Windows Analysis Report
https://sign.clickandsign.eu/h/KkObbSMhni

Overview

General Information

Sample URL:	https://sign.clickandsign.eu/h/KkObbSMhni
Analysis ID:	1448087
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected Html Dropper

Creates files inside the system directory

Deletes files inside the Windows folder

Detected non-DNS traffic on DNS port

Drops files with a non-matching file extension (content does not match file extension)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

Classification

Signatures

HTML body contains low number of good links

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: Number of links: 0
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: <input type="password" .../> found but no <form action="...

HTML title does not match URL

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: Title: PDF.js viewer does not match URL
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: Title: PDF.js viewer does not match URL

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: <input type="password" .../> found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: <input type="password" .../> found

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49777 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:51046 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /h/KkObbSMhni HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dist/cands.css HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo_vertical.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/vendors/jquery.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dist/vendor.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dist/cands.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo_vertical.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /landing/i18/es.json HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/favicons/sign/favicon.ico HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/favicons/sign/manifest.json HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4- HTTP/1.1Host: api.lleida.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /landing/i18/es.json HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/favicons/sign/favicon.ico HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /h/KkObbSMhni HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.css HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/pdf.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4- HTTP/1.1Host: api.lleida.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4- HTTP/1.1Host: api.lleida.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewThumbnail.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewOutline.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/locale/locale.properties HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-sidebarToggle.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-search.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-pageUp.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-pageDown.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4- HTTP/1.1Host: api.lleida.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewOutline.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-openFile.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewThumbnail.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/locale/locale.properties HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-print.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-download.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-search.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-editorFreeText.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-editorInk.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-sidebarToggle.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-pageUp.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-secondaryToolbarToggle.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-pageDown.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-zoomOut.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-openFile.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-download.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-zoomIn.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-menuArrow.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/locale/en-US/viewer.properties HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-editorInk.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-editorFreeText.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-print.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewAttachments.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewLayers.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-secondaryToolbarToggle.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-zoomOut.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-zoomIn.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-menuArrow.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewLayers.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewAttachments.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/locale/en-US/viewer.properties HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/pdf.worker.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1//pdf/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8 HTTP/1.1Host: api.lleida.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://sign.clickandsign.euSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/loading-dark.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/loading-icon.gif HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1//pdf/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8 HTTP/1.1Host: api.lleida.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/loading-icon.gif HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/loading-dark.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: sign.clickandsign.eu
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: api.lleida.net

Source: unknown

HTTP traffic detected: POST /cdn-cgi/rum? HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveContent-Length: 1503sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonAccept: */*Origin: https://sign.clickandsign.euSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_134.2.dr, chromecache_110.2.dr	String found in binary or memory: http://blog.fspm.jp/2014/06/androidpinch-inoutjsgesturestart.html
Source: chromecache_130.2.dr, chromecache_131.2.dr	String found in binary or memory: http://creativecommons.org/ns#
Source: chromecache_133.2.dr	String found in binary or memory: http://eur-lex.europa.eu/legal-content/ES/TXT/PDF/?uri=CELEX:32013R0524)
Source: chromecache_114.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_130.2.dr, chromecache_131.2.dr	String found in binary or memory: http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd
Source: chromecache_134.2.dr, chromecache_142.2.dr, chromecache_148.2.dr, chromecache_100.2.dr, chromecache_113.2.dr, chromecache_119.2.dr, chromecache_110.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_133.2.dr	String found in binary or memory: http://www.avatel.es/)
Source: chromecache_121.2.dr, chromecache_133.2.dr	String found in binary or memory: http://www.avatel.es/tiendas/)
Source: chromecache_130.2.dr, chromecache_131.2.dr	String found in binary or memory: http://www.inkscape.org/namespaces/inkscape
Source: sets.json.0.dr	String found in binary or memory: https://abczdrowie.pl
Source: sets.json.0.dr	String found in binary or memory: https://alice.tw
Source: sets.json.0.dr	String found in binary or memory: https://autobild.de
Source: sets.json.0.dr	String found in binary or memory: https://baomoi.com
Source: sets.json.0.dr	String found in binary or memory: https://bild.de
Source: sets.json.0.dr	String found in binary or memory: https://blackrock.com
Source: sets.json.0.dr	String found in binary or memory: https://blackrockadvisorelite.it
Source: sets.json.0.dr	String found in binary or memory: https://bluradio.com
Source: sets.json.0.dr	String found in binary or memory: https://bolasport.com
Source: sets.json.0.dr	String found in binary or memory: https://bonvivir.com
Source: sets.json.0.dr	String found in binary or memory: https://bumbox.com
Source: sets.json.0.dr	String found in binary or memory: https://businessinsider.com.pl
Source: sets.json.0.dr	String found in binary or memory: https://cachematrix.com
Source: sets.json.0.dr	String found in binary or memory: https://cafemedia.com
Source: sets.json.0.dr	String found in binary or memory: https://caracoltv.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.be
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.fr
Source: sets.json.0.dr	String found in binary or memory: https://cardsayings.net
Source: sets.json.0.dr	String found in binary or memory: https://chennien.com
Source: sets.json.0.dr	String found in binary or memory: https://clarosports.com
Source: sets.json.0.dr	String found in binary or memory: https://clmbtech.com
Source: sets.json.0.dr	String found in binary or memory: https://clubelpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://cmxd.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.com
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.net
Source: sets.json.0.dr	String found in binary or memory: https://computerbild.de
Source: sets.json.0.dr	String found in binary or memory: https://cookreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://cricbuzz.com
Source: sets.json.0.dr	String found in binary or memory: https://desimartini.com
Source: sets.json.0.dr	String found in binary or memory: https://dewarmsteweek.be
Source: sets.json.0.dr	String found in binary or memory: https://economictimes.com
Source: sets.json.0.dr	String found in binary or memory: https://een.be
Source: sets.json.0.dr	String found in binary or memory: https://efront.com
Source: sets.json.0.dr	String found in binary or memory: https://eleconomista.net
Source: sets.json.0.dr	String found in binary or memory: https://elfinancierocr.com
Source: sets.json.0.dr	String found in binary or memory: https://elgrafico.com
Source: sets.json.0.dr	String found in binary or memory: https://ella.sv
Source: sets.json.0.dr	String found in binary or memory: https://elpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://elpais.uy
Source: sets.json.0.dr	String found in binary or memory: https://etfacademy.it
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookcloud.com
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookrequest.com
Source: sets.json.0.dr	String found in binary or memory: https://fakt.pl
Source: chromecache_114.2.dr	String found in binary or memory: https://feross.org/opensource
Source: sets.json.0.dr	String found in binary or memory: https://finn.no
Source: sets.json.0.dr	String found in binary or memory: https://firstlook.biz
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: sets.json.0.dr	String found in binary or memory: https://gallito.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://geforcenow.com
Source: chromecache_114.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: sets.json.0.dr	String found in binary or memory: https://gettalkdesk.com
Source: chromecache_134.2.dr, chromecache_110.2.dr	String found in binary or memory: https://gist.github.com/squallstar/1d720e93eabe7f60dc61b547d2c19228
Source: chromecache_114.2.dr	String found in binary or memory: https://github.com/Yaffle/EventSource/
Source: chromecache_134.2.dr, chromecache_110.2.dr	String found in binary or memory: https://github.com/adobe-type-tools/cmap-resources
Source: chromecache_114.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_114.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: sets.json.0.dr	String found in binary or memory: https://gliadomain.com
Source: sets.json.0.dr	String found in binary or memory: https://grid.id
Source: sets.json.0.dr	String found in binary or memory: https://gridgames.app
Source: sets.json.0.dr	String found in binary or memory: https://growthrx.in
Source: sets.json.0.dr	String found in binary or memory: https://grupolpg.sv
Source: sets.json.0.dr	String found in binary or memory: https://gujaratijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://hapara.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.global
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.global
Source: sets.json.0.dr	String found in binary or memory: https://healthshots.com
Source: sets.json.0.dr	String found in binary or memory: https://hearty.app
Source: sets.json.0.dr	String found in binary or memory: https://hearty.gift
Source: sets.json.0.dr	String found in binary or memory: https://hearty.me
Source: sets.json.0.dr	String found in binary or memory: https://heartymail.com
Source: sets.json.0.dr	String found in binary or memory: https://hindustantimes.com
Source: sets.json.0.dr	String found in binary or memory: https://hj.rs
Source: sets.json.0.dr	String found in binary or memory: https://hjck.com
Source: sets.json.0.dr	String found in binary or memory: https://human-talk.org
Source: sets.json.0.dr	String found in binary or memory: https://idbs-cloud.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-dev.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-eworkbook.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-staging.com
Source: sets.json.0.dr	String found in binary or memory: https://indiatimes.com
Source: sets.json.0.dr	String found in binary or memory: https://iolam.it
Source: sets.json.0.dr	String found in binary or memory: https://ishares.com
Source: sets.json.0.dr	String found in binary or memory: https://jagran.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.fr
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.fr
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://kaksya.in
Source: sets.json.0.dr	String found in binary or memory: https://kompas.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.tv
Source: sets.json.0.dr	String found in binary or memory: https://kompasiana.com
Source: sets.json.0.dr	String found in binary or memory: https://lanacion.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.com
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.ru
Source: sets.json.0.dr	String found in binary or memory: https://laprensagrafica.com
Source: sets.json.0.dr	String found in binary or memory: https://lateja.cr
Source: sets.json.0.dr	String found in binary or memory: https://libero.it
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.com
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.fr
Source: sets.json.0.dr	String found in binary or memory: https://livehindustan.com
Source: sets.json.0.dr	String found in binary or memory: https://livemint.com
Source: sets.json.0.dr	String found in binary or memory: https://max.auto
Source: sets.json.0.dr	String found in binary or memory: https://medonet.pl
Source: sets.json.0.dr	String found in binary or memory: https://meo.pt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.co.cr
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.bo
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.do
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.gt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.hn
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ni
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pa
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.py
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.sv
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mighty-app.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://mightytext.net
Source: sets.json.0.dr	String found in binary or memory: https://mittanbud.no
Source: sets.json.0.dr	String found in binary or memory: https://money.pl
Source: sets.json.0.dr	String found in binary or memory: https://mystudentdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://nacion.com
Source: sets.json.0.dr	String found in binary or memory: https://nidhiacademyonline.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.co
Source: sets.json.0.dr	String found in binary or memory: https://nien.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.org
Source: sets.json.0.dr	String found in binary or memory: https://noticiascaracol.com
Source: sets.json.0.dr	String found in binary or memory: https://nourishingpursuits.com
Source: sets.json.0.dr	String found in binary or memory: https://nvidia.com
Source: sets.json.0.dr	String found in binary or memory: https://o2.pl
Source: sets.json.0.dr	String found in binary or memory: https://ocdn.eu
Source: sets.json.0.dr	String found in binary or memory: https://onet.pl
Source: sets.json.0.dr	String found in binary or memory: https://ottplay.com
Source: sets.json.0.dr	String found in binary or memory: https://paula.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://pdmp-apis.no
Source: sets.json.0.dr	String found in binary or memory: https://phonandroid.com
Source: sets.json.0.dr	String found in binary or memory: https://player.pl
Source: sets.json.0.dr	String found in binary or memory: https://plejada.pl
Source: sets.json.0.dr	String found in binary or memory: https://poalim.site
Source: sets.json.0.dr	String found in binary or memory: https://poalim.xyz
Source: sets.json.0.dr	String found in binary or memory: https://portalinmobiliario.com
Source: sets.json.0.dr	String found in binary or memory: https://prisjakt.no
Source: sets.json.0.dr	String found in binary or memory: https://pudelek.pl
Source: sets.json.0.dr	String found in binary or memory: https://punjabijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://radio1.be
Source: sets.json.0.dr	String found in binary or memory: https://radio2.be
Source: sets.json.0.dr	String found in binary or memory: https://reactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://repid.org
Source: sets.json.0.dr	String found in binary or memory: https://reshim.org
Source: sets.json.0.dr	String found in binary or memory: https://rws1nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws2nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws3nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://sackrace.ai
Source: sets.json.0.dr	String found in binary or memory: https://salemoveadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovefinancial.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovetravel.com
Source: sets.json.0.dr	String found in binary or memory: https://samayam.com
Source: sets.json.0.dr	String found in binary or memory: https://sapo.io
Source: sets.json.0.dr	String found in binary or memory: https://sapo.pt
Source: sets.json.0.dr	String found in binary or memory: https://shock.co
Source: sets.json.0.dr	String found in binary or memory: https://smoney.vn
Source: sets.json.0.dr	String found in binary or memory: https://socket-to-me.vip
Source: sets.json.0.dr	String found in binary or memory: https://songshare.com
Source: sets.json.0.dr	String found in binary or memory: https://songstats.com
Source: sets.json.0.dr	String found in binary or memory: https://sporza.be
Source: sets.json.0.dr	String found in binary or memory: https://standardsandpraiserepurpose.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.net
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.org
Source: chromecache_134.2.dr, chromecache_110.2.dr	String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Source: sets.json.0.dr	String found in binary or memory: https://stripe.com
Source: sets.json.0.dr	String found in binary or memory: https://stripe.network
Source: sets.json.0.dr	String found in binary or memory: https://stripecdn.com
Source: sets.json.0.dr	String found in binary or memory: https://supereva.it
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskqaid.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskstgid.com
Source: sets.json.0.dr	String found in binary or memory: https://teacherdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://technology-revealed.com
Source: sets.json.0.dr	String found in binary or memory: https://textyserver.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://timesinternet.in
Source: sets.json.0.dr	String found in binary or memory: https://timesofindia.com
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.app
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.com
Source: sets.json.0.dr	String found in binary or memory: https://tribunnews.com
Source: sets.json.0.dr	String found in binary or memory: https://trytalkdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.co
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://tvid.in
Source: sets.json.0.dr	String found in binary or memory: https://tvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://tvn24.pl
Source: sets.json.0.dr	String found in binary or memory: https://unotv.com
Source: sets.json.0.dr	String found in binary or memory: https://victorymedium.com
Source: sets.json.0.dr	String found in binary or memory: https://vrt.be
Source: sets.json.0.dr	String found in binary or memory: https://vwo.com
Source: sets.json.0.dr	String found in binary or memory: https://welt.de
Source: sets.json.0.dr	String found in binary or memory: https://wieistmeineip.de
Source: sets.json.0.dr	String found in binary or memory: https://wildix.com
Source: sets.json.0.dr	String found in binary or memory: https://wildixin.com
Source: sets.json.0.dr	String found in binary or memory: https://wingify.com
Source: sets.json.0.dr	String found in binary or memory: https://wordle.at
Source: sets.json.0.dr	String found in binary or memory: https://wp.pl
Source: sets.json.0.dr	String found in binary or memory: https://wpext.pl
Source: sets.json.0.dr	String found in binary or memory: https://www.asadcdn.com
Source: chromecache_121.2.dr, chromecache_133.2.dr	String found in binary or memory: https://www.legalitas.com/sites/default/files/documentos/CCGG_SPF_AVATEL.pdf)
Source: chromecache_123.2.dr	String found in binary or memory: https://www.lleida.net/es/condiciones-contratacion
Source: chromecache_123.2.dr	String found in binary or memory: https://www.lleida.net/es/politica-de-privacidad
Source: chromecache_123.2.dr	String found in binary or memory: https://www.lleidanet.ae/es/condiciones-contratacion
Source: chromecache_123.2.dr	String found in binary or memory: https://www.lleidanet.ae/es/politica-de-privacidad
Source: sets.json.0.dr	String found in binary or memory: https://ya.ru
Source: sets.json.0.dr	String found in binary or memory: https://zalo.me
Source: sets.json.0.dr	String found in binary or memory: https://zdrowietvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://zingmp3.vn

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49777 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\sets.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\LICENSE	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\manifest.fingerprint	Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\chrome_BITS_6128_2002341442

Jump to behavior

Source: classification engine

Classification label: mal48.troj.win@23/117@12/7

Source: chromecache_133.2.dr	Initial sample: https://www.legalitas.com/sites/default/files/documentos/ccgg_spf_avatel.pdf
Source: chromecache_133.2.dr	Initial sample: http://eur-lex.europa.eu/legal-content/ES/TXT/PDF/?uri=CELEX:32013R0524
Source: chromecache_133.2.dr	Initial sample: http://eur-lex.europa.eu/legal-content/es/txt/pdf/?uri=celex:32013r0524
Source: chromecache_133.2.dr	Initial sample: http://www.avatel.es/
Source: chromecache_133.2.dr	Initial sample: http://www.avatel.es/tiendas/
Source: chromecache_133.2.dr	Initial sample: https://www.legalitas.com/sites/default/files/documentos/CCGG_SPF_AVATEL.pdf

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=2244,i,6037055554380594269,13750479082232346734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sign.clickandsign.eu/h/KkObbSMhni"
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://sign.clickandsign.eu/h/KkObbSMhni
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1972,i,9522242102715679292,17427946240984120786,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=2244,i,6037055554380594269,13750479082232346734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1972,i,9522242102715679292,17427946240984120786,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Data Obfuscation

Yara detected Html Dropper

Source: Yara match

File source: dropped/chromecache_89, type: DROPPED

Drops files with a non-matching file extension (content does not match file extension)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 121
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 133	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 121	Jump to dropped file

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.18.3.43	api.lleida.net	United States	13335	CLOUDFLARENETUS	false
104.18.2.43	unknown	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.196	www.google.com	United States	15169	GOOGLEUS	false
104.18.1.141	sign.clickandsign.eu	United States	13335	CLOUDFLARENETUS	false
104.16.79.73	static.cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.214.172	true
static.cloudflareinsights.com	104.16.79.73	true
sign.clickandsign.eu	104.18.1.141	true
api.lleida.net	104.18.3.43	true
www.google.com	142.250.185.196	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://sign.clickandsign.eu/pdfviewer/pdf.min.js	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/landing/i18/es.json	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/pdfviewer/images/toolbarButton-viewAttachments.svg	false	Avira URL Cloud: safe	unknown
https://api.lleida.net/cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4-	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/pdfviewer/pdf.worker.min.js	false	Avira URL Cloud: safe	unknown
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/pdfviewer/images/toolbarButton-pageUp.svg	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/pdfviewer/images/toolbarButton-editorInk.svg	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/cdn-cgi/rum?	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/pdfviewer/images/toolbarButton-pageDown.svg	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/pdfviewer/locale/locale.properties	false	Avira URL Cloud: safe	unknown
https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\LICENSE	ASCII text	EE002CB9E51BB8DFA89640A406A1090A	49EE3AD535947D8821FFDEB67FFC9BC37D1EBBB2	3DBD2C90050B652D63656481C3E5871C52261575292DB77D4EA63419F187A55B
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\_metadata\verified_contents.json	JSON data	55FAB119C4B25E3B96B68A1412A400B6	BDDA56C51ADEBE8ED0E92658B5020186270085B5	6DDD430EC4522578FC545E37B7811B740AE9BAE80EBCDBE44ABEF6289B82E2EB
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\manifest.fingerprint	ASCII text, with no line terminators	224A1E3D38F496B70BB0A38D237F8FCE	FBC6B5A7C15349EE150549276F58B71674C05513	1538B4C21BDABACD90069B3EFC35E1FA898694695BCC136B08A2586005645A2D
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\manifest.json	JSON data	F67F1900F79CA094D0FC2182B79E7A60	B0C783FB7F8985C82313C2AC4606A820FFEE7C4B	8EB011F941D5A247352B301DF87300D0881D7E50FDFD1C37CE2F85DCF946499A
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\sets.json	JSON data	B63AD3A7023C80F4D2D24BF4AC4145B7	582BFCD098EB6E63B5420F19A81CD3C04D5CD945	86DFE2A9896CA7CAD92BD313A27ED185339D0E4729EDAEB95C1D6A2CBEBB79AA
Chrome Cache Entry: 100	Unicode text, UTF-8 text, with very long lines (64729)	E1B08F200701888B6D5F7328749804F5	9D1F6A8A0737D2316A0A64986A308B3024A5B434	E685BCC71002E6C5619732C2724AF9FBE2430040A396C3F9BED83C06972F63B1
Chrome Cache Entry: 101	SVG Scalable Vector Graphics image	F069204380261A6209E0A8D09296ECAC	FF391D47B9F65031EB1285A358D67A9ED57816BE	09A14CBD902AAD9FE40F2351DB2AC5593AD897AED8810B9C6AEB0E56389FF100
Chrome Cache Entry: 102	Algol 68 source, ASCII text, with very long lines (31135)	FC97FA08CAE241FD56BFF838DC2EA971	CBFB47C552F684B13ADAFC4CD0AF2533C17AE36C	DE02702BBFC7DF64A4B93915E715DBFD13B9D81A19AC459F39491A5ACA020B73
Chrome Cache Entry: 103	SVG Scalable Vector Graphics image	460A4F30268E7CA89CAF686BC6D158D8	F97D64336AEDB7DB5AFC0A9DFAC52756C3547D60	32889ACAFD84EDEEC513DB6131252FA97FFFF00FEE6272D05E35E2D95216E30F
Chrome Cache Entry: 104	SVG Scalable Vector Graphics image	F72BDA736F4134A6FBBABB07B2DF33DE	B3BC5D920302431971DDEBDDE6087DF90FCB9348	267745D6C176AFE038630C3F7C0FCDA78141FC7634F73898FFC6CBB1262C77AB
Chrome Cache Entry: 105	SVG Scalable Vector Graphics image	8F1B37788128093E13E5C8EBF4FFA176	10358D242BAFAD85CF323B69C183348A58576815	081BF99D3C2390036A2D9C7E9485316BCD049F90A74E982F1EEBCFD4D9B178E3
Chrome Cache Entry: 106	SVG Scalable Vector Graphics image	C2CB766A28B28EB331836BE1ECF9B0E5	3FDC6D95484CD51251FD73BB1BD93A05A7A7C185	47B71A702AFCBCA881D390F6478EBF4ACC682871E1891DEE7F3BFCE898A8DD33
Chrome Cache Entry: 107	SVG Scalable Vector Graphics image	1C49E5945EBBB8F01334868D4CF3EB41	4CE53233DA75C9853E999C7C4C33ECF79360DDDD	AFA286C8EA1941EAEC589ED6A2103C5A845F3FF76A7423BA985F449465005163
Chrome Cache Entry: 108	SVG Scalable Vector Graphics image	F1E2C311332EE5BEC43BEBE6A9E6FADC	51F494133615B7D92BF4BBE49D077FF6C21B7B24	2DB41F97615A8C912F676A62C88B12E2B8715F4ED188DF325737423501AA4A8A
Chrome Cache Entry: 109	SVG Scalable Vector Graphics image	7393DB490C10E1225AF2BEA630DFF600	A11FFD89D850C3B3F02CBA9FEE2DF44002916D7A	722DFE315686A5841D0A0D00F34DF8F706D2C6E24551D46A5EBE971FE4AF62D2
Chrome Cache Entry: 110	HTML document, Unicode text, UTF-8 text, with very long lines (372)	02B77EA9551CA29BDFDBA9BFA88E2B1A	939AA6F67DC25E0CE6C1D0B0F6B05005374D9DEC	32E1D2D2EA72D8F996A28CE3CEB86D0705EA65A7B6CBF9CB31D5BA32EE5C4ED3
Chrome Cache Entry: 111	ASCII text, with very long lines (65536), with no line terminators	73B54378E468B3D8101BE72C3CA5A7BE	486E3CBEBCE8FA04B513B721FEFBA2E541B0242C	347D0F4EDFD150BCF40039F97C9AA815F4E13BFA8EF7C17562F2966265FA2C3C
Chrome Cache Entry: 112	SVG Scalable Vector Graphics image	B74203EB9C9B702676441AE7E844A0B5	9F2F9A4F8D570E6B69E12279C65303FEAEF1CFA5	5FA35769DB66B33D6408F378E8AA68FA060331F0CC9DD6AD41FB7366082AAD34
Chrome Cache Entry: 113	Unicode text, UTF-8 text, with very long lines (64727)	2DCB46AD0F342A0BB33B5750114E0BB0	876793F58AF84E8BFABDBBBDCBDD2E392E966B11	88C31941E2C424C2DA0593E797F44CC95184B9DB2B6A8039782B39EDF45B71A7
Chrome Cache Entry: 114	ASCII text, with very long lines (65536), with no line terminators	442BDE69FA0566EE93E0739416441C53	E0DE83E9D16BB2F8012BFFF669A862A63B501E5C	EBC0E43B613D1F4D040C52008AEB3643695332EBBDD2B2C9607B82ADBEDE1684
Chrome Cache Entry: 115	SVG Scalable Vector Graphics image	B028067475EE9CB463CB332B80A4F118	E2880673AD2C7103167A1CD6822321BD18D4E4B0	7ACB9E9964DD618BFCB657D8D18DB2C55EF8F168C37F3873C06D72C63E1B11EC
Chrome Cache Entry: 116	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	3E72F925DD9DACC9C30DE1D9DB3DA860	1C179A1AE905690FC3DDEEF4B0C5E9974E3626FE	8B19F87D842BCF0B4909D5AA086B17DF8EA0515C49FEE4AEB1E4407ECAD4C656
Chrome Cache Entry: 117	SVG Scalable Vector Graphics image	2624927CA6A9B27A89EA3771016667AE	CBC4C26EDB61A6F0945E45F10EBAA0AB0AD2EBCA	E07FBF17B3C7CA2CDA9C4E54CDD66CB0AA63D368232CBB2C9AED5559720BF96C
Chrome Cache Entry: 118	ASCII text, with very long lines (1572)	85797B9763526C7B157F499EBE2044A5	E832FDCF940D9BFB2763982C37BF43D83495EA9F	3FF27E82D78A471905EDF58F54D412011E0F3B07CB596B50D425151E7DF84404
Chrome Cache Entry: 119	Unicode text, UTF-8 text, with very long lines (64744)	40F34D002721B011C9272B79E4B1FFD3	B9F9252303919F36D27C13CCD9C1F869D8A83146	1CDE11ECC99418BFBEFEF4EE74AF296E43E7FA4D8CD75A158D6214F624E52A77
Chrome Cache Entry: 120	ASCII text	EAFF833CD9C0C659FBCFC7E2520B34EC	1FFFE742A499CC8F731607ED79BD955458BE2AE3	D7629EE59240E677B88DEF782FA09D916958D04CD7E3B09C6EED3F27864FEF46
Chrome Cache Entry: 121	PDF document, version 1.7, 1288 pages (zip deflate encoded)	4E0C9A3D7A24280EDD73370B3F9D5043	2841AB2776B39F500C8D97B701CE7E5BE7E09B2E	70C4A5E398DB1368EAB1469C3294510439A2F3585787A0DA1C99A9C566B6C1A1
Chrome Cache Entry: 122	SVG Scalable Vector Graphics image	950D42D1105146A1868BA45AC2ED54F5	2FCA57DEC95EA56E3433ADEA46ADF40E62F09501	366A40C3627E67F97164976D5FF38B5484716E834D08FEFE252A6EA37FEDA895
Chrome Cache Entry: 123	JSON data	B2FC2B6B6FFA52C4E04E85DA8160D11B	5FF368346B3BA704114741C73FD92A9307E4136C	BD42F644A5D08F1C0913936625E5E5573472EC6BD4AEBEB118CFB7554CB92FFF
Chrome Cache Entry: 124	SVG Scalable Vector Graphics image	8F1B37788128093E13E5C8EBF4FFA176	10358D242BAFAD85CF323B69C183348A58576815	081BF99D3C2390036A2D9C7E9485316BCD049F90A74E982F1EEBCFD4D9B178E3
Chrome Cache Entry: 125	SVG Scalable Vector Graphics image	F069204380261A6209E0A8D09296ECAC	FF391D47B9F65031EB1285A358D67A9ED57816BE	09A14CBD902AAD9FE40F2351DB2AC5593AD897AED8810B9C6AEB0E56389FF100
Chrome Cache Entry: 126	SVG Scalable Vector Graphics image	1C49E5945EBBB8F01334868D4CF3EB41	4CE53233DA75C9853E999C7C4C33ECF79360DDDD	AFA286C8EA1941EAEC589ED6A2103C5A845F3FF76A7423BA985F449465005163
Chrome Cache Entry: 127	SVG Scalable Vector Graphics image	2A0E614E86E1EAC2096285F5D25BA096	6BEECAF20132520E63AF2F7729110627AA513F4B	340805BE99D9B0153DF8A585F72B741B9B6B2EE73CBB97A1FDFF7DB33CD047D5
Chrome Cache Entry: 128	ASCII text, with very long lines (19306), with no line terminators	4068F6AB9E6AE017E04B8684692D202A	7414DB6531D4C56DBA6D8654520FCB0F09D53770	F9EB189676A78D42D7A8487EEF683702ADA6C5C866399EEFBC0DF319D5F7C6D7
Chrome Cache Entry: 129	SVG Scalable Vector Graphics image	C2CB766A28B28EB331836BE1ECF9B0E5	3FDC6D95484CD51251FD73BB1BD93A05A7A7C185	47B71A702AFCBCA881D390F6478EBF4ACC682871E1891DEE7F3BFCE898A8DD33
Chrome Cache Entry: 130	SVG Scalable Vector Graphics image	33675C99F77EEE90C376DABEC7C60CF6	FF786FB3BFC9CA58AD621ACC9BF2312B7E69AD0E	4ED065AB71D4C0ABC47298FB36DF10055598381828E7191EE80ED93462216982
Chrome Cache Entry: 131	SVG Scalable Vector Graphics image	33675C99F77EEE90C376DABEC7C60CF6	FF786FB3BFC9CA58AD621ACC9BF2312B7E69AD0E	4ED065AB71D4C0ABC47298FB36DF10055598381828E7191EE80ED93462216982
Chrome Cache Entry: 132	GIF image data, version 89a, 24 x 24	E3B20A66ACC22AB63A12B12600F4F526	D3C9CE33A5B2AD35DDF27C993552A95456531896	1073E34B6E5E5FA770876ECC0E918ECEB9DFC8CC54AD6A3DD4FC451983F9C95F
Chrome Cache Entry: 133	PDF document, version 1.7, 1288 pages (zip deflate encoded)	4E0C9A3D7A24280EDD73370B3F9D5043	2841AB2776B39F500C8D97B701CE7E5BE7E09B2E	70C4A5E398DB1368EAB1469C3294510439A2F3585787A0DA1C99A9C566B6C1A1
Chrome Cache Entry: 134	HTML document, Unicode text, UTF-8 text, with very long lines (372)	20D49DD0F33A75E381D5279F8A21C2A6	6B26B7D15D93DC397827B2A7AA02ECD4A57B4FB7	AAB382A0E23B0194A5EC133F772F8BBEE41657306AF356DB07345952E6D1C549
Chrome Cache Entry: 135	SVG Scalable Vector Graphics image	2A0E614E86E1EAC2096285F5D25BA096	6BEECAF20132520E63AF2F7729110627AA513F4B	340805BE99D9B0153DF8A585F72B741B9B6B2EE73CBB97A1FDFF7DB33CD047D5
Chrome Cache Entry: 136	SVG Scalable Vector Graphics image	3C685C673DEB2A6D84FB7C0029B03E63	326431CD28C5582DFBECA042FA9CBE82AF17A6AA	EEB6CD0CE94DCFEA6BD2ACA222DA7B1583D74800EA9C94640FF8FA06C13FB044
Chrome Cache Entry: 137	SVG Scalable Vector Graphics image	F1E2C311332EE5BEC43BEBE6A9E6FADC	51F494133615B7D92BF4BBE49D077FF6C21B7B24	2DB41F97615A8C912F676A62C88B12E2B8715F4ED188DF325737423501AA4A8A
Chrome Cache Entry: 138	SVG Scalable Vector Graphics image	950D42D1105146A1868BA45AC2ED54F5	2FCA57DEC95EA56E3433ADEA46ADF40E62F09501	366A40C3627E67F97164976D5FF38B5484716E834D08FEFE252A6EA37FEDA895
Chrome Cache Entry: 139	SVG Scalable Vector Graphics image	A7BDE62B304E817FC82B3EB447A4E61F	F9308F996F2202BCF9B304538EB5EFD323586D5C	BAC79138CB730C6BFA63BEF02D7E5906AEE727BB54DF15878823426822BADAAA
Chrome Cache Entry: 140	SVG Scalable Vector Graphics image	E05350ECB3F3A562A95C949D80618E7B	E45603CFBB6F87FCC5CAF298E8B1CC12294D345E	E0B8A59C272DC9A1D9A07D461363F96C3B3BD3DF2DB778F8F99743DFFFD51D78
Chrome Cache Entry: 141	SVG Scalable Vector Graphics image	15C198A9E82F0ACDE67BCF984A2A392E	8CE08B234B3D67EE5BCB5DCFAFD321236FB54CA7	FF717321D89309F51BCCCC28F347E6A888E73570527845D6560A84F5D70CB3A0
Chrome Cache Entry: 142	Unicode text, UTF-8 text	6CE53A4447AED0FB644D141E69662AAB	215CE2AFC89266A81DC9FFBBC36D9A81D786D23E	377C3EA7A30C13F82FBEF7E488A49EB78C4542660630D983D500B55A106786DA
Chrome Cache Entry: 143	SVG Scalable Vector Graphics image	B74203EB9C9B702676441AE7E844A0B5	9F2F9A4F8D570E6B69E12279C65303FEAEF1CFA5	5FA35769DB66B33D6408F378E8AA68FA060331F0CC9DD6AD41FB7366082AAD34
Chrome Cache Entry: 144	GIF image data, version 89a, 24 x 24	E3B20A66ACC22AB63A12B12600F4F526	D3C9CE33A5B2AD35DDF27C993552A95456531896	1073E34B6E5E5FA770876ECC0E918ECEB9DFC8CC54AD6A3DD4FC451983F9C95F
Chrome Cache Entry: 145	SVG Scalable Vector Graphics image	15C198A9E82F0ACDE67BCF984A2A392E	8CE08B234B3D67EE5BCB5DCFAFD321236FB54CA7	FF717321D89309F51BCCCC28F347E6A888E73570527845D6560A84F5D70CB3A0
Chrome Cache Entry: 146	JSON data	B2FC2B6B6FFA52C4E04E85DA8160D11B	5FF368346B3BA704114741C73FD92A9307E4136C	BD42F644A5D08F1C0913936625E5E5573472EC6BD4AEBEB118CFB7554CB92FFF
Chrome Cache Entry: 147	SVG Scalable Vector Graphics image	6E9A87E8892BBC18D6C8C6EC92F928BE	17C87D32A8EC9491DFD20CFF6284D78492EB759B	88098D3E47FD921122C5263DCE50EE67C662C9CB65908BE0481891DFE521A6C5
Chrome Cache Entry: 148	Unicode text, UTF-8 text	6CE53A4447AED0FB644D141E69662AAB	215CE2AFC89266A81DC9FFBBC36D9A81D786D23E	377C3EA7A30C13F82FBEF7E488A49EB78C4542660630D983D500B55A106786DA
Chrome Cache Entry: 149	SVG Scalable Vector Graphics image	460A4F30268E7CA89CAF686BC6D158D8	F97D64336AEDB7DB5AFC0A9DFAC52756C3547D60	32889ACAFD84EDEEC513DB6131252FA97FFFF00FEE6272D05E35E2D95216E30F
Chrome Cache Entry: 150	PNG image data, 506 x 181, 8-bit/color RGBA, non-interlaced	C8476721B8BD4B37108D5D5DDE490007	0A3063C82BDDAE25EDF0DB975FD6970D29DD71A5	84E2C9691CC38390CD8FCA88A06725F40F1964AD48776B05D913205B13E56ECA
Chrome Cache Entry: 151	JSON data	A2E58AED8FF3035F68EB95563E2DB7AE	B3983BB3695125D984602DAF8D1C8D6D3A077982	7B2FDFF1880D12C2682DCFBBDA8FA5EDDFA9EAB26BC3986AA10B509204A1CD05
Chrome Cache Entry: 152	PNG image data, 506 x 181, 8-bit/color RGBA, non-interlaced	C8476721B8BD4B37108D5D5DDE490007	0A3063C82BDDAE25EDF0DB975FD6970D29DD71A5	84E2C9691CC38390CD8FCA88A06725F40F1964AD48776B05D913205B13E56ECA
Chrome Cache Entry: 153	HTML document, ASCII text, with very long lines (1238)	9E8F56E8E1806253BA01A95CFC3D392C	A8AF90D7482E1E99D03DE6BF88FED2315C5DD728	2595496FE48DF6FCF9B1BC57C29A744C121EB4DD11566466BC13D2E52E6BBCC8
Chrome Cache Entry: 85	SVG Scalable Vector Graphics image	6E9A87E8892BBC18D6C8C6EC92F928BE	17C87D32A8EC9491DFD20CFF6284D78492EB759B	88098D3E47FD921122C5263DCE50EE67C662C9CB65908BE0481891DFE521A6C5
Chrome Cache Entry: 86	ASCII text, with no line terminators	D3CA0DDE722A75863FBB6D7A7A22D98E	4C59E46FA62CC62C299FF33389D6A88D5BCE51AE	821A8555ADB47D629D25640F46C36E6BB4E31267925DC971B302816CEA6B7ABF
Chrome Cache Entry: 87	SVG Scalable Vector Graphics image	B028067475EE9CB463CB332B80A4F118	E2880673AD2C7103167A1CD6822321BD18D4E4B0	7ACB9E9964DD618BFCB657D8D18DB2C55EF8F168C37F3873C06D72C63E1B11EC
Chrome Cache Entry: 88	SVG Scalable Vector Graphics image	7393DB490C10E1225AF2BEA630DFF600	A11FFD89D850C3B3F02CBA9FEE2DF44002916D7A	722DFE315686A5841D0A0D00F34DF8F706D2C6E24551D46A5EBE971FE4AF62D2
Chrome Cache Entry: 89	ASCII text, with very long lines (65536), with no line terminators	1072FBECE6923AF1275AA8716745FE01	5820B98D289BC1F6870BAC6069F445FF101B548F	F167DA9C6E692BC32DA8B7B31601820BEA6EB3985A14A3AB217716FFA843AA41
Chrome Cache Entry: 90	SVG Scalable Vector Graphics image	A7BDE62B304E817FC82B3EB447A4E61F	F9308F996F2202BCF9B304538EB5EFD323586D5C	BAC79138CB730C6BFA63BEF02D7E5906AEE727BB54DF15878823426822BADAAA
Chrome Cache Entry: 91	SVG Scalable Vector Graphics image	2624927CA6A9B27A89EA3771016667AE	CBC4C26EDB61A6F0945E45F10EBAA0AB0AD2EBCA	E07FBF17B3C7CA2CDA9C4E54CDD66CB0AA63D368232CBB2C9AED5559720BF96C
Chrome Cache Entry: 92	ASCII text, with very long lines (65447)	641DD14370106E992D352166F5A07E99	EDA46747C71D38A880BEE44F9A439C3858BB8F99	A0FE8723DCF55DA64D06B25446D0A8513E52527C45AFCB37073465F9C6F352AF
Chrome Cache Entry: 93	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	3E72F925DD9DACC9C30DE1D9DB3DA860	1C179A1AE905690FC3DDEEF4B0C5E9974E3626FE	8B19F87D842BCF0B4909D5AA086B17DF8EA0515C49FEE4AEB1E4407ECAD4C656
Chrome Cache Entry: 94	Web Open Font Format (Version 2), TrueType, length 48236, version 1.0	015C126A3520C9A8F6A27979D0266E96	2ACF956561D44434A6D84204670CF849D3215D5F	3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
Chrome Cache Entry: 95	ASCII text, with no line terminators	FD35AB64EFE1EBEC29F1A3C1BDF88139	E4C1D2C9F50695702F7F0C3DBD532A502BACA676	FFB5FD48CE054E44461ADD13CC7B80B3DF15CA24385217E20E6F1BB5967B3C24
Chrome Cache Entry: 96	ASCII text	EAFF833CD9C0C659FBCFC7E2520B34EC	1FFFE742A499CC8F731607ED79BD955458BE2AE3	D7629EE59240E677B88DEF782FA09D916958D04CD7E3B09C6EED3F27864FEF46
Chrome Cache Entry: 97	SVG Scalable Vector Graphics image	E05350ECB3F3A562A95C949D80618E7B	E45603CFBB6F87FCC5CAF298E8B1CC12294D345E	E0B8A59C272DC9A1D9A07D461363F96C3B3BD3DF2DB778F8F99743DFFFD51D78
Chrome Cache Entry: 98	SVG Scalable Vector Graphics image	F72BDA736F4134A6FBBABB07B2DF33DE	B3BC5D920302431971DDEBDDE6087DF90FCB9348	267745D6C176AFE038630C3F7C0FCDA78141FC7634F73898FFC6CBB1262C77AB
Chrome Cache Entry: 99	SVG Scalable Vector Graphics image	3C685C673DEB2A6D84FB7C0029B03E63	326431CD28C5582DFBECA042FA9CBE82AF17A6AA	EEB6CD0CE94DCFEA6BD2ACA222DA7B1583D74800EA9C94640FF8FA06C13FB044

HTML body contains low number of good links

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: Number of links: 0
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: <input type="password" .../> found but no <form action="...

HTML title does not match URL

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: Title: PDF.js viewer does not match URL
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: Title: PDF.js viewer does not match URL

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: <input type="password" .../> found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: <input type="password" .../> found

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No favicon

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="author".. found

Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found
Source: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs#0	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49777 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.4:51046 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /h/KkObbSMhni HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dist/cands.css HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo_vertical.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/vendors/jquery.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dist/vendor.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dist/cands.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/logo_vertical.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /landing/i18/es.json HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/favicons/sign/favicon.ico HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/favicons/sign/manifest.json HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=cs HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4- HTTP/1.1Host: api.lleida.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /landing/i18/es.json HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/favicons/sign/favicon.ico HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /h/KkObbSMhni HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.css HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/pdf.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4- HTTP/1.1Host: api.lleida.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FB0KdWIMg.bjYlnMz3gi3H2&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=cs HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://sign.clickandsign.eu/h/KkObbSMhniAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4- HTTP/1.1Host: api.lleida.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/viewer.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewThumbnail.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewOutline.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/locale/locale.properties HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-sidebarToggle.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-search.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-pageUp.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-pageDown.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1/logo/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0sqgU6nuNAr740GXa2WuLC5fa4J29_zcyPcD5hK5Fmt.td3DqxNaTJI21NV4pM52bmUS4b1wt201XSvWU_QBPyUukxd.TSnyRCAjx3Wp3OP4- HTTP/1.1Host: api.lleida.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewOutline.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-openFile.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewThumbnail.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/locale/locale.properties HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-print.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-download.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-search.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-editorFreeText.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-editorInk.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-sidebarToggle.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-pageUp.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-secondaryToolbarToggle.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-pageDown.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-zoomOut.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-openFile.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-download.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-zoomIn.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-menuArrow.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/locale/en-US/viewer.properties HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-editorInk.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-editorFreeText.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-print.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewAttachments.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewLayers.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://sign.clickandsign.eusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-secondaryToolbarToggle.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-zoomOut.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-zoomIn.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-menuArrow.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewLayers.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/toolbarButton-viewAttachments.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/locale/en-US/viewer.properties HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/pdf.worker.min.js HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://sign.clickandsign.eu/pdfviewer/viewer.html?file=https%3A%2F%2Fapi.lleida.net%2Fcs%2Fv1%2F%2Fpdf%2FNQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8&saveName=Contrato_Avatel.pdf&type=csAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1//pdf/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8 HTTP/1.1Host: api.lleida.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://sign.clickandsign.euSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sign.clickandsign.eu/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/loading-dark.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/loading-icon.gif HTTP/1.1Host: sign.clickandsign.euConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sign.clickandsign.eu/pdfviewer/viewer.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/v1//pdf/NQgw.yWxu7eUUZTqFJuXIddbDQKn1szFd5Dxs4CN2ENZiNbljYPyLOb1R00vjuW0I.3PcHCQ80u7CRWioA__frI6H.fkzD48RHVbLxl34sWp2ycZBU8FIcL6lUV3EpAXD4iCAHNLCKn55dFEKfp7mRsFQuyukSpOUrCNWwlO6FC0sGqxrbw1Q0IXphLIHGL8 HTTP/1.1Host: api.lleida.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/loading-icon.gif HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pdfviewer/images/loading-dark.svg HTTP/1.1Host: sign.clickandsign.euConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: sign.clickandsign.eu
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: api.lleida.net

Source: unknown

Source: chromecache_134.2.dr, chromecache_110.2.dr	String found in binary or memory: http://blog.fspm.jp/2014/06/androidpinch-inoutjsgesturestart.html
Source: chromecache_130.2.dr, chromecache_131.2.dr	String found in binary or memory: http://creativecommons.org/ns#
Source: chromecache_133.2.dr	String found in binary or memory: http://eur-lex.europa.eu/legal-content/ES/TXT/PDF/?uri=CELEX:32013R0524)
Source: chromecache_114.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_130.2.dr, chromecache_131.2.dr	String found in binary or memory: http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd
Source: chromecache_134.2.dr, chromecache_142.2.dr, chromecache_148.2.dr, chromecache_100.2.dr, chromecache_113.2.dr, chromecache_119.2.dr, chromecache_110.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_133.2.dr	String found in binary or memory: http://www.avatel.es/)
Source: chromecache_121.2.dr, chromecache_133.2.dr	String found in binary or memory: http://www.avatel.es/tiendas/)
Source: chromecache_130.2.dr, chromecache_131.2.dr	String found in binary or memory: http://www.inkscape.org/namespaces/inkscape
Source: sets.json.0.dr	String found in binary or memory: https://abczdrowie.pl
Source: sets.json.0.dr	String found in binary or memory: https://alice.tw
Source: sets.json.0.dr	String found in binary or memory: https://autobild.de
Source: sets.json.0.dr	String found in binary or memory: https://baomoi.com
Source: sets.json.0.dr	String found in binary or memory: https://bild.de
Source: sets.json.0.dr	String found in binary or memory: https://blackrock.com
Source: sets.json.0.dr	String found in binary or memory: https://blackrockadvisorelite.it
Source: sets.json.0.dr	String found in binary or memory: https://bluradio.com
Source: sets.json.0.dr	String found in binary or memory: https://bolasport.com
Source: sets.json.0.dr	String found in binary or memory: https://bonvivir.com
Source: sets.json.0.dr	String found in binary or memory: https://bumbox.com
Source: sets.json.0.dr	String found in binary or memory: https://businessinsider.com.pl
Source: sets.json.0.dr	String found in binary or memory: https://cachematrix.com
Source: sets.json.0.dr	String found in binary or memory: https://cafemedia.com
Source: sets.json.0.dr	String found in binary or memory: https://caracoltv.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.be
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.fr
Source: sets.json.0.dr	String found in binary or memory: https://cardsayings.net
Source: sets.json.0.dr	String found in binary or memory: https://chennien.com
Source: sets.json.0.dr	String found in binary or memory: https://clarosports.com
Source: sets.json.0.dr	String found in binary or memory: https://clmbtech.com
Source: sets.json.0.dr	String found in binary or memory: https://clubelpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://cmxd.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.com
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.net
Source: sets.json.0.dr	String found in binary or memory: https://computerbild.de
Source: sets.json.0.dr	String found in binary or memory: https://cookreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://cricbuzz.com
Source: sets.json.0.dr	String found in binary or memory: https://desimartini.com
Source: sets.json.0.dr	String found in binary or memory: https://dewarmsteweek.be
Source: sets.json.0.dr	String found in binary or memory: https://economictimes.com
Source: sets.json.0.dr	String found in binary or memory: https://een.be
Source: sets.json.0.dr	String found in binary or memory: https://efront.com
Source: sets.json.0.dr	String found in binary or memory: https://eleconomista.net
Source: sets.json.0.dr	String found in binary or memory: https://elfinancierocr.com
Source: sets.json.0.dr	String found in binary or memory: https://elgrafico.com
Source: sets.json.0.dr	String found in binary or memory: https://ella.sv
Source: sets.json.0.dr	String found in binary or memory: https://elpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://elpais.uy
Source: sets.json.0.dr	String found in binary or memory: https://etfacademy.it
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookcloud.com
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookrequest.com
Source: sets.json.0.dr	String found in binary or memory: https://fakt.pl
Source: chromecache_114.2.dr	String found in binary or memory: https://feross.org/opensource
Source: sets.json.0.dr	String found in binary or memory: https://finn.no
Source: sets.json.0.dr	String found in binary or memory: https://firstlook.biz
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_118.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: sets.json.0.dr	String found in binary or memory: https://gallito.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://geforcenow.com
Source: chromecache_114.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: sets.json.0.dr	String found in binary or memory: https://gettalkdesk.com
Source: chromecache_134.2.dr, chromecache_110.2.dr	String found in binary or memory: https://gist.github.com/squallstar/1d720e93eabe7f60dc61b547d2c19228
Source: chromecache_114.2.dr	String found in binary or memory: https://github.com/Yaffle/EventSource/
Source: chromecache_134.2.dr, chromecache_110.2.dr	String found in binary or memory: https://github.com/adobe-type-tools/cmap-resources
Source: chromecache_114.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_114.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: sets.json.0.dr	String found in binary or memory: https://gliadomain.com
Source: sets.json.0.dr	String found in binary or memory: https://grid.id
Source: sets.json.0.dr	String found in binary or memory: https://gridgames.app
Source: sets.json.0.dr	String found in binary or memory: https://growthrx.in
Source: sets.json.0.dr	String found in binary or memory: https://grupolpg.sv
Source: sets.json.0.dr	String found in binary or memory: https://gujaratijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://hapara.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.global
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.global
Source: sets.json.0.dr	String found in binary or memory: https://healthshots.com
Source: sets.json.0.dr	String found in binary or memory: https://hearty.app
Source: sets.json.0.dr	String found in binary or memory: https://hearty.gift
Source: sets.json.0.dr	String found in binary or memory: https://hearty.me
Source: sets.json.0.dr	String found in binary or memory: https://heartymail.com
Source: sets.json.0.dr	String found in binary or memory: https://hindustantimes.com
Source: sets.json.0.dr	String found in binary or memory: https://hj.rs
Source: sets.json.0.dr	String found in binary or memory: https://hjck.com
Source: sets.json.0.dr	String found in binary or memory: https://human-talk.org
Source: sets.json.0.dr	String found in binary or memory: https://idbs-cloud.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-dev.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-eworkbook.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-staging.com
Source: sets.json.0.dr	String found in binary or memory: https://indiatimes.com
Source: sets.json.0.dr	String found in binary or memory: https://iolam.it
Source: sets.json.0.dr	String found in binary or memory: https://ishares.com
Source: sets.json.0.dr	String found in binary or memory: https://jagran.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.fr
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.fr
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://kaksya.in
Source: sets.json.0.dr	String found in binary or memory: https://kompas.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.tv
Source: sets.json.0.dr	String found in binary or memory: https://kompasiana.com
Source: sets.json.0.dr	String found in binary or memory: https://lanacion.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.com
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.ru
Source: sets.json.0.dr	String found in binary or memory: https://laprensagrafica.com
Source: sets.json.0.dr	String found in binary or memory: https://lateja.cr
Source: sets.json.0.dr	String found in binary or memory: https://libero.it
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.com
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.fr
Source: sets.json.0.dr	String found in binary or memory: https://livehindustan.com
Source: sets.json.0.dr	String found in binary or memory: https://livemint.com
Source: sets.json.0.dr	String found in binary or memory: https://max.auto
Source: sets.json.0.dr	String found in binary or memory: https://medonet.pl
Source: sets.json.0.dr	String found in binary or memory: https://meo.pt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.co.cr
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.bo
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.do
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.gt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.hn
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ni
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pa
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.py
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.sv
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mighty-app.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://mightytext.net
Source: sets.json.0.dr	String found in binary or memory: https://mittanbud.no
Source: sets.json.0.dr	String found in binary or memory: https://money.pl
Source: sets.json.0.dr	String found in binary or memory: https://mystudentdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://nacion.com
Source: sets.json.0.dr	String found in binary or memory: https://nidhiacademyonline.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.co
Source: sets.json.0.dr	String found in binary or memory: https://nien.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.org
Source: sets.json.0.dr	String found in binary or memory: https://noticiascaracol.com
Source: sets.json.0.dr	String found in binary or memory: https://nourishingpursuits.com
Source: sets.json.0.dr	String found in binary or memory: https://nvidia.com
Source: sets.json.0.dr	String found in binary or memory: https://o2.pl
Source: sets.json.0.dr	String found in binary or memory: https://ocdn.eu
Source: sets.json.0.dr	String found in binary or memory: https://onet.pl
Source: sets.json.0.dr	String found in binary or memory: https://ottplay.com
Source: sets.json.0.dr	String found in binary or memory: https://paula.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://pdmp-apis.no
Source: sets.json.0.dr	String found in binary or memory: https://phonandroid.com
Source: sets.json.0.dr	String found in binary or memory: https://player.pl
Source: sets.json.0.dr	String found in binary or memory: https://plejada.pl
Source: sets.json.0.dr	String found in binary or memory: https://poalim.site
Source: sets.json.0.dr	String found in binary or memory: https://poalim.xyz
Source: sets.json.0.dr	String found in binary or memory: https://portalinmobiliario.com
Source: sets.json.0.dr	String found in binary or memory: https://prisjakt.no
Source: sets.json.0.dr	String found in binary or memory: https://pudelek.pl
Source: sets.json.0.dr	String found in binary or memory: https://punjabijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://radio1.be
Source: sets.json.0.dr	String found in binary or memory: https://radio2.be
Source: sets.json.0.dr	String found in binary or memory: https://reactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://repid.org
Source: sets.json.0.dr	String found in binary or memory: https://reshim.org
Source: sets.json.0.dr	String found in binary or memory: https://rws1nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws2nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws3nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://sackrace.ai
Source: sets.json.0.dr	String found in binary or memory: https://salemoveadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovefinancial.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovetravel.com
Source: sets.json.0.dr	String found in binary or memory: https://samayam.com
Source: sets.json.0.dr	String found in binary or memory: https://sapo.io
Source: sets.json.0.dr	String found in binary or memory: https://sapo.pt
Source: sets.json.0.dr	String found in binary or memory: https://shock.co
Source: sets.json.0.dr	String found in binary or memory: https://smoney.vn
Source: sets.json.0.dr	String found in binary or memory: https://socket-to-me.vip
Source: sets.json.0.dr	String found in binary or memory: https://songshare.com
Source: sets.json.0.dr	String found in binary or memory: https://songstats.com
Source: sets.json.0.dr	String found in binary or memory: https://sporza.be
Source: sets.json.0.dr	String found in binary or memory: https://standardsandpraiserepurpose.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.net
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.org
Source: chromecache_134.2.dr, chromecache_110.2.dr	String found in binary or memory: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Source: sets.json.0.dr	String found in binary or memory: https://stripe.com
Source: sets.json.0.dr	String found in binary or memory: https://stripe.network
Source: sets.json.0.dr	String found in binary or memory: https://stripecdn.com
Source: sets.json.0.dr	String found in binary or memory: https://supereva.it
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskqaid.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskstgid.com
Source: sets.json.0.dr	String found in binary or memory: https://teacherdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://technology-revealed.com
Source: sets.json.0.dr	String found in binary or memory: https://textyserver.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://timesinternet.in
Source: sets.json.0.dr	String found in binary or memory: https://timesofindia.com
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.app
Source: sets.json.0.dr	String found in binary or memory: https://tolteck.com
Source: sets.json.0.dr	String found in binary or memory: https://tribunnews.com
Source: sets.json.0.dr	String found in binary or memory: https://trytalkdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.co
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://tvid.in
Source: sets.json.0.dr	String found in binary or memory: https://tvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://tvn24.pl
Source: sets.json.0.dr	String found in binary or memory: https://unotv.com
Source: sets.json.0.dr	String found in binary or memory: https://victorymedium.com
Source: sets.json.0.dr	String found in binary or memory: https://vrt.be
Source: sets.json.0.dr	String found in binary or memory: https://vwo.com
Source: sets.json.0.dr	String found in binary or memory: https://welt.de
Source: sets.json.0.dr	String found in binary or memory: https://wieistmeineip.de
Source: sets.json.0.dr	String found in binary or memory: https://wildix.com
Source: sets.json.0.dr	String found in binary or memory: https://wildixin.com
Source: sets.json.0.dr	String found in binary or memory: https://wingify.com
Source: sets.json.0.dr	String found in binary or memory: https://wordle.at
Source: sets.json.0.dr	String found in binary or memory: https://wp.pl
Source: sets.json.0.dr	String found in binary or memory: https://wpext.pl
Source: sets.json.0.dr	String found in binary or memory: https://www.asadcdn.com
Source: chromecache_121.2.dr, chromecache_133.2.dr	String found in binary or memory: https://www.legalitas.com/sites/default/files/documentos/CCGG_SPF_AVATEL.pdf)
Source: chromecache_123.2.dr	String found in binary or memory: https://www.lleida.net/es/condiciones-contratacion
Source: chromecache_123.2.dr	String found in binary or memory: https://www.lleida.net/es/politica-de-privacidad
Source: chromecache_123.2.dr	String found in binary or memory: https://www.lleidanet.ae/es/condiciones-contratacion
Source: chromecache_123.2.dr	String found in binary or memory: https://www.lleidanet.ae/es/politica-de-privacidad
Source: sets.json.0.dr	String found in binary or memory: https://ya.ru
Source: sets.json.0.dr	String found in binary or memory: https://zalo.me
Source: sets.json.0.dr	String found in binary or memory: https://zdrowietvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://zingmp3.vn

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49777 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\sets.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\LICENSE	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6128_549225890\manifest.fingerprint	Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\chrome_BITS_6128_2002341442

Jump to behavior

Source: classification engine

Classification label: mal48.troj.win@23/117@12/7

Source: chromecache_133.2.dr	Initial sample: https://www.legalitas.com/sites/default/files/documentos/ccgg_spf_avatel.pdf
Source: chromecache_133.2.dr	Initial sample: http://eur-lex.europa.eu/legal-content/ES/TXT/PDF/?uri=CELEX:32013R0524
Source: chromecache_133.2.dr	Initial sample: http://eur-lex.europa.eu/legal-content/es/txt/pdf/?uri=celex:32013r0524
Source: chromecache_133.2.dr	Initial sample: http://www.avatel.es/
Source: chromecache_133.2.dr	Initial sample: http://www.avatel.es/tiendas/
Source: chromecache_133.2.dr	Initial sample: https://www.legalitas.com/sites/default/files/documentos/CCGG_SPF_AVATEL.pdf

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=2244,i,6037055554380594269,13750479082232346734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sign.clickandsign.eu/h/KkObbSMhni"
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://sign.clickandsign.eu/h/KkObbSMhni
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1972,i,9522242102715679292,17427946240984120786,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=2244,i,6037055554380594269,13750479082232346734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1972,i,9522242102715679292,17427946240984120786,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Data Obfuscation

Yara detected Html Dropper

Source: Yara match

File source: dropped/chromecache_89, type: DROPPED

Drops files with a non-matching file extension (content does not match file extension)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 121
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 133	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 121	Jump to dropped file

ID:	1448087
Product:	CloudBasic
Start time:	18:38:22
Start date:	27.05.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://sign.clickandsign.eu/h/KkObbSMhni

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://sign.clickandsign.eu/h/KkObbSMhni

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://sign.clickandsign.eu/h/KkObbSMhni