 32 2e 36 34 34 36 32 38 25 7d 2e 66 6c 61 67 2d 67 6d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 33 33 2e 30 35 37 38 35 31 25 7d 2e 66 6c 61 67 2d 67 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 33 33 2e 34 37 31 30 37 34 25 7d 2e 66 6c 61 67 2d 67 70 7b 62 61 63 6b 67 72 Data Ascii: kground-position:0 31.404959%}.flag-gh{background-position:0 31.818182%}.flag-gi{background-position:0 32.231405%}.flag-gl{background-position:0 32.644628%}.flag-gm{background-position:0 33.057851%}.flag-gn{background-position:0 33.471074%}.flag-gp{backgr
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 7d 2e 66 6c 61 67 2d 6b 67 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 34 35 2e 30 34 31 33 32 32 25 7d 2e 66 6c 61 67 2d 6b 68 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 34 35 2e 34 35 34 35 34 35 25 7d 2e 66 6c 61 67 2d 6b 69 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 34 35 2e 38 36 37 37 36 39 25 7d 2e 66 6c 61 67 2d 6b 6d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 34 36 2e 32 38 30 39 39 32 25 7d 2e 66 6c 61 67 2d 6b 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 34 36 2e 36 39 34 32 31 35 25 7d 2e 66 6c 61 67 2d 6b 70 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 34 37 2e 31 30 37 34 33 38 25 7d 2e 66 Data Ascii: }.flag-kg{background-position:0 45.041322%}.flag-kh{background-position:0 45.454545%}.flag-ki{background-position:0 45.867769%}.flag-km{background-position:0 46.280992%}.flag-kn{background-position:0 46.694215%}.flag-kp{background-position:0 47.107438%}.f
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 2e 32 36 34 34 36 33 25 7d 2e 66 6c 61 67 2d 6d 71 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 35 38 2e 36 37 37 36 38 36 25 7d 2e 66 6c 61 67 2d 6d 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 35 39 2e 30 39 30 39 30 39 25 7d 2e 66 6c 61 67 2d 6d 73 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 35 39 2e 35 30 34 31 33 32 25 7d 2e 66 6c 61 67 2d 6d 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 35 39 2e 39 31 37 33 35 35 25 7d 2e 66 6c 61 67 2d 6d 75 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 36 30 2e 33 33 30 35 37 39 25 7d 2e 66 6c 61 67 2d 6d 76 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 36 30 2e 37 34 Data Ascii: .264463%}.flag-mq{background-position:0 58.677686%}.flag-mr{background-position:0 59.090909%}.flag-ms{background-position:0 59.504132%}.flag-mt{background-position:0 59.917355%}.flag-mu{background-position:0 60.330579%}.flag-mv{background-position:0 60.74
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 37 31 2e 39 30 30 38 32 36 25 7d 2e 66 6c 61 67 2d 70 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 37 32 2e 33 31 34 30 35 25 7d 2e 66 6c 61 67 2d 70 77 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 37 32 2e 37 32 37 32 37 33 25 7d 2e 66 6c 61 67 2d 70 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 37 33 2e 31 34 30 34 39 36 25 7d 2e 66 6c 61 67 2d 71 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 37 33 2e 35 35 33 37 31 39 25 7d 2e 66 6c 61 67 2d 72 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 37 33 2e 39 36 36 39 34 32 25 7d 2e 66 6c 61 67 2d 72 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 Data Ascii: -position:0 71.900826%}.flag-pt{background-position:0 72.31405%}.flag-pw{background-position:0 72.727273%}.flag-py{background-position:0 73.140496%}.flag-qa{background-position:0 73.553719%}.flag-re{background-position:0 73.966942%}.flag-ro{background-pos
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 2d 74 67 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 38 35 2e 35 33 37 31 39 25 7d 2e 66 6c 61 67 2d 74 68 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 38 35 2e 39 35 30 34 31 33 25 7d 2e 66 6c 61 67 2d 74 6a 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 38 36 2e 33 36 33 36 33 36 25 7d 2e 66 6c 61 67 2d 74 6b 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 38 36 2e 37 37 36 38 36 25 7d 2e 66 6c 61 67 2d 74 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 38 37 2e 31 39 30 30 38 33 25 7d 2e 66 6c 61 67 2d 74 6d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 38 37 2e 36 30 33 33 30 36 25 7d 2e 66 6c 61 67 2d 74 6e 7b 62 Data Ascii: -tg{background-position:0 85.53719%}.flag-th{background-position:0 85.950413%}.flag-tj{background-position:0 86.363636%}.flag-tk{background-position:0 86.77686%}.flag-tl{background-position:0 87.190083%}.flag-tm{background-position:0 87.603306%}.flag-tn{b
2024-03-08 14:32:11 UTC	194	IN	Data Raw: 69 6f 6e 3a 30 20 39 38 2e 37 36 30 33 33 31 25 7d 2e 66 6c 61 67 2d 7a 6d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 39 39 2e 31 37 33 35 35 34 25 7d 2e 66 6c 61 67 2d 7a 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 39 39 2e 35 38 36 37 37 37 25 7d 2e 66 6c 61 67 2d 7a 77 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 31 30 30 25 7d 2e 66 6c 61 67 2d 73 6d 61 6c 6c 7b 77 69 64 74 68 3a 32 34 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 31 36 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 0d 0a Data Ascii: ion:0 98.760331%}.flag-zm{background-position:0 99.173554%}.flag-zr{background-position:0 99.586777%}.flag-zw{background-position:0 100%}.flag-small{width:24px!important;height:16px!important}
2024-03-08 14:32:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	1334	OUT	GET /assets/img/logo.png HTTP/1.1 Host: samfw.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6Ik1lalBrYVU0UTlDZmtNNXJ4RTArR1E9PSIsInZhbHVlIjoiL1ZPcFg0NWFmOW9MZTd5QjBIUDlzTTQ1TXJyRm9xcFk1TDhzWUpSOXF4Uzd3MlJUNWRkbjh5NXcwNHhCWklZbkVERjdOc01zUTNYY2kxdlRFV2JVekExRXBQOFFRbThTWDg1d3JtaXhQTGpGZndvelJDN0F6bUZwdHYrVEwxQVIiLCJtYWMiOiIwYWEwZWQ5MmZiMTJiYjk4NmJmZDZiYTI5NTRkZTg2MTRhNTU4NzBjOTQyOWUwNjg0ZDZiYmY3MzEzYzRkZTExIn0%3D; samfwcom_session=eyJpdiI6ImtDMU1SZTFIK0dqd1JtT21qSGxtVXc9PSIsInZhbHVlIjoiMVpDWFdvREdQTC92MXRnNEdBekFRVHRlZ3JNWTBEL2N6SkZXRVNwdktpYjRvR1kxQ3JQN1Fzdmxsb1BNMnptRW9oLzVQazJwdDFQTDZhVWpTdzRkV3dSWTZaUksxVUwrK1dPMUlDMGVORkQ1TlRpZGIvaHBRZ0xPVkZkQnpiT3kiLCJtYWMiOiIwZGU1NWNlMTQ5YTVmNGNkYzkzMWI2ZDk1Y2JkOTk0ZGFmMzYxNDZiNmFkOGUwODRiOTA4OTRiMzc4NzI1MWViIn0%3D
2024-03-08 14:32:11 UTC	762	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: image/png Content-Length: 14971 Connection: close last-modified: Sun, 27 Oct 2019 17:00:00 GMT etag: "5db5cd10-3a7b" expires: Sat, 06 Apr 2024 15:32:08 GMT Cache-Control: max-age=2592000 strict-transport-security: max-age=31536000 CF-Cache-Status: HIT Age: 82803 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y39P3CzEfmyZ5h8RqfRiooD5Mzyo2UMewOj7qFBHLlnFofe1AmmVuK7Prw%2BFHF84cLKfTMjJTu1RlU7OK49dPgm0D2lSfBjey7K2gF3NEGXTER%2BPUxrvm5Ocy%2Fw%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8613887fc82e0a03-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	607	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 82 00 00 00 80 08 06 00 00 00 c7 cb b1 f6 00 00 00 09 70 48 59 73 00 00 17 12 00 00 17 12 01 67 9f d2 52 00 00 0a 4f 69 43 43 50 50 68 6f 74 6f 73 68 6f 70 20 49 43 43 20 70 72 6f 66 69 6c 65 00 00 78 da 9d 53 67 54 53 e9 16 3d f7 de f4 42 4b 88 80 94 4b 6f 52 15 08 20 52 42 8b 80 14 91 26 2a 21 09 10 4a 88 21 a1 d9 15 51 c1 11 45 45 04 1b c8 a0 88 03 8e 8e 80 8c 15 51 2c 0c 8a 0a d8 07 e4 21 a2 8e 83 a3 88 8a ca fb e1 7b a3 6b d6 bc f7 e6 cd fe b5 d7 3e e7 ac f3 9d b3 cf 07 c0 08 0c 96 48 33 51 35 80 0c a9 42 1e 11 e0 83 c7 c4 c6 e1 e4 2e 40 81 0a 24 70 00 10 08 b3 64 21 73 fd 23 01 00 f8 7e 3c 3c 2b 22 c0 07 be 00 01 78 d3 0b 08 00 c0 4d 9b c0 30 1c 87 ff 0f ea 42 99 5c 01 80 84 01 c0 74 91 38 4b Data Ascii: PNGIHDRpHYsgROiCCPPhotoshop ICC profilexSgTS=BKKoR RB&*!J!QEEQ,!{k>H3Q5B.@$pd!s#~<<+"xM0B\t8K
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 35 00 b0 6a 3e 01 7b 91 2d a8 5d 63 03 f6 4b 27 10 58 74 c0 e2 f7 00 00 f2 bb 6f c1 d4 28 08 03 80 68 83 e1 cf 77 ff ef 3f fd 47 a0 25 00 80 66 49 92 71 00 00 5e 44 24 2e 54 ca b3 3f c7 08 00 00 44 a0 81 2a b0 41 1b f4 c1 18 2c c0 06 1c c1 05 dc c1 0b fc 60 36 84 42 24 c4 c2 42 10 42 0a 64 80 1c 72 60 29 ac 82 42 28 86 cd b0 1d 2a 60 2f d4 40 1d 34 c0 51 68 86 93 70 0e 2e c2 55 b8 0e 3d 70 0f fa 61 08 9e c1 28 bc 81 09 04 41 c8 08 13 61 21 da 88 01 62 8a 58 23 8e 08 17 99 85 f8 21 c1 48 04 12 8b 24 20 c9 88 14 51 22 4b 91 35 48 31 52 8a 54 20 55 48 1d f2 3d 72 02 39 87 5c 46 ba 91 3b c8 00 32 82 fc 86 bc 47 31 94 81 b2 51 3d d4 0c b5 43 b9 a8 37 1a 84 46 a2 0b d0 64 74 31 9a 8f 16 a0 9b d0 72 b4 1a 3d 8c 36 a1 e7 d0 ab 68 0f da 8f 3e 43 c7 30 c0 e8 18 07 Data Ascii: 5j>{-]cK'Xto(hw?G%fIq^D$.T?DA,`6B$BBdr`)B(`/@4Qhp.U=pa(Aa!bX#!H$ Q"K5H1RT UH=r9\F;2G1Q=C7Fdt1r=6h>C0
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 4e f2 48 2a 4d 7a 92 ec 91 bc 35 79 24 c5 33 a5 2c e5 b9 84 27 a9 90 bc 4c 0d 4c dd 9b 3a 9e 16 9a 76 20 6d 32 3d 3a bd 31 83 92 91 90 71 42 aa 21 4d 93 b6 67 ea 67 e6 66 76 cb ac 65 85 b2 fe c5 6e 8b b7 2f 1e 95 07 c9 6b b3 90 ac 05 59 2d 0a b6 42 a6 e8 54 5a 28 d7 2a 07 b2 67 65 57 66 bf cd 89 ca 39 96 ab 9e 2b cd ed cc b3 ca db 90 37 9c ef 9f ff ed 12 c2 12 e1 92 b6 a5 86 4b 57 2d 1d 58 e6 bd ac 6a 39 b2 3c 71 79 db 0a e3 15 05 2b 86 56 06 ac 3c b8 8a b6 2a 6d d5 4f ab ed 57 97 ae 7e bd 26 7a 4d 6b 81 5e c1 ca 82 c1 b5 01 6b eb 0b 55 0a e5 85 7d eb dc d7 ed 5d 4f 58 2f 59 df b5 61 fa 86 9d 1b 3e 15 89 8a ae 14 db 17 97 15 7f d8 28 dc 78 e5 1b 87 6f ca bf 99 dc 94 b4 a9 ab c4 b9 64 cf 66 d2 66 e9 e6 de 2d 9e 5b 0e 96 aa 97 e6 97 0e 6e 0d d9 da b4 0d df Data Ascii: NHMz5y$3,'LL:v m2=:1qB!Mggfven/kY-BTZ(geWf9+7KW-Xj9<qy+V<*mOW~&zMk^kU}]OX/Ya>(xodff-[n
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: fc e7 f1 26 cf 87 4b e7 33 51 5d 4e 4d 84 09 db 7e 25 70 e6 a8 8e 25 a8 21 08 21 00 4d 00 d5 25 81 a2 80 f4 0f 10 0a cd 2b 28 c8 38 6d 4e 0c 86 2b 4e ba 17 08 17 cf a4 a2 b8 9c 08 e1 64 cc 04 81 cc 8b 97 7d 7b 12 f2 d5 55 0a 9e 3d 4e 75 ff 2d a1 44 f7 7a 00 82 a2 28 98 23 4c 54 ac 56 06 97 ac a0 22 e4 79 00 d1 9e ef 59 b3 72 50 5d 4e 8d cf 08 17 0e 44 81 cb e7 53 51 64 ef 5b 5d 7f ca 92 5e 06 44 95 a0 87 e0 f9 2c 94 c8 2d e1 9a 52 84 69 5f 3c db c8 47 c4 db d8 bf cb ec ad 57 da 1e 24 83 44 b9 a4 32 9c 3f 91 4e 76 b6 03 45 51 f2 5a e0 2a 9e 0f e7 4f 5d 46 08 f3 e4 0b a2 c4 c5 93 67 49 4f cb 21 a1 74 94 a7 bb bc e2 74 9d 0c 8e 62 15 cc 46 04 83 01 1c ca 15 29 c2 e4 c5 7d ef 75 cf 4d 2d 34 db c6 92 01 9d 66 a6 de 50 40 48 19 4d 67 78 e4 3d a0 bc 6f ff d4 f9 Data Ascii: &K3Q]NM~%p%!!M%+(8mN+Nd}{U=Nu-Dz(#LTV"yYrP]NDSQd[]^D,-Ri_<GW$D2?NvEQZ*O]FgIO!ttbF)}uM-4fP@HMgx=o
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 41 f9 f0 9d 9b 0f b3 f1 9b df f8 ed eb 75 5c 3a 7e 42 33 21 0b e1 d7 e9 aa b2 8c 68 34 72 7f f7 27 68 fc c0 ed d4 69 58 cd 57 b9 a4 c3 8c 9b 51 fe 18 30 7b 3a d7 ad dc ce db dd 5f c6 65 cd c4 14 1d ef a3 87 ce 6f 5e 72 c1 f0 fc ec f1 3c d4 3e bc 60 08 1b 10 c6 8c 11 de 01 5e f4 fe d8 af f7 f0 fa 13 5d 30 46 24 62 b0 44 15 4a 9e 77 66 67 20 1a 8d 74 7f 63 38 9d 07 3f 1c f4 9e f3 67 32 58 f7 e5 66 7e 98 bf 8a e3 7b f6 20 db ac 88 46 23 92 29 42 f3 46 2a 06 9f 4c 41 10 51 5c 4e 9c d6 4c 24 a3 09 53 74 3c 8d 5b b5 a0 79 ab 3b 68 7c 4f 1d e2 e2 f3 16 59 3f 7d 73 19 4b c6 7e 84 20 49 18 23 62 0a 34 2f be 60 18 3a 7d 1c ad 9e d4 79 ca 4d f3 15 d1 af 09 10 fc 41 b0 7e d5 3e 5e 6f db 05 83 25 21 64 4a 90 17 75 70 d9 6d 38 ad d9 34 79 fc 61 86 7d f8 1c 65 2b c4 02 Data Ascii: Au\:~B3!h4r'hiXWQ0{:_eo^r<>`^]0F$bDJwfg tc8?g2Xf~{ F#)BF*LAQ\NL$St<[y;h\|OY?}sK~ I#b4/`:}yMA~>^o%!dJupm84ya}e+
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 02 e1 c3 b1 fa 3d 77 e8 cb 8f dc ef 46 28 00 bb b6 1c e2 c5 7b 7a a1 4a 26 8c 16 bd e1 a5 ff d8 7e b4 ee d3 3a 28 00 66 ac 84 97 56 85 67 0e fb 35 82 a9 c3 f4 7d b3 5e 9f cd d2 09 4b af 1b 10 a8 2e 27 8e 9c 2c 5e fc ec 3d 1e ec a0 b3 34 b6 03 96 17 59 0a 29 ea 00 51 d1 71 ba e3 d3 8f 37 fe 80 8f 23 e9 ad 8d 6b d0 e1 7f cf e1 ca c9 d4 42 c2 dd ad ed 80 c7 83 82 60 de f7 50 76 50 f8 40 00 30 6d ab 36 ae 6f bb b7 c3 3d d7 0d 31 90 04 81 ac d4 54 5a f4 ec e6 0f 82 01 e1 00 41 78 b6 86 7b 27 07 95 09 16 ac 1d a8 73 58 19 db 6f 22 eb 16 7e 81 d1 14 c1 2d b7 d7 e6 fd 6f df d3 dd 9f 63 83 e7 a7 68 8b 56 1c ad 66 2c ec fc 40 bf 45 5c 2f bc 42 46 5a 1a 8f f4 6e cf c8 29 43 7d bb 67 4f 78 77 6d cf 21 c3 ef 0d 8f 5e a2 a8 03 94 29 1b 4b d9 32 71 01 c7 d0 4e f3 87 e3 Data Ascii: =wF({zJ&~:(fVg5}^K.',^=4Y)Qq7#kB`PvP@0m6o=1TZAx{'sXo"~-ochVf,@E\/BFZn)C}gOxwm!^)K2qN
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: e5 07 04 df 16 97 18 17 74 11 0b 02 00 80 b5 4b d6 b2 7a ce ea 3c 29 c0 80 71 fd 03 00 e0 df 6e aa 7d 13 3d 47 f5 a0 4e 93 3a bc d6 ed b5 22 2d b0 c7 39 b7 6c 52 59 af e3 6d 50 7f 09 55 45 10 45 8c 91 51 ee dc 8d 2a 8a cb 89 3d 23 95 d3 e9 17 b5 3c 4e 8a a2 c9 71 82 a0 ad 87 20 6a 41 c3 06 03 31 89 a5 19 f2 ee 60 fe fd d0 ed 9e 11 ef 04 16 1a 82 c9 a4 87 f7 9f e5 d3 94 d9 6c 5a b2 14 53 54 2c a2 c1 a0 0d 66 32 69 b5 06 04 28 68 76 69 7f 2d 5e a8 8a a4 b3 a9 fa 45 ee 36 b2 1b e5 aa 94 63 f5 9c d5 7c 3b f7 3b 1e ea f6 60 c8 cf 70 fe e4 79 ef 24 e7 05 82 7f 3f f2 6f 06 8d 1f 48 7c 62 7c c8 e3 36 7d b0 09 fd c7 f6 63 ea cb d3 0a 0c 80 ff 3c 7e 17 2d bb b4 0c b0 bf 58 b3 6d ac 9a bd 92 99 63 66 e5 45 1b bc 75 b2 b4 9c 10 c6 bc f7 6d 34 e3 95 ec b0 73 f9 c4 71 Data Ascii: tKz<)qn}=GN:"-9lRYmPUEEQ*=#<Nq jA1`lZST,f2i(hvi-^E6c\|;;`py$?oH\|b\|6}c<~-XmcfEum4sq
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 67 f1 fd c9 7e 91 74 3e ff 5f 80 f0 d7 b6 bf 98 3e 7a 7a 00 18 46 76 d1 bc 92 43 75 39 2b 4c fb c1 4f 0c af d3 34 74 7f 45 a9 54 19 ac 5b d7 91 f6 e9 68 9d 98 77 a3 b4 6b 52 00 74 f9 94 15 7c 3d fd eb 80 fe e4 ea 5a b0 ea 91 77 61 72 87 f0 6f 19 fe f1 13 c9 4d eb 50 e3 56 7d 16 3a d7 b1 3f 83 7e f7 c2 e0 ba a4 7f f8 24 b6 f5 f9 1b 96 4c 75 9a 87 36 f1 11 f9 f3 1c 52 d2 ed 7a ea 53 cc 4e 34 d7 ac 24 f0 d4 97 a7 71 e2 c0 49 9e 79 bd 6f 40 62 8c aa 15 60 c0 e3 da 01 9a e7 f1 c1 53 b0 e9 4f 58 ba 3d 74 cb 65 50 86 f5 b0 de 9a 59 c6 8f 47 50 b2 d3 82 7e cf 58 bb 25 11 2d 3a 62 ae 57 b0 ed 44 b5 05 27 f5 86 4a c1 d3 20 3a f6 69 a5 2f a5 f2 7a 45 cb b9 e3 37 28 10 00 56 ce 5a c9 ce 0d 3b 69 3b a0 6d be e6 64 4f fc 42 9b bb b4 ba 78 9b f7 c2 4f 3b 0a 17 31 ed 6f Data Ascii: g~t>_>zzFvCu9+LO4tET[hwkRt\|=ZwaroMPV}:?~$Lu6RzSN4$qIyo@b`SOX=tePYGP~X%-:bWD'J :i/zE7(VZ;i;mdOBxO;1o
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 74 2a a7 5d d4 79 3f fb b6 d4 b7 34 72 e7 7b 3d ba fb 87 3a 6a e0 72 b8 f8 61 e1 8f 80 80 ec b4 d3 a4 d5 5d be d9 56 b7 03 2d 80 cc 70 2b 94 8a ac a8 e8 d7 6e 76 16 30 df d3 73 6f db 7f 63 8a 8a 43 95 c3 9b e1 34 be 4c 3c 35 eb eb 55 b0 a1 46 4e 55 ab 78 f5 40 e7 ef 77 a8 a3 08 27 ff d0 81 c0 58 bb 25 d1 2d f5 19 68 97 4f 75 67 94 57 15 44 c9 c4 9d ad ef f0 bd bc a4 df 13 33 33 c3 f5 ac 61 01 82 aa 82 20 09 88 a8 0c 68 37 73 85 9b 3c 51 be 52 3c b7 de 7b 57 00 43 93 65 2d 9c cc 5f ae 4a 39 ba bc d8 99 e1 93 5f d0 79 15 1d 3d 13 9a fd a1 7d 6d 7d 9e c5 e2 c8 8d e0 a1 2a ae 33 c7 c8 59 f1 5e 68 5b 4f ed 96 94 1a ae 77 83 3f 75 e8 14 f3 df 59 e0 a6 0c 56 22 4b 97 a1 d1 7f 74 ac da 62 49 28 49 39 94 00 54 01 41 04 44 c5 57 27 31 0c e0 89 c1 ed d8 bf f1 37 dd Data Ascii: t]y?4r{=:jra]V-p+nv0socC4L<5UFNUx@w'X%-hOugWD33a h7s<QR<{WCe-_J9_y=}m}3Y^h[Ow?uYV"KtbI(I9TADW'17
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: d6 4f 0c 28 eb 37 ef 7b e8 36 a7 70 8b ef 09 83 6f 5e 37 b8 ae c1 5f 36 af 50 b5 02 c3 3e 1e 1a d4 37 e2 d2 1b dd 83 7a 28 95 9f a7 17 2b 1f 29 fb 28 57 bd 09 02 8a d3 89 cb 96 cd 88 f9 1f f0 40 5b 5d 24 50 1b e0 ab 6b 0a 04 34 b3 f4 4e f7 5f d2 2e 5b 79 a2 4a 6b 44 c5 85 39 3a 26 a0 de 63 fd bb ea f3 da e7 63 02 b8 e8 1c 9b 56 6a 67 f5 d6 e0 35 1d 3d 11 50 77 26 6b a6 e4 50 b2 a6 9c 3a 74 8a 79 6f cf f3 6a e9 62 12 62 18 35 e7 7f 01 20 90 d3 2e 92 36 f1 f9 a0 20 28 31 40 70 8b e1 4e 6b 0e a2 24 31 69 d3 5c aa df e2 55 74 e5 a0 95 fc 3b 78 2d 81 b0 c2 8d 48 5c 2e 85 ce 75 7b 91 7e e2 30 c6 98 f8 a0 75 1e 01 5a 76 7e 80 41 ef 0c 2a 50 c5 d7 82 34 97 c3 c5 f2 a9 cb 99 ff ce 02 5d de a1 57 e7 be 4a d3 07 f5 ce af f6 7d 5b 48 9f 38 10 53 83 56 c8 e7 8e 04 80 Data Ascii: O(7{6po^7_6P>7z(+)(W@[]$Pk4N_.[yJkD9:&ccVjg5=Pw&kP:tyojbb5 .6 (1@pNk$1i\Ut;x-H\.u{~0uZv~A*P4]WJ}[H8SV

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	566	OUT	GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://samfw.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: style Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-08 14:32:11 UTC	930	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"6421d693-547f" Last-Modified: Mon, 27 Mar 2023 17:46:59 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: MISS Expires: Wed, 26 Feb 2025 14:32:11 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLJYQXZhZYeu8ToCaIsxFagplht%2FUigxeiQabNmULz0STVwod45nfO8flaMaTIYqS1n7h%2Bhxb7lZBdeJbeBhysB9KcoD64uAe35szxdEssIsQqIZXEImFOxpSdMlzxBrLiwpEe6T"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 86138880388409ff-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	439	IN	Data Raw: 33 38 64 66 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 36 2e 34 2e 30 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 33 20 46 6f 6e 74 69 63 6f 6e 73 2c 20 49 6e 63 2e 0a 20 2a 2f 0a 2e 66 61 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 2d 2d 66 61 2d 73 74 79 6c 65 Data Ascii: 38df/! Font Awesome Free 6.4.0 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) * Copyright 2023 Fonticons, Inc. */.fa{font-family:var(--fa-style
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 3b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 66 61 2d 64 69 73 70 6c 61 79 2c 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 29 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 76 61 72 69 61 6e 74 3a 6e 6f 72 6d 61 6c 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 74 65 78 74 2d 72 65 6e 64 65 72 69 6e 67 3a 61 75 74 6f 7d 2e 66 61 2d 63 6c 61 73 73 69 63 2c 2e 66 61 2d 72 65 67 75 6c 61 72 2c 2e 66 61 2d 73 6f 6c 69 64 2c 2e 66 61 72 2c 2e 66 61 73 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 36 20 46 72 65 65 22 7d 2e 66 61 2d 62 72 61 6e 64 73 2c 2e 66 61 62 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 36 20 Data Ascii: smoothing:antialiased;display:var(--fa-display,inline-block);font-style:normal;font-variant:normal;line-height:1;text-rendering:auto}.fa-classic,.fa-regular,.fa-solid,.far,.fas{font-family:"Font Awesome 6 Free"}.fa-brands,.fab{font-family:"Font Awesome 6
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 66 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 76 61 72 28 2d 2d 66 61 2d 70 75 6c 6c 2d 6d 61 72 67 69 6e 2c 2e 33 65 6d 29 7d 2e 66 61 2d 70 75 6c 6c 2d 72 69 67 68 74 7b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 76 61 72 28 2d 2d 66 61 2d 70 75 6c 6c 2d 6d 61 72 67 69 6e 2c 2e 33 65 6d 29 7d 2e 66 61 2d 62 65 61 74 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 2d 62 65 61 74 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 2d 62 65 61 74 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 2c 30 73 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 Data Ascii: ft;margin-right:var(--fa-pull-margin,.3em)}.fa-pull-right{float:right;margin-left:var(--fa-pull-margin,.3em)}.fa-beat{-webkit-animation-name:fa-beat;animation-name:fa-beat;-webkit-animation-delay:var(--fa-animation-delay,0s);animation-delay:var(--fa-anima
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2c 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 38 2c 2e 38 34 2c 2e 34 32 2c 31 29 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2c 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 38 2c 2e 38 34 2c 2e 34 32 2c 31 29 29 7d 2e 66 61 2d 66 61 64 65 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 2d 66 61 64 65 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 2d 66 61 64 65 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e Data Ascii: ion:var(--fa-animation-timing,cubic-bezier(.28,.84,.42,1));animation-timing-function:var(--fa-animation-timing,cubic-bezier(.28,.84,.42,1))}.fa-fade{-webkit-animation-name:fa-fade;animation-name:fa-fade;-webkit-animation-iteration-count:var(--fa-animation
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 2c 30 73 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 2c 30 73 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 2c 6e 6f 72 6d 61 6c 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 2c 6e 6f 72 6d 61 6c 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 2c 31 73 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d Data Ascii: ,0s);animation-delay:var(--fa-animation-delay,0s);-webkit-animation-direction:var(--fa-animation-direction,normal);animation-direction:var(--fa-animation-direction,normal);-webkit-animation-duration:var(--fa-animation-duration,1s);animation-duration:var(-
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 6f 6e 2d 64 75 72 61 74 69 6f 6e 2c 32 73 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 2c 32 73 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 2c 69 6e 66 69 6e 69 74 65 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 2c 69 6e 66 69 6e 69 74 65 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 76 61 72 28 Data Ascii: on-duration,2s);animation-duration:var(--fa-animation-duration,2s);-webkit-animation-iteration-count:var(--fa-animation-iteration-count,infinite);animation-iteration-count:var(--fa-animation-iteration-count,infinite);-webkit-animation-timing-function:var(
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 3b 74 72 61 6e 73 69 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 30 73 7d 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 62 65 61 74 7b 30 25 2c 39 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 7d 34 35 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 73 63 61 6c 65 2c 31 2e 32 35 29 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 73 63 61 6c 65 2c 31 2e 32 35 29 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 62 65 61 74 7b 30 25 2c 39 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 Data Ascii: ;transition-duration:0s}}@-webkit-keyframes fa-beat{0%,90%{-webkit-transform:scale(1);transform:scale(1)}45%{-webkit-transform:scale(var(--fa-beat-scale,1.25));transform:scale(var(--fa-beat-scale,1.25))}}@keyframes fa-beat{0%,90%{-webkit-transform:scale(1
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 28 31 29 20 74 72 61 6e 73 6c 61 74 65 59 28 30 29 7d 74 6f 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 20 74 72 61 6e 73 6c 61 74 65 59 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 20 74 72 61 6e 73 6c 61 74 65 59 28 30 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 62 6f 75 6e 63 65 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 20 74 72 61 6e 73 6c 61 74 65 59 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 20 74 72 61 6e 73 6c 61 74 65 59 28 30 29 7d 31 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 6f 75 6e 63 65 2d 73 74 61 72 74 2d 73 63 61 6c 65 2d 78 2c 31 2e 31 Data Ascii: (1) translateY(0)}to{-webkit-transform:scale(1) translateY(0);transform:scale(1) translateY(0)}}@keyframes fa-bounce{0%{-webkit-transform:scale(1) translateY(0);transform:scale(1) translateY(0)}10%{-webkit-transform:scale(var(--fa-bounce-start-scale-x,1.1
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 61 63 69 74 79 2c 2e 34 29 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 7d 35 30 25 7b 6f 70 61 63 69 74 79 3a 31 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 66 61 64 65 2d 73 63 61 6c 65 2c 31 2e 31 32 35 29 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 66 61 64 65 2d 73 63 61 6c 65 2c 31 2e 31 32 35 29 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 62 65 61 74 2d 66 61 64 65 7b 30 25 2c 74 6f 7b 6f 70 61 63 69 74 79 3a 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 66 61 64 65 2d 6f 70 61 63 69 74 79 2c 2e 34 29 3b 2d 77 65 62 6b 69 74 2d 74 Data Ascii: acity,.4);-webkit-transform:scale(1);transform:scale(1)}50%{opacity:1;-webkit-transform:scale(var(--fa-beat-fade-scale,1.125));transform:scale(var(--fa-beat-fade-scale,1.125))}}@keyframes fa-beat-fade{0%,to{opacity:var(--fa-beat-fade-opacity,.4);-webkit-t
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 7d 33 36 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 32 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 32 64 65 67 29 7d 34 30 25 2c 74 6f 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 73 68 61 6b 65 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 35 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 35 64 65 67 29 7d 34 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 35 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 Data Ascii: }36%{-webkit-transform:rotate(12deg);transform:rotate(12deg)}40%,to{-webkit-transform:rotate(0deg);transform:rotate(0deg)}}@keyframes fa-shake{0%{-webkit-transform:rotate(-15deg);transform:rotate(-15deg)}4%{-webkit-transform:rotate(15deg);transform:rotate

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	596	OUT	GET /ajax/libs/font-awesome-animation/0.2.1/font-awesome-animation.min.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://samfw.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-08 14:32:11 UTC	930	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03e5f-47d3" Last-Modified: Mon, 04 May 2020 16:10:07 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: MISS Expires: Wed, 26 Feb 2025 14:32:11 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKH2OuKI1WuT6KY%2F2seMuPTciGRqY%2BPiuJGvDL41WXpnRmd3nv09yf0pt9ED1BBu5Cs6u6NE0iO0RtDrPU820WIDDNfZazBKyoqivenQ1LJZvP0i5By9HXIWZgz3D4hyZ2hXcdjW"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8613888048a709f3-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	439	IN	Data Raw: 34 37 64 33 0d 0a 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 77 72 65 6e 63 68 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 32 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 32 64 65 67 29 7d 38 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 32 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 32 64 65 67 29 7d 31 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 32 34 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 32 34 64 65 67 29 7d 31 38 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 32 34 64 65 67 29 3b 74 72 61 6e 73 66 Data Ascii: 47d3@-webkit-keyframes wrench{0%{-webkit-transform:rotate(-12deg);transform:rotate(-12deg)}8%{-webkit-transform:rotate(12deg);transform:rotate(12deg)}10%{-webkit-transform:rotate(24deg);transform:rotate(24deg)}18%{-webkit-transform:rotate(-24deg);transf
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 72 6d 3a 72 6f 74 61 74 65 28 32 34 64 65 67 29 7d 33 38 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 32 34 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 32 34 64 65 67 29 7d 34 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 32 34 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 32 34 64 65 67 29 7d 34 38 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 32 34 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 32 34 64 65 67 29 7d 35 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 32 34 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 32 Data Ascii: rm:rotate(24deg)}38%{-webkit-transform:rotate(-24deg);transform:rotate(-24deg)}40%{-webkit-transform:rotate(-24deg);transform:rotate(-24deg)}48%{-webkit-transform:rotate(24deg);transform:rotate(24deg)}50%{-webkit-transform:rotate(24deg);transform:rotate(2
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 65 67 29 7d 31 30 30 25 2c 37 35 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 7d 7d 2e 66 61 61 2d 70 61 72 65 6e 74 2e 61 6e 69 6d 61 74 65 64 2d 68 6f 76 65 72 3a 68 6f 76 65 72 3e 2e 66 61 61 2d 77 72 65 6e 63 68 2c 2e 66 61 61 2d 77 72 65 6e 63 68 2e 61 6e 69 6d 61 74 65 64 2c 2e 66 61 61 2d 77 72 65 6e 63 68 2e 61 6e 69 6d 61 74 65 64 2d 68 6f 76 65 72 3a 68 6f 76 65 72 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 77 72 65 6e 63 68 20 32 2e 35 73 20 65 61 73 65 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 77 72 65 6e 63 68 20 32 2e 35 73 20 65 61 73 65 20 69 6e 66 69 6e 69 74 65 3b 74 72 61 6e 73 66 6f 72 6d 2d 6f 72 69 67 Data Ascii: eg)}100%,75%{-webkit-transform:rotate(0);transform:rotate(0)}}.faa-parent.animated-hover:hover>.faa-wrench,.faa-wrench.animated,.faa-wrench.animated-hover:hover{-webkit-animation:wrench 2.5s ease infinite;animation:wrench 2.5s ease infinite;transform-orig
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 72 69 6e 67 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 35 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 35 64 65 67 29 7d 32 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 35 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 35 64 65 67 29 7d 34 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 64 65 67 29 7d 36 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 Data Ascii: it-transform:rotate(0);transform:rotate(0)}}@keyframes ring{0%{-webkit-transform:rotate(-15deg);transform:rotate(-15deg)}2%{-webkit-transform:rotate(15deg);transform:rotate(15deg)}4%{-webkit-transform:rotate(-18deg);transform:rotate(-18deg)}6%{-webkit-tra
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 6c 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 30 2c 2d 33 70 78 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 30 2c 2d 33 70 78 29 7d 34 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 30 2c 33 70 78 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 30 2c 33 70 78 29 7d 38 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 30 2c 2d 33 70 78 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 30 2c 2d 33 70 78 29 7d 31 32 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 30 2c 33 70 78 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 Data Ascii: l{0%{-webkit-transform:translate(0,-3px);transform:translate(0,-3px)}4%{-webkit-transform:translate(0,3px);transform:translate(0,3px)}8%{-webkit-transform:translate(0,-3px);transform:translate(0,-3px)}12%{-webkit-transform:translate(0,3px);transform:trans
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 61 74 65 64 2d 68 6f 76 65 72 3a 68 6f 76 65 72 3e 2e 66 61 61 2d 76 65 72 74 69 63 61 6c 2e 66 61 61 2d 73 6c 6f 77 2c 2e 66 61 61 2d 76 65 72 74 69 63 61 6c 2e 61 6e 69 6d 61 74 65 64 2d 68 6f 76 65 72 2e 66 61 61 2d 73 6c 6f 77 3a 68 6f 76 65 72 2c 2e 66 61 61 2d 76 65 72 74 69 63 61 6c 2e 61 6e 69 6d 61 74 65 64 2e 66 61 61 2d 73 6c 6f 77 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 76 65 72 74 69 63 61 6c 20 34 73 20 65 61 73 65 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 76 65 72 74 69 63 61 6c 20 34 73 20 65 61 73 65 20 69 6e 66 69 6e 69 74 65 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 68 6f 72 69 7a 6f 6e 74 61 6c 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 Data Ascii: ated-hover:hover>.faa-vertical.faa-slow,.faa-vertical.animated-hover.faa-slow:hover,.faa-vertical.animated.faa-slow{-webkit-animation:vertical 4s ease infinite;animation:vertical 4s ease infinite}@-webkit-keyframes horizontal{0%{-webkit-transform:translat
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 6f 76 65 72 2e 66 61 61 2d 66 61 73 74 3a 68 6f 76 65 72 2c 2e 66 61 61 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2e 61 6e 69 6d 61 74 65 64 2e 66 61 61 2d 66 61 73 74 2c 2e 66 61 61 2d 70 61 72 65 6e 74 2e 61 6e 69 6d 61 74 65 64 2d 68 6f 76 65 72 3a 68 6f 76 65 72 3e 2e 66 61 61 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2e 66 61 61 2d 66 61 73 74 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 68 6f 72 69 7a 6f 6e 74 61 6c 20 31 73 20 65 61 73 65 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 68 6f 72 69 7a 6f 6e 74 61 6c 20 31 73 20 65 61 73 65 20 69 6e 66 69 6e 69 74 65 7d 2e 66 61 61 2d 68 6f 72 69 7a 6f 6e 74 61 6c 2e 61 6e 69 6d 61 74 65 64 2d 68 6f 76 65 72 2e 66 61 61 2d 73 6c 6f 77 3a 68 6f 76 65 72 2c 2e 66 61 61 2d 68 6f 72 69 7a 6f 6e 74 Data Ascii: over.faa-fast:hover,.faa-horizontal.animated.faa-fast,.faa-parent.animated-hover:hover>.faa-horizontal.faa-fast{-webkit-animation:horizontal 1s ease infinite;animation:horizontal 1s ease infinite}.faa-horizontal.animated-hover.faa-slow:hover,.faa-horizont
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 2c 31 30 25 2c 31 30 30 25 2c 32 30 25 2c 35 30 25 2c 38 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 30 29 7d 34 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 2d 31 35 70 78 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 2d 31 35 70 78 29 7d 36 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 2d 31 35 70 78 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 2d 31 35 70 78 29 7d 7d 2e 66 61 61 2d 62 6f 75 6e 63 65 2e 61 6e 69 6d 61 74 65 64 2c 2e 66 61 61 2d 62 6f 75 6e 63 65 2e 61 6e 69 6d 61 74 65 Data Ascii: ,10%,100%,20%,50%,80%{-webkit-transform:translateY(0);transform:translateY(0)}40%{-webkit-transform:translateY(-15px);transform:translateY(-15px)}60%{-webkit-transform:translateY(-15px);transform:translateY(-15px)}}.faa-bounce.animated,.faa-bounce.animate
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 61 74 69 6f 6e 3a 73 70 69 6e 20 2e 37 73 20 6c 69 6e 65 61 72 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 73 70 69 6e 20 2e 37 73 20 6c 69 6e 65 61 72 20 69 6e 66 69 6e 69 74 65 7d 2e 66 61 61 2d 70 61 72 65 6e 74 2e 61 6e 69 6d 61 74 65 64 2d 68 6f 76 65 72 3a 68 6f 76 65 72 3e 2e 66 61 61 2d 73 70 69 6e 2e 66 61 61 2d 73 6c 6f 77 2c 2e 66 61 61 2d 73 70 69 6e 2e 61 6e 69 6d 61 74 65 64 2d 68 6f 76 65 72 2e 66 61 61 2d 73 6c 6f 77 3a 68 6f 76 65 72 2c 2e 66 61 61 2d 73 70 69 6e 2e 61 6e 69 6d 61 74 65 64 2e 66 61 61 2d 73 6c 6f 77 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 73 70 69 6e 20 32 2e 32 73 20 6c 69 6e 65 61 72 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 73 70 69 6e 20 32 2e 32 73 20 6c 69 6e 65 61 Data Ascii: ation:spin .7s linear infinite;animation:spin .7s linear infinite}.faa-parent.animated-hover:hover>.faa-spin.faa-slow,.faa-spin.animated-hover.faa-slow:hover,.faa-spin.animated.faa-slow{-webkit-animation:spin 2.2s linear infinite;animation:spin 2.2s linea
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 2e 38 29 7d 31 30 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 2e 31 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 2e 31 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 70 75 6c 73 65 7b 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 2e 31 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 2e 31 29 7d 35 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 2e 38 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 2e 38 29 7d 31 30 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 2e 31 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 2e 31 29 7d 7d 2e 66 Data Ascii: ransform:scale(.8)}100%{-webkit-transform:scale(1.1);transform:scale(1.1)}}@keyframes pulse{0%{-webkit-transform:scale(1.1);transform:scale(1.1)}50%{-webkit-transform:scale(.8);transform:scale(.8)}100%{-webkit-transform:scale(1.1);transform:scale(1.1)}}.f

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	563	OUT	GET /ajax/libs/toastr.js/latest/toastr.min.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://samfw.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: style Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-08 14:32:11 UTC	933	IN	HTTP/1.1 200 OK Date: Fri, 08 Mar 2024 14:32:11 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"659946f7-bda" Last-Modified: Sat, 06 Jan 2024 13:26:31 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: MISS Expires: Wed, 26 Feb 2025 14:32:11 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHVMRtLHAlrN3Qbk%2FCGHxDapONYoE9AbNk8DTu1YZJN7Ws2AxAsE%2BCEAe%2B0WHt0BiZLdUAfZPQuGNRnKsnytH8QqMkzCxIOxxEbBMn2HwE0z3znPBhft44HCz7Lsfhu%2Fip7SwvDH"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 861388806d5309f1-LAS alt-svc: h3=":443"; ma=86400
2024-03-08 14:32:11 UTC	436	IN	Data Raw: 31 61 35 35 0d 0a 2f 2a 0d 20 2a 20 4e 6f 74 65 20 74 68 61 74 20 74 68 69 73 20 69 73 20 74 6f 61 73 74 72 20 76 32 2e 31 2e 33 2c 20 74 68 65 20 22 6c 61 74 65 73 74 22 20 76 65 72 73 69 6f 6e 20 69 6e 20 75 72 6c 20 68 61 73 20 6e 6f 20 6d 6f 72 65 20 6d 61 69 6e 74 65 6e 61 6e 63 65 2c 0d 20 2a 20 70 6c 65 61 73 65 20 67 6f 20 74 6f 20 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6f 6d 2f 6c 69 62 72 61 72 69 65 73 2f 74 6f 61 73 74 72 2e 6a 73 20 61 6e 64 20 70 69 63 6b 20 61 20 63 65 72 74 61 69 6e 20 76 65 72 73 69 6f 6e 20 79 6f 75 20 77 61 6e 74 20 74 6f 20 75 73 65 2c 0d 20 2a 20 6d 61 6b 65 20 73 75 72 65 20 79 6f 75 20 63 6f 70 79 20 74 68 65 20 75 72 6c 20 66 72 6f 6d 20 74 68 65 20 77 65 62 73 69 74 65 20 73 69 6e 63 65 20 74 68 65 20 75 72 Data Ascii: 1a55/* * Note that this is toastr v2.1.3, the "latest" version in url has no more maintenance, * please go to https://cdnjs.com/libraries/toastr.js and pick a certain version you want to use, * make sure you copy the url from the website since the ur
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 74 2d 6d 65 73 73 61 67 65 20 61 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 43 43 43 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 2e 74 6f 61 73 74 2d 63 6c 6f 73 65 2d 62 75 74 74 6f 6e 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 72 69 67 68 74 3a 2d 2e 33 65 6d 3b 74 6f 70 3a 2d 2e 33 65 6d 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 68 61 64 6f 77 3a 30 20 31 70 78 20 30 20 23 66 66 66 3b 74 65 78 74 2d 73 68 61 64 6f 77 3a 30 20 31 70 78 20 30 20 23 66 66 66 3b 6f 70 61 63 69 74 79 3a 2e 38 3b 2d 6d 73 2d 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d Data Ascii: t-message a:hover{color:#CCC;text-decoration:none}.toast-close-button{position:relative;right:-.3em;top:-.3em;float:right;font-size:20px;font-weight:700;color:#FFF;-webkit-text-shadow:0 1px 0 #fff;text-shadow:0 1px 0 #fff;opacity:.8;-ms-filter:progid:DXIm
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 72 2d 72 61 64 69 75 73 3a 33 70 78 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 33 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 31 35 70 78 20 63 65 6e 74 65 72 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 31 32 70 78 20 23 39 39 39 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 31 32 70 78 20 23 39 39 39 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 31 32 70 78 20 23 39 39 39 3b 63 6f 6c 6f 72 3a 23 46 46 46 3b 6f 70 61 63 69 74 79 3a 2e 38 3b 2d 6d 73 2d 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 28 4f 70 61 Data Ascii: r-radius:3px;border-radius:3px;background-position:15px center;background-repeat:no-repeat;-moz-box-shadow:0 0 12px #999;-webkit-box-shadow:0 0 12px #999;box-shadow:0 0 12px #999;color:#FFF;opacity:.8;-ms-filter:progid:DXImageTransform.Microsoft.Alpha(Opa
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 65 76 70 59 48 54 2b 30 30 54 2b 68 57 77 58 44 66 34 41 4a 41 4f 55 71 57 63 44 68 62 77 41 41 41 41 41 53 55 56 4f 52 4b 35 43 59 49 49 3d 29 21 69 6d 70 6f 72 74 61 6e 74 7d 23 74 6f 61 73 74 2d 63 6f 6e 74 61 69 6e 65 72 3e 2e 74 6f 61 73 74 2d 65 72 72 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 42 67 41 41 41 41 59 43 41 59 41 41 41 44 67 64 7a 33 34 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 41 48 4f 53 55 52 42 56 45 68 Data Ascii: evpYHT+00T+hWwXDf4AJAOUqWcDhbwAAAAASUVORK5CYII=)!important}#toast-container>.toast-error{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAHOSURBVEh
2024-03-08 14:32:11 UTC	1369	IN	Data Raw: 41 42 4b 67 6e 52 6b 69 39 6c 4c 73 65 53 37 67 32 41 6c 71 77 48 57 51 53 4b 48 34 6f 4b 4c 72 49 4c 70 52 47 68 45 51 43 77 32 4c 69 52 55 49 61 34 6c 77 41 41 41 41 42 4a 52 55 35 45 72 6b 4a 67 67 67 3d 3d 29 21 69 6d 70 6f 72 74 61 6e 74 7d 23 74 6f 61 73 74 2d 63 6f 6e 74 61 69 6e 65 72 3e 2e 74 6f 61 73 74 2d 77 61 72 6e 69 6e 67 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 42 67 41 41 41 41 59 43 41 59 41 41 41 44 67 64 7a 33 34 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 Data Ascii: ABKgnRki9lLseS7g2AlqwHWQSKH4oKLrILpRGhEQCw2LiRUIa4lwAAAABJRU5ErkJggg==)!important}#toast-container>.toast-warning{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADs
2024-03-08 14:32:11 UTC	837	IN	Data Raw: 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 3b 6f 70 61 63 69 74 79 3a 2e 34 3b 2d 6d 73 2d 66 69 6c 74 65 72 3a 70 72 6f 67 69 64 3a 44 58 49 6d 61 67 65 54 72 61 6e 73 66 6f 72 6d 2e 4d 69 63 72 6f 73 6f 66 74 2e 41 6c 70 68 61 28 4f 70 61 63 69 74 79 3d 34 30 29 3b 66 69 6c 74 65 72 3a 61 6c 70 68 61 28 6f 70 61 63 69 74 79 3d 34 30 29 7d 40 6d 65 64 69 61 20 61 6c 6c 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 32 34 30 70 78 29 7b 23 74 6f 61 73 74 2d 63 6f 6e 74 61 69 6e 65 72 3e 64 69 76 7b 70 61 64 64 69 6e 67 3a 38 70 78 20 38 70 78 20 38 70 78 20 35 30 70 78 3b 77 69 64 74 68 3a 31 31 65 6d 7d 23 74 6f 61 73 74 2d 63 6f 6e 74 61 69 6e 65 72 3e 64 69 76 2e 72 74 6c 7b 70 61 64 64 69 6e 67 3a 38 70 78 20 35 30 70 78 20 38 70 78 20 38 70 78 7d Data Ascii: ound-color:#000;opacity:.4;-ms-filter:progid:DXImageTransform.Microsoft.Alpha(Opacity=40);filter:alpha(opacity=40)}@media all and (max-width:240px){#toast-container>div{padding:8px 8px 8px 50px;width:11em}#toast-container>div.rtl{padding:8px 50px 8px 8px}
2024-03-08 14:32:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-03-08 14:32:11 UTC	546	OUT	GET /npm/in-view@0.6.1/dist/in-view.min.js HTTP/1.1 Host: cdn.jsdelivr.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://samfw.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-03-08 14:32:11 UTC	774	IN	HTTP/1.1 200 OK Connection: close Content-Length: 5310 Access-Control-Allow-Origin: * Access-Control-Expose-Headers: * Timing-Allow-Origin: * Cache-Control: public, max-age=31536000, s-maxage=31536000, immutable Cross-Origin-Resource-Policy: cross-origin X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Content-Type: application/javascript; charset=utf-8 X-JSD-Version: 0.6.1 X-JSD-Version-Type: version ETag: W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls" Accept-Ranges: bytes Date: Fri, 08 Mar 2024 14:32:11 GMT Age: 2375986 X-Served-By: cache-fra-etou8220053-FRA, cache-lax-kwhp1940098-LAX X-Cache: HIT, HIT Vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
2024-03-08 14:32:11 UTC	1378	IN	Data Raw: 2f 2a 21 0a 20 2a 20 69 6e 2d 76 69 65 77 20 30 2e 36 2e 31 20 2d 20 47 65 74 20 6e 6f 74 69 66 69 65 64 20 77 68 65 6e 20 61 20 44 4f 4d 20 65 6c 65 6d 65 6e 74 20 65 6e 74 65 72 73 20 6f 72 20 65 78 69 74 73 20 74 68 65 20 76 69 65 77 70 6f 72 74 2e 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 36 20 43 61 6d 20 57 69 65 67 65 72 74 20 3c 63 61 6d 40 63 61 6d 77 69 65 67 65 72 74 2e 63 6f 6d 3e 20 2d 20 68 74 74 70 73 3a 2f 2f 63 61 6d 77 69 65 67 65 72 74 2e 67 69 74 68 75 62 2e 69 6f 2f 69 6e 2d 76 69 65 77 0a 20 2a 20 4c 69 63 65 6e 73 65 3a 20 4d 49 54 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f Data Ascii: /! in-view 0.6.1 - Get notified when a DOM element enters or exits the viewport. * Copyright (c) 2016 Cam Wiegert <cam@camwiegert.com> - https://camwiegert.github.io/in-view * License: MIT */!function(t,e){"object"==typeof exports&&"object"==typeo
2024-03-08 14:32:11 UTC	1378	IN	Data Raw: 2e 6f 62 73 65 72 76 65 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2c 7b 61 74 74 72 69 62 75 74 65 73 3a 21 30 2c 63 68 69 6c 64 4c 69 73 74 3a 21 30 2c 73 75 62 74 72 65 65 3a 21 30 7d 29 7d 29 3b 76 61 72 20 75 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 74 29 7b 76 61 72 20 65 3d 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 74 29 29 3b 72 65 74 75 72 6e 20 6e 2e 68 69 73 74 6f 72 79 2e 69 6e 64 65 78 4f 66 28 74 29 3e 2d 31 3f 6e 5b 74 5d 2e 65 6c 65 6d 65 6e 74 73 3d 65 3a 28 6e 5b 74 5d 3d 28 30 2c 66 5b 22 64 65 66 61 75 6c 74 22 5d 29 28 65 2c 72 29 2c 6e 2e 68 69 73 74 6f 72 79 2e 70 75 73 68 28 74 29 29 2c 6e 5b 74 5d Data Ascii: .observe(document.body,{attributes:!0,childList:!0,subtree:!0})});var u=function(t){if("string"==typeof t){var e=[].slice.call(document.querySelectorAll(t));return n.history.indexOf(t)>-1?n[t].elements=e:(n[t]=(0,f["default"])(e,r),n.history.push(t)),n[t]
2024-03-08 14:32:11 UTC	1378	IN	Data Raw: 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 74 2e 6f 70 74 69 6f 6e 73 2e 74 65 73 74 28 65 2c 74 2e 6f 70 74 69 6f 6e 73 29 2c 72 3d 74 2e 63 75 72 72 65 6e 74 2e 69 6e 64 65 78 4f 66 28 65 29 2c 69 3d 72 3e 2d 31 2c 6f 3d 6e 26 26 21 69 2c 75 3d 21 6e 26 26 69 3b 6f 26 26 28 74 2e 63 75 72 72 65 6e 74 2e 70 75 73 68 28 65 29 2c 74 2e 65 6d 69 74 28 22 65 6e 74 65 72 22 2c 65 29 29 2c 75 26 26 28 74 2e 63 75 72 72 65 6e 74 2e 73 70 6c 69 63 65 28 72 2c 31 29 2c 74 2e 65 6d 69 74 28 22 65 78 69 74 22 2c 65 29 29 7d 29 2c 74 68 69 73 7d 7d 2c 7b 6b 65 79 3a 22 6f 6e 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 68 61 6e 64 6c 65 72 73 5b 74 5d 2e 70 75 73 68 28 65 29 2c 74 68 69 73 7d Data Ascii: h(function(e){var n=t.options.test(e,t.options),r=t.current.indexOf(e),i=r>-1,o=n&&!i,u=!n&&i;o&&(t.current.push(e),t.emit("enter",e)),u&&(t.current.splice(r,1),t.emit("exit",e))}),this}},{key:"on",value:function(t,e){return this.handlers[t].push(e),this}
2024-03-08 14:32:11 UTC	1176	IN	Data Raw: 69 3d 65 2d 6e 3b 72 65 74 75 72 6e 20 5f 3f 63 28 69 2c 67 2d 72 29 3a 69 7d 66 75 6e 63 74 69 6f 6e 20 64 28 74 29 7b 76 61 72 20 6e 3d 74 2d 4f 2c 72 3d 74 2d 45 3b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 4f 7c 7c 6e 3e 3d 65 7c 7c 6e 3c 30 7c 7c 5f 26 26 72 3e 3d 67 7d 66 75 6e 63 74 69 6f 6e 20 68 28 29 7b 76 61 72 20 74 3d 6f 28 29 3b 72 65 74 75 72 6e 20 64 28 74 29 3f 70 28 74 29 3a 76 6f 69 64 28 6a 3d 73 65 74 54 69 6d 65 6f 75 74 28 68 2c 6c 28 74 29 29 29 7d 66 75 6e 63 74 69 6f 6e 20 70 28 74 29 7b 72 65 74 75 72 6e 20 6a 3d 76 6f 69 64 20 30 2c 54 26 26 78 3f 72 28 74 29 3a 28 78 3d 6d 3d 76 6f 69 64 20 30 2c 77 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 29 7b 76 6f 69 64 20 30 21 3d 3d 6a 26 26 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 6a Data Ascii: i=e-n;return _?c(i,g-r):i}function d(t){var n=t-O,r=t-E;return void 0===O\|\|n>=e\|\|n<0\|\|_&&r>=g}function h(){var t=o();return d(t)?p(t):void(j=setTimeout(h,l(t)))}function p(t){return j=void 0,T&&x?r(t):(x=m=void 0,w)}function v(){void 0!==j&&clearTimeout(j