Edit tour

Windows Analysis Report
https://url8018.lifelock.com/ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgam

Overview

General Information

Sample URL:	https://url8018.lifelock.com/ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV
Analysis ID:	1541057
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Detected suspicious crossdomain redirect

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3512 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 3180 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1984,i,13228301155508123986,3894751059693144124,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6380 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url8018.lifelock.com/ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgamYIU7z3YHsAgniScBM5h0Igcf7XRM0q8kzYU-2BViPIo8PK7d3I7BXqWXBltQpjhAXlie5lfVhcEKt6f2NEENIs6XzuPFXm2og2-2B6GYXL-2B8uV-2BdpMKTY6SHZOfZQkECXywKr40yLxLyMwEJiwlUjaFZCB2F4RdJLIz4BNSyS3KMV4U54KvTv7R-2FqifQRfvWSC1F5g17i8L-2Bl4PqCzsLLHl8rP8YTD0DhfE2YmiCIkc0oBxtbbZFnod5AqaSYTaUZI9SVi3hNpmzksFbAwQ6gaKvTBPX-2B4xz9MKvtFp2avY6VRjGya-2FDbb6yjYRcuZkBGBXNkVFgaitYdkilhSs8o9AmQUfkLc005BJtShZkmuWaPg1VFX9mYqEM3w2Ov3GuEA2ggfOlpiCpDmriuLRkVjSA7KDN-2F7gE0n4iWUuIcLGL02hJ8Q9-2FY-2Bm-2Bvf8a7qHCcuMX3Cw4-2F-2FuqKcUc20mtlItLfHi1StJMXfLPtj8lbfEAL0wG01Wats6nLZ93cOR-2BU7M9H1T5BCE3x651jPcRKy6ZomldngTlfSOfUZ5Ohn02XucGqzG3c-2FHihAkffwpmbUe88dukyZlyKnSMtotQnWuE1fW87q-2B-2BIVbro6oGYoEtV-2B0nxypYcfOKBh7hpx0OA2W9xYu31nwWNEQ0kf2hKDVMF9wtGy-2F9Hxi4d3CWk1NjbX9quUnnzKNVw92V9NCJBR7iXNfy8dK4SqfVY2Rv5G0uIoaieOx7l7F704swLQ-2Bcz-2FrH2l0CT1G5CPFNCXqf2tFEygrkLog9ww7E-2FoaD4fLe5dX1FLQhNKJF7EpAzHKC6-2FDRZxWoB5MXv4rt13fNXy99zjRV9oHst-2B-2FjuGDqrLvXBJFqXxv9T59jymKzBcLMcnLrjyfAUhA1BQdsQH9xYUG6PoPeTBS0Ih1JdB6WJKcf6pWRwETqwCRVKHJKgyK4LlbOhMleXkXNbAU5Nn4AlYAP6jPE-2B-2Fhlhyb044eyBMM1ol2IB9oFGoPQkFZZ1btsn2Y8fpHcGQflIGHY5-2FzU054WO3FFs-2FudIErm4SW0Upe-2FUmiyieT-2BLHMtZrHqvoSpp1DQRUirNfak2mOHmUeFGMf2nsz2vWZkvEysgkvNGY3ppiA4GCddnMDWZoA4Ii0ke68rlffszl2CCmH-2BVqg338bz6Ppu8fGLjJkkHVrocI2ZoJ9MoS-2B0Ud-2FTJOFNF9C1TUVSzoTX" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://apps.apple.com/us/app/lifelock-identity/id1422875903	HTTP Parser: No favicon
Source: https://apps.apple.com/us/developer/nortonlifelock-inc/id355033599	HTTP Parser: No favicon
Source: https://apps.apple.com/us/developer/nortonlifelock-inc/id355033599	HTTP Parser: No favicon
Source: https://apps.apple.com/us/developer/nortonlifelock-inc/id355033599	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49906 version: TLS 1.0
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49912 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49882 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49888 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49902 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49910 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: url8018.lifelock.com to https://apps.apple.com/us/app/id1422875903

Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49906 version: TLS 1.0
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49912 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 46.228.146.128
Source: unknown	TCP traffic detected without corresponding DNS query: 46.228.146.128
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 46.228.146.128
Source: unknown	TCP traffic detected without corresponding DNS query: 46.228.146.128
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	HTTP traffic detected: GET /ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgamYIU7z3YHsAgniScBM5h0Igcf7XRM0q8kzYU-2BViPIo8PK7d3I7BXqWXBltQpjhAXlie5lfVhcEKt6f2NEENIs6XzuPFXm2og2-2B6GYXL-2B8uV-2BdpMKTY6SHZOfZQkECXywKr40yLxLyMwEJiwlUjaFZCB2F4RdJLIz4BNSyS3KMV4U54KvTv7R-2FqifQRfvWSC1F5g17i8L-2Bl4PqCzsLLHl8rP8YTD0DhfE2YmiCIkc0oBxtbbZFnod5AqaSYTaUZI9SVi3hNpmzksFbAwQ6gaKvTBPX-2B4xz9MKvtFp2avY6VRjGya-2FDbb6yjYRcuZkBGBXNkVFgaitYdkilhSs8o9AmQUfkLc005BJtShZkmuWaPg1VFX9mYqEM3w2Ov3GuEA2ggfOlpiCpDmriuLRkVjSA7KDN-2F7gE0n4iWUuIcLGL02hJ8Q9-2FY-2Bm-2Bvf8a7qHCcuMX3Cw4-2F-2FuqKcUc20mtlItLfHi1StJMXfLPtj8lbfEAL0wG01Wats6nLZ93cOR-2BU7M9H1T5BCE3x651jPcRKy6ZomldngTlfSOfUZ5Ohn02XucGqzG3c-2FHihAkffwpmbUe88dukyZlyKnSMtotQnWuE1fW87q-2B-2BIVbro6oGYoEtV-2B0nxypYcfOKBh7hpx0OA2W9xYu31nwWNEQ0kf2hKDVMF9wtGy-2F9Hxi4d3CWk1NjbX9quUnnzKNVw92V9NCJBR7iXNfy8dK4SqfVY2Rv5G0uIoaieOx7l7F704swLQ-2Bcz-2FrH2l0CT1G5CPFNCXqf2tFEygrkLog9ww7E-2FoaD4fLe5dX1FLQhNKJF7EpAzHKC6-2FDRZxWoB5MXv4rt13fNXy99zjRV9oHst-2B-2FjuGDqrLvXBJFqXxv9T59jymKzBcLMcnLrjyfAUhA1BQdsQH9xYUG6PoPeTBS0Ih1JdB6WJKcf6pWRwETqwCRVKHJKgyK4LlbOhMleXkXNbAU5Nn4AlYAP6jPE-2B-2Fhlhyb044eyBMM1ol2IB9oFGoPQkFZZ1btsn2Y8fpHcGQflIGHY5-2FzU054WO3FFs-2FudIErm4SW0Upe-2FUmiyieT-2BLHMtZrHqvoSpp1DQRUirNfak2mOHmUeFGMf2nsz2vWZkvEysgkvNGY3ppiA4GCddnMDWZoA4Ii0ke68rlffszl2CCmH-2BVqg338bz6Ppu8fGLjJkkHVrocI2ZoJ9MoS-2B0Ud-2FTJOFNF9C1TUVSzoTX HTTP/1.1Host: url8018.lifelock.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Gmf5FUYfkdRGVsz&MD=fhc4G3Oy HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Gmf5FUYfkdRGVsz&MD=fhc4G3Oy HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: "https://www.facebook.com/AppStore/" equals www.facebook.com (Facebook)
Source: chromecache_130.2.dr	String found in binary or memory: return a=n===l.CARD_DISPLAY_STYLES.appOfTheDay?_:n===l.CARD_DISPLAY_STYLES.gameOfTheDay?P:n===l.CARD_DISPLAY_STYLES.inAppPurchase?k:this.getTitleKey(e),this.i18n.t(a,{appName:r,storyTitle:i,_disableSafeString:!0})}getOGType(){return i.default.meta.og.type.story}getTwitterSite(){return this.appViewState.isMacAppStoreView?this.i18n.t("WEA.EditorialItemProductPages.Twitter.site.macOs",{_disableSafeString:!0}):super.getTwitterSite(...arguments)}getTwitterTitle(){return this.getOGTitle(...arguments)}getSchemaTags(e){const{product:t}=e.viewModel,r=E(t),[i]=r,n=(0,l.hasShelfDisplay)(i,"collectionLockup"),{lastPublishedDate:a}=t,o={"@type":"Organization",name:"Apple Inc",url:"http://www.apple.com",logo:{"@type":"ImageObject",url:"https://www.apple.com/ac/structured-data/images/knowledge_graph_logo.png"}},s=this.getOGImageTags(e).find((e=>"og:image"===e.name))\|\|{},p={"@context":"http://schema.org",name:this.getSeoTitle(e)??this.getTitle(e),description:this.getSeoDescription(e)??this.getDescription(e),image:s.content,author:o,publisher:o,headline:this.getOGTitle(e),dateModified:a,datePublished:a} equals www.twitter.com (Twitter)
Source: chromecache_141.2.dr	String found in binary or memory: s device must have Norton Family installed and be turned on.\\n\\n3 Video Supervision monitors videos that your kids view on YouTube.com. It does not monitor or track YouTube videos that have been embedded in other websites or blogs.\\n\\n4 Location Supervision requires parent activation before use.\\n\\n5 Mobile app must be downloaded separately.\\n\\nSome features not available with in all countries.\\n\\nPrivacy Statement\\n\\nGen Digital respects your privacy and is dedicated to safeguarding your personal data. See https://www.gendigital.com/privacy equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: url8018.lifelock.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: is1-ssl.mzstatic.com
Source: global traffic	DNS traffic detected: DNS query: is2-ssl.mzstatic.com
Source: global traffic	DNS traffic detected: DNS query: is5-ssl.mzstatic.com
Source: global traffic	DNS traffic detected: DNS query: is4-ssl.mzstatic.com
Source: global traffic	DNS traffic detected: DNS query: is3-ssl.mzstatic.com

Source: chromecache_84.2.dr, chromecache_118.2.dr	String found in binary or memory: http://git.io/yBU2rg
Source: chromecache_139.2.dr, chromecache_94.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_130.2.dr	String found in binary or memory: http://reportaproblem.apple.com
Source: chromecache_130.2.dr, chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: http://schema.org
Source: chromecache_130.2.dr	String found in binary or memory: http://schema.org/ItemListOrderAscending
Source: chromecache_141.2.dr	String found in binary or memory: http://support.norton.com
Source: chromecache_130.2.dr	String found in binary or memory: http://www.apple.com
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: http://www.apple.com/itunes/download/
Source: chromecache_141.2.dr	String found in binary or memory: http://www.norton.com
Source: chromecache_141.2.dr	String found in binary or memory: http://www.nortonlifelock.com/privacy
Source: chromecache_141.2.dr	String found in binary or memory: http://www.symantec.com
Source: chromecache_141.2.dr	String found in binary or memory: http://www.transunion.com/business
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://amp-api-edge.apps.apple.com
Source: chromecache_130.2.dr	String found in binary or memory: https://amp-api-search-edge.apps.apple.com/v1/catalog/$
Source: chromecache_130.2.dr	String found in binary or memory: https://amp-api.books.apple.com/
Source: chromecache_130.2.dr	String found in binary or memory: https://amp.apple.com
Source: chromecache_130.2.dr	String found in binary or memory: https://api.books.apple.com/
Source: chromecache_130.2.dr	String found in binary or memory: https://apps.apple.com
Source: chromecache_130.2.dr, chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/#organization
Source: chromecache_130.2.dr	String found in binary or memory: https://apps.apple.com/$
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/assets/images/knowledge-graph/apps.png
Source: chromecache_130.2.dr, chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/story/id1538632801
Source: chromecache_130.2.dr	String found in binary or memory: https://apps.apple.com/story/id1539235847
Source: chromecache_130.2.dr	String found in binary or memory: https://apps.apple.com/story/id1604959672
Source: chromecache_130.2.dr	String found in binary or memory: https://apps.apple.com/us/app/apple-podcasts/id525463029
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/au-pay-%E3%83%81%E3%83%A3%E3%83%BC%E3%82%B8%E3%82%84%E6%AE%8B%E9%AB%98
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/aura-security-protection/id1547735089
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/aura-security-protection/id1547735089"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/caho%E5%8F%AF%E6%84%9B%E3%81%84%E3%81%8B%E3%81%91%E3%81%84%E3%81%BC-%E
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/eneos%E3%82%AB%E3%83%BC%E3%83%89%E3%82%A2%E3%83%97%E3%83%AA/id71713131
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/lifelock-identity/id1422875903
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/lifelock-identity/id1422875903"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/lock-alert/id1325259833
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/lock-alert/id1325259833"
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-360-security-vpn/id1278474169
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-360-security-vpn/id1278474169"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-ad-blocker/id1045186459
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-ad-blocker/id1045186459"
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-antitrack/id1610227172
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-antitrack/id1610227172"
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-device-care/id1442995755
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-device-care/id1442995755"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-family-companion-app/id1019061388
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-family-companion-app/id1019061388"
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-family-parental-control/id1447157106
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-family-parental-control/id1447157106"
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-genie-ai-scam-detector/id6448706515
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-genie-ai-scam-detector/id6448706515"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-password-manager/id504750161
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-password-manager/id504750161"
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-safe-web-plus/id1474744028?mt=12
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-safe-web-plus/id1474744028?mt=12"
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-safe-web/id1474741727?mt=12
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-safe-web/id1474741727?mt=12"
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-vpn-fast-secure/id1095519285
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/norton-vpn-fast-secure/id1095519285"
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/safepic-by-norton-labs/id1462789873
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/app/safepic-by-norton-labs/id1462789873"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/transunion-credit-monitoring/id649008868
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/transunion-credit-monitoring/id649008868"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/ts-cubic-%E3%82%A2%E3%83%97%E3%83%AA/id566286431
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/app/ts-cubic-%E3%82%A2%E3%83%97%E3%83%AA/id566286431"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/charts/iphone/finance-apps/6015
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/charts/iphone/finance-apps/6015"
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/developer/%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEucs/id1576501048
Source: chromecache_136.2.dr	String found in binary or memory: https://apps.apple.com/us/developer/nortonlifelock-inc/id355033599
Source: chromecache_141.2.dr	String found in binary or memory: https://apps.apple.com/us/developer/nortonlifelock-inc/id355033599"
Source: chromecache_141.2.dr	String found in binary or memory: https://apptrailers.itunes.apple.com/itunes-assets/PurpleVideo116/v4/df/b5/fb/dfb5fbb8-a207-a56b-462
Source: chromecache_141.2.dr	String found in binary or memory: https://apptrailers.itunes.apple.com/itunes-assets/PurpleVideo126/v4/e6/5b/da/e65bdabd-f7d6-53c6-9e8
Source: chromecache_141.2.dr	String found in binary or memory: https://aupay.wallet.auone.jp/
Source: chromecache_141.2.dr	String found in binary or memory: https://aura.com/legal/service-terms
Source: chromecache_151.2.dr, chromecache_145.2.dr	String found in binary or memory: https://buy.music.apple.com/account/v1/affiliation/association
Source: chromecache_151.2.dr, chromecache_145.2.dr	String found in binary or memory: https://buy.tv.apple.com/account/v1/affiliation/association
Source: chromecache_84.2.dr, chromecache_118.2.dr	String found in binary or memory: https://deprecations.emberjs.com/v1.x/#toc_binding-style-attributes.
Source: chromecache_141.2.dr	String found in binary or memory: https://docs.google.com/forms/d/1FR1XIEeLd4bzMSGyBjmulhfXRbBIKA4QRilkUZptAsM/edit
Source: chromecache_151.2.dr, chromecache_145.2.dr	String found in binary or memory: https://git.io/fjule
Source: chromecache_145.2.dr	String found in binary or memory: https://git.io/fxCyr
Source: chromecache_141.2.dr	String found in binary or memory: https://hapilf.com
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Features126/v4/1c/7c/cd/1c7ccd7c-b0b2-8096-a810-c9924266e5e
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Features126/v4/24/12/e0/2412e0ba-40bd-d36a-1677-7bf2a423c3a
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Features126/v4/95/7a/d3/957ad33b-ed27-6d93-8ebc-5a7faa577e1
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple1/v4/c3/d9/83/c3d98332-45e4-6b44-0407-5b1d66f5d32a/pr
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple112/v4/6e/a6/a6/6ea6a62d-e64a-b1fa-be94-531379147b99/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple116/v4/da/84/f8/da84f835-7274-c870-d134-1369f8cd7967/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple122/v4/9b/b9/53/9bb953bd-e9e4-5522-7994-f37686a9877f/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple125/v4/0f/61/b9/0f61b94a-fd0f-d9d8-4d62-df3b9e5e613c/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple126/v4/6e/c4/07/6ec407be-3c62-c3a5-784a-a9200d1c9575/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple126/v4/d8/d3/d3/d8d3d311-3e5b-3718-c3fa-7217795928a4/
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/0b/a6/4f/0ba64f69-7fe6-737e-c506-da2aa4ea486c/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/27/52/ed/2752edb4-a358-a2c4-d80c-6786ed0b173b/
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/43/a6/aa/43a6aaf6-33ba-ac16-1bdb-9821214fbc5f/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/63/2b/cb/632bcbde-56df-acce-d2f0-7b72fa9d41e7/
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/7c/12/bd/7c12bd05-4956-7a11-4c3a-95257c40239e/
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/f6/98/b6/f698b692-3a18-22fd-fe86-4a449b198ac4/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/07/da/15/07da15de-aa58-b58b-7d67-c726cf24711f/
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/15/f3/41/15f341d9-63ee-20cd-1ea0-826e84b28d47/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/4b/98/91/4b98911c-4948-abc7-0fd8-e8c69e3b7dce/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/9f/9f/dc/9f9fdc11-262e-0317-3fe0-8dd38c4fa25d/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/a4/4c/9c/a44c9ce6-cef6-7d1e-694f-64224467fb44/
Source: chromecache_136.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/e0/82/80/e08280bf-3aed-5670-8d29-821674653238/
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/e3/45/2f/e3452f76-d16e-c250-7fef-0a4d8a741339/
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/eb/cb/a7/ebcba789-0039-50a2-786e-d21984c0be98/
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/61/37/67/613767ae-ff3b-483c-f604-7c1ebd1
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/78/7c/12/787c12d3-5aea-202c-cb98-a607c9a
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/aa/ee/8f/aaee8f3b-b0d9-53b7-7f0d-02016f3
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/c6/df/7d/c6df7d7c-c2be-55d8-5c37-5f181f6
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/d4/94/e1/d494e100-3d33-cbe9-3254-3ba3a4f
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/dd/06/96/dd069666-a046-f35a-edb7-0b5d709
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/fa/87/6c/fa876c8b-741b-9253-932b-9de7938
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource126/v4/6f/2a/2e/6f2a2ea9-e4ed-90ef-4632-9d8adc9
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource126/v4/7b/75/93/7b7593ec-fb97-297e-c710-2ecec04
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleSource126/v4/b3/06/2b/b3062b15-6621-75fd-05ab-20eb5ba
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleVideo116/v4/6c/f2/3b/6cf23bf1-d32a-741e-b923-7ab853ea
Source: chromecache_141.2.dr	String found in binary or memory: https://is1-ssl.mzstatic.com/image/thumb/PurpleVideo126/v4/af/3f/d5/af3fd5bc-e615-7d2c-f1da-cb5ca695
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is2-ssl.mzstatic.com
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is3-ssl.mzstatic.com
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is4-ssl.mzstatic.com
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://is5-ssl.mzstatic.com
Source: chromecache_130.2.dr	String found in binary or memory: https://itunes.apple.com$
Source: chromecache_130.2.dr	String found in binary or memory: https://itunes.apple.com/WebObjects/MZStore.woa/wa/viewFeature?id=1476734846&mt=11
Source: chromecache_130.2.dr	String found in binary or memory: https://itunes.apple.com/WebObjects/MZStore.woa/wa/viewTop?cc=
Source: chromecache_130.2.dr	String found in binary or memory: https://itunes.apple.com/WebObjects/MZStore.woa/wa/viewTop?genreId=38&mt=11
Source: chromecache_151.2.dr, chromecache_145.2.dr	String found in binary or memory: https://itunes.apple.com/WebObjects/MZStoreServices.woa/wa/processRedirectUrl
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://itunes.apple.com/subscribe?app=music
Source: chromecache_141.2.dr	String found in binary or memory: https://itunes.apple.com/us/genre/id6012
Source: chromecache_141.2.dr	String found in binary or memory: https://itunes.apple.com/us/genre/id6015
Source: chromecache_141.2.dr	String found in binary or memory: https://itunes.apple.com/us/genre/id6015"
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://js-cdn.music.apple.com
Source: chromecache_125.2.dr, chromecache_171.2.dr, chromecache_93.2.dr, chromecache_165.2.dr, chromecache_121.2.dr, chromecache_104.2.dr	String found in binary or memory: https://js-cdn.music.apple.com/musickit/v1/acknowledgements.txt
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://js-cdn.music.apple.com/musickit/v2/amp/musickit.js?t=1728492271431
Source: chromecache_136.2.dr	String found in binary or memory: https://js-cdn.music.apple.com/musickit/v2/components/musickit-components/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://js-cdn.music.apple.com/musickit/v2/components/musickit-components//musickit-components.esm.j
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://js-cdn.music.apple.com/musickit/v2/components/musickit-components//musickit-components.js?t=
Source: chromecache_151.2.dr, chromecache_145.2.dr	String found in binary or memory: https://js-cdn.music.apple.com/musickit/v2/media-api
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://locate.apple.com/
Source: chromecache_141.2.dr	String found in binary or memory: https://membership.tui.transunion.com/tucm/login.page
Source: chromecache_130.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.apple.android.music&referrer=utm_source=$
Source: chromecache_139.2.dr, chromecache_94.2.dr	String found in binary or memory: https://preactjs.com
Source: chromecache_141.2.dr	String found in binary or memory: https://pvcy-376b5.firebaseapp.com/privacy.html
Source: chromecache_141.2.dr	String found in binary or memory: https://pvcy-376b5.firebaseapp.com/terms.html
Source: chromecache_84.2.dr, chromecache_118.2.dr	String found in binary or memory: https://raw.github.com/emberjs/ember.js/master/LICENSE
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://schema.org
Source: chromecache_130.2.dr	String found in binary or memory: https://support.apple.com/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://support.apple.com/?cid=gn-ols-home-hp-tab
Source: chromecache_136.2.dr	String found in binary or memory: https://support.apple.com/billing
Source: chromecache_141.2.dr	String found in binary or memory: https://support.norton.com/sp/en/us/home/current/solutions/v130789673
Source: chromecache_130.2.dr	String found in binary or memory: https://tv.apple.com/search?q=
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://twitter.com/AppStore
Source: chromecache_136.2.dr	String found in binary or memory: https://www.apple.com
Source: chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/#organization
Source: chromecache_130.2.dr	String found in binary or memory: https://www.apple.com/ac/structured-data/images/knowledge_graph_logo.png
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/airpods/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/api-www/global-elements/global-header/v1/assets/globalheader.css
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/apple-arcade/
Source: chromecache_130.2.dr	String found in binary or memory: https://www.apple.com/apple-books/
Source: chromecache_130.2.dr, chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/apple-vision-pro/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/choose-country-region/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/entertainment/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/ios/app-store/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/ipad/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/iphone/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/itunes/download/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/legal/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/legal/internet-services/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/legal/internet-services/terms/site.html
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/legal/privacy/data/en/app-store
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/mac/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/macos/mojave-preview/#mac-app-store
Source: chromecache_130.2.dr	String found in binary or memory: https://www.apple.com/osx/apps/app-store/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/privacy/use-of-cookies/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/retail/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/sitemap/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/tv-home/
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/us/shop/goto/buy_accessories
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/us/shop/goto/help/sales_refunds
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/us/shop/goto/store
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.apple.com/watch/
Source: chromecache_141.2.dr	String found in binary or memory: https://www.aura.com/legal/privacy-policy
Source: chromecache_141.2.dr	String found in binary or memory: https://www.gendigital.com/privacy
Source: chromecache_141.2.dr	String found in binary or memory: https://www.kddi.com/app-policy/ios/app-policy-abst-auWALLET-8.3.1.html
Source: chromecache_141.2.dr	String found in binary or memory: https://www.norton.com/wi-fi-privacy
Source: chromecache_141.2.dr	String found in binary or memory: https://www.nortonlifelock.com/privacy
Source: chromecache_141.2.dr	String found in binary or memory: https://www.nortonlifelock.com/privacy/gps-english
Source: chromecache_141.2.dr	String found in binary or memory: https://www.nortonlifelock.com/us/en/contact-us/).
Source: chromecache_141.2.dr	String found in binary or memory: https://www.transunion.com/optout
Source: chromecache_141.2.dr	String found in binary or memory: https://www.transunion.com/privacy/consumer-interactive#2
Source: chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://www.wikidata.org/wiki/Q368215
Source: chromecache_127.2.dr	String found in binary or memory: https://xp-qa.apple.com
Source: chromecache_127.2.dr, chromecache_141.2.dr, chromecache_136.2.dr	String found in binary or memory: https://xp.apple.com
Source: chromecache_134.2.dr	String found in binary or memory: https://xp.apple.com/config/1/report
Source: chromecache_151.2.dr, chromecache_145.2.dr	String found in binary or memory: https://xp.apple.com/register
Source: chromecache_138.2.dr, chromecache_134.2.dr, chromecache_133.2.dr, chromecache_129.2.dr, chromecache_119.2.dr	String found in binary or memory: https://xp.apple.com/report

Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49882 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49888 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49902 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49910 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@17/148@16/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1984,i,13228301155508123986,3894751059693144124,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url8018.lifelock.com/ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgamYIU7z3YHsAgniScBM5h0Igcf7XRM0q8kzYU-2BViPIo8PK7d3I7BXqWXBltQpjhAXlie5lfVhcEKt6f2NEENIs6XzuPFXm2og2-2B6GYXL-2B8uV-2BdpMKTY6SHZOfZQkECXywKr40yLxLyMwEJiwlUjaFZCB2F4RdJLIz4BNSyS3KMV4U54KvTv7R-2FqifQRfvWSC1F5g17i8L-2Bl4PqCzsLLHl8rP8YTD0DhfE2YmiCIkc0oBxtbbZFnod5AqaSYTaUZI9SVi3hNpmzksFbAwQ6gaKvTBPX-2B4xz9MKvtFp2avY6VRjGya-2FDbb6yjYRcuZkBGBXNkVFgaitYdkilhSs8o9AmQUfkLc005BJtShZkmuWaPg1VFX9mYqEM3w2Ov3GuEA2ggfOlpiCpDmriuLRkVjSA7KDN-2F7gE0n4iWUuIcLGL02hJ8Q9-2FY-2Bm-2Bvf8a7qHCcuMX3Cw4-2F-2FuqKcUc20mtlItLfHi1StJMXfLPtj8lbfEAL0wG01Wats6nLZ93cOR-2BU7M9H1T5BCE3x651jPcRKy6ZomldngTlfSOfUZ5Ohn02XucGqzG3c-2FHihAkffwpmbUe88dukyZlyKnSMtotQnWuE1fW87q-2B-2BIVbro6oGYoEtV-2B0nxypYcfOKBh7hpx0OA2W9xYu31nwWNEQ0kf2hKDVMF9wtGy-2F9Hxi4d3CWk1NjbX9quUnnzKNVw92V9NCJBR7iXNfy8dK4SqfVY2Rv5G0uIoaieOx7l7F704swLQ-2Bcz-2FrH2l0CT1G5CPFNCXqf2tFEygrkLog9ww7E-2FoaD4fLe5dX1FLQhNKJF7EpAzHKC6-2FDRZxWoB5MXv4rt13fNXy99zjRV9oHst-2B-2FjuGDqrLvXBJFqXxv9T59jymKzBcLMcnLrjyfAUhA1BQdsQH9xYUG6PoPeTBS0Ih1JdB6WJKcf6pWRwETqwCRVKHJKgyK4LlbOhMleXkXNbAU5Nn4AlYAP6jPE-2B-2Fhlhyb044eyBMM1ol2IB9oFGoPQkFZZ1btsn2Y8fpHcGQflIGHY5-2FzU054WO3FFs-2FudIErm4SW0Upe-2FUmiyieT-2BLHMtZrHqvoSpp1DQRUirNfak2mOHmUeFGMf2nsz2vWZkvEysgkvNGY3ppiA4GCddnMDWZoA4Ii0ke68rlffszl2CCmH-2BVqg338bz6Ppu8fGLjJkkHVrocI2ZoJ9MoS-2B0Ud-2FTJOFNF9C1TUVSzoTX"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1984,i,13228301155508123986,3894751059693144124,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
http://schema.org	0%	URL Reputation	safe
http://jedwatson.github.io/classnames	0%	URL Reputation	safe
https://git.io/fxCyr	0%	URL Reputation	safe
https://git.io/fjule	0%	URL Reputation	safe
https://schema.org	0%	URL Reputation	safe
https://preactjs.com	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
s-part-0017.t-0009.fb-t-msedge.net	13.107.253.45	true	false	unknown
www.google.com	142.250.185.164	true	false	unknown
d3lva60p37ytto.cloudfront.net	13.32.27.51	true	false	unknown
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com	217.20.57.34	true	false	unknown
h3.apis.apple.map.fastly.net	151.101.131.6	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
is2-ssl.mzstatic.com	unknown	unknown	false	unknown
is3-ssl.mzstatic.com	unknown	unknown	false	unknown
is1-ssl.mzstatic.com	unknown	unknown	false	unknown
is5-ssl.mzstatic.com	unknown	unknown	false	unknown
url8018.lifelock.com	unknown	unknown	false	unknown
is4-ssl.mzstatic.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://url8018.lifelock.com/ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgamYIU7z3YHsAgniScBM5h0Igcf7XRM0q8kzYU-2BViPIo8PK7d3I7BXqWXBltQpjhAXlie5lfVhcEKt6f2NEENIs6XzuPFXm2og2-2B6GYXL-2B8uV-2BdpMKTY6SHZOfZQkECXywKr40yLxLyMwEJiwlUjaFZCB2F4RdJLIz4BNSyS3KMV4U54KvTv7R-2FqifQRfvWSC1F5g17i8L-2Bl4PqCzsLLHl8rP8YTD0DhfE2YmiCIkc0oBxtbbZFnod5AqaSYTaUZI9SVi3hNpmzksFbAwQ6gaKvTBPX-2B4xz9MKvtFp2avY6VRjGya-2FDbb6yjYRcuZkBGBXNkVFgaitYdkilhSs8o9AmQUfkLc005BJtShZkmuWaPg1VFX9mYqEM3w2Ov3GuEA2ggfOlpiCpDmriuLRkVjSA7KDN-2F7gE0n4iWUuIcLGL02hJ8Q9-2FY-2Bm-2Bvf8a7qHCcuMX3Cw4-2F-2FuqKcUc20mtlItLfHi1StJMXfLPtj8lbfEAL0wG01Wats6nLZ93cOR-2BU7M9H1T5BCE3x651jPcRKy6ZomldngTlfSOfUZ5Ohn02XucGqzG3c-2FHihAkffwpmbUe88dukyZlyKnSMtotQnWuE1fW87q-2B-2BIVbro6oGYoEtV-2B0nxypYcfOKBh7hpx0OA2W9xYu31nwWNEQ0kf2hKDVMF9wtGy-2F9Hxi4d3CWk1NjbX9quUnnzKNVw92V9NCJBR7iXNfy8dK4SqfVY2Rv5G0uIoaieOx7l7F704swLQ-2Bcz-2FrH2l0CT1G5CPFNCXqf2tFEygrkLog9ww7E-2FoaD4fLe5dX1FLQhNKJF7EpAzHKC6-2FDRZxWoB5MXv4rt13fNXy99zjRV9oHst-2B-2FjuGDqrLvXBJFqXxv9T59jymKzBcLMcnLrjyfAUhA1BQdsQH9xYUG6PoPeTBS0Ih1JdB6WJKcf6pWRwETqwCRVKHJKgyK4LlbOhMleXkXNbAU5Nn4AlYAP6jPE-2B-2Fhlhyb044eyBMM1ol2IB9oFGoPQkFZZ1btsn2Y8fpHcGQflIGHY5-2FzU054WO3FFs-2FudIErm4SW0Upe-2FUmiyieT-2BLHMtZrHqvoSpp1DQRUirNfak2mOHmUeFGMf2nsz2vWZkvEysgkvNGY3ppiA4GCddnMDWZoA4Ii0ke68rlffszl2CCmH-2BVqg338bz6Ppu8fGLjJkkHVrocI2ZoJ9MoS-2B0Ud-2FTJOFNF9C1TUVSzoTX	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://pvcy-376b5.firebaseapp.com/privacy.html	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/eb/cb/a7/ebcba789-0039-50a2-786e-d21984c0be98/	chromecache_141.2.dr	false		unknown
https://www.kddi.com/app-policy/ios/app-policy-abst-auWALLET-8.3.1.html	chromecache_141.2.dr	false		unknown
https://is2-ssl.mzstatic.com	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Features126/v4/1c/7c/cd/1c7ccd7c-b0b2-8096-a810-c9924266e5e	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Features126/v4/24/12/e0/2412e0ba-40bd-d36a-1677-7bf2a423c3a	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource126/v4/b3/06/2b/b3062b15-6621-75fd-05ab-20eb5ba	chromecache_141.2.dr	false		unknown
https://pvcy-376b5.firebaseapp.com/terms.html	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
http://www.symantec.com	chromecache_141.2.dr	false		unknown
https://www.aura.com/legal/privacy-policy	chromecache_141.2.dr	false		unknown
https://support.norton.com/sp/en/us/home/current/solutions/v130789673	chromecache_141.2.dr	false		unknown
https://docs.google.com/forms/d/1FR1XIEeLd4bzMSGyBjmulhfXRbBIKA4QRilkUZptAsM/edit	chromecache_141.2.dr	false		unknown
http://www.transunion.com/business	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/07/da/15/07da15de-aa58-b58b-7d67-c726cf24711f/	chromecache_136.2.dr	false		unknown
https://www.nortonlifelock.com/privacy/gps-english	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple126/v4/6e/c4/07/6ec407be-3c62-c3a5-784a-a9200d1c9575/	chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/63/2b/cb/632bcbde-56df-acce-d2f0-7b72fa9d41e7/	chromecache_136.2.dr	false		unknown
https://aupay.wallet.auone.jp/	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/9f/9f/dc/9f9fdc11-262e-0317-3fe0-8dd38c4fa25d/	chromecache_136.2.dr	false		unknown
https://www.wikidata.org/wiki/Q368215	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
http://schema.org	chromecache_130.2.dr, chromecache_141.2.dr, chromecache_136.2.dr	false	URL Reputation: safe	unknown
http://www.norton.com	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/61/37/67/613767ae-ff3b-483c-f604-7c1ebd1	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple122/v4/9b/b9/53/9bb953bd-e9e4-5522-7994-f37686a9877f/	chromecache_136.2.dr	false		unknown
https://aura.com/legal/service-terms	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/aa/ee/8f/aaee8f3b-b0d9-53b7-7f0d-02016f3	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple125/v4/0f/61/b9/0f61b94a-fd0f-d9d8-4d62-df3b9e5e613c/	chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple116/v4/da/84/f8/da84f835-7274-c870-d134-1369f8cd7967/	chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple1/v4/c3/d9/83/c3d98332-45e4-6b44-0407-5b1d66f5d32a/pr	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/4b/98/91/4b98911c-4948-abc7-0fd8-e8c69e3b7dce/	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/e0/82/80/e08280bf-3aed-5670-8d29-821674653238/	chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource126/v4/6f/2a/2e/6f2a2ea9-e4ed-90ef-4632-9d8adc9	chromecache_141.2.dr	false		unknown
https://play.google.com/store/apps/details?id=com.apple.android.music&referrer=utm_source=$	chromecache_130.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource126/v4/7b/75/93/7b7593ec-fb97-297e-c710-2ecec04	chromecache_141.2.dr	false		unknown
https://is3-ssl.mzstatic.com	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://twitter.com/AppStore	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/dd/06/96/dd069666-a046-f35a-edb7-0b5d709	chromecache_141.2.dr	false		unknown
https://hapilf.com	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleVideo126/v4/af/3f/d5/af3fd5bc-e615-7d2c-f1da-cb5ca695	chromecache_141.2.dr	false		unknown
http://jedwatson.github.io/classnames	chromecache_139.2.dr, chromecache_94.2.dr	false	URL Reputation: safe	unknown
https://git.io/fxCyr	chromecache_145.2.dr	false	URL Reputation: safe	unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/7c/12/bd/7c12bd05-4956-7a11-4c3a-95257c40239e/	chromecache_141.2.dr	false		unknown
https://git.io/fjule	chromecache_151.2.dr, chromecache_145.2.dr	false	URL Reputation: safe	unknown
https://www.transunion.com/optout	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/fa/87/6c/fa876c8b-741b-9253-932b-9de7938	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple112/v4/6e/a6/a6/6ea6a62d-e64a-b1fa-be94-531379147b99/	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://www.nortonlifelock.com/privacy	chromecache_141.2.dr	false		unknown
https://www.gendigital.com/privacy	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/27/52/ed/2752edb4-a358-a2c4-d80c-6786ed0b173b/	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://www.transunion.com/privacy/consumer-interactive#2	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/78/7c/12/787c12d3-5aea-202c-cb98-a607c9a	chromecache_141.2.dr	false		unknown
https://schema.org	chromecache_141.2.dr, chromecache_136.2.dr	false	URL Reputation: safe	unknown
http://schema.org/ItemListOrderAscending	chromecache_130.2.dr	false		unknown
https://deprecations.emberjs.com/v1.x/#toc_binding-style-attributes.	chromecache_84.2.dr, chromecache_118.2.dr	false		unknown
https://raw.github.com/emberjs/ember.js/master/LICENSE	chromecache_84.2.dr, chromecache_118.2.dr	false		unknown
https://membership.tui.transunion.com/tucm/login.page	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/a4/4c/9c/a44c9ce6-cef6-7d1e-694f-64224467fb44/	chromecache_136.2.dr	false		unknown
https://www.norton.com/wi-fi-privacy	chromecache_141.2.dr	false		unknown
https://is5-ssl.mzstatic.com	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleVideo116/v4/6c/f2/3b/6cf23bf1-d32a-741e-b923-7ab853ea	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/e3/45/2f/e3452f76-d16e-c250-7fef-0a4d8a741339/	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/d4/94/e1/d494e100-3d33-cbe9-3254-3ba3a4f	chromecache_141.2.dr	false		unknown
http://git.io/yBU2rg	chromecache_84.2.dr, chromecache_118.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/0b/a6/4f/0ba64f69-7fe6-737e-c506-da2aa4ea486c/	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/c6/df/7d/c6df7d7c-c2be-55d8-5c37-5f181f6	chromecache_141.2.dr	false		unknown
http://support.norton.com	chromecache_141.2.dr	false		unknown
http://www.nortonlifelock.com/privacy	chromecache_141.2.dr	false		unknown
https://www.nortonlifelock.com/us/en/contact-us/).	chromecache_141.2.dr	false		unknown
https://is4-ssl.mzstatic.com	chromecache_141.2.dr, chromecache_136.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Features126/v4/95/7a/d3/957ad33b-ed27-6d93-8ebc-5a7faa577e1	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple126/v4/d8/d3/d3/d8d3d311-3e5b-3718-c3fa-7217795928a4/	chromecache_136.2.dr	false		unknown
https://preactjs.com	chromecache_139.2.dr, chromecache_94.2.dr	false	URL Reputation: safe	unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/f6/98/b6/f698b692-3a18-22fd-fe86-4a449b198ac4/	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/15/f3/41/15f341d9-63ee-20cd-1ea0-826e84b28d47/	chromecache_141.2.dr	false		unknown
https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/43/a6/aa/43a6aaf6-33ba-ac16-1bdb-9821214fbc5f/	chromecache_141.2.dr	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.32.27.51	d3lva60p37ytto.cloudfront.net	United States	7018	ATT-INTERNET4US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.164	www.google.com	United States	15169	GOOGLEUS	false
151.101.131.6	h3.apis.apple.map.fastly.net	United States	54113	FASTLYUS	false

Private

IP
192.168.2.4
192.168.2.13
192.168.2.14

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1541057
Start date and time:	2024-10-24 11:04:59 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 18s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://url8018.lifelock.com/ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgamYIU7z3YHsAgniScBM5h0Igcf7XRM0q8kzYU-2BViPIo8PK7d3I7BXqWXBltQpjhAXlie5lfVhcEKt6f2NEENIs6XzuPFXm2og2-2B6GYXL-2B8uV-2BdpMKTY6SHZOfZQkECXywKr40yLxLyMwEJiwlUjaFZCB2F4RdJLIz4BNSyS3KMV4U54KvTv7R-2FqifQRfvWSC1F5g17i8L-2Bl4PqCzsLLHl8rP8YTD0DhfE2YmiCIkc0oBxtbbZFnod5AqaSYTaUZI9SVi3hNpmzksFbAwQ6gaKvTBPX-2B4xz9MKvtFp2avY6VRjGya-2FDbb6yjYRcuZkBGBXNkVFgaitYdkilhSs8o9AmQUfkLc005BJtShZkmuWaPg1VFX9mYqEM3w2Ov3GuEA2ggfOlpiCpDmriuLRkVjSA7KDN-2F7gE0n4iWUuIcLGL02hJ8Q9-2FY-2Bm-2Bvf8a7qHCcuMX3Cw4-2F-2FuqKcUc20mtlItLfHi1StJMXfLPtj8lbfEAL0wG01Wats6nLZ93cOR-2BU7M9H1T5BCE3x651jPcRKy6ZomldngTlfSOfUZ5Ohn02XucGqzG3c-2FHihAkffwpmbUe88dukyZlyKnSMtotQnWuE1fW87q-2B-2BIVbro6oGYoEtV-2B0nxypYcfOKBh7hpx0OA2W9xYu31nwWNEQ0kf2hKDVMF9wtGy-2F9Hxi4d3CWk1NjbX9quUnnzKNVw92V9NCJBR7iXNfy8dK4SqfVY2Rv5G0uIoaieOx7l7F704swLQ-2Bcz-2FrH2l0CT1G5CPFNCXqf2tFEygrkLog9ww7E-2FoaD4fLe5dX1FLQhNKJF7EpAzHKC6-2FDRZxWoB5MXv4rt13fNXy99zjRV9oHst-2B-2FjuGDqrLvXBJFqXxv9T59jymKzBcLMcnLrjyfAUhA1BQdsQH9xYUG6PoPeTBS0Ih1JdB6WJKcf6pWRwETqwCRVKHJKgyK4LlbOhMleXkXNbAU5Nn4AlYAP6jPE-2B-2Fhlhyb044eyBMM1ol2IB9oFGoPQkFZZ1btsn2Y8fpHcGQflIGHY5-2FzU054WO3FFs-2FudIErm4SW0Upe-2FUmiyieT-2BLHMtZrHqvoSpp1DQRUirNfak2mOHmUeFGMf2nsz2vWZkvEysgkvNGY3ppiA4GCddnMDWZoA4Ii0ke68rlffszl2CCmH-2BVqg338bz6Ppu8fGLjJkkHVrocI2ZoJ9MoS-2B0Ud-2FTJOFNF9C1TUVSzoTX
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@17/148@16/7

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.67, 108.177.15.84, 216.58.206.46, 34.104.35.123, 2.19.224.19, 2.23.196.201, 23.201.254.30, 2.23.194.36, 217.20.57.34, 192.229.221.95, 13.85.23.206, 13.95.31.18, 216.58.206.35
Excluded domains from analysis (whitelisted): www.apple.com.edgekey.net.globalredir.akadns.net, xp.itunes-apple.com.akadns.net, js-cdn.music.apple.com, azurefd-t-fb-prod.trafficmanager.net, slscr.update.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, www.apple.com, amp-api-edge.apps.apple.com, e17437.dsct.akamaiedge.net, clients2.google.com, ocsp.digicert.com, xp.apple.com, itunes.apple.com.edgekey.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, update.googleapis.com, xp.apple.com.edgekey.net, js-cdn-music-lb.itunes-apple.com.akadns.net, wu-b-net.trafficmanager.net, apps-cdn.itunes-apple.com.akadns.net, e8143.dscb.akamaiedge.net, fs.microsoft.com, accounts.google.com, e673.dsce9.akamaiedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, authorize.music.apple.com.edgekey.net, e6858.dscx.akamaiedge.net, apps.apple.com, amp-api-edge-cdn-lb.itunes-apple.com.akadns.net, fe3cr.delivery.mp.microsoft.com, fe3.deli
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://url8018.lifelock.com/ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgamYIU7z3YHsAgniScBM5h0Igcf7XRM0q8kzYU-2BViPIo8PK7d3I7BXqWXBltQpjhAXlie5lfVhcEKt6f2NEENIs6XzuPFXm2og2-2B6GYXL-2B8uV-2BdpMKTY6SHZOfZQkECXywKr40yLxLyMwEJiwlUjaFZCB2F4RdJLIz4BNSyS3KMV4U54KvTv7R-2FqifQRfvWSC1F5g17i8L-2Bl4PqCzsLLHl8rP8YTD0DhfE2YmiCIkc0oBxtbbZFnod5AqaSYTaUZI9SVi3hNpmzksFbAwQ6gaKvTBPX-2B4xz9MKvtFp2avY6VRjGya-2FDbb6yjYRcuZkBGBXNkVFgaitYdkilhSs8o9AmQUfkLc005BJtShZkmuWaPg1VFX9mYqEM3w2Ov3GuEA2ggfOlpiCpDmriuLRkVjSA7KDN-2F7gE0n4iWUuIcLGL02hJ8Q9-2FY-2Bm-2Bvf8a7qHCcuMX3Cw4-2F-2FuqKcUc20mtlItLfHi1StJMXfLPtj8lbfEAL0wG01Wats6nLZ93cOR-2BU7M9H1T5BCE3x651jPcRKy6ZomldngTlfSOfUZ5Ohn02XucGqzG3c-2FHihAkffwpmbUe88dukyZlyKnSMtotQnWuE1fW87q-2B-2BIVbro6oGYoEtV-2B0nxypYcfOKBh7hpx0OA2W9xYu31nwWNEQ0kf2hKDVMF9

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 107832, version 1.0
Category:	downloaded
Size (bytes):	107832
Entropy (8bit):	7.998208221352974
Encrypted:	true
SSDEEP:	1536:rbxyXX3FkzPtA4ze42dWs8sIQ6Y3SQnCvy7gALT4I073hT8k32wl0JvGdUB4x:rS1kUx8siYiZv+n4Ie82jBdUB4x
MD5:	2D753DE71684CC6C73161B6FE0C5A11C
SHA1:	B9B14B843008B6C9E8D6E933DDF52587CE0E32D7
SHA-256:	DC0663A7522F9A0A447DCA9A60A80275EA5906DDE2159B24CEA94A96D81DEE0C
SHA-512:	ED6FA0618E66A26107FCD828CDAE61C623C0BA6A0EF3BF6F49C1382ECB6A327D20A73A1F072E9BE6C2074DF6390D4DB17AD747FF7E7D64F66E1C25515DDD1E56
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v2/sf-pro-display_bold.woff2
Preview:	wOF2.......8......}................................`..H.`H...X...(....6.$..$..(.. ?meta....@. 8.t[.{.......}......R.Ju.1.u..WP...D:....:.v..{d..J:#.....T.nC@g.4.Q...........,?..{?...$.. V\.V@[.BH..2.b.!.U....9.....L....i6..9.\dYR8.......;un.5...(.."...b......pK....%9.gR..Aa.=......y._&.z.s..LnU...!_HJ..'[....x..Z.....to!.>.....c.J.....O....D..wz.K....Q)Gec..[.. ..#:..T....^6..\..ap0W./..n.(...e....^r(......~i!..\....7d..Q.x...%...RQ...]....]`...N0......G.W.Z[B...Q..8..[k...u..I..+6X...IHL.V/.o.y........s..::.9......._(-"~..Uw.Y.Q.^5...oH.O.=.F...>.W....{..~SX..d..T.k ..^..a.u..&...wH...>....xp.B./T..........K..w5.7......IX.....V.%.J.......!Y..y]...-..w..N..Z..;<p,....q..8G..}.g..].CrP..TK..QL...h.Lno..5%......4A A.-t....~...O.z+.K..?.".....qn......O...}o.]@..B.....sz.^.....#..`...C.{.....D....1=.c.,.X.......hn.H.VR..2A:..c..V."..a..F..*..E,T..(..y...?s...y.V...Q.!q(H.B..ZT..jc.~...:@u..=...D..d,.L..............O................

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 161060, version 1.0
Category:	downloaded
Size (bytes):	161060
Entropy (8bit):	7.996961875963795
Encrypted:	true
SSDEEP:	3072:MK7iPQIhUcShZFILkvrRwjp+nRv5NduaYw9Fc5AfP90o6I6:d7fIhUJhZFISRWGRvTdjYkHflzb6
MD5:	979B2DA5BE35E5200AEA8086B0750C6F
SHA1:	32A912A24EFD11969D3453910DA9B2A6D67D8137
SHA-256:	CB5DE71301D4C4BCECF75B38492B13807CD28A3DEF432E7BAA5C8ECF2E8C057A
SHA-512:	54DA81A495BDE0625DC7251320847B4E0224953D138816C3C7801EA4A00DC9106887B5346928F1F283AD24A3F0B5AC56F66B4627567717B69ACBB024DD994AD5
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v2/sf-pro-text_semibold.woff
Preview:	wOFF......u$......_L........................GPOS... ..........].GSUB..W.........qkg.OS/2.......R...`u.Qbsln..e........H.)..cmap..........m.....glyf..G....C..Y.+...head...X...6...6....hhea.......!...$.q..hmtx... ......(.g...loca..-d...4..(.....maxp........... .1.kmeta..f....f....U...name.......0...H...post........... ....trak..th...........O.........V.._.<..........r.......`.....................x.c`d``..O.......D...@.d.......t...x.c`d`..d.b`g..F.4......x.c`f........j.r...a&.f:..i.........L.L...P..c@..H....y.....1.S``...cqc]......#.4..x....pU........%...,.(.E....,"..$@X.!&.k.b.D..5.BP.d..Z.D..H..U....U...U.H.V.[.....{...<H.l:d.7.9.{.~.wfb.#.....Q.....&....zC../....2.}.Ug....7....Iuh.6........n....K....c=Y..t....S}4T1U.Ziy...L>..D.?.1..Z2Z..f.Y..yO...~.XFw.3.'.\|.....\Q.V.......(..m.......s..[...sY\............S.,g..1:...s..g..L.s...\|....M.-9..:..}..~X.....q...yX51N..y.k.^..rcs.b.....+...S.9.5..m...7..m..Fo.1.c.(.....}.........'..9..2..Xf6..........s..W.F..

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	976
Entropy (8bit):	7.575832260313748
Encrypted:	false
SSDEEP:	24:rfym7o0w2ykALQ2PYzaMAkiL+EBh1esuunoI8ICLU:rfr7Dw2ldzaMXc+E3Ruue4
MD5:	F8F65706108D83F23B8C44A806E7151B
SHA1:	D341B565DD153B1CC49180A79BCEFA91CBA4137E
SHA-256:	A61186E74F900E585E33D61ACCC27656BC156472407CEC31B546964F48CB4AF1
SHA-512:	9B3CCF298F62E933ED61196F1CA9BC6E8D45A820A298317078250B3DF821F2F746BA80075192690AC7D09E0F52924467874BDE07DD359C7ED71DC7C474B0BF11
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X..............VP8 F...0........>.B.E.$!..4.D.D...^2%.._...}/..j...{".%..=g^..]3..&,{...S..F.....\...k..\.O.j.R...{../.6..0...nPl...r..IB!b..&.v.)O.7.....U.B.{"L...r.N.G.aO.p4..?.2....$Ef.If;Z.f...........f.........J.$N.;.vJo.$.....,...r.29....e.W.Gb.M.A..p......b......hp.o.k\|..E...Z..n.........s.]....?tB...rp_..]X...x..Mcj..].=C21bE:n(.^=..UQn......<l~...n.9,..;SXX.bkN\|#.9p....<...qs&..[....u8..n.....[.C=.V...K...9.=................S........!.G.2}....N!...H...L.+~..v.....h.Z1.....Z../.om.H..gd........if.....d....b]O.0.2.~..>.[j..e..RYMH... ..[......#...1.Z{.,..8&.>(..y...(.g%..m..h.F..H.a....f.....\..3...}....i.E...W...tg8.@.()I._.q...P.X....9m...F.?.?V-.....z1... .w...Y2.X......\|.....?&pY..D...eG..f....7u.sz3.>.R%.%.._........RPR..... r.#....p%1b..& p....&...V...T0;...&#.c..{..cm\.....3...].b.4P.(....EXIF[...II*.......i.....................2...,.......ASCII...1.86.0-CJLNVYP777Z2HHCXT74KPRFAFA.0.1-9.

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	11910
Entropy (8bit):	7.97999243374129
Encrypted:	false
SSDEEP:	192:EnvfbnuMSb41WtfI/3cqju4e4RuFafpGoyDwosxv+P45ptbSAPzyhFaGzYco0vw/:ovfbuMhWRI/MqiWhGDDwF1C4btbSQGhs
MD5:	0A7378660E2A8FF5DE723BEFA6CD75CA
SHA1:	EBFA8DA360FBF36A7ECF346841EEC044C4DA4455
SHA-256:	ABE7A53E4B5CD18301C72EDCC96413DF5E7EED74EC3B3A80E4EF6F986DDF8479
SHA-512:	2A9B12030025B362DFDE3B5315968060315EACD88C75F1ECCBF39A48BB501B8C32F5A7EFD168B5AB7522E4562003DFE81959574E59439690FE09BC58642C37AD
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/c6/df/7d/c6df7d7c-c2be-55d8-5c37-5f181f63b539/f5e81212-9cd1-4285-8956-3ad4ffc06f01_iOS_6.5_-_Frame_02.jpg/230x0w.webp
Preview:	RIFF~...WEBPVP8X..............VP8 .-...........>.P.I.....].<....rVSR...!..7...\........f}T}.z..x...............g......^.Z......w..................c...x./......o..............c........L._......./.....^..K.w.?c.......c.3.w...<$............._d....z..........N.....8\|.$U...[Kik.F...^K-..YbH..lG.m.$]...t...c-.^.(D".K...p.-.;.W.X...U..(.+..#G{. p..P\GZ...D.e..,...O.js.D...6$?...wJ.y.-Z.......r.&.:j......,.&..ox...7e[.7n80R.Y_.T4i.....;V.a..P.DJ..g..Zv...k3......1.!o.%;T.Vl."..G../..\|.S.......1.....Y-.m.#.8.d_}]..>.W,..E.....q>.~.#.[...L.y.y..A.3W.F.u&m..,%X.........m...fa.G.m..S..U"/.b..3)...P5.h^67..[..%.>p.w.[.f,...j.o.?".zz...!vF.....+.C.f%...W2.....U..).&..M.."9Cl......^Q....3i.U...HF.Z..<...[........3r...k..y.X,.....8.._5.m]@.q....A..."-.......J....Kp6.......7.R[..GA.......4.....]!..$.}@.1.....3..{.P.....j.......Xx..Q."#..v..FJ.ai...;`N3+..i...D.......?5..ht.*..=3.M.....$..r#..?[SU..\j.u.jL..,....5M..d.tmL:.va..%.D..R>q.a.............K..X;.]...

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12513)
Category:	downloaded
Size (bytes):	13517
Entropy (8bit):	5.314863543101727
Encrypted:	false
SSDEEP:	384:8nlFipHnQ5/BRZJ/bzwT62waHKsR5ssRaREW+ou:8lF2HQ5JRjbQw9sRasROEWY
MD5:	24F387A60FE0B05A15426D721C397D47
SHA1:	012EB578C3C097193F20F123732AC646D2800096
SHA-256:	6AD8C8A703856136FEA1D1911FE8C0E09BCE87EDE20F4C8B98AB8F8961462738
SHA-512:	787E1A2BCCBCD973135E53B53FA5BC89E59AC277D95F30B0595B225667B1F0DEB6616914915200ABB6E522DDEA144E2EEF140876CA502D1317E13E86E63DA9A1
Malicious:	false
Reputation:	low
URL:	https://js-cdn.music.apple.com/musickit/v2/components/musickit-components//p-1ec6e574.js
Preview:	/!. IMPORTANT NOTE:. * . * This file is licensed only for the use of Apple developers in providing MusicKit Web Services,. * and is subject to the Apple Media Services Terms and Conditions and the Apple Developer Program. * License Agreement. You may not copy, modify, re-host, or create derivative works of this file or the. * accompanying Documentation, or any part thereof, including any updates, without Apple's written consent.. * . * ACKNOWLEDGEMENTS:. * https://js-cdn.music.apple.com/musickit/v1/acknowledgements.txt. */.const e="musickit-components";let t,n,l,s=!1,o=!1,i=!1,r=!1,c=null,f=!1;const a="undefined"!=typeof window?window:{},u=a.document\|\|{head:{}},d={t:0,l:"",jmp:e=>e(),raf:e=>requestAnimationFrame(e),ael:(e,t,n,l)=>e.addEventListener(t,n,l),rel:(e,t,n,l)=>e.removeEventListener(t,n,l),ce:(e,t)=>new CustomEvent(e,t)},p=e=>Promise.resolve(e),$=(()=>{try{return new CSSStyleSheet,"function"==typeof(new CSSStyleSheet).replaceSync}catch(e){}return!1})(),m=(e,t,n)

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	1832
Entropy (8bit):	7.814225128473339
Encrypted:	false
SSDEEP:	24:v9H0MiNji5suzd0Y8gEo0tiIcLcveSJDs6OrUzNCf6UIcxCknVAFFmw1OFwnWCZi:v9H0BD+CgEo1SWQNCfl/lnEcFw7ZDO
MD5:	E2A01B4F6115FD25E917DBDC6FB11F2B
SHA1:	6FEF04B12451224044BAE93063D1D1B375B5A8C3
SHA-256:	B9ECA1E3CA249D7A77AF83418529CACC606FEE85347E0105EAEC9D8388B05C2A
SHA-512:	9840E1ACF820B0B062AD15B82AC00A43DC128F9E4A14F8675236FC2E63C45FEBB82F46B35E484B3E550C43760ACB9EF186B215742013074C0102CBEF6C9A44D6
Malicious:	false
Reputation:	low
Preview:	RIFF ...WEBPVP8X..............VP8 ....p$.......>.L.H.......<...7n..O.v.i.9.%..j...o....W.._...}......"vO.......+.+.._P......<.=..r.s..3T.8.3.q.1.9....o.......8tA.../....#..A...C}..."B....$.?...n..+..rw..wF..o.0.F... :.z..,a....8....3.c..U)...y....I.......U.SU.....\|wg..P.?>...8....tQ8Q.0t.u...#R..n~.6+...p.W.)..}.... .....A?..>.....y..d...@.=./M......Y...R&.w..O....O.-<......e.t+?.I.H.M..........e..o..(X-...#...q2....J............?..^.L....(.o.......A>.*b...e+r\.p..=..3A.e..yZ....v......4.+.....B.Q..7...!..._....X......M...xdv.$....sJ..Ys..P.C/:.d....3[l..9._.sK.(X.u..@...9t...vg.6V.....l.......mX.+......IO.n....E.....G.%..^."`8....i9....2ge....VeT.......&D;..../...@.....#.@..6P....K.K..1..n..KE..7.O.3...V4..$......W...>=8).X....1/sUk....U...J;a...`......../..!..,..k...]...v..n.~M..!.H!.>..V....mk>.2-.+.H..<...w.....1.)..R..k3........`6.&...._p.q......`g.....X...c{t.r....>........O...b.Q.....7.+..k...vyJ.3.hP.\|..O8Uz.g....g@AZ

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	39409
Entropy (8bit):	4.79449824966127
Encrypted:	false
SSDEEP:	768:tpT1EQo46uWNYFJ1mv+ZNrMUVfj4bpY7jVSHUo6eI:tFLPZL
MD5:	0D6F7CBDEEC94E9EF880D7B7A9FA4E15
SHA1:	6E40B82AF9C76D89FBC9DCDCEAD1C66F115EB51F
SHA-256:	98EFC0C9B0F60B49D092C7FB5C502C3D5A379143C739AC7DF897C5A396D8CC2F
SHA-512:	800ED9FF11045D04CC01593B0090B4318E2F4A13739E3C17E7D3688B4F54ECD4066F7FA7562830A11B7F01E0A4E51DA7528CC0D8566969C8D251D36F30499B83
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/api-www/global-elements/global-header/v1/flyouts?locale=en_US
Preview:	[{"id":"3d39a8ff","name":"apple","analyticsAttributes":[{"name":"data-analytics-title","value":"apple home"}]},{"id":"8543e00d","name":"store","baseGroups":[{"id":"1c90bcf2","title":"Quick Links","analyticsAttributes":[{"name":"data-analytics-region","value":"quick links - store"}],"baseLinks":[{"analyticsAttributes":[{"name":"data-analytics-title","value":"find a store"}],"text":"Find a Store","url":"/retail/","ariaLabel":"","id":"a45bd4b8"},{"analyticsAttributes":[{"name":"data-analytics-title","value":"order status"}],"text":"Order Status","url":"/us/shop/goto/order/list","ariaLabel":"","id":"a361d2b7"},{"analyticsAttributes":[{"name":"data-analytics-title","value":"apple trade in"}],"text":"Apple Trade In","url":"/us/shop/goto/trade_in","ariaLabel":"","id":"ca9b9af6"},{"analyticsAttributes":[{"name":"data-analytics-title","value":"financing"}],"text":"Financing","url":"/us/shop/goto/payment_plan","ariaLabel":"","id":"db0704e3"}]},{"id":"68805228","title":"Shop Special Stores","anal

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:	3:H:H
MD5:	99914B932BD37A50B983C5E7C90AE93B
SHA1:	BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
SHA-256:	44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
SHA-512:	27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
Malicious:	false
Reputation:	low
Preview:	{}

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1832
Entropy (8bit):	7.814225128473339
Encrypted:	false
SSDEEP:	24:v9H0MiNji5suzd0Y8gEo0tiIcLcveSJDs6OrUzNCf6UIcxCknVAFFmw1OFwnWCZi:v9H0BD+CgEo1SWQNCfl/lnEcFw7ZDO
MD5:	E2A01B4F6115FD25E917DBDC6FB11F2B
SHA1:	6FEF04B12451224044BAE93063D1D1B375B5A8C3
SHA-256:	B9ECA1E3CA249D7A77AF83418529CACC606FEE85347E0105EAEC9D8388B05C2A
SHA-512:	9840E1ACF820B0B062AD15B82AC00A43DC128F9E4A14F8675236FC2E63C45FEBB82F46B35E484B3E550C43760ACB9EF186B215742013074C0102CBEF6C9A44D6
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple211/v4/63/2b/cb/632bcbde-56df-acce-d2f0-7b72fa9d41e7/AppIcon-0-0-1x_U007emarketing-0-7-0-85-220.png/146x0w.webp
Preview:	RIFF ...WEBPVP8X..............VP8 ....p$.......>.L.H.......<...7n..O.v.i.9.%..j...o....W.._...}......"vO.......+.+.._P......<.=..r.s..3T.8.3.q.1.9....o.......8tA.../....#..A...C}..."B....$.?...n..+..rw..wF..o.0.F... :.z..,a....8....3.c..U)...y....I.......U.SU.....\|wg..P.?>...8....tQ8Q.0t.u...#R..n~.6+...p.W.)..}.... .....A?..>.....y..d...@.=./M......Y...R&.w..O....O.-<......e.t+?.I.H.M..........e..o..(X-...#...q2....J............?..^.L....(.o.......A>.*b...e+r\.p..=..3A.e..yZ....v......4.+.....B.Q..7...!..._....X......M...xdv.$....sJ..Ys..P.C/:.d....3[l..9._.sK.(X.u..@...9t...vg.6V.....l.......mX.+......IO.n....E.....G.%..^."`8....i9....2ge....VeT.......&D;..../...@.....#.@..6P....K.K..1..n..KE..7.O.3...V4..$......W...>=8).X....1/sUk....U...J;a...`......../..!..,..k...]...v..n.~M..!.H!.>..V....mk>.2-.+.H..<...w.....1.)..R..k3........`6.&...._p.q......`g.....X...c{t.r....>........O...b.Q.....7.+..k...vyJ.3.hP.\|..O8Uz.g....g@AZ

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	11910
Entropy (8bit):	7.97999243374129
Encrypted:	false
SSDEEP:	192:EnvfbnuMSb41WtfI/3cqju4e4RuFafpGoyDwosxv+P45ptbSAPzyhFaGzYco0vw/:ovfbuMhWRI/MqiWhGDDwF1C4btbSQGhs
MD5:	0A7378660E2A8FF5DE723BEFA6CD75CA
SHA1:	EBFA8DA360FBF36A7ECF346841EEC044C4DA4455
SHA-256:	ABE7A53E4B5CD18301C72EDCC96413DF5E7EED74EC3B3A80E4EF6F986DDF8479
SHA-512:	2A9B12030025B362DFDE3B5315968060315EACD88C75F1ECCBF39A48BB501B8C32F5A7EFD168B5AB7522E4562003DFE81959574E59439690FE09BC58642C37AD
Malicious:	false
Reputation:	low
Preview:	RIFF~...WEBPVP8X..............VP8 .-...........>.P.I.....].<....rVSR...!..7...\........f}T}.z..x...............g......^.Z......w..................c...x./......o..............c........L._......./.....^..K.w.?c.......c.3.w...<$............._d....z..........N.....8\|.$U...[Kik.F...^K-..YbH..lG.m.$]...t...c-.^.(D".K...p.-.;.W.X...U..(.+..#G{. p..P\GZ...D.e..,...O.js.D...6$?...wJ.y.-Z.......r.&.:j......,.&..ox...7e[.7n80R.Y_.T4i.....;V.a..P.DJ..g..Zv...k3......1.!o.%;T.Vl."..G../..\|.S.......1.....Y-.m.#.8.d_}]..>.W,..E.....q>.~.#.[...L.y.y..A.3W.F.u&m..,%X.........m...fa.G.m..S..U"/.b..3)...P5.h^67..[..%.>p.w.[.f,...j.o.?".zz...!vF.....+.C.f%...W2.....U..).&..M.."9Cl......^Q....3i.U...HF.Z..<...[........3r...k..y.X,.....8.._5.m]@.q....A..."-.......J....Kp6.......7.R[..GA.......4.....]!..$.}@.1.....3..{.P.....j.......Xx..Q."#..v..FJ.ai...;`N3+..i...D.......?5..ht.*..=3.M.....$..r#..?[SU..\j.u.jL..,....5M..d.tmL:.va..%.D..R>q.a.............K..X;.]...

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1204
Entropy (8bit):	7.681918994939868
Encrypted:	false
SSDEEP:	24:MdWiPkkpvvcc7E1XDj8PtMKBc4vj+OVEPTbfgMpPKCpuoF70RzrHCZKC:wWBkXcc7EBj8Pxa4vjAPTfpPKCpjF7gI
MD5:	B32902B66013F4CB5FA230CE8D4EA5B6
SHA1:	1B10499F28F34F277A4FE2628733BDCC94D0E3FB
SHA-256:	A6B6BD711F30F18A3E36599A5D4D9FDE49FB504F207AC5F5C99D45A768C809B7
SHA-512:	DC33DC43D32E501B03B0DFD3BD784762EAAE8465BF3EECD6E7676ED81CF71F1D04B2AB708A15C65773FE69F5ABABDAFF468618D424F8A2EF8C878DCAEF109FFA
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/a4/4c/9c/a44c9ce6-cef6-7d1e-694f-64224467fb44/AppIcon-0-0-1x_U007emarketing-0-5-0-85-220.png/230x0w.webp
Preview:	RIFF....WEBPVP8X..............VP8 ...p$.......>.J.J#""!$..@h...n.ru._b......f...+...}.\|....3./.G.G.w.w..`..W[.......w.o......cs..f@.Y.y.-.:...!.......u.....V.i..9.M.....BJ..w+....j..T..a.;........=._.rw..C.....?/].jNN.r7....[.6....ov!.ad.L...I..$j..........g.,.....+....C.8....B..Y...2'X1.4...Q......c.L/.<..g...>.5...t.............<`..v...........%.7.s.>..\.....3.0.w...n.I..q..../..~.P....zGBQ ..r.?7..>.i.w;.B....$....A.Z.....2.f......CRu.......8.V.Wv......vw..z.....s...\X...(.]..........P....M.b.`.{..L......#[./X.9 ;.I.+_);kr.....d=W..i.1......A.R.h'...}..H:..Y.-.o.j..c\...%\.....'?.L......ON.....~..F.y...v..zS.p.)#.?..NU..0....,.ew....q.L....c.r/.:.opP.....w.!....]..<G.?..W)........j.S..N..0..F.x...6Z.......;.w..\|..9....?.2.6+....42[..*.PK.....?..\|..3@W.Y...ZB.B.[....6...d....\|......FL..@..9.EV..r4~.\......(k\|P.n.k#c....R....L..r~.\|......w.s..+.7F.....E..).a5$..hL..(..fGm...........3..Z..Qe8z.. F.[..36....B.@L.C..G ...DY......

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	11508
Entropy (8bit):	7.979737403014221
Encrypted:	false
SSDEEP:	192:ZXkQfF1lYmVExXr5jTQEujPmC3aaZ5Fs8sQxUsDpHFVD3PyO7uG3sDFsg:ZXkQfVctjkIC3v3Fs8txUiLVDfjuqsDV
MD5:	E24699B64A534123CB22DE2B3D0BF230
SHA1:	285A5B3874231F55ED1CFE0605888AE863AF819E
SHA-256:	11DDCABFEA572D9DCF1DC1900140B9C24FB7EC28E7C5511C7AA9CE49032F67FB
SHA-512:	B1208D3921B44BF983EF5C956F316B5DF5113B2F3EF99F6188B46E939CF1F07CEB37F0F68A330F88C4D3A92E18C86B4780472765213B989B008EA6E3F6F9A0FA
Malicious:	false
Reputation:	low
Preview:	RIFF.,..WEBPVP8X..............VP8 j,..........>.N.J$"'.%......n.?..Q.(..i..~\..W..~g...VoI~...:.}.\|.}.?v.$.K}..........A...`.......?^:.\|....{X.'.......W..........J6..~...}g.....Z..z)..................O..T.{.?........._....d}1.g.....O...........W._..Sk/.%..K3....n..z...Fh..#G.......&.4.....S.......u6].[..qg...]...9.I...$H./...;.!#i.....y....U.H.z..~i.8.DE[.e../#m...h S.u...9.t5.N.....<h..:r.Z\+......V^.>..n.2.v .....o..odJs......P...\.._5w......-...r..Vg.BsI.I..n....S...]....r..dFZ.3W...w...5.....x;.w...k.}4N.g-fP.u]y......@.g....i1B.......)*..(._......"(...&HP..9\.u.L.r:.V.....V~......w7.Kq...;].......,..@u..?..F=9.8/._..Jp...b/"Z+;?.8"OG.........nP..K.......b.I.a..I..3."......@F.&"28.../.R.D.j.1..}..J....".)h..<#..a.......J.N.e/..J...D^$...:.G.4.x.,.R%).V$5.<.o...s..?.#.Q'..1.....l[OX.H.~GU....I.Eo.J$E9...m&.(.#..@......EzYO...3^Jo.._...$\....}nn.Lot.......7..g..L.n.W5.c...Va\..>Y..........y..B..t.....B.~.>#..=tB...;'~..}Z7..}...)....

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 48x48, 24 bits/pixel, 32x32, 24 bits/pixel
Category:	dropped
Size (bytes):	12014
Entropy (8bit):	5.8597190788401115
Encrypted:	false
SSDEEP:	192:L7xWVSgHQUkVbBQZf8POXQu2jMLlZYrZ7667V776+:L7xWVSgiV27QfjMLcrj
MD5:	87052396F5FFD63B642D1BAB54E7EDB7
SHA1:	F3E75DDE1FAD3A5FE639E3D0C04122FCFAB918E2
SHA-256:	EA54FEA4CE7FCA6339E5B437CA43CBD46C84AA46477BE66436608B5FB0A9E02C
SHA-512:	84F96774BF4E8CE6BDFFC68AB6ADFBAA7508BD8E9A3372A33C0032FB519BF51A6AFB34CD70CE8A84C32A1F4BEC2442B87CB5CBEE86EDD468D510E502705D4788
Malicious:	false
Reputation:	low
Preview:	......00..........6... ......................h....)..(...0...`................................r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..v..v..u..v..v..u..u..u..v..u..v..v..v..u..v..v..u..u..u..v..u..u..v..v..v..u..v..u..u..u..v..u..u..v..v..v..u..v..v..u..u..u..v..u..u..v..v..u..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..}..}..}..}..}..}..}..}..}..}..}..}..}..}.

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (821)
Category:	dropped
Size (bytes):	7626
Entropy (8bit):	5.215559608926212
Encrypted:	false
SSDEEP:	192:OtQ0m8mBOZgS9tn0Ll9829FAeHlVPrMNW:OtFuSD4829FAeHzPAW
MD5:	33AF753815E0763128B33C38F393AF19
SHA1:	FD81C07EDD497B91F91629687D2AB6976F287E17
SHA-256:	A7A8465112A5F495E5C95139568A59BF35B3116624A5861B71472070520D699E
SHA-512:	D5981A0D80035A3E0B8EFBE12B90C5E82A53F8C2CBC100001D344DC645B07A76DB3B75D863A5BB733F54B9E13B4C0A515B63041F50DCFC9AC750C092C436DBF5
Malicious:	false
Reputation:	low
Preview:	"use strict";(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[26],{71026:function(e,t,n){n.r(t),n.d(t,{environment:function(){return a},eventRecorder:function(){return F},immediateEventRecorder:function(){return q},logger:function(){return D},network:function(){return E},setEventQueuePostIntervalEnabled:function(){return N}}).var s=n(76588),r=n(24178),u=n(32722),o=r.SC.attachDelegate,a={setDelegate:function(e){return o(this,e)},globalScope:function(){return window}},i={AJAX:"ajax",AJAX_SYNCHRONOUS:"ajaxSynchronous",IMAGE:"image",BEACON:"beacon"},v=r.vc.metricsDisabledOrDenylistedEvent,c=r.vc.removeDenylistedFields,l={},p=["dsId","consumerId"].function f(e,t,n){var s=null.return n&&!v.call(u.Z,n.eventType,t)&&(c.call(u.Z,n,t),m(t,n),e.apply(null,Array.prototype.slice.call(arguments,1)),s=n),s}function d(e,t){l[e]=l[e]\|\|{},l[e]=t}function Q(){l={}}function m(e,t){l[e]=l[e]\|\|{},l[e].anonymous&&p.forEach((function(e){delete t[e]}))}var y=r.SC.attachDel

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2169
Category:	downloaded
Size (bytes):	758
Entropy (8bit):	7.7398265680294
Encrypted:	false
SSDEEP:	12:XIJtf1nFK2SJMZeOYis1C/Qqt6aGo58LI4hEmJxT9XqrISCeKUzOIeO9vnrp0F:XctdE2cMZdjgfcL4hEmJbabjKXa9Pt0F
MD5:	BF58BA3A87B3B9FD142413A023D62F97
SHA1:	50DFED8260C1B49B1B21ADF59D8ACCA9F17C8FAB
SHA-256:	F1BA7551B51820568F4A397466C407652E1AF056E901DA57B57C7395955D1CB8
SHA-512:	9D3F1F2C3773E9CFC31495CEB5C2479C2DC2768F81B10F1D0B50F162FCCF5CB431103E67A59735AC7580B3029E12DE3DE3BCBCF4B10AC59BA4547B4BBE1A8C04
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.961.e281a7b797aa9204873b.js
Preview:	...........U[o.0.~....%...q......I..6.a..9iL..:9n.J.;.k.5].....o.]_BP..M.wa.y.0.+=:........'.7..!..}H....Fr..,..y.....\|......... (...."A2.A.u....=+.#.G..J...t..K-...C.<xh......0.l.`%LQ@b...G.....Da`b._?{..U$\<.'N..&...&...I. ...\...heY.;...v.X.J92.$.....\|.Q....N.?..5.........M.u...G.V.?56q.=.-.u.e..b-.ZCi.F.m.\..#YOK....!\|...Y.Z.2CH."d.....}...oh.. .../...1D....i..u..!6......"`..f9.....B..ab4\|].+Qj...`.Y..../.2....&.l?.tA....<..n..&...\+*.D...+..g6...6kb-.......3.[.+A...4Cc/..zp.b..y...0uX(....^.$..;..B..z....R$.8.q.V.u..,........GEj7r4Q&W..vPL9jG.f%A./l...k^s.ibIy.4{2.....Tv.t......+...J:.^.Ug.B.r....<...O.6t...s.y.i.F(.G..0a.&V.....t.u...1.e...T..fq3.,1....x....WP.xC...q.j.\.....a..e.._...9.....:.....Py...

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1189
Category:	downloaded
Size (bytes):	593
Entropy (8bit):	7.6220671921151695
Encrypted:	false
SSDEEP:	12:XeyBG2qiQZ2AHXmCXA2vEJgfnlbIcpbuqc+BB2/A9IQG3eUXM1XHJxdaln:X7BGViQDXmCw8gQlZpbxz+/AaQCCVdun
MD5:	E676A8AF25847B15CBCC218B400F2CE7
SHA1:	40B435C61C288498EB4A7BBD881A5A1F9175B740
SHA-256:	C44DD4FE57BC502E527061F7A5C99464E4626C956EBFC84E60C79073289D9FCC
SHA-512:	8348D64D24C77FDC25FFFBEAF9E68D0E014A8A41B6EA12ABB10938601CF5AB3EDF4D4D2B5257D478DCE187ACC6223487E1E21C1242A621AA4260115E1BCA7EA9
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/images/masks/icon-app-mask-border-61226afcae6a8f2b3d2755728daaf4f2.svg
Preview:	..........uTM..0...+,#....8qPS..p.+..M.@6..l....v..U....f..^.'.....J6.t........a<mPk.!.)..05.4Z.....S3..k[...Jj..Z..I....z2.#w..~j..J.C_Kq...W]...f=....CK^....n..........b8.C;..$..p.8T.q.......}...@..E-..?.r(..c.r.....h....}...{..[.dr4.X.2(..(v.I...X...-2i...w&....uY.r.9D4...@r...X#).,n.d>n....[..j......K],..ga......B..L$....?..-.`..r.#.(.L.{..d.e.,.,.j.y!\.d..i.X..XYp.wPb.\.:..&0l.....%.H..y..%x...K.".=.0.Hra.]\$..L.^.....#S..Y.qL.{.P...#..Rg.eF.;.K..C..U..Z:..Q..u1.W...8?......g:.\|......R.P..0W.b..-...KF..?R..=...^_.~8..q..0..x.M\|..%....T..r....{....x\....

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (847)
Category:	dropped
Size (bytes):	13822
Entropy (8bit):	5.308557467153006
Encrypted:	false
SSDEEP:	192:YPNfrSf3gy1fQx56zKsvEsSDIiFtTislPchPTwFlOvHChmC82YFK:YPNzSf3g6zKIHqtpRKEuvHTC82Yg
MD5:	2A92CDD99A42BFCD7DAB16887539E231
SHA1:	310E2855E334F6F49937490D621710021B15066B
SHA-256:	F20C946DA61069DF3F4DC8097FB617DB50F266D25D53758D91FCCBD8341C533C
SHA-512:	7DBD1CA6AF6E7AA86F408C6E3D5D35AA49AD39908D8AB10AEF4CF8C806AF27889DA43D8AEDDEE030E6351DF1D81442B431C6AF206A4DF6E9BFB043892850EF49
Malicious:	false
Reputation:	low
Preview:	/! For license information please see chunk.15.097368f212a6a942763f.js.LICENSE.txt /.(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[15],{21015:function(e,t,n){"use strict".e.exports={canvasAvailable:n(1892),continuousScrollEventsAvailable:n(93117),cookiesAvailable:n(2022),cssLinearGradientAvailable:n(83353),cssPropertyAvailable:n(15871),cssViewportUnitsAvailable:n(77499),elementAttributeAvailable:n(13462),eventTypeAvailable:n(70683),isDesktop:n(13459),isHandheld:n(30677),isRetina:n(25152),isTablet:n(53489),localStorageAvailable:n(83574),mediaElementsAvailable:n(58093),mediaQueriesAvailable:n(28342),prefersReducedMotion:n(54719),sessionStorageAvailable:n(63160),svgAvailable:n(91676),threeDTransformsAvailable:n(78795),touchAvailable:n(50012),webGLAvailable:n(72810)}},1892:function(e,t,n){"use strict".var r=n(93796),i=n(6379),o=function(){var e=r.getDocument().createElement("canvas").return!("function"!=typeof e.getContext\|\|!e.getContext("2d"))}.e

Chrome Cache Entry: 117

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2380
Entropy (8bit):	7.866321893428792
Encrypted:	false
SSDEEP:	48:41KBazIrKYSyWW+4dhfKbBR5/mfu+zlc+hb+1RN2vcXOyPyMo0zxkM37:GKsUS/YtKbd/mflcbGvc+cyAzF
MD5:	D3712EB412C047FC1AD12CE62AED4DA6
SHA1:	0E2E39680EFEC02E34EEDBB99130D2C6C3C174D3
SHA-256:	C1C2EF3478EB71FEE3DDDE39F60FE0270533579A09DC41F659B1662A19FF6DA5
SHA-512:	8EFB509D861BDD9A016351D5F52DC6699A68839C83D0FC1AC1F5144C2B8206B706A88144E4B2D937CD5DA595AEDFC12FB5BB9C385151FCA0DBC13EEDA62A21B1
Malicious:	false
Reputation:	low
Preview:	RIFFD...WEBPVP8X..............ALPH........f...Y.....J{..5.!.....M..8,...........;.......8^...........?.'.>......Ja.H.........x..c@....B./....2#Q.e.z.eW...A..8T.....n..C}..v....{.Q..qE......0.i[.[Q.u.P1.31.5..7.Y..t....B.`.7....j.x.3........V"l0.".P$Uo.q.QOEB.C...f...x...X4dk.._.L.M..i..@.. ..N..<'p...VP8 .....$.......>.H.I..'...x\|...f.oG4\|m..-..U..... .'.....:>.(..m...A,.=M.{...)E.P.....oI.B.....b.....xYB..r......mU.Q=.i?...J.FT..J..o.,Q;......]...A.S>c...U.u.o...Q."O.....X.&.VFX"KA..b...M\..E....,X..rG.Q..../;.!u.c&....,...(..y.8...k.u`>.L.>.rnT]4.T.v.O........<.5.uq!.....k...@[_Vp...CT{.~ j-j..Tg.0.5...#2.....$.$L.iin..\|...hI..=../u...9.e).....s.05.....Q......+.....\|e;........_I.......,..4.....V`.....t2....\.;..1..b.../y.....`..Q51p...Yo...V..e{.7.:....7;.x( .db.$.E&v.$..6.(.`.Hd.........)..<.....m[...y.T...h}.....T.L..............2.C...R-..EScz".E.yzGs..j.??.P.7...2yj....(..;.Vg*.~G.-F;jw<..%..0mZ..E..1s..2Zj.H.....[....D..

Chrome Cache Entry: 118

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1015)
Category:	dropped
Size (bytes):	996812
Entropy (8bit):	5.473483498850375
Encrypted:	false
SSDEEP:	12288:qBoMXaFHzsbqCI4/LdRb8uCjZqXXUBExd:qW2/LEtoUixd
MD5:	2C9F0D0C9A9EB391A9861A238385EF50
SHA1:	3D6AFC7321D8B4F9B99BC70BFCD7D77F8B3FB140
SHA-256:	7914ED4BA32201861AB68D070EF5A2E218147E7B8927D129255166CB51C0961F
SHA-512:	9CC35A9FC5216FDA3ACF43E943DF379B033DE563B2BC8F142ED9262D80851402216054CE9A223CC1DCEF144F2E927737E54B7D869B38DA29FF7860B444810DF4
Malicious:	false
Reputation:	low
Preview:	window.EmberENV=function(e,t){for(var r in t)e[r]=t[r].return e}(window.EmberENV\|\|{},{FEATURES:{},EXTEND_PROTOTYPES:{Date:!1},_APPLICATION_TEMPLATE_WRAPPER:!1,_DEFAULT_ASYNC_OBSERVERS:!0,_JQUERY_INTEGRATION:!1,_TEMPLATE_ONLY_GLIMMER_COMPONENTS:!0}).var loader,define,requireModule,require,requirejs,runningTests=!1;(function(e){"use strict".function t(){var e=Object.create(null).return e.__=void 0,delete e.__,e}var r={loader:loader,define:define,requireModule:requireModule,require:require,requirejs:requirejs}.requirejs=require=requireModule=function(e){for(var t=[],r=c(e,"(require)",t),n=t.length-1;n>=0;n--)t[n].exports().return r.module.exports},loader={noConflict:function(t){var n,i.for(n in t)t.hasOwnProperty(n)&&r.hasOwnProperty(n)&&(i=t[n],e[i]=e[n],e[n]=r[n])},makeDefaultExport:!0}.var n=t(),i=(t(),0).function o(e){throw new Error("an unsupported module was defined, expected `define(id, deps, module)` instead got: `"+e+"` arguments to define`")}var a=["require","exports","module"].

Chrome Cache Entry: 119

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1386
Entropy (8bit):	4.8492224043496055
Encrypted:	false
SSDEEP:	24:Yorj8jYfQypuazl92Qypua5HR9Iszb9mPuazEBb9mPuaSlSfvBLRKkfkMqVlM:Y4XzZzlkZTyszbgzEBbg+SJRKtpM
MD5:	662EA2BBC39B50BCDCBE04DC2CD7A087
SHA1:	4705F797D3E54D7953493DEBA121A8B4C397060F
SHA-256:	BFA43BCF43FA6CED5E1AF0BA042098DA244E4441A9C1D53E4B7B0DBFE764B1C6
SHA-512:	7E9903DE3548135C5C17813B2438D337BB565CEA17E6C3A5A4D7FF4B3A197A67B9FA6A16296A13174C5FA0D2E77EFBEC019E816541E074ACDB764F88EC685028
Malicious:	false
Reputation:	low
Preview:	{"blacklistedFields":[],"constraints":{"profiles":{"AMPWeb":{"precedenceOrderedRules":[{"filters":{"nonEmptyFields":["isSignedIn"]},"fieldConstraints":{"clientId":{"generateValue":true,"namespace":"AMPWeb_isSignedOut","expirationPeriod":86400000}}},{"filters":{"valueMatches":{"isSignedIn":[true]}},"fieldConstraints":{"clientId":{"fieldType":"id","generateValue":true,"namespace":"AMPWeb_isSignedIn","expirationPeriod":15552000000}}}]}}},"treatmentProfiles":{"AMPWeb":{"treatments":[{"filters":{"isSignedIn":{"nonEmpty":true}},"fieldActions":{"clientId":{"treatmentType":"idGenerator","storageKeyPrefix":"mtClientId","namespace":"AMPWeb_isSignedOut","lifespan":86400000}}},{"filters":{"isSignedIn":{"valueMatches":[true]}},"fieldActions":{"clientId":{"treatmentType":"idGenerator","storageKeyPrefix":"mtClientId","namespace":"AMPWeb_isSignedIn","lifespan":15552000000}}}]}},"compoundSeparator":"_","fieldsMap":{"cookies":["itcCt","itscc"],"custom":{"impressions":["id","adamId","link.type","station-

Chrome Cache Entry: 120

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 48x48, 24 bits/pixel, 32x32, 24 bits/pixel
Category:	downloaded
Size (bytes):	12014
Entropy (8bit):	5.8597190788401115
Encrypted:	false
SSDEEP:	192:L7xWVSgHQUkVbBQZf8POXQu2jMLlZYrZ7667V776+:L7xWVSgiV27QfjMLcrj
MD5:	87052396F5FFD63B642D1BAB54E7EDB7
SHA1:	F3E75DDE1FAD3A5FE639E3D0C04122FCFAB918E2
SHA-256:	EA54FEA4CE7FCA6339E5B437CA43CBD46C84AA46477BE66436608B5FB0A9E02C
SHA-512:	84F96774BF4E8CE6BDFFC68AB6ADFBAA7508BD8E9A3372A33C0032FB519BF51A6AFB34CD70CE8A84C32A1F4BEC2442B87CB5CBEE86EDD468D510E502705D4788
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/favicon.ico
Preview:	......00..........6... ......................h....)..(...0...`................................r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..r..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..t..v..v..u..v..v..u..u..u..v..u..v..v..v..u..v..v..u..u..u..v..u..u..v..v..v..u..v..u..u..u..v..u..u..v..v..v..u..v..v..u..u..u..v..u..u..v..v..u..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..w..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..y..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..{..}..}..}..}..}..}..}..}..}..}..}..}..}..}.

Chrome Cache Entry: 121

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9869)
Category:	dropped
Size (bytes):	10413
Entropy (8bit):	5.257533978847801
Encrypted:	false
SSDEEP:	192:8nla2OCNzv/zCPfx1WY6Q8X4tYPNF9cxi3/lpemo+AW4mr+oaq5:8nl3OCRvbIfxkgUPRcxw/lpemoPW4mrb
MD5:	1B5686244F6C6516B3C0CB73B85DEB30
SHA1:	207E5F9CC6C80B1B84C18CDFA732A5C3CC43AE2B
SHA-256:	3A91FF301DBC45B9035E65C7CACB68C5C06105196AB82BDE6AD6970348F2D819
SHA-512:	73AC415260CAA2291E3F2A24393B226E1275A1981775E3AA4183B2ECC941872AEB3F1024756479FD56E26F3E27976607E576A835864892F547E17DA17A3B6A32
Malicious:	false
Reputation:	low
Preview:	/!. IMPORTANT NOTE:. * . * This file is licensed only for the use of Apple developers in providing MusicKit Web Services,. * and is subject to the Apple Media Services Terms and Conditions and the Apple Developer Program. * License Agreement. You may not copy, modify, re-host, or create derivative works of this file or the. * accompanying Documentation, or any part thereof, including any updates, without Apple's written consent.. * . * ACKNOWLEDGEMENTS:. * https://js-cdn.music.apple.com/musickit/v1/acknowledgements.txt. */.import{d as e,N as a,w as i,p as t,b as o}from"./p-1ec6e574.js";import{g as l}from"./p-42d04e97.js";(()=>{const o=Array.from(e.querySelectorAll("script")).find((e=>new RegExp(`/${a}(\\.esm)?\\.js($\|\\?\|#)`).test(e.src)\|\|e.getAttribute("data-stencil-namespace")===a)),l={};return"onbeforeload"in o&&!history.scrollRestoration?{then(){}}:(l.resourcesUrl=new URL(".",new URL(o.getAttribute("data-resources-url")\|\|o.src,i.location.href)).href,t(l))})().then((e

Chrome Cache Entry: 122

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3003)
Category:	dropped
Size (bytes):	18440
Entropy (8bit):	5.255534167782927
Encrypted:	false
SSDEEP:	384:kz8E0CXVpU4y7FeTEkrHfcBkoNiIvYcaSRCF+q4nAHY+6dDlqW1hCSallZsWY:kz8E0CXVpU4y7ZkrHfcBkSiIvYc/Re+J
MD5:	5F765A4A59A407D5DAA33CC0B48F2A35
SHA1:	44E29FDCCC78BAD49465D30F2AD9D5DE816AE150
SHA-256:	5C98E1CF88ADBADBE52321041E084AA2D5BC4DAAFFBF8EC6C45A438E8D393202
SHA-512:	ABD01A44A94A0BE2B000DB5BB60A439AFDA8948B32B3F0685AC9AFE175EC9E3701C3747457BE42032C1EA0707AF02109D46187FCA39F2815BD8AEDBBD365F38C
Malicious:	false
Reputation:	low
Preview:	"use strict";(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[934],{7934:function(e,t,r){r.r(t),r.d(t,{default:function(){return W}}).var n,o,a=r(32722),i=r(24178).function s(){return o\|\|(o=["app","appVersion","hardwareFamily","hardwareModel","os","osBuildNumber","osLanguages","osVersion","resourceRevNum","screenHeight","screenWidth","userAgent"].concat(["delegateApp","hardwareBrand","storeFrontCountryCode","storeFrontHeader"])),o}var p,c=i.SC.attachDelegate,u=i.Z_.cryptoRandomBase62String,l=i.Z_.exceptionString.function m(e){this.setDelegate({topic:e}),p\|\|(p=!0,s().forEach((function(e){m.prototype[e]=function(t){return t&&t.hasOwnProperty(e)?t[e]:this.environment()[e]()}})))}m._className="eventHandlers.base",m.prototype.setDelegate=function(e){return c(this,e)},m.prototype.topic=function(){throw l(m._className,"topic")},m.prototype.environment=function(){throw l(m._className,"environment")},m.prototype.eventRecorder=function(){throw l(m._className

Chrome Cache Entry: 123

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 62120
Category:	downloaded
Size (bytes):	18354
Entropy (8bit):	7.989034436943274
Encrypted:	false
SSDEEP:	384:+Hm3ct/Bl2YI3hfd7q3FLLhe5Uc4skbHf0GWUKKUJ+3zLV:YDt/+Yel5qpLhlB3H6gE+3zLV
MD5:	F34E945F3F7BFAE88E7A2627FA7ED698
SHA1:	E9C474B7ED3132FF65E8446F0AA99CFC7C09128A
SHA-256:	3E706B19E210E6640ADBB22EFCABCC0BC3039510AD87D151AD08F8DEBFB82946
SHA-512:	9FDDC641EBB7DAFC670767287169A04E68B0E4D7082F4811B3E1C53C40E51D31320EA090A5F8EEEAE0D785851EF46F937C889E51D674834E027B378D0A58AA7A
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.171.ce33468efea141bac957.js
Preview:	...........}{..6.....2O.....n.n...M..M.&Y;.v..zi..Y.....g.....d'.=.w..H...`0....;.6{..7...E//N..2k..."..Z...\|^\.............q....N.._....[...b....A......l.s,.T............,._.cU...DT..)...YY5..]2-..Q....p8.pF..w.79..c.:lb...z.U....\|:MS.X.'M....<...E..6......n\....=...:...xTloG......D3...e. G.E..r.6...Q.6D..g.....ob..k...l.g...bqs\|<....d8Z.E.d.X.....[[...S.\,...0.=...yV..........c'R...eD...g..G..!4y...q..U.qSVi.,)[..g.')c9....q%.F.~.......#..h..gq....4...kY].g.._.[.).q....(.Z.+.]Ec.2.....q ..P.P..g.i(.1W"..Q...YF.l6.^...X.l.t.8e..Tr.........I9..j.....Qe...F~.n..j....8..#..(...h........e>..L.........a...B\|l.(.O.B<.2.KU.C6.....f\|.X-..QUe.4..i^@3.7X...TT.0Q@}..T/..#.......ze.j[.e/..F.,4c.@7b..>..;.(`....@..e8....Qd..M.M.y.dS.8..@...H..<..sV.yq..W..i/Kx.....8b. _.g.d..&....U..cl`,..e.-.a..,.(va9...#`....DQ_.vx....'.C...}"0....? .A....&..".......82..u.I..\|U]...l>m..@.r.......i0..D..E>..I...@i..X.5......?y._.M.....S\|.q...'8T.i.\|.u../.L. .F.....

Chrome Cache Entry: 124

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3013)
Category:	dropped
Size (bytes):	7300
Entropy (8bit):	5.323192066160397
Encrypted:	false
SSDEEP:	192:Fi9TDfbkV3mRHx+tvD8XKzB7fk+sI4F1G6qUw:qgVkW78XKpfk+sIi1/c
MD5:	01C41090BDA00093A1989B5F20AC42C3
SHA1:	0E1A136C449E99CD019EE4CD431AA9ED7D3E8F76
SHA-256:	5953C549A70A42DBAF31C669B1878115D23D2F304372BF8D2A21881B5DB3006F
SHA-512:	9B98D96B296FF101F62F58A1EEE6CCA8C96FFB8687AAA8D701870D9C1F11BF8734A07A0445454B31413A1A4EF614CF95893A9681ED3E9BBC68A1FE27978BBF26
Malicious:	false
Reputation:	low
Preview:	var __ember_auto_import__.!function(){var e,n,t,r,i,o={81867:function(e,n,t){e.exports=function(){var e=_eai_d,n=_eai_r.function r(e){return e&&e.__esModule?e:Object.assign({default:e},e)}window.emberAutoImportDynamic=function(e){return 1===arguments.length?n("_eai_dyn_"+e):n("_eai_dynt_"+e)(Array.prototype.slice.call(arguments,1))},window.emberAutoImportSync=function(e){return n("_eai_sync_"+e)(Array.prototype.slice.call(arguments,1))},e("@amp/affiliate-util",[],(function(){return r(t(2353))})),e("@amp/foundation/-internals/network",[],(function(){return r(t(73624))})),e("@amp/foundation/-internals/storage",[],(function(){return r(t(92141))})),e("@amp/media-api-config-amp-books-realm",[],(function(){return r(t(52215))})),e("@amp/media-api-config-amp-podcasts-realm",[],(function(){return r(t(61384))})),e("@amp/media-api-config-apps-realm",[],(function(){return r(t(61069))})),e("@amp/media-api-legacy",[],(function(){return r(t(89176))})),e("@amp/web-app-components/custom-elements/locale

Chrome Cache Entry: 125

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	625
Entropy (8bit):	4.952963038414406
Encrypted:	false
SSDEEP:	12:UXv7Fc4DpWNRKL+BK/sgl9hrIYerznR3zueIDRTLG9fkVlF38LG0DAvYodXotHNu:u6oTTlrIYevhTuKtLG0MAodXcNu
MD5:	2DFF575911FD65E601AC64F87F07D5D1
SHA1:	AE28A08E8E333C9234AD0D024D0865E5E36C5B2C
SHA-256:	7DF89772DEFA309D97987A7D985ED3F0DA91D81180FE69BB11DA8A8B181B418D
SHA-512:	3E6530272A6497738135CE998D2221588C487A27F20BD3745224F3FA43FDBFF8A2C8DDD42709B01B1CBF8FCE8EB6DC1EC9FADFE5FCF1AAEF0DE5B18CAAA6CBD7
Malicious:	false
Reputation:	low
Preview:	/!. IMPORTANT NOTE:. * . * This file is licensed only for the use of Apple developers in providing MusicKit Web Services,. * and is subject to the Apple Media Services Terms and Conditions and the Apple Developer Program. * License Agreement. You may not copy, modify, re-host, or create derivative works of this file or the. * accompanying Documentation, or any part thereof, including any updates, without Apple's written consent.. * . * ACKNOWLEDGEMENTS:. * https://js-cdn.music.apple.com/musickit/v1/acknowledgements.txt. */.const n=function(){window.MusicKitComponents={version:"2350.1.0"}};export{n as g}

Chrome Cache Entry: 126

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2580
Entropy (8bit):	7.889992667355294
Encrypted:	false
SSDEEP:	48:8nPGIhH7aGrS8RLQKcVZXr3dh03Rz4P/k9OJ4rU+kuWRxRUX+raVXmyi5J7lI+jM:wP597TXUZb3d2Bz4nSYaU+7D+kXmyi5o
MD5:	037FCB1B6CCFBD92165E0FA4674183CD
SHA1:	8A9EE51277566914FDEEDFF265154F91D319D98E
SHA-256:	937DC778F9A05B92C404109E69DD26618F583B9B27C6412D0393AECE9B26B364
SHA-512:	2627746559A0BED78B7D1ED5FCD2AAFDEC720178DBC02219AAAC56BF72D745E8A7052CC261DEDE26FE16E389A17CE0456A3016440AEA27FAB07AEFB74552A50C
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/07/da/15/07da15de-aa58-b58b-7d67-c726cf24711f/AppIcon-0-0-1x_U007epad-0-0-85-220.png/146x0w.webp
Preview:	RIFF....WEBPVP8X..............VP8 ....04.......>.R.I$"...].D.D..z..HJ....Hv.............5...t.YV........m.+...NZ...]....z..Q..(..(.......\|Y..LfJ.x.9..."m..._.H...\.>y....v)w1`..b..R37....}k.R..\S...n.p..d.c.......ZY.NW<7../...2.?D..h.sDji.{$...(..5....Q...UNZFOQ..:.q.;.[.}D..w..iE..m.._-@tY^.d!.rLI.._X...j.....D....=.0..SnJ..Fo_gvic.....m..]..'..............5.8'....P.......c.P2t:.....F.e..{`??Me.....AF.....;..d.x..4.-.....V\| &...+T...P....U..'..v..._<....I..p..}.......H.. 2..0."..:....P38....8...N..i...K..T...F..]k...C.X......`KD......KR.......{j..I..L.+.....t.3.iB..9.jz..-..r.^.T.]........q......T4...Vx`.3.D..y...R..V5..a".Q.9\|gM.;.%..E...Z..t..\|...nX.y.].l.......0.m..Z..X..p.... ...4...6~.'...x..a.`..6pV+...je.Se<..B......uJ.a(..`.\.X.[....a........v e.0).8....5.zU.....^B....n...fH..pO\l..a=....?ez..$.]..y-...X...\6r..:\|.c..qCKh.2.`>hyw....V..+Y...%.J...k]\].%....i.w.S..G...n..,N.........v/A...RZ.o...J..l......c....:....#.r...._0..v..v

Chrome Cache Entry: 127

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1283)
Category:	dropped
Size (bytes):	62120
Entropy (8bit):	5.200233203039825
Encrypted:	false
SSDEEP:	768:rPksmcJcApCeZygCoEOuTudKEEB8xAnpFyS5eCyDvmojEWCykh5kNbeAFjg5gvC8:rPksrJCeZygColbQJL5/U
MD5:	3EA70AE6D554F9FC0FFB8CB0281EC0A6
SHA1:	58D41E45856B15260F69F19200B6DE7FDCBC82E6
SHA-256:	A5B0CC4EF0FF84660C52A703030A8F948CC8702EF6B0535CC31FF8611823DBB9
SHA-512:	00E5EA6FF4C91E1419C4F7FE95815E67C11EDE4849810C2F3371E694622084D439F0E73C855101CB0A1A5B516A8821DE3B2EB1AEB450325F8A38E3EF3B9CC19B
Malicious:	false
Reputation:	low
Preview:	/! For license information please see chunk.171.ce33468efea141bac957.js.LICENSE.txt /."use strict";(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[171],{70171:function(t,e,n){function r(t,e){(null==e\|\|e>t.length)&&(e=t.length).for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n].return r}n.r(e),t=n.hmd(t).var o=function(t,e){return(o=Object.setPrototypeOf\|\|{__proto__:[]}instanceof Array&&function(t,e){t.__proto__=e}\|\|function(t,e){for(var n in e)e.hasOwnProperty(n)&&(t[n]=e[n])})(t,e)}.function i(t,e){function n(){this.constructor=t}o(t,e),t.prototype=null===e?Object.create(e):(n.prototype=e.prototype,new n)}var a,s,c=function(){return(c=Object.assign\|\|function(t){for(var e,n=1,r=arguments.length;n<r;n++)for(var o in e=arguments[n])Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o]).return t}).apply(this,arguments)}.function u(t,e){var n="function"==typeof Symbol&&t[Symbol.iterator].if(!n)return t.var r,o,i=n.call(t),a=[].try{for(;(void 0===e\|\|e-- >0

Chrome Cache Entry: 128

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (579)
Category:	dropped
Size (bytes):	17977
Entropy (8bit):	5.172440917667389
Encrypted:	false
SSDEEP:	384:xV1W44hioeBevmrjGRp1AFjga2dCjrI7KV0t:s44hioeBA7AFjgaU7KV0
MD5:	E62FEA2030907AF7E89AE14B53FFA550
SHA1:	7B4F41FC31DA2F829A183DFF72CDD708EA76665D
SHA-256:	F66B859A3A06C27EF58D1CC069E5BA8A9A47B3C7AEAF448EADF1F589582C360B
SHA-512:	1CDD5DCFCA7F6EFB33854F4ED6BA0D535CC0D444A78499240DAFBBCA2ABE9772E14A5D0E7A34CDE9A9716E068CE5FD6F5EB3271BC549BF17DE075F18E31661CA
Malicious:	false
Reputation:	low
Preview:	/! For license information please see chunk.359.1a547c0d896fa5233fdb.js.LICENSE.txt /.(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[359],{65359:function(t,e,n){t=n.nmd(t),function(e){"use strict".var n=function(){return(n=Object.assign\|\|function(t){for(var e,n=1,r=arguments.length;n<r;n++)for(var o in e=arguments[n])Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o]).return t}).apply(this,arguments)}.function r(t){var e="function"==typeof Symbol&&Symbol.iterator,n=e&&t[e],r=0.if(n)return n.call(t).if(t&&"number"==typeof t.length)return{next:function(){return t&&r>=t.length&&(t=void 0),{value:t&&t[r++],done:!t}}}.throw new TypeError(e?"Object is not iterable.":"Symbol.iterator is not defined.")}function o(t){switch(Object.prototype.toString.call(t)){case"[object Error]":case"[object Exception]":case"[object DOMException]":return!0.default:return s(t,Error)}}function i(t){return null===t\|\|"object"!=typeof t&&"function"!=typeof t}function a(t)

Chrome Cache Entry: 129

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	733
Entropy (8bit):	4.7574006224426535
Encrypted:	false
SSDEEP:	12:YGKzFDsip968DDp8MIfE1lI11I1581f58zrF8qWKxk8IV5wDKOBuGpQJNGzF/BQU:YdxDsinqMIqlI3I1y1fyzr+jcdD9J+Sn
MD5:	CC64BFA00B4B3FF916A983A0C27DEA58
SHA1:	62452E81D49DF7E3EDAE74AE32A3E9A613DCFE86
SHA-256:	67CB92C8D3E193BCAC15DEBC8CC34C5D2CE531C9A13D037EBFECDC662679215A
SHA-512:	C6D1D59F4D354EF39AA6D59002D23AB6AEA977CC3B68FE9A6D0821FC0C6EE279390A35B8DB2E7E8D39C913694811CEF04763452D8075C63722700E2B5120F3EC
Malicious:	false
Reputation:	low
Preview:	{"compoundSeparator":"_","fieldsMap":{"loadUrl":{"timestampFields":{"fetchStartTime":["fetchStart"],"domainLookupStartTime":["domainLookupStart"],"domainLookupEndTime":["domainLookupEnd"],"connectionStartTime":["connectStart"],"connectionEndTime":["connectEnd"],"secureConnectionStartTime":["secureConnectionStart"],"requestStartTime":["requestStart"],"responseStartTime":["responseStart"],"responseEndTime":["responseEnd"]},"otherFields":{"requestUrl":["name"],"transferSize":["transferSize"]}}},"metricsUrl":"https://xp.apple.com/report","performance":{"samplingPercentage":0.25,"samplingPercentageUsers":0.25,"sessionDuration":60000,"samplingPercentageUsersPageRender":0.25,"sessionDurationPageRender":60000},"postFrequency":5000}

Chrome Cache Entry: 130

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (3857)
Category:	dropped
Size (bytes):	1164876
Entropy (8bit):	5.445177004101057
Encrypted:	false
SSDEEP:	12288:AI0WsN8R4swlfC8OGMViBzvy198I+9nutp9Lz:+1lJDvy18M9X
MD5:	BEFDB72F75CB3415609DB9432DF23A9A
SHA1:	349A457F07582F045E76FD921AC7BC64DA074BF9
SHA-256:	61AC880CFAEAE3ABA023981E2015BD58A2178E9AA0EDC7E3B07C7ED371C84AF8
SHA-512:	EA468D01A3C507ACA22AE8EB9EB8FD2F029A6C1C0C2457E5F322C5AC82CBC0E958A011B0E62BDA60A2A68D43DA8493F3A2A9D12C9D050A657847DAFDF3A945F1
Malicious:	false
Reputation:	low
Preview:	/! See /acknowledgements.txt for open-source licenses /."use strict".define("web-experience-app/app",["exports","@ember/application","@ember/debug","@amp/web-apps-featurekit","web-experience-app/resolver","ember-load-initializers","web-experience-app/config/environment","web-experience-app/utils/config","web-experience-app/utils/consts"],(function(e,t,r,i,n,a,o,l,s){function p(e,t,r){var i.return(t="symbol"==typeof(i=function(e,t){if("object"!=typeof e\|\|!e)return e.var r=e[Symbol.toPrimitive].if(void 0!==r){var i=r.call(e,t\|\|"default").if("object"!=typeof i)return i.throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===t?String:Number)(e)}(t,"string"))?i:String(i))in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}Object.defineProperty(e,"__esModule",{value:!0}),e.default=void 0,"undefined"==typeof global&&"undefined"!=typeof window&&(window.global=window).class c extends t.default{constructor(...e){super(...e)

Chrome Cache Entry: 131

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 45694
Category:	downloaded
Size (bytes):	10771
Entropy (8bit):	7.982057012987408
Encrypted:	false
SSDEEP:	192:3iN9V/YhvryuuQn7lcKwycsIz47fKdWXQTVv2CAOOvHPT1df5Ydmvgx:ybjQ7lPtXIz47wP09YoW
MD5:	0813F3C528B687FE43D9C3D7C48F71C5
SHA1:	8E46D414C74EDE090A437F68EB3CF3C3D803AFF2
SHA-256:	6EF98A7142FBFF8B7442AADB37594D64181E99885212851E48F4C35798C46153
SHA-512:	B48971752559AFBC65882AD2FAAC69E52B86F707A5D7735463074EC818BBC4E554665C097D9052B57BBA7CCF1F1BC0C9725D794BF1E1F516335AAD764C765FE8
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.990.023f8bfb4104e9778375.js
Preview:	...........}.w.6....+d.{.........s...6.].I....).b-.Z.........$...d......X..`...f....R.Ny...zc.l6......M..v...,....G.\|.'\|.mR..i0t..,........}..o.7...qd3.....u..;n....}<...-`...y..,M..<&.gI.g...v.E.....w....W.........o.~.wHM=....v.I.c..`..wl.n\|..B.h$.^.u}..`....4L].,]..,...%.....]....%]~fHw....Z4T4.Po}.3.K.Ewa.Gs.q/b....Y\|s....s.....m...`.B.WA....a.S.:.x.Q.....A..\|.vvh..T..s...S?=..`..,..0h....;6.#6>...l6;..m>`Ch..e..)Kk..N.Zc..b...z..%'.F...1.r6.C..W......%I8f'!..?#....)3S..............9.l..{.t...g._,f.G.._d3......U.6...y..#...q>.g...0.l\|.y.x...i..dG.....XpIc<...u.e_...D.I..S.E.K#.......e+/..cQ....Ml.\|z.,...f!...Z...W...b.B.A4.....Q.f.)ab......~..g9P~Y4?)....A..Z7.....0...#{.C..(N...M.`..K..`...$.... .l.\......Z.K."...b&l.........>....\|.H. y.4C.l.0..0.W..yDT..q.Yl\/..TK.h.i0.3..Bx.:.?W.....N..[......M.....=.........OAFXU.V..`.I.....QL...F!....MN.%(H..0.E.T......*..Za8`U.\=....+./q.P{".=....1.E.=..%..On2$..q...C.%..Q...\e..).....

Chrome Cache Entry: 132

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2018
Entropy (8bit):	7.848978684823518
Encrypted:	false
SSDEEP:	48:pq4zV5HT93MURZ+O6vXu5cVqDaulXGXbbOvN:pvzrz93MrO6/6cVsjc6
MD5:	51BF044FD1CD8A97D9AE793F03FA6732
SHA1:	23FAA30797C1B5DEF4B7D75FA90CE9FF2F0BE74D
SHA-256:	F10C66718493ADA15D49D05B84B6DD4374AE0CD5910D293CFC2F6045C9F23214
SHA-512:	6855DA3FCD9DC19049BA7D8878362B39D741F2308746A3156965CD300B5CDD2D73358D5CA601CB45E6859BBBE8141C11912E921C2A3ED0F01523764CDCF71436
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple126/v4/6e/c4/07/6ec407be-3c62-c3a5-784a-a9200d1c9575/AppIcon-0-1x_U007emarketing-0-7-0-85-220.png/146x0w.webp
Preview:	RIFF....WEBPVP8X..............VP8 X....$.......>.J.I..!.x.<...n.ag......qt._Z'.......vj.a..n.=.."...;...>...jL...<J...N..o.l.e. B...L... w.".$4.^..Rq/.4."[.C.=......qU}d...a...Y.`)$./\;...<:s....qt..>..".3.3ok..Y/..5.q..0B..).. a[dJyR.cLa..\|z.X.1.s#adQ.x..h-...<~..`!.d.....0....XM.\|W...x.12.....#.7.n?.V...wr....>.......~MS_..]....qBFs...}.ge...%n}V..7..'cQZ:NsE#{.#.....F.b..N}.VH.Z...7..A.`....+7/F...?......<..X.TT...-./l......P..w....0"..c.L..Rz.....G.V..f..e..m,.t.pI.e.1+...jcs..fg....4jp.qNQ..S!...\......T.....cr.......Z.7x.I]>5.BFO$....8(C.T...O.M.-t=..E...g...D....Z.8....W....Y.`a...VA8{.>q..E..3....k.x.2.`7\.V..K.H..kC ..R.?....6.6.Ss.E...S.@.Tff..S..%....w..N...`?...}.......&.C_..h..wP...2.\.l.1..wf..}...O....!..\|C...\|.....G...L-..'O"x...75...V..o.X....Wbl'.I$..Y .P....h..8.I.n..9....=`..W..<.I..W+.z=.{.;..P.c^.T..o.9....}.[x./.....1.....<......FrTY..vN.}pZ*..L.I..DT.3:.}..{....&.=..Z.o.R.dP...A.......k?.!kv.u.....e.2.T..

Chrome Cache Entry: 133

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	1386
Entropy (8bit):	4.8492224043496055
Encrypted:	false
SSDEEP:	24:Yorj8jYfQypuazl92Qypua5HR9Iszb9mPuazEBb9mPuaSlSfvBLRKkfkMqVlM:Y4XzZzlkZTyszbgzEBbg+SJRKtpM
MD5:	662EA2BBC39B50BCDCBE04DC2CD7A087
SHA1:	4705F797D3E54D7953493DEBA121A8B4C397060F
SHA-256:	BFA43BCF43FA6CED5E1AF0BA042098DA244E4441A9C1D53E4B7B0DBFE764B1C6
SHA-512:	7E9903DE3548135C5C17813B2438D337BB565CEA17E6C3A5A4D7FF4B3A197A67B9FA6A16296A13174C5FA0D2E77EFBEC019E816541E074ACDB764F88EC685028
Malicious:	false
Reputation:	low
URL:	https://xp.apple.com/config/1/report/xp_amp_web_exp
Preview:	{"blacklistedFields":[],"constraints":{"profiles":{"AMPWeb":{"precedenceOrderedRules":[{"filters":{"nonEmptyFields":["isSignedIn"]},"fieldConstraints":{"clientId":{"generateValue":true,"namespace":"AMPWeb_isSignedOut","expirationPeriod":86400000}}},{"filters":{"valueMatches":{"isSignedIn":[true]}},"fieldConstraints":{"clientId":{"fieldType":"id","generateValue":true,"namespace":"AMPWeb_isSignedIn","expirationPeriod":15552000000}}}]}}},"treatmentProfiles":{"AMPWeb":{"treatments":[{"filters":{"isSignedIn":{"nonEmpty":true}},"fieldActions":{"clientId":{"treatmentType":"idGenerator","storageKeyPrefix":"mtClientId","namespace":"AMPWeb_isSignedOut","lifespan":86400000}}},{"filters":{"isSignedIn":{"valueMatches":[true]}},"fieldActions":{"clientId":{"treatmentType":"idGenerator","storageKeyPrefix":"mtClientId","namespace":"AMPWeb_isSignedIn","lifespan":15552000000}}}]}},"compoundSeparator":"_","fieldsMap":{"cookies":["itcCt","itscc"],"custom":{"impressions":["id","adamId","link.type","station-

Chrome Cache Entry: 134

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (2634)
Category:	dropped
Size (bytes):	9946
Entropy (8bit):	5.303383252274076
Encrypted:	false
SSDEEP:	192:NdbWsWxwiKpBpVyPPjg9bt9MVzclvs4oRL19n3kufDi/9secuFjel:LbWsWx3KDXR9THl1iL1l3kufG/9sebjS
MD5:	9BB28E4E947B15C91F9178EFF5B23264
SHA1:	87F5AC3AE29A7455DD00F79435B1D91F664F0395
SHA-256:	9FEC8921027F561C8BD0FDF17C244E35F26ABA8E336571597FCCCD9D42D7A0CA
SHA-512:	4566D611CDC37D0F4C34D36ABA45AF69036C4A9E155FAAEC80D70B20C24555A319C8227377D9AA7E7EF02077C2E83C050DB8BACCDBF48417D8772F64818AA7A5
Malicious:	false
Reputation:	low
Preview:	"use strict";(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[722],{32722:function(e,t,i){var n=i(24178),r=i(76588),o=n.SC.attachDelegate,s={setDelegate:function(e){return o(this,e)},localStorageObject:n.tO.localStorageObject,sessionStorageObject:n.tO.sessionStorageObject},a=n.SC.attachDelegate,c={setDelegate:function(e){return a(this,e)},makeAjaxRequest:n.L5.makeAjaxRequest},l=n.SC.attachDelegate,u=n.SC.hasAnyKeys,p=n.SC.isArray,h=n.tO.saveObjectToStorage,d=n.tO.objectFromStorage,g=n.P0.exponentialBackoff,f=n.EE.valueForKeyPath,S="noTopicConfig",v={blacklistedFields:["capacitySystem","capacitySystemAvailable","capacityDisk","capacityData","capacityDataAvailable"],compoundSeparator:"_",configBaseUrl:"https://xp.apple.com/config/1/report",constraints:{profiles:{AMPWeb:{precedenceOrderedRules:[{filters:"any",fieldConstraints:{clientId:{generateValue:!0,namespace:"AMPWeb_isSignedOut",expirationPeriod:864e5}}},{filters:{valueMatches:{isSignedIn:[!0]}},

Chrome Cache Entry: 135

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), truncated
Category:	downloaded
Size (bytes):	20
Entropy (8bit):	1.1219280948873622
Encrypted:	false
SSDEEP:	3:Ftt:Xt
MD5:	3970E82605C7D109BB348FC94E9EECC0
SHA1:	E03849EA786B9F7B28A35C17949E85A93EB1CFF1
SHA-256:	F5D031AF01F137AE07FA71720FAB94D16CC8A2A59868766002918B7C240F3967
SHA-512:	59C8107C5A9678CD4B6BD1D194AC0987CE0D0542CEEECE8430452C238375AA49F0CEA3646935315EA994D8AB05E56AF112157122BE8272185830093FD5922B67
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/global-elements/2426.0.0/assets/ac-footer/legacy/appleicons_text.ttf
Preview:	....................

Chrome Cache Entry: 136

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (13108)
Category:	downloaded
Size (bytes):	366816
Entropy (8bit):	5.521478574581658
Encrypted:	false
SSDEEP:	3072:Ab8rDFKOGt0Kwwj8zjmUzw9fOIgsgsVCzw9vmH8z0+uDyuaTXfs0ETdS8Q4+:+jvj8zjmhwOke
MD5:	97D07A5DBF80F4A2F09B599DD21CF8A5
SHA1:	961653601A27A2012A08A68D62983D25800CB4FD
SHA-256:	F77F42477264EE66EF39477B1D804819A811CF558B2E75C3C7179E4F0F6E3024
SHA-512:	D1EFD13CC185D1CFA0EBBD4B963C307616EA0345F8928E8752B6C4A37782507D8CD41BB2985BC7FD7386F72A880BEAC1DC2FA54493B99D2C1DCDCF1230267D7D
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/us/developer/nortonlifelock-inc/id355033599
Preview:	<!DOCTYPE html><html dir="ltr" lang="en-US"><head>. <meta charset="utf-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">. <meta name="applicable-device" content="pc,mobile">.. <script id="perfkit">window.initialPageRequestTime = +new Date();</script>. <link rel="preconnect" href="https://amp-api-edge.apps.apple.com" crossorigin="">.<link rel="preconnect" href="https://is1-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://is2-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://is3-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://is4-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://is5-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://xp.apple.com" crossorigin="">.<link rel="preconnect" href="https://js-cdn.music.apple.com" crossorigin="">.<link rel="preconnect" href="

Chrome Cache Entry: 137

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	39409
Entropy (8bit):	4.79449824966127
Encrypted:	false
SSDEEP:	768:tpT1EQo46uWNYFJ1mv+ZNrMUVfj4bpY7jVSHUo6eI:tFLPZL
MD5:	0D6F7CBDEEC94E9EF880D7B7A9FA4E15
SHA1:	6E40B82AF9C76D89FBC9DCDCEAD1C66F115EB51F
SHA-256:	98EFC0C9B0F60B49D092C7FB5C502C3D5A379143C739AC7DF897C5A396D8CC2F
SHA-512:	800ED9FF11045D04CC01593B0090B4318E2F4A13739E3C17E7D3688B4F54ECD4066F7FA7562830A11B7F01E0A4E51DA7528CC0D8566969C8D251D36F30499B83
Malicious:	false
Reputation:	low
Preview:	[{"id":"3d39a8ff","name":"apple","analyticsAttributes":[{"name":"data-analytics-title","value":"apple home"}]},{"id":"8543e00d","name":"store","baseGroups":[{"id":"1c90bcf2","title":"Quick Links","analyticsAttributes":[{"name":"data-analytics-region","value":"quick links - store"}],"baseLinks":[{"analyticsAttributes":[{"name":"data-analytics-title","value":"find a store"}],"text":"Find a Store","url":"/retail/","ariaLabel":"","id":"a45bd4b8"},{"analyticsAttributes":[{"name":"data-analytics-title","value":"order status"}],"text":"Order Status","url":"/us/shop/goto/order/list","ariaLabel":"","id":"a361d2b7"},{"analyticsAttributes":[{"name":"data-analytics-title","value":"apple trade in"}],"text":"Apple Trade In","url":"/us/shop/goto/trade_in","ariaLabel":"","id":"ca9b9af6"},{"analyticsAttributes":[{"name":"data-analytics-title","value":"financing"}],"text":"Financing","url":"/us/shop/goto/payment_plan","ariaLabel":"","id":"db0704e3"}]},{"id":"68805228","title":"Shop Special Stores","anal

Chrome Cache Entry: 138

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	733
Entropy (8bit):	4.7574006224426535
Encrypted:	false
SSDEEP:	12:YGKzFDsip968DDp8MIfE1lI11I1581f58zrF8qWKxk8IV5wDKOBuGpQJNGzF/BQU:YdxDsinqMIqlI3I1y1fyzr+jcdD9J+Sn
MD5:	CC64BFA00B4B3FF916A983A0C27DEA58
SHA1:	62452E81D49DF7E3EDAE74AE32A3E9A613DCFE86
SHA-256:	67CB92C8D3E193BCAC15DEBC8CC34C5D2CE531C9A13D037EBFECDC662679215A
SHA-512:	C6D1D59F4D354EF39AA6D59002D23AB6AEA977CC3B68FE9A6D0821FC0C6EE279390A35B8DB2E7E8D39C913694811CEF04763452D8075C63722700E2B5120F3EC
Malicious:	false
Reputation:	low
URL:	https://xp.apple.com/config/1/report/xp_amp_appstore_perf
Preview:	{"compoundSeparator":"_","fieldsMap":{"loadUrl":{"timestampFields":{"fetchStartTime":["fetchStart"],"domainLookupStartTime":["domainLookupStart"],"domainLookupEndTime":["domainLookupEnd"],"connectionStartTime":["connectStart"],"connectionEndTime":["connectEnd"],"secureConnectionStartTime":["secureConnectionStart"],"requestStartTime":["requestStart"],"responseStartTime":["responseStart"],"responseEndTime":["responseEnd"]},"otherFields":{"requestUrl":["name"],"transferSize":["transferSize"]}}},"metricsUrl":"https://xp.apple.com/report","performance":{"samplingPercentage":0.25,"samplingPercentageUsers":0.25,"sessionDuration":60000,"samplingPercentageUsersPageRender":0.25,"sessionDurationPageRender":60000},"postFrequency":5000}

Chrome Cache Entry: 139

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	157537
Entropy (8bit):	5.450896766346486
Encrypted:	false
SSDEEP:	1536:VcQ2UlYdxMXwcK2Bg6mqBhHPVy/ynVmXeXWH2H3i47UW4nb00pqpIReMaahQYg5U:f1mhfaahWIhsMkVT+BTtdOaBrdD
MD5:	E8E8B7A18F4EBDA24A25F702B22FA5C1
SHA1:	45DF73C1E3A0A3221A36654FCC46250E31D44C3C
SHA-256:	B740DD04F5C2A05AC983F4716999989B7A05B48C7E4717F77729B3DF19E97E3C
SHA-512:	57098BD96ADF38227E5B3C05CB1C715A9207F0BD4B198E3CF2B2A654D020BA3E0D65D04614F041E4291C86D928AB290619319C8C27F54D4563CBE71779568030
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/api-www/global-elements/global-header/v1/assets/globalheader.umd.js
Preview:	(function(mt){typeof define=="function"&&define.amd?define(mt):mt()})(function(){"use strict";function mt(e,t){return t.forEach(function(s){s&&typeof s!="string"&&!Array.isArray(s)&&Object.keys(s).forEach(function(n){if(n!=="default"&&!(n in e)){var a=Object.getOwnPropertyDescriptor(s,n);Object.defineProperty(e,n,a.get?a:{enumerable:!0,get:function(){return s[n]}})}})}),Object.freeze(Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}))}var Ye,M,ss,ns,Je,is,as,dt={},os=[],Pn=/acit\|ex(?:s\|g\|n\|p\|$)\|rph\|grid\|ows\|mnc\|ntw\|ine[ch]\|zoo\|^ord\|itera/i;function we(e,t){for(var s in t)e[s]=t[s];return e}function rs(e){var t=e.parentNode;t&&t.removeChild(e)}function Xe(e,t,s){var n,a,i,l={};for(i in t)i=="key"?n=t[i]:i=="ref"?a=t[i]:l[i]=t[i];if(arguments.length>2&&(l.children=arguments.length>3?Ye.call(arguments,2):s),typeof e=="function"&&e.defaultProps!=null)for(i in e.defaultProps)l[i]===void 0&&(l[i]=e.defaultProps[i]);return et(e,l,n,a,null)}function et(e,t,s,n,a){var i={type:e,props:

Chrome Cache Entry: 140

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format, TrueType, length 146936, version 1.0
Category:	downloaded
Size (bytes):	146936
Entropy (8bit):	7.996620690796171
Encrypted:	true
SSDEEP:	3072:we4KmezbdKxSPq3/S5xSvDbFHLy6QldvNzW94QV/1:wgpbdKxSPqPwxSvDJHLUdl5QVN
MD5:	1F251E613DD0F9A55B17EAF26D88E411
SHA1:	DBECB1745A8F11455C1CB455BC71E66980DF8A71
SHA-256:	FB43EC077C05506D429ECA434CDB483D2B4FC5BA17192547ACD5B67158400A53
SHA-512:	A6D3471AD5BE3AC1F664F930611C3B55478C48ADE0C4199B99388171FCD58A1D4D513B3AEC02E286AB3BE493AB22EF657854ED8D5D46862056089D2920C265FF
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v2/sf-pro-text_regular.woff
Preview:	wOFF......=....... .........................GPOS...X..e6....&..GSUB.. .........qkg.OS/2.......T...`u..$bsln...........H.)..cmap...,......m.....glyf..G<..q...\..B.Ihead...X...6...6....hhea.......!...$.a..hmtx... ......(..:?.loca..,....O..(....nmaxp........... .1.jmeta.......u........name......./...@...@post...D....... ...xtrak..=<...........O............_.<..........q.......`..6..................x.c`d``..O...[....6.....2.......\...x.c`d`..d.d`g..F.4......x.c`f9.8...........L..t.......I....S?...3............?...B......)00.......ka.....2x....p.E......y...........TX.9.."B.3 ....B.H0.... .. 1..........YX..{.Z..,dU..V,..g...G.$......uO..3..*^`......x..J8rK...z..B...x.Xv@~..e^..\|.v....4..\Zm..nn....I..0..S...u....N.g..........Q..H^w."%..xP]5..+%]..J..G.M.....\|.m...).a^Rz)u...+..-J......{.......c.}..C.O...2y..C.w.\|Z..1........t.q....g...v@..6..\|/..........;.....uX9xF]...-V..sX=.c?..s7b.. g1.q....N F.gG0NA.5nC...1/H...Z.Ch.I..@\|.r(j.d.6BD.Q...q.#.Y....j..S....

Chrome Cache Entry: 141

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (12797)
Category:	downloaded
Size (bytes):	996995
Entropy (8bit):	5.678812261247642
Encrypted:	false
SSDEEP:	6144:ClX7Rkvj8zjmI41XXHjFXxAKs13cORyhgfDDle:HnjD4Rcek
MD5:	E2D96D062B9EF5C2AC88348D490F6F0A
SHA1:	E95AD7CE64D07EECEB7E527E906F2DC961EAFD6E
SHA-256:	C832E7C81E9683E894C9B7F6778A3904D31EF28185862C425B8A231D568C3738
SHA-512:	4FCBE6DB43610E13776390AEE72CCF06F0C73F1BB5A31B28548F188D44D50F2D1ABAE3F4A5460FBC7BE65C8F4E1057455FA7601BAB9EACAD07342895176F4CF6
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/us/app/lifelock-identity/id1422875903
Preview:	<!DOCTYPE html><html dir="ltr" lang="en-US"><head>. <meta charset="utf-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">. <meta name="applicable-device" content="pc,mobile">.. <script id="perfkit">window.initialPageRequestTime = +new Date();</script>. <link rel="preconnect" href="https://amp-api-edge.apps.apple.com" crossorigin="">.<link rel="preconnect" href="https://is1-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://is2-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://is3-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://is4-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://is5-ssl.mzstatic.com" crossorigin="">.<link rel="preconnect" href="https://xp.apple.com" crossorigin="">.<link rel="preconnect" href="https://js-cdn.music.apple.com" crossorigin="">.<link rel="preconnect" href="

Chrome Cache Entry: 142

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2380
Entropy (8bit):	7.866321893428792
Encrypted:	false
SSDEEP:	48:41KBazIrKYSyWW+4dhfKbBR5/mfu+zlc+hb+1RN2vcXOyPyMo0zxkM37:GKsUS/YtKbd/mflcbGvc+cyAzF
MD5:	D3712EB412C047FC1AD12CE62AED4DA6
SHA1:	0E2E39680EFEC02E34EEDBB99130D2C6C3C174D3
SHA-256:	C1C2EF3478EB71FEE3DDDE39F60FE0270533579A09DC41F659B1662A19FF6DA5
SHA-512:	8EFB509D861BDD9A016351D5F52DC6699A68839C83D0FC1AC1F5144C2B8206B706A88144E4B2D937CD5DA595AEDFC12FB5BB9C385151FCA0DBC13EEDA62A21B1
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple122/v4/9b/b9/53/9bb953bd-e9e4-5522-7994-f37686a9877f/AppIcon-0-85-220-0-0-0-0-4-0-0-0-2x-sRGB-0-0-0.png/146x0w.webp
Preview:	RIFFD...WEBPVP8X..............ALPH........f...Y.....J{..5.!.....M..8,...........;.......8^...........?.'.>......Ja.H.........x..c@....B./....2#Q.e.z.eW...A..8T.....n..C}..v....{.Q..qE......0.i[.[Q.u.P1.31.5..7.Y..t....B.`.7....j.x.3........V"l0.".P$Uo.q.QOEB.C...f...x...X4dk.._.L.M..i..@.. ..N..<'p...VP8 .....$.......>.H.I..'...x\|...f.oG4\|m..-..U..... .'.....:>.(..m...A,.=M.{...)E.P.....oI.B.....b.....xYB..r......mU.Q=.i?...J.FT..J..o.,Q;......]...A.S>c...U.u.o...Q."O.....X.&.VFX"KA..b...M\..E....,X..rG.Q..../;.!u.c&....,...(..y.8...k.u`>.L.>.rnT]4.T.v.O........<.5.uq!.....k...@[_Vp...CT{.~ j-j..Tg.0.5...#2.....$.$L.iin..\|...hI..=../u...9.e).....s.05.....Q......+.....\|e;........_I.......,..4.....V`.....t2....\.;..1..b.../y.....`..Q51p...Yo...V..e{.7.:....7;.x( .db.$.E&v.$..6.(.`.Hd.........)..<.....m[...y.T...h}.....T.L..............2.C...R-..EScz".E.yzGs..j.??.P.7...2yj....(..;.Vg*.~G.-F;jw<..%..0mZ..E..1s..2Zj.H.....[....D..

Chrome Cache Entry: 143

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2018
Entropy (8bit):	7.848978684823518
Encrypted:	false
SSDEEP:	48:pq4zV5HT93MURZ+O6vXu5cVqDaulXGXbbOvN:pvzrz93MrO6/6cVsjc6
MD5:	51BF044FD1CD8A97D9AE793F03FA6732
SHA1:	23FAA30797C1B5DEF4B7D75FA90CE9FF2F0BE74D
SHA-256:	F10C66718493ADA15D49D05B84B6DD4374AE0CD5910D293CFC2F6045C9F23214
SHA-512:	6855DA3FCD9DC19049BA7D8878362B39D741F2308746A3156965CD300B5CDD2D73358D5CA601CB45E6859BBBE8141C11912E921C2A3ED0F01523764CDCF71436
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X..............VP8 X....$.......>.J.I..!.x.<...n.ag......qt._Z'.......vj.a..n.=.."...;...>...jL...<J...N..o.l.e. B...L... w.".$4.^..Rq/.4."[.C.=......qU}d...a...Y.`)$./\;...<:s....qt..>..".3.3ok..Y/..5.q..0B..).. a[dJyR.cLa..\|z.X.1.s#adQ.x..h-...<~..`!.d.....0....XM.\|W...x.12.....#.7.n?.V...wr....>.......~MS_..]....qBFs...}.ge...%n}V..7..'cQZ:NsE#{.#.....F.b..N}.VH.Z...7..A.`....+7/F...?......<..X.TT...-./l......P..w....0"..c.L..Rz.....G.V..f..e..m,.t.pI.e.1+...jcs..fg....4jp.qNQ..S!...\......T.....cr.......Z.7x.I]>5.BFO$....8(C.T...O.M.-t=..E...g...D....Z.8....W....Y.`a...VA8{.>q..E..3....k.x.2.`7\.V..K.H..kC ..R.?....6.6.Ss.E...S.@.Tff..S..%....w..N...`?...}.......&.C_..h..wP...2.\.l.1..wf..}...O....!..\|C...\|.....G...L-..'O"x...75...V..o.X....Wbl'.I$..Y .P....h..8.I.n..9....=`..W..<.I..W+.z=.{.;..P.c^.T..o.9....}.[x./.....1.....<......FrTY..vN.}pZ*..L.I..DT.3:.}..{....&.=..Z.o.R.dP...A.......k?.!kv.u.....e.2.T..

Chrome Cache Entry: 144

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	896
Entropy (8bit):	7.506095864091412
Encrypted:	false
SSDEEP:	24:7xY+qngtUYvIm7MKiSuKJfCyZov+j1TCfCA:75w1BvDv+j1ufCA
MD5:	3CB020BEE3430D02C8DFF935E70BD5C6
SHA1:	D525764FA1B9F5B12350FBBDF17416B3D033830D
SHA-256:	DC8C6CB79AF2FAC5B8450C4739B82BF2FBE2B70B56719821C850A9B1D652C968
SHA-512:	3B8FE7AD7F83663B2FC3A0F4FA48D3EAE82C174DFB586C5617E928C56FC6B3758DEF3E1C5608519B2FFD59CBFF25BDDF54CC8BF77AC3D486F2756DDABFF0CB82
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/a4/4c/9c/a44c9ce6-cef6-7d1e-694f-64224467fb44/AppIcon-0-0-1x_U007emarketing-0-5-0-85-220.png/146x0w.webp
Preview:	RIFFx...WEBPVP8X..............VP8 .............>.H.I#$!..\.D.D.p...I......./...u. >..F.X...........{. ...A......x..L6.;.z[.\|./80tT........@.g..#x\|.....56...G....W{.....,.,XQ...$~O......./6..e.l.......U,..n.>.....%..G....a..z?Fo.7..R./6..Ou$...j.`.t.h........YJm.....a.(...w...c2..\.!T~..K..#[.....L.q.(XR-.,..c..&Mj.\|...I..+.$......O...KK..5..........FK.O.......q.3....6.i.N. A.Q8.M.X.7...H@i....hf....0...S?...d~fj....Q....,.............o...J...L.>UV. `y.:..[.z[...HVc.8k..S.r...a..z.C5..:..t.cP...Z......fo1..d..W;.r.....b.x.J..X.V...Z\..c......+_....y.7.. D..I.v.....R........(....'-....g5.g....=g.8.W...1}..a.0c..7.. ..:i.......V....{..H...?..e,..f)y...../k.....No.g.....x.......?'zN.........cz....Q..~.........G.\.+8.g.Xd..<.`.e...._.....EXIF[...II.......i.....................2...,.......ASCII...1.86.0-BSZLNL5JW67NKM5OHKBXTKQGFU.0.1-3.

Chrome Cache Entry: 145

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (1328)
Category:	downloaded
Size (bytes):	348626
Entropy (8bit):	5.358122096336471
Encrypted:	false
SSDEEP:	3072:XaurdhEIEvAr/1G93xWLF+cqt6UqZSebMIzb7CnBWQahA:Xfr/1G93xWJnH7EWQ8A
MD5:	EC1970A91D5468D27D02BD314E3CF9B7
SHA1:	013D01D4F80734B9639BE52ED903BE69E5A2C8A7
SHA-256:	629FD475C0F94AB2727E3A7888187F409E8C9988963E71132BEC28888466DCEE
SHA-512:	DB902F21261FDB5A97C90D0404F11FD68A85D072B86DD5A21E328BC1B04404968352CC8F670280CCA6D8E378EBD8CA7409F7042B1469CE87DB1AF8F618BD4356
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.705.3247db7e0cd66da5bcbd.js
Preview:	/! For license information please see chunk.705.3247db7e0cd66da5bcbd.js.LICENSE.txt /.(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[705],{2353:function(e,t,r){"use strict".r.r(t),r.d(t,{KNOWN_CAMPAIGN_AND_AFFILIATE_QUERY_PARAMS:function(){return n},KNOWN_MARKETING_QUERY_PARAMS:function(){return a},METRICS_REGISTER_ENDPOINT:function(){return o},MUSIC_AFFILIATIONS_ENDPOINT:function(){return u},PROCESS_REDIRECT_URL_ENDPOINT:function(){return i},TV_AFFILIATIONS_ENDPOINT:function(){return s},default:function(){return f},handleCampaignAndAffiliateUrls:function(){return c}}).var n=["affC","adId","advp","at","ct","itsct","itscg","itscc","itcCt","its_qt","ls","partnerId","pt","qtkid","uo"],a=["mttn3pid","mttnagencyid","mttncc","mttnmyad","mttnmyadg","mttnmycmp","mttnmykw","mttnmypla","mttnmypub","mttnmysite","mttnpid","mttnrefid","mttnsiteid","mttnsub1","mttnsub2","mttnsub3","mttnsubad","mttnsubadgp","mttnsubcmp","mttnsubkw","mttnsubpid","mttnsubplmnt"

Chrome Cache Entry: 146

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	896
Entropy (8bit):	7.506095864091412
Encrypted:	false
SSDEEP:	24:7xY+qngtUYvIm7MKiSuKJfCyZov+j1TCfCA:75w1BvDv+j1ufCA
MD5:	3CB020BEE3430D02C8DFF935E70BD5C6
SHA1:	D525764FA1B9F5B12350FBBDF17416B3D033830D
SHA-256:	DC8C6CB79AF2FAC5B8450C4739B82BF2FBE2B70B56719821C850A9B1D652C968
SHA-512:	3B8FE7AD7F83663B2FC3A0F4FA48D3EAE82C174DFB586C5617E928C56FC6B3758DEF3E1C5608519B2FFD59CBFF25BDDF54CC8BF77AC3D486F2756DDABFF0CB82
Malicious:	false
Reputation:	low
Preview:	RIFFx...WEBPVP8X..............VP8 .............>.H.I#$!..\.D.D.p...I......./...u. >..F.X...........{. ...A......x..L6.;.z[.\|./80tT........@.g..#x\|.....56...G....W{.....,.,XQ...$~O......./6..e.l.......U,..n.>.....%..G....a..z?Fo.7..R./6..Ou$...j.`.t.h........YJm.....a.(...w...c2..\.!T~..K..#[.....L.q.(XR-.,..c..&Mj.\|...I..+.$......O...KK..5..........FK.O.......q.3....6.i.N. A.Q8.M.X.7...H@i....hf....0...S?...d~fj....Q....,.............o...J...L.>UV. `y.:..[.z[...HVc.8k..S.r...a..z.C5..:..t.cP...Z......fo1..d..W;.r.....b.x.J..X.V...Z\..c......+_....y.7.. D..I.v.....R........(....'-....g5.g....=g.8.W...1}..a.0c..7.. ..:i.......V....{..H...?..e,..f)y...../k.....No.g.....x.......?'zN.........cz....Q..~.........G.\.+8.g.Xd..<.`.e...._.....EXIF[...II.......i.....................2...,.......ASCII...1.86.0-BSZLNL5JW67NKM5OHKBXTKQGFU.0.1-3.

Chrome Cache Entry: 147

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	976
Entropy (8bit):	7.575832260313748
Encrypted:	false
SSDEEP:	24:rfym7o0w2ykALQ2PYzaMAkiL+EBh1esuunoI8ICLU:rfr7Dw2ldzaMXc+E3Ruue4
MD5:	F8F65706108D83F23B8C44A806E7151B
SHA1:	D341B565DD153B1CC49180A79BCEFA91CBA4137E
SHA-256:	A61186E74F900E585E33D61ACCC27656BC156472407CEC31B546964F48CB4AF1
SHA-512:	9B3CCF298F62E933ED61196F1CA9BC6E8D45A820A298317078250B3DF821F2F746BA80075192690AC7D09E0F52924467874BDE07DD359C7ED71DC7C474B0BF11
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple125/v4/0f/61/b9/0f61b94a-fd0f-d9d8-4d62-df3b9e5e613c/AppIcon-0-0-1x_U007emarketing-0-0-0-6-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/146x0w.webp
Preview:	RIFF....WEBPVP8X..............VP8 F...0........>.B.E.$!..4.D.D...^2%.._...}/..j...{".%..=g^..]3..&,{...S..F.....\...k..\.O.j.R...{../.6..0...nPl...r..IB!b..&.v.)O.7.....U.B.{"L...r.N.G.aO.p4..?.2....$Ef.If;Z.f...........f.........J.$N.;.vJo.$.....,...r.29....e.W.Gb.M.A..p......b......hp.o.k\|..E...Z..n.........s.]....?tB...rp_..]X...x..Mcj..].=C21bE:n(.^=..UQn......<l~...n.9,..;SXX.bkN\|#.9p....<...qs&..[....u8..n.....[.C=.V...K...9.=................S........!.G.2}....N!...H...L.+~..v.....h.Z1.....Z../.om.H..gd........if.....d....b]O.0.2.~..>.[j..e..RYMH... ..[......#...1.Z{.,..8&.>(..y...(.g%..m..h.F..H.a....f.....\..3...}....i.E...W...tg8.@.()I._.q...P.X....9m...F.?.?V-.....z1... .w...Y2.X......\|.....?&pY..D...eG..f....7u.sz3.>.R%.%.._........RPR..... r.#....p%1b..& p....&...V...T0;...&#.c..{..cm\.....3...].b.4P.(....EXIF[...II*.......i.....................2...,.......ASCII...1.86.0-CJLNVYP777Z2HHCXT74KPRFAFA.0.1-9.

Chrome Cache Entry: 148

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	11540
Entropy (8bit):	7.977881962879142
Encrypted:	false
SSDEEP:	192:Vmq07FUYxXlzlR6wW13hGKka7SVf3qHrxdTkv84D3dMsvIDRyWSJG:x07FpXlBRhQcZa7sf3qHNlOvbdM1yzg
MD5:	1C1744F7024CF05D64881FDD710B6AF3
SHA1:	01680DFFF2A0A8B620A5D74E71B8B322A7C74DC3
SHA-256:	FB93BE9170BE41B4B755BEBA71F887185153B13EECF3CA9ECE03A7EB24BBF96A
SHA-512:	2FA4C50C00E19371B2EF7945E05712DDE179C0E6C934A7EFA11DEE77804BF7F89072155A020CEED7995597B6AB17F3EA9DEF00CAEAC5E9D572C358989EC7C8A3
Malicious:	false
Reputation:	low
Preview:	RIFF.-..WEBPVP8X..............VP8 .,...........>.L.I..!..%.<....t..}..7.?.........#...{y...J....v.......1.......N<.........#..~6.....#._.?.2.............{g./._..u...'...`?........3.G...=........g........b.....3.;..b.G.>^..a,%...Ze:..%....4.....}X$.X...>...x.)...f..C...L"......S.E.....Mu.)..)u..{....\...p..+c..Q..2J.{.b. Z..Kzy~...,l..$..1.c'#.\|X..H..s.._X.l..q..........a'..VYC.Ip./k.Q.....b....E.....4......&f~p.b0..?...g,.......{.]..,8.\.\|.k....d..U..}..o....\|)...V..C,.t.A...K......5?;.e.<....j%......7=.d.`..../.V....r....o&.~.....{p".C..6>.m..e.b.`...Z..rX..{.RWeG....w..W....E.....>......0Jl...K.5L.9mC.....u2.7.V.p.W..CU.3.J.\|..0.... .....j8Z....W<.R.n}e*..}.J.r,p.^.(%A.....J.{i.!....zi...z.T.$.~..f....P..M58.N..^..'o....y.5.T.^.H..T.3.W4....SHZ.Q.....}/\|...x..:..5.Gjn!^:..U....}-...e.....\6.^N.<.%...q.b...EA#}._q.....L-.gF...A..J...,...x<c..+...7..x....hX&2..l.`...1......=5a.m....5nJ.]C\|.....(...!(E.D@..uqe}.N...t....WZ.c.h#.p...!r..k.

Chrome Cache Entry: 149

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41276
Category:	downloaded
Size (bytes):	10581
Entropy (8bit):	7.97907937118434
Encrypted:	false
SSDEEP:	192:rL9cg19D7fCBbDHXBRX1hakv0jGI3hIbSFdL+YU6cbH/DiXJfQAmnQAh:nPcRRlhak86oGuLxv0H0QnQO
MD5:	D13C8C7CAD3232D18B0210F965E83F39
SHA1:	4131101EEA05EBF584CAB7A5CB586E8189CBB2FF
SHA-256:	87D72CC0D2D4AC8D03A7973CEE697D9D66F7A529AF02998D3A647AE4AA18F72F
SHA-512:	49BB69D669B41217F49710CC3001F4CA5179E24653A18F77256D6C7FC197C086B3E1C9F83618EF4F407A57431B28FE71C6FBFDF800BE982AF196B4771DF12B6F
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.706.4a437bd91dd079e92306.js
Preview:	...........}kS.H..w~....J.p.@.0........8.=.../!.2...........z.$....q.h.zdeee...NY8i?..?..x:.~.a..,...Y\|....$..)..2.:..<...ngg.>oo..l.&.h..qdg.5OY+.`.Y+Y.=b......e.I..o.~..?..{]......{\|.........>o..z..u;y./G.....g...lm.kh...J.\|.V..6 ...h...e.$jE. JY...c......M.Y...G. .S.3.N...OX..`..n.y..b...Kvhwo{.qS...p..K........1..!p.......A.N.....\\|......F................e.....bn.8.4..Z.{h]?.X?I..f.V.e...V.~.f.[..V?d.....I<........[Q.y....5{.....D .z.".......E..4)...tY.4.\......k.Ud....^.O.U{5{y.<.P.,1>r.....<^E.;kk...Q.Y..AC....v=.c...$..AJ.m..6.....t../&..)........6i..j.. .X.9.%q/.7w7....>.(3Z.v..i..o.......#.,gI......G%r....+.F.....(....(... G......V.......N.....(.F..-...P4=d...,..{2)..v%...@...a..%.O.!..#.u.{.<.y{c........=......`m.\$.....K...a...X.>Hv.."..F. ..........ph.. ..f=C*...2L.V....Y.:kk....5f.y.S..y.]..sL._)0).,.\|.0T.;...0..w..w.~.....~.....MPu~...c//.....{.... ..q.....`<f...oQf.$iv-j.a.E)....T.h^<.........._...2X.I.S?

Chrome Cache Entry: 150

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	11508
Entropy (8bit):	7.979737403014221
Encrypted:	false
SSDEEP:	192:ZXkQfF1lYmVExXr5jTQEujPmC3aaZ5Fs8sQxUsDpHFVD3PyO7uG3sDFsg:ZXkQfVctjkIC3v3Fs8txUiLVDfjuqsDV
MD5:	E24699B64A534123CB22DE2B3D0BF230
SHA1:	285A5B3874231F55ED1CFE0605888AE863AF819E
SHA-256:	11DDCABFEA572D9DCF1DC1900140B9C24FB7EC28E7C5511C7AA9CE49032F67FB
SHA-512:	B1208D3921B44BF983EF5C956F316B5DF5113B2F3EF99F6188B46E939CF1F07CEB37F0F68A330F88C4D3A92E18C86B4780472765213B989B008EA6E3F6F9A0FA
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/PurpleSource126/v4/6f/2a/2e/6f2a2ea9-e4ed-90ef-4632-9d8adc9e0e50/bbee0623-f54d-42eb-836a-64c3b046b2bd_iOS_6.5_-_ALT_Frame_01-1.jpg/230x0w.webp
Preview:	RIFF.,..WEBPVP8X..............VP8 j,..........>.N.J$"'.%......n.?..Q.(..i..~\..W..~g...VoI~...:.}.\|.}.?v.$.K}..........A...`.......?^:.\|....{X.'.......W..........J6..~...}g.....Z..z)..................O..T.{.?........._....d}1.g.....O...........W._..Sk/.%..K3....n..z...Fh..#G.......&.4.....S.......u6].[..qg...]...9.I...$H./...;.!#i.....y....U.H.z..~i.8.DE[.e../#m...h S.u...9.t5.N.....<h..:r.Z\+......V^.>..n.2.v .....o..odJs......P...\.._5w......-...r..Vg.BsI.I..n....S...]....r..dFZ.3W...w...5.....x;.w...k.}4N.g-fP.u]y......@.g....i1B.......)*..(._......"(...&HP..9\.u.L.r:.V.....V~......w7.Kq...;].......,..@u..?..F=9.8/._..Jp...b/"Z+;?.8"OG.........nP..K.......b.I.a..I..3."......@F.&"28.../.R.D.j.1..}..J....".)h..<#..a.......J.N.e/..J...D^$...:.G.4.x.,.R%).V$5.<.o...s..?.#.Q'..1.....l[OX.H.~GU....I.Eo.J$E9...m&.(.#..@......EzYO...3^Jo.._...$\....}nn.Lot.......7..g..L.n.W5.c...Va\..>Y..........y..B..t.....B.~.>#..=tB...;'~..}Z7..}...)....

Chrome Cache Entry: 151

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (1328)
Category:	dropped
Size (bytes):	348626
Entropy (8bit):	5.358122096336471
Encrypted:	false
SSDEEP:	3072:XaurdhEIEvAr/1G93xWLF+cqt6UqZSebMIzb7CnBWQahA:Xfr/1G93xWJnH7EWQ8A
MD5:	EC1970A91D5468D27D02BD314E3CF9B7
SHA1:	013D01D4F80734B9639BE52ED903BE69E5A2C8A7
SHA-256:	629FD475C0F94AB2727E3A7888187F409E8C9988963E71132BEC28888466DCEE
SHA-512:	DB902F21261FDB5A97C90D0404F11FD68A85D072B86DD5A21E328BC1B04404968352CC8F670280CCA6D8E378EBD8CA7409F7042B1469CE87DB1AF8F618BD4356
Malicious:	false
Reputation:	low
Preview:	/! For license information please see chunk.705.3247db7e0cd66da5bcbd.js.LICENSE.txt /.(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[705],{2353:function(e,t,r){"use strict".r.r(t),r.d(t,{KNOWN_CAMPAIGN_AND_AFFILIATE_QUERY_PARAMS:function(){return n},KNOWN_MARKETING_QUERY_PARAMS:function(){return a},METRICS_REGISTER_ENDPOINT:function(){return o},MUSIC_AFFILIATIONS_ENDPOINT:function(){return u},PROCESS_REDIRECT_URL_ENDPOINT:function(){return i},TV_AFFILIATIONS_ENDPOINT:function(){return s},default:function(){return f},handleCampaignAndAffiliateUrls:function(){return c}}).var n=["affC","adId","advp","at","ct","itsct","itscg","itscc","itcCt","its_qt","ls","partnerId","pt","qtkid","uo"],a=["mttn3pid","mttnagencyid","mttncc","mttnmyad","mttnmyadg","mttnmycmp","mttnmykw","mttnmypla","mttnmypub","mttnmysite","mttnpid","mttnrefid","mttnsiteid","mttnsub1","mttnsub2","mttnsub3","mttnsubad","mttnsubadgp","mttnsubcmp","mttnsubkw","mttnsubpid","mttnsubplmnt"

Chrome Cache Entry: 152

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2158
Entropy (8bit):	7.827943467617114
Encrypted:	false
SSDEEP:	48:0+mB9DWCUCA5ScasLoVaC9vJ/rKSKv1fvCSoYxvy:0+m2VCAIZDPJGSKtfvRDy
MD5:	A1D83553F4711BAB5296DEB2EB39A4F5
SHA1:	10B44AD3026C913FAE4826C500A897C92DC20C17
SHA-256:	44CE60C2DD80EA5CB0FDFE61E4BAB016F25AE8D7A88E55BE44207433AE9A1A47
SHA-512:	0E461AA1E8F85C1F3E77ED93B24C8298474129AEA0708D0583E4186752C4C0E3C93F65CE7C7E1FEEF77F328DAEB227A4A075B07F53A097FBCBA7E4A0700AD2F8
Malicious:	false
Reputation:	low
Preview:	RIFFf...WEBPVP8X..............VP8 .....&.......>.P.H#...y..D...7n..=..v.o...e...a.....=...?I.a..]4.n.C~.z.~......q........G.O..I,...1...0;(..W.M.<.....{.F..6p.cWS.A\....].y]..6.......F.=?.aNZ8.j...w;Lu.wz.6...b.......;.x...g...l50..tB...0..~../....E.!lK#....#z.H2h.~d...`.2$.,....\|..]a`.d..Rn.I.9...W..6Q.v.(..f..].iK...\.......^3..:...1...Y.8.......X.,\zZ..f^@..t...U.....{.$?.....].Z......\?=.........O....c..7?l`.c...'..50nB....x..o..qz.#.*.}v... n.............>.'..6.....+{OW....~u!o....0.[`'&Y....[{....\..kzGy....$.R#2..S.;:.,.k........4y.H,...F'f.......W@.zk0(..\|.4..V.x..}.V...-./-......)q.TW..<c.+M.j..g...oh5...4.n`Q.!.rb...8..3a..&.a.mj.....o....!.....l.%?....I....<.._?.7.M.AD.w.Z$\|/..,...E%..........G...D...7.A..p.1!.)Tp...d......E..."....z....R]5.i.66>..;.@..{...Ch.......5..m.G..P.[m?.T"...9s.n)...[.t.B...a....H!.dE."..N..D".r.ws.....K.R.n`..P......$o....o...5JW.u.F?kr..&u..A5.$.W.(z....kH@..K..>..,..mA.D.q.q.D....S.0$.."..CC.WQ...

Chrome Cache Entry: 153

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 14214
Category:	downloaded
Size (bytes):	5402
Entropy (8bit):	7.955990062680874
Encrypted:	false
SSDEEP:	96:xmyYy1wtHfgODSxFpgk0XqIKdY1Q/nEOINoZfUlW/gZpu3LBV/Q3uc8dPTPO5ICn:xm9yGtHfbemkPIKdUQ/nOwfuYOy/Q3uE
MD5:	DFE88678829C3A224598D89FF4939068
SHA1:	DAC630AE76E64C87C691A46E6FD238E4CBE6D654
SHA-256:	692C9080430F8E85D25D04F9CE05F5B03CD3E8477C25229557069A40BD86C1D7
SHA-512:	83E8543E6D6D6FE079FD03E8CE1C8633AB5F764C8863DFD8EBA6FD9968556E3611C7EB92984CB37948A9E55DC987E08BFD78D07A037AE00BA03DAF287267FFCE
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.572.93058cb1137c31242bbc.js
Preview:	...........;.r.8....4+..Frb'C.q.P.Ob;.c...OEK..X.4 h[.T...g.G..v.........R..4...F_..IL.X..'.u'..wM..a.r."a.]::...&.w.....~.h:mw\o...N...b.CnW.7_......3..I.{..#...I>......_f....cF.~...7#.V+...............kF..+..f..nE.......=:#W...........fn....ncw....K.Y.[..+....R..Y6....vy.%.a.&,...L#..oH.....Z..........W..%....a>.6.v....U..W.d.[%.@DO.A.j.A#..........Z..e.z.>R...\|.....^...Hz......$..?..y.._,p...u.C./..[%...\..\|w.."F..uw.....UQ.d.^j......B..yc.%G.y.0..6.....y2.L.[K.>...x8qP.,.q..:.....W.$...Nog$.....2.......k........v.h...Sx......c.D..I..=..o'.u.$.OD..r.t.k...5..8....F..&.'...K....2. f8g...ng.......j......?...L....`...\.t.l....4.<#..r..5sb@...a...T...e..O\4G.-:.P).%>3...:..":......R..i.....-...+.e...(.%G}.......o.$.. q.{.%8..Lb...'.[e#...,bx.].S..a$.=.@.L....{.\..o.D.dQ$.NO.u`Y.&~.-.@...........v.....o....q......dL.=+*........4..+c...... .N.@H.Ar.....R...4.......c....o..v...v}...D.RpZ...\Q!.~x6.f.q..-x.../....!g..%..AE.-. .Nf

Chrome Cache Entry: 154

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 13822
Category:	downloaded
Size (bytes):	4625
Entropy (8bit):	7.956239513377618
Encrypted:	false
SSDEEP:	96:KHeOkJafMmNnr4pnB6VkowWPAxCDw3nW7gBJ0d6jLJ/MY6oUvP7CtkMIL:KHPkJafMmzwWPALuoJ0OLJ/Mvl7Cid
MD5:	4413191E386B6CABD8C54C6BB38FF669
SHA1:	8BB88E3F779177D9B29E9DC25AE8738007A265A3
SHA-256:	96D7E3BE6E55ACC74501E3932CF78550395C316A5F78A61FC69C7E127D1FCCFB
SHA-512:	C78A0412893668B5AD040868AE4B85E2D36D682BE3A1175DE2D247BBF18F12423522646BA40034466DA2107D088BF6692E80969F50E29A376DFB19FE67C098F8
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.15.097368f212a6a942763f.js
Preview:	...........[.s.6.......h.3M..%Yr._.uzy..y..9E..%.b#.z h;......$EJ..v.NM-..b...9.{.x..c..y.p#...X0....s.P.1...g..^...N[~.uY...........W..\|........=.Y....4.._.p.2........:H......df..~g.Z..w..4....w...+3%R....<.....I....%..X8g7s>.,....q..0J.4...x>.......#..s.+#-.E+$.0.L.$.$..2.i..i+.."^r!.TH..\|5.[..._...{.w.......--q..T......D...ee..uO......2^j.N.@.b.d.....^..#./..`t...i..V..t.'..7..l~%c.ny.....,.$d....A:.^....o..6/O.'.o)....1I.\|r..hi.I....O.....m.]..w.....^.v.Lp..`QBZ]..i...J..g.r=..=...U.[..g.......w.!.R.^.T.....1.g........x...,....$..h.Z{M.@p...a...f#..y<58-.......c...2[...%......tc..B.. ^;J.....mw..h.a.B8dv.\|%#.q......(.8q.8i6.....4w.~......nD\|.p.g"^.....J....2.?'...q!....m.8...gw.-.6Z..._V.v.f....\.."".4... .....p*........F..Xn.M...Sk...>......'..,u..7..E...y....?.......c&.3.....Qf.3J..[=....L....m..\....Z26nb).]g.1~.O..q?.%.Mg......b..g8.....W.q.)T...aK/`.#7..Y...7.e. h.8.&G..^.b...Z\T...s....,...+&.5r...8.....9.JC..l...,

Chrome Cache Entry: 155

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1566)
Category:	dropped
Size (bytes):	41276
Entropy (8bit):	5.2368089739293495
Encrypted:	false
SSDEEP:	768:EkxiX+skUbNIvnXh5hC+gSyJNbX+V4N8zuZYJOKLNWDjqcR5cXcpcO0cDcIvScTu:lskUbNIvnX7hC+MNhZYVNWDjRE3
MD5:	CF98EF659A7C40F16FB89858EE051693
SHA1:	F223F862E3DC2347DEC54A932E35C5BC5F794C8D
SHA-256:	D1DAC8F97C25357AE55BB0FF7EFAB6349022317CFBC549BB2057C15ED2DD337D
SHA-512:	58043EF2BA149E03964670CA8A2FB8039691129058FB95D29851F84E7D65F66270B5ECBED675D56E871D6722B959FF3AA7ED2672E1E3E89B6F071A90B120C7E4
Malicious:	false
Reputation:	low
Preview:	(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[706],{43862:function(t){"use strict".t.exports=Object.freeze({ELEMENT:1,TEXT:3,COMMENT:8,DOCUMENT:9,DOCUMENT_TYPE:10,DOCUMENT_FRAGMENT:11})},96339:function(t,e,i){"use strict".var n=i(38694).t.exports=function(t,e){return n.insertNode(t,"insertBefore"),n.childNode(e,"insertBefore"),n.hasParentNode(e,"insertBefore"),e.parentNode.insertBefore(t,e)}},38694:function(t,e,i){"use strict".var n=i(37844),s=i(43862),r=s.COMMENT,a=s.DOCUMENT_FRAGMENT,o=s.ELEMENT,h=s.TEXT,c=[o,h,r,a],u=[o,h,r],l=[o,a].t.exports={parentNode:function(t,e,i){if(i=i\|\|"target",t&&!n(t,l))throw new TypeError(e+": "+i+" must be an Element, or Document Fragment")},childNode:function(t,e,i){if(i=i\|\|"target",t&&!n(t,u))throw new TypeError(e+": "+i+" must be an Element, TextNode, or Comment")},insertNode:function(t,e,i){if(i=i\|\|"node",t&&!n(t,c))throw new TypeError(e+": "+i+" must be an Element, TextNode, Comment, or Document Fragment")},

Chrome Cache Entry: 156

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), truncated
Category:	downloaded
Size (bytes):	20
Entropy (8bit):	1.1219280948873622
Encrypted:	false
SSDEEP:	3:Ftt:Xt
MD5:	3970E82605C7D109BB348FC94E9EECC0
SHA1:	E03849EA786B9F7B28A35C17949E85A93EB1CFF1
SHA-256:	F5D031AF01F137AE07FA71720FAB94D16CC8A2A59868766002918B7C240F3967
SHA-512:	59C8107C5A9678CD4B6BD1D194AC0987CE0D0542CEEECE8430452C238375AA49F0CEA3646935315EA994D8AB05E56AF112157122BE8272185830093FD5922B67
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/global-elements/2426.0.0/assets/ac-footer/legacy/appleicons_text.woff
Preview:	....................

Chrome Cache Entry: 157

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (664)
Category:	dropped
Size (bytes):	14214
Entropy (8bit):	5.423098025111413
Encrypted:	false
SSDEEP:	192:5Ou495s6yYMkJqYWJ+Jaucgd/ix0BSc1e6t44KfKb6m3PbBISj:5BVuqYWJ+Jauld/g0BS56t4IuoPlISj
MD5:	853877426A53490ADEDBCB2E1CE9624E
SHA1:	BA2E275A1C0148B2F12CA53F17746BB920B7D555
SHA-256:	F3163FB2E48B27F81ECCDB331EEBD4F05AEAF9AF7253765323A35E869D8E5D6B
SHA-512:	12368317D1C18BD215ACB20B1D4EB859C72A7DA8FBD8299348E2D5A462EBE57BC015748330C4C1E07FF5404CEBE61B1A228145F9748D92C12DD2B00346AC910E
Malicious:	false
Reputation:	low
Preview:	"use strict";(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[572],{24178:function(e,t,n){n.d(t,{BU:function(){return J},EE:function(){return q},GP:function(){return H},L5:function(){return Z},P0:function(){return R},Qk:function(){return B},SC:function(){return O},Z_:function(){return X},tO:function(){return ce},vc:function(){return k},wr:function(){return oe}}).var r={setDelegate:!0}.function o(e){return void 0!==e}function i(e){return o(e)&&null!==e}function a(e){return d(e)&&0===e.length}function u(e){return v(e)&&0===e.length}function s(e){return p(e)&&0===Object.keys(e).length}function l(e){return"function"==typeof e}function c(e){return"number"==typeof e}function f(e){return c(e)&&e%1==0}function d(e){return"string"==typeof e\|\|e instanceof String}function v(e){return!!e&&e.constructor===Array}function p(e){return!!e&&e.constructor===Object}function h(e){return p(e)&&l(e.__lookupGetter__)&&l(e.__lookupSetter__)&&l(e.__defineGetter__)&&l(e.__de

Chrome Cache Entry: 158

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 10204
Category:	downloaded
Size (bytes):	3286
Entropy (8bit):	7.941944860141302
Encrypted:	false
SSDEEP:	96:Nd2YK0hAIwzdlkOOSBLnYuIzIf/gDZTMWIlGHb/:e4AFzbOmVeIf/gDgGHb/
MD5:	7F9932CD5D7773B02956672DC9098086
SHA1:	E56531B4B3AAEE0CB7DB5C3B4AF937628E9EB1D3
SHA-256:	E96A5115782EAAADAC80D84C84A66ED9D18AD19FD0771920DA128BF3087068F4
SHA-512:	08999D8C5F28927499EC7D1F155801B9C0AFA6F529C791941AA5B014604B55D755816083E8DD8022BA3CFB385C822A12434CB24DFFD6CC9ABBC2D8746A8EEB6E
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/global-elements/2426.0.0/en_US/ac-global-footer.97e3f38781ba136c719d08ca0ec5162f.js
Preview:	...........Z{s.6..4...c..,..t.v.k..;....... .5E.$.G%~.....m+....z-........oM../x...d..B..G.3.b..Ss._F...;/6..hR..q.....?.<f...c.<..v@c&.qh....8..1O.!......q......H.S.N.y4Y..xEv.........~4a..t..........={O,?E.....+...b.8.4......{A`.l5e.Z.S..-1%qo\|)..).fV."..h."..d:..P.o.CY...FoC;`.......!Z{.eI.U.,....,.f$". C.WwW.;......O.#G..4M.........r?.M..3..W.!.:M.&....E...U.&v..e..e^0.[..^_.........OR...b...."p.6,/$....8..M.0.R........;.S.3aO.\b:....+1g^.>...]....,.(..2....2..e'.dfu.a.H......\|...vz /...$.....VO*..vs...e..).......\.w:4..{W#..c..i....ZnK0..U.l.[..m\.]..0p......th..6..+..#.U.I......!..(L......D..xIr..C.Q..F.R......q.V0.......f.Mh.@?.....Pa... ..s.{....b..f.Z.H.H..0;........O..y..i.[s.r...<...S%.\|..../.^.Z...G/....[p.V.Qx.U......\.B..f.BIjm..t\.......!.?....,OS..l..3..G.NB.M.l.v....\/.@tp....}......'.Jih.1...-@by..K....4.sQx....Q3...i......jl.G_.5...6. 3.@Ci'.y........z..O.B.\.1s.......B....d..O../....,..L9(........ 0.\...".\|i

Chrome Cache Entry: 159

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	downloaded
Size (bytes):	196938
Entropy (8bit):	5.135396650531942
Encrypted:	false
SSDEEP:	1536:+jNyqUXiJc25xwftWJc6qdcLwQnQoAkSWZmT6ocTzVqJlO4QA3chodGWXTDvFz8L:cUXiuatrXojm
MD5:	00457FBC4A59737B8E35F6AB9FA9CB0C
SHA1:	18E6E6066B28939E219A4CF8E45F07CF25C601F8
SHA-256:	F5EC5CFEFC085F50D63BC1E671B579DE23B1F9C0999A60DE6853552910730A31
SHA-512:	79B47CE7F6F45B4A80E2B808AA26072E627AA84A50C70E2E9E58E6DB31713CCF28AD79E45B15AB81DC4B74FFB2D4854D22E182C1EF1D666C65A9AABB9B0AC81E
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/api-www/global-elements/global-header/v1/assets/globalheader.css
Preview:	@charset "UTF-8";#globalheader{all:unset}#globalheader html{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#globalheader body{margin:0;padding:0}#globalheader ul,#globalheader ol,#globalheader li,#globalheader dl,#globalheader dt,#globalheader dd,#globalheader h1,#globalheader h2,#globalheader h3,#globalheader h4,#globalheader h5,#globalheader h6,#globalheader hgroup,#globalheader p,#globalheader blockquote,#globalheader figure,#globalheader form,#globalheader fieldset,#globalheader input,#globalheader legend,#globalheader pre,#globalheader abbr,#globalheader button{margin:0;padding:0}#globalheader pre,#globalheader code,#globalheader address,#globalheader caption,#globalheader th,#globalheader figcaption{font-size:1em;font-weight:400;font-style:normal}#globalheader fieldset,#globalheader iframe{border:0}#globalheader caption,#globalheader th{text-align:left}#globalheader table{border-collapse:collapse;border-spacing:0}#globalheader main,#globalheader summary,#globalheader det

Chrome Cache Entry: 160

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1898
Entropy (8bit):	7.850523612158445
Encrypted:	false
SSDEEP:	48:ByD/lHddqCGo5OLsCvyMAgt6aFkl6l3m1GV:ByD9Hdd/dMLN64Pk8l0W
MD5:	1B7E5331C925D2955C32722373F22074
SHA1:	EA738298073178C42C9F331922CF957C4DF444CE
SHA-256:	2A90340B8C4DFD1D8B598948727D5DD18067C3249B0F4396F094B77DAF086CD7
SHA-512:	0CF6A908A9584AD494FB3BB2ABA7074A01464ED352EDAF1D9899356A726330038E8A9E989570653A01A422A234ECC0037BCD1B5205167E992B230947EDB03C25
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/9f/9f/dc/9f9fdc11-262e-0317-3fe0-8dd38c4fa25d/AppIcon-0-0-1x_U007emarketing-0-7-0-85-220.png/146x0w.webp
Preview:	RIFFb...WEBPVP8X..............VP8 ....P$.......>.L.G....[..<.D.7p..\|.?....7..U.;....z.%..v...'...O.g././...o\.......\|..r~........C..?.pL...ar.`....y.}.P.g.....f..--.e..Q..Z.....+.aG....XcC.Kca{p..(12?MKI....E.1.omE.@.i.W8.K.m~......r.. 3<A....d.vZ/E(.:h4.W..[o....?7.N....+.7..TPh......N3.....d.jD=b..'....v.>_-..~.#MZ.j.......;...N.n.V\..03...m}.`....%.F..;..s.^..../n.x..4...N........$.k.].2.R..C...G3d...0-.!....G.rK.:...fi.g[..U..5.Sj.....>.V.V[.=k..!.z...........MR..>h..OU..h.-^..t.3k..}...bh-......8u..Pq..&w.K.+.....{.....a.?..cb...z.i.M..k.!.., ........HY...{~.x.>x....'lL..h.4.s... .#.S..>.QWA.@....n.bBy..-AX{z.X.G.;...z.......79....Y6.H.r7...6'...h...z...uT...@......y..8..s.}.[....q...j...=?.$3=lj.g.:.......h.....;.M..2.X..w.C..A.9....c/+...v.#U....ED...f.W,U-..Y.....=TM4....x.l.uk....o.!..B.... ..K...;.....Z...E.V.g...z..j.kk.....B./.P..X..h?......X...u...f.Y{.=......x.ED....T..........[.z.H....$AMD...E}...SEhB.......kz......_.s

Chrome Cache Entry: 161

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	1204
Entropy (8bit):	7.681918994939868
Encrypted:	false
SSDEEP:	24:MdWiPkkpvvcc7E1XDj8PtMKBc4vj+OVEPTbfgMpPKCpuoF70RzrHCZKC:wWBkXcc7EBj8Pxa4vjAPTfpPKCpjF7gI
MD5:	B32902B66013F4CB5FA230CE8D4EA5B6
SHA1:	1B10499F28F34F277A4FE2628733BDCC94D0E3FB
SHA-256:	A6B6BD711F30F18A3E36599A5D4D9FDE49FB504F207AC5F5C99D45A768C809B7
SHA-512:	DC33DC43D32E501B03B0DFD3BD784762EAAE8465BF3EECD6E7676ED81CF71F1D04B2AB708A15C65773FE69F5ABABDAFF468618D424F8A2EF8C878DCAEF109FFA
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X..............VP8 ...p$.......>.J.J#""!$..@h...n.ru._b......f...+...}.\|....3./.G.G.w.w..`..W[.......w.o......cs..f@.Y.y.-.:...!.......u.....V.i..9.M.....BJ..w+....j..T..a.;........=._.rw..C.....?/].jNN.r7....[.6....ov!.ad.L...I..$j..........g.,.....+....C.8....B..Y...2'X1.4...Q......c.L/.<..g...>.5...t.............<`..v...........%.7.s.>..\.....3.0.w...n.I..q..../..~.P....zGBQ ..r.?7..>.i.w;.B....$....A.Z.....2.f......CRu.......8.V.Wv......vw..z.....s...\X...(.]..........P....M.b.`.{..L......#[./X.9 ;.I.+_);kr.....d=W..i.1......A.R.h'...}..H:..Y.-.o.j..c\...%\.....'?.L......ON.....~..F.y...v..zS.p.)#.?..NU..0....,.ew....q.L....c.r/.:.opP.....w.!....]..<G.?..W)........j.S..N..0..F.x...6Z.......;.w..\|..9....?.2.6+....42[..*.PK.....?..\|..3@W.Y...ZB.B.[....6...d....\|......FL..@..9.EV..r4~.\......(k\|P.n.k#c....R....L..r~.\|......w.s..+.7F.....E..).a5$..hL..(..fGm...........3..Z..Qe8z.. F.[..36....B.@L.C..G ...DY......

Chrome Cache Entry: 162

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 109628, version 1.0
Category:	downloaded
Size (bytes):	109628
Entropy (8bit):	7.997834372736158
Encrypted:	true
SSDEEP:	3072:I/PVzzcH7zULTR9S41qKYgEtXD/PhU/ffXEMY96gYGWPrInVe:+PlLd9N1qjxhYcZW84
MD5:	67A9B38ABD1F9F80D5ED943760F1C1E6
SHA1:	9C646D28E62FCF3C4A1ECF7043632FAE3DEA6270
SHA-256:	8D73261B2DB18AF30E93ACBC8E8591E0784706FC283C37C465F92012256757D2
SHA-512:	A479BB307B03F74202B24E95D85085E8855C48713E443F5EAE0CABD077D45282F8765BCD6D36733AC336504E1AE1B1C3CA3BB41A428F8A240EE7E7B91FAB39B8
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v2/sf-pro-display_semibold.woff2
Preview:	wOF2.......<......xd..................................H.`H...X...4....6.$..$..(.. ?meta.#..`. 8.t[.w...O.....m...ElU6......#..@dc..~.....1D'I@=h...3.m...................w'.H....^....P.P. .("...Y.K..4...i..R..Y.WH1..27..b..J.N.....C.C..'.h...{.f.8.2K9...[&...i/>b_8@..yX..q..=Qw=.......\Li.t..Q.....`Ov1.i.y............q..4#.(a.7...A8n.\|b...{o...Q.0}w.CL..ft...M.b...p...(.s....19...L....l...k.KJ6n...7....FZt....\|oc.n=l......5~!p.1...SOX.+.dn....Be.s..}.T..'.......4y2....,u..+U..]..~~.$..O...z....r.dEg.......<..yN%Q%8}...a.qu..]M...zcGwY...q.!#..,..4......n.X.W..B..s...i...B.`.DD"..b........c1....24w..\G.p....~.4.....M.^x.W.......[.CbS..b4.Q.c..N.."..._....t.-...F...q 'W.O..I......MjBX......?.nF......Ih.y..b.P.S..A..H..l.v}d.m..~...7.<.?..../...,$.).m&.."Tw....?.v..m..k>;v.Hf...c..."k......$;....Z...../{.........K.~."cXa..aQf.6[.U....>...d...P....j.diUI.'1...{.w6w.%.P..U....m.X..).%..K.......Z.Pr.2."...66`#kd.....U...E{.U}..^{..._..;..W).

Chrome Cache Entry: 163

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2158
Entropy (8bit):	7.827943467617114
Encrypted:	false
SSDEEP:	48:0+mB9DWCUCA5ScasLoVaC9vJ/rKSKv1fvCSoYxvy:0+m2VCAIZDPJGSKtfvRDy
MD5:	A1D83553F4711BAB5296DEB2EB39A4F5
SHA1:	10B44AD3026C913FAE4826C500A897C92DC20C17
SHA-256:	44CE60C2DD80EA5CB0FDFE61E4BAB016F25AE8D7A88E55BE44207433AE9A1A47
SHA-512:	0E461AA1E8F85C1F3E77ED93B24C8298474129AEA0708D0583E4186752C4C0E3C93F65CE7C7E1FEEF77F328DAEB227A4A075B07F53A097FBCBA7E4A0700AD2F8
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple221/v4/e0/82/80/e08280bf-3aed-5670-8d29-821674653238/AppIcon-0-0-1x_U007epad-0-0-85-220.png/146x0w.webp
Preview:	RIFFf...WEBPVP8X..............VP8 .....&.......>.P.H#...y..D...7n..=..v.o...e...a.....=...?I.a..]4.n.C~.z.~......q........G.O..I,...1...0;(..W.M.<.....{.F..6p.cWS.A\....].y]..6.......F.=?.aNZ8.j...w;Lu.wz.6...b.......;.x...g...l50..tB...0..~../....E.!lK#....#z.H2h.~d...`.2$.,....\|..]a`.d..Rn.I.9...W..6Q.v.(..f..].iK...\.......^3..:...1...Y.8.......X.,\zZ..f^@..t...U.....{.$?.....].Z......\?=.........O....c..7?l`.c...'..50nB....x..o..qz.#.*.}v... n.............>.'..6.....+{OW....~u!o....0.[`'&Y....[{....\..kzGy....$.R#2..S.;:.,.k........4y.H,...F'f.......W@.zk0(..\|.4..V.x..}.V...-./-......)q.TW..<c.+M.j..g...oh5...4.n`Q.!.rb...8..3a..&.a.mj.....o....!.....l.%?....I....<.._?.7.M.AD.w.Z$\|/..,...E%..........G...D...7.A..p.1!.)Tp...d......E..."....z....R]5.i.66>..;.@..{...Ch.......5..m.G..P.[m?.T"...9s.n)...[.t.B...a....H!.dE."..N..D".r.ws.....K.R.n`..P......$o....o...5JW.u.F?kr..&u..A5.$.W.(z....kH@..K..>..,..mA.D.q.q.D....S.0$.."..CC.WQ...

Chrome Cache Entry: 164

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	1189
Entropy (8bit):	4.4877009445301965
Encrypted:	false
SSDEEP:	24:t4pt6kwjNllHfeyQTGWug+7V1AUczWf66yad1VDheBK8bwoN5L+:o0k+8TOg2Pf6y1ZhkrwoNV+
MD5:	61226AFCAE6A8F2B3D2755728DAAF4F2
SHA1:	8489CAF428F9F579A8B31AEAD973F6C361711414
SHA-256:	47EAAEA809BFE2FD94F78F3C94372B6328F37748BC0EEDFD1B2AB937027962CB
SHA-512:	C1F23A9E1555C1BDB558781327EE018F2825C2C2238945866351DA248CD39FF9102D729078A47040BB00516CFADFD2B5EF2C88B661A76563A65553B7C7421FC4
Malicious:	false
Reputation:	low
Preview:	<svg xmlns="http://www.w3.org/2000/svg" width="100%" height="100%" viewBox="0 0 230.5 230.5" version="1.1"><path fill="none" stroke="#000" stroke-linejoin="round" stroke-miterlimit="1.41" stroke-opacity=".1" stroke-width="1" d="M158.22 230H72.28l-8.22-.01a320 320 0 0 1-6.93-.11c-5.05-.06-10.09-.5-15.07-1.32a50.83 50.83 0 0 1-14.33-4.73 48.2 48.2 0 0 1-21.07-21.06 50.85 50.85 0 0 1-4.72-14.34 100.68 100.68 0 0 1-1.33-15.07c-.06-2.31-.1-4.62-.1-6.93-.02-2.74-.02-5.48-.02-8.22V72.29c0-2.75 0-5.48.02-8.23a320 320 0 0 1 .1-6.93c.06-5.05.5-10.08 1.33-15.06a50.74 50.74 0 0 1 4.72-14.34A48.2 48.2 0 0 1 27.74 6.66a51.02 51.02 0 0 1 14.33-4.73C47.05 1.12 52.09.67 57.14.61a320 320 0 0 1 6.93-.1L72.3.5h85.92l8.23.01a320 320 0 0 1 6.92.1c5.06.07 10.1.5 15.08 1.33 4.98.85 9.81 2.45 14.33 4.72a48.19 48.19 0 0 1 21.07 21.07 50.9 50.9 0 0 1 4.72 14.34c.82 4.98 1.27 10.02 1.33 15.07a320 320 0 0 1 .1 6.92l.01 3.48v94.09l-.01 4.8c-.01 2.3-.05 4.62-.1 6.93-.07 5.05-.5 10.08-1.33 15.07a50.68 50.68 0 0 1-4.7

Chrome Cache Entry: 165

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (12513)
Category:	dropped
Size (bytes):	13517
Entropy (8bit):	5.314863543101727
Encrypted:	false
SSDEEP:	384:8nlFipHnQ5/BRZJ/bzwT62waHKsR5ssRaREW+ou:8lF2HQ5JRjbQw9sRasROEWY
MD5:	24F387A60FE0B05A15426D721C397D47
SHA1:	012EB578C3C097193F20F123732AC646D2800096
SHA-256:	6AD8C8A703856136FEA1D1911FE8C0E09BCE87EDE20F4C8B98AB8F8961462738
SHA-512:	787E1A2BCCBCD973135E53B53FA5BC89E59AC277D95F30B0595B225667B1F0DEB6616914915200ABB6E522DDEA144E2EEF140876CA502D1317E13E86E63DA9A1
Malicious:	false
Reputation:	low
Preview:	/!. IMPORTANT NOTE:. * . * This file is licensed only for the use of Apple developers in providing MusicKit Web Services,. * and is subject to the Apple Media Services Terms and Conditions and the Apple Developer Program. * License Agreement. You may not copy, modify, re-host, or create derivative works of this file or the. * accompanying Documentation, or any part thereof, including any updates, without Apple's written consent.. * . * ACKNOWLEDGEMENTS:. * https://js-cdn.music.apple.com/musickit/v1/acknowledgements.txt. */.const e="musickit-components";let t,n,l,s=!1,o=!1,i=!1,r=!1,c=null,f=!1;const a="undefined"!=typeof window?window:{},u=a.document\|\|{head:{}},d={t:0,l:"",jmp:e=>e(),raf:e=>requestAnimationFrame(e),ael:(e,t,n,l)=>e.addEventListener(t,n,l),rel:(e,t,n,l)=>e.removeEventListener(t,n,l),ce:(e,t)=>new CustomEvent(e,t)},p=e=>Promise.resolve(e),$=(()=>{try{return new CSSStyleSheet,"function"==typeof(new CSSStyleSheet).replaceSync}catch(e){}return!1})(),m=(e,t,n)

Chrome Cache Entry: 166

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (54502), with no line terminators
Category:	downloaded
Size (bytes):	54685
Entropy (8bit):	4.949096357757183
Encrypted:	false
SSDEEP:	1536:OS7p4X4HeZvR3b8uuXTxXhfdjiXcOEvezvee/5NVwA1NAGBAf5TTCE6/iSphWhOb:OS7p4X4HeZvR3b8uuXTxXhfdjiXcOEvM
MD5:	89780A9D2EEDFF61551113850A3547EF
SHA1:	6365051BAD2052F07E30706797A161704731F33B
SHA-256:	590B2F2F1C0CAFB359841C32F78516FD3352C9DE82B0E2F1A0132BE6DCF035E6
SHA-512:	10B39022616F57E3FD8371FCC0D2ACE5F55552FD6938719BAE712E48710564A4D7025BA9AEF362F5366D4D2CCF069C1CF45B06F34A2FFA4D9F996D94C8230FA1
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/global-elements/2426.0.0/en_US/ac-global-footer.89780a9d2eedff61551113850a3547ef.css
Preview:	@font-face{font-family:"Apple Legacy Chevron";font-style:normal;font-weight:100;src:local("\f8ff"),url("../assets/ac-footer/legacy/appleicons_ultralight.woff") format("woff"),url("../assets/ac-footer/legacy/appleicons_ultralight.ttf") format("truetype")}@font-face{font-family:"Apple Icons 100";src:url("../assets/ac-footer/legacy/appleicons_ultralight.eot")}@font-face{font-family:"Apple Legacy Chevron";font-style:normal;font-weight:200;src:local("\f8ff"),url("../assets/ac-footer/legacy/appleicons_thin.woff") format("woff"),url("../assets/ac-footer/legacy/appleicons_thin.ttf") format("truetype")}@font-face{font-family:"Apple Icons 200";src:url("../assets/ac-footer/legacy/appleicons_thin.eot")}@font-face{font-family:"Apple Legacy Chevron";font-style:normal;font-weight:300;src:local("\f8ff"),url("../assets/ac-footer/legacy/appleicons_thin.woff") format("woff"),url("../assets/ac-footer/legacy/appleicons_thin.ttf") format("truetype")}@font-face{font-family:"Apple Icons 300";src:url("../asset

Chrome Cache Entry: 167

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 6956
Category:	downloaded
Size (bytes):	6944
Entropy (8bit):	7.974818390915864
Encrypted:	false
SSDEEP:	192:goyWNLd6NIRfB1Flee+BQCymVLFu+Qg2a4:goTNHX/Ti9JQg2a4
MD5:	C0919C6DDF5B850625E11B68E43AC2B6
SHA1:	EC860BF69DF9EB19479DA4DB04761BDC8AB9DE61
SHA-256:	D6F3B0606C37615ADCEEFD0858FF9E6BF4BF1D75CAD83F26720AE8D562AF2C5E
SHA-512:	F9CCA27F9BF68353E328AC3C42AAA0E140A29B06F836D05D3868C80DDEA89E0E2FB5F54DC3589679904D6FA11C830869A9746DF479CE4998DD083B72E131C2A4
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/webexp-iconfont/fonts/webexpicons_text-ce6ff493b5fcdd0a6b6545a6a51a9db6.woff
Preview:	..........eyUT...m...ww..........4....w......!.K....n..q..........G}........oF..@........k..R....#...j^.O.9y.4.7...=y..........$.....U............X.....A1;.Kk..h....=8....7..S.....a...... &..oH..{}pr.....x.*....g....[].7N..x8ux..Kg.7......>..4B.\=.....7M.M......f.,.-,6..AS..^.W.........@...V.8.0R.........D.!...'.p.CHHZ.4...-$.5.<....F..V...$%.......%cT/.-.-_~....#...:...o9N....5....4....=...Q.M../..Z...r..l\|S.....K.....E. ...>...1/.Zt='.uV+..V.unX9.,....g.G...>....Cz....s...Q..;... ...K.k9..\.}H.....e`......,z`...>.;.....v.......3.O+,%...}.A ....+.?.T{......]X...w@...;.A.....r.......D.J.;/.^5V!......>..z.....[1.~&...^...........P.......f...&..y.......N.\|&rN.r@.......9J.U.).@....H.K,.H..<.h.o.Q..G..IW...g......,...R..wc..O.^....(...>.n.=?.>n...l<~.&.........a&.[.o+..l$\~.-...2ot......f..G.K(\.!...}.....AMN....T7....#..".o..R....z..#.Q$w.n jo...S9...Sb@.r#.KR..q.3.T.]..J..hb+....+..9...N$.......8.r.y.O3. ..d...E......1.:kBi%....hs....;..l.....K.y

Chrome Cache Entry: 168

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3013)
Category:	downloaded
Size (bytes):	7300
Entropy (8bit):	5.323192066160397
Encrypted:	false
SSDEEP:	192:Fi9TDfbkV3mRHx+tvD8XKzB7fk+sI4F1G6qUw:qgVkW78XKpfk+sIi1/c
MD5:	01C41090BDA00093A1989B5F20AC42C3
SHA1:	0E1A136C449E99CD019EE4CD431AA9ED7D3E8F76
SHA-256:	5953C549A70A42DBAF31C669B1878115D23D2F304372BF8D2A21881B5DB3006F
SHA-512:	9B98D96B296FF101F62F58A1EEE6CCA8C96FFB8687AAA8D701870D9C1F11BF8734A07A0445454B31413A1A4EF614CF95893A9681ED3E9BBC68A1FE27978BBF26
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.143.25957e786ae35853db51.js
Preview:	var __ember_auto_import__.!function(){var e,n,t,r,i,o={81867:function(e,n,t){e.exports=function(){var e=_eai_d,n=_eai_r.function r(e){return e&&e.__esModule?e:Object.assign({default:e},e)}window.emberAutoImportDynamic=function(e){return 1===arguments.length?n("_eai_dyn_"+e):n("_eai_dynt_"+e)(Array.prototype.slice.call(arguments,1))},window.emberAutoImportSync=function(e){return n("_eai_sync_"+e)(Array.prototype.slice.call(arguments,1))},e("@amp/affiliate-util",[],(function(){return r(t(2353))})),e("@amp/foundation/-internals/network",[],(function(){return r(t(73624))})),e("@amp/foundation/-internals/storage",[],(function(){return r(t(92141))})),e("@amp/media-api-config-amp-books-realm",[],(function(){return r(t(52215))})),e("@amp/media-api-config-amp-podcasts-realm",[],(function(){return r(t(61384))})),e("@amp/media-api-config-apps-realm",[],(function(){return r(t(61069))})),e("@amp/media-api-legacy",[],(function(){return r(t(89176))})),e("@amp/web-app-components/custom-elements/locale

Chrome Cache Entry: 169

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	1994
Entropy (8bit):	7.837040994242216
Encrypted:	false
SSDEEP:	24:hGsDfUi3AiQCB+zWhMsRxK5kXZQxLMF2dUGeDYmAi6ov27g0PZPz3xm+CvHI:h43iQ9A5xHgLbneDYmAIghPcvHI
MD5:	03F59E71CB4F59BE5C57F613150CDA9A
SHA1:	63D59F81AA0ABD19BB30F6A48E8D9A300C676FB3
SHA-256:	618B7E32A02065767CCF398EE34FFD51F61A42311668CBDCA2AD542EC1255636
SHA-512:	AB7EBA9509B1F97FCBBF303D633F90900024C9B0D044648690905E6090D39BC0BBEC86D87E2068275A700FF9B29FC4DF4B159F43EB18C259DF711546310AB485
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple126/v4/d8/d3/d3/d8d3d311-3e5b-3718-c3fa-7217795928a4/AppIcon-1x_U007emarketing-0-7-0-85-220.png/146x0w.webp
Preview:	RIFF....WEBPVP8X..............VP8 @...P'.......>.P.I#...k.(<...7n.....\|..W...q.?.U.K..x...#...".d......g.......?D.-......._c\|...~.......7.R...^........R....\|c..m....r1..q..Z.Z?0..C....C....).........U?3.....p.<.f.....[..1> 5...q....4~#......,FGgiSh.ZRb.=+2.$PW..YZ......4L.._..i...(......B.Hs..[.Nc...0..x`"..i..../.wW..Qj/.....2td...h.:rG..........f.J......x"K..y.....u..y?.!k;..bC....Q.I.A.=.94^-...C^..J..X....!..1......4)^.vhZ......\|...F.1..-..GP@...............?....,<.,.XU... Z.........b.....u.]t. .L0.I.\|..L.5.Sk.4..L..7.`..va.A...7......).p;.7....<.._...`..p4.zy'...G.y..`.4..l.@...3:[......r..Y..^&.Z[.....@....;..eryf.0.R...{8.:.].iC......h.Y.N.......r...K"...q..B..7i#>Hr.....n.... ....Ij#^.J.......b.%j........,...>.t>p..u.)..MR2....e..9.<.i..{.(e..d.Hr..X6Zj..5.[1....;...q@#\G+fu.p..^..'`T....y&...:j3.zW....:.F..p.Y....&hy..<.....;.=$....(rT^!E..).:@"..,.A(...........L2.N........4d.....!...Ae..}..}p......S/.E........G.gE.Iy.oO.ca.....3

Chrome Cache Entry: 170

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2380
Entropy (8bit):	7.867839733642069
Encrypted:	false
SSDEEP:	48:41KBazIrKYSyWW+4dhfKbBR5/mfu+zlc+hb+1RN2vcXOyPyMo0zxkMt:GKsUS/YtKbd/mflcbGvc+cyAzv
MD5:	4AE2393D0BA363C10EE1E2C0306DE387
SHA1:	0F5501A0FDB0210B3FD73E2F4BC23E25A4E32A06
SHA-256:	20C20E56C3A6F64E9EF226F29A794C5E11DDDD6EDBB7129F33DAEA7CB6CA9961
SHA-512:	11921726751D8A6F693A276C12CE1F44B8762AEFE08E5410E3D4D04230E33946143997504215D16EDD20BD57976C838AE85CD9AD6E68DC6CA91E78ECAEE8A13A
Malicious:	false
Reputation:	low
Preview:	RIFFD...WEBPVP8X..............ALPH........f...Y.....J{..5.!.....M..8,...........;.......8^...........?.'.>......Ja.H.........x..c@....B./....2#Q.e.z.eW...A..8T.....n..C}..v....{.Q..qE......0.i[.[Q.u.P1.31.5..7.Y..t....B.`.7....j.x.3........V"l0.".P$Uo.q.QOEB.C...f...x...X4dk.._.L.M..i..@.. ..N..<'p...VP8 .....$.......>.H.I..'...x\|...f.oG4\|m..-..U..... .'.....:>.(..m...A,.=M.{...)E.P.....oI.B.....b.....xYB..r......mU.Q=.i?...J.FT..J..o.,Q;......]...A.S>c...U.u.o...Q."O.....X.&.VFX"KA..b...M\..E....,X..rG.Q..../;.!u.c&....,...(..y.8...k.u`>.L.>.rnT]4.T.v.O........<.5.uq!.....k...@[_Vp...CT{.~ j-j..Tg.0.5...#2.....$.$L.iin..\|...hI..=../u...9.e).....s.05.....Q......+.....\|e;........_I.......,..4.....V`.....t2....\.;..1..b.../y.....`..Q51p...Yo...V..e{.7.:....7;.x( .db.$.E&v.$..6.(.`.Hd.........)..<.....m[...y.T...h}.....T.L..............2.C...R-..EScz".E.yzGs..j.??.P.7...2yj....(..;.Vg*.~G.-F;jw<..%..0mZ..E..1s..2Zj.H.....[....D..

Chrome Cache Entry: 171

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	625
Entropy (8bit):	4.952963038414406
Encrypted:	false
SSDEEP:	12:UXv7Fc4DpWNRKL+BK/sgl9hrIYerznR3zueIDRTLG9fkVlF38LG0DAvYodXotHNu:u6oTTlrIYevhTuKtLG0MAodXcNu
MD5:	2DFF575911FD65E601AC64F87F07D5D1
SHA1:	AE28A08E8E333C9234AD0D024D0865E5E36C5B2C
SHA-256:	7DF89772DEFA309D97987A7D985ED3F0DA91D81180FE69BB11DA8A8B181B418D
SHA-512:	3E6530272A6497738135CE998D2221588C487A27F20BD3745224F3FA43FDBFF8A2C8DDD42709B01B1CBF8FCE8EB6DC1EC9FADFE5FCF1AAEF0DE5B18CAAA6CBD7
Malicious:	false
Reputation:	low
URL:	https://js-cdn.music.apple.com/musickit/v2/components/musickit-components//p-42d04e97.js
Preview:	/!. IMPORTANT NOTE:. * . * This file is licensed only for the use of Apple developers in providing MusicKit Web Services,. * and is subject to the Apple Media Services Terms and Conditions and the Apple Developer Program. * License Agreement. You may not copy, modify, re-host, or create derivative works of this file or the. * accompanying Documentation, or any part thereof, including any updates, without Apple's written consent.. * . * ACKNOWLEDGEMENTS:. * https://js-cdn.music.apple.com/musickit/v1/acknowledgements.txt. */.const n=function(){window.MusicKitComponents={version:"2350.1.0"}};export{n as g}

Chrome Cache Entry: 172

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 9946
Category:	downloaded
Size (bytes):	3343
Entropy (8bit):	7.938701481636382
Encrypted:	false
SSDEEP:	96:OEocOdm7Bf1s26e/zFwghZ0cn0YrxKg7I9shE9:OGO3Ze7FwgekMg7jO9
MD5:	FE83E244F06D15D1C4E4285C563174A8
SHA1:	D2B32B069BE52988310E13C22CE912C4497DA6DD
SHA-256:	F153EDD3BB5F4DD0305E058FFFB7F2049DAEC42DD6827701893EA44C2D0F8CFC
SHA-512:	CCD2EA0375FC28907FFDE4BA8CB71776E31D44E0924C96F52AE259DE9C47667B4EA738A3ABB61D8A4A09B6438B05B1D389C3BBD2E887BAF6C57F462368BCDA0E
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.722.c70bd733e7b77d8198f0.js
Preview:	...........Z[w.6.~........c...&\.WVRol....::4.I.)...r......$..tw.........\|.c..v../......~....?v.i.8....'^.$\$...=L..hl.I..h..Wc.~..~.i..2d.I.$..^z........?Y..........A............w-.._K.5.2.q..r..B.-...E..7...?./..}.I'...zZ..F..k....u....H.......T.lWo.....:Q..sO...t%H.).8..[........C....z.).G......nOl.5a1.e.E?....La...^.........k.l...x....t....E..4...(....=..P..+ /.R#./.0.."Z....c..^.u'5&>..K.`@..{....@E.~....c.L........$.6H..</O_r.... ..0..Y'.M.............>..r..8>Z...\8....2.w..(..^..zFc.F._.........0..z.I(..,.A?..`CB..@..<d...7..v.%.k.5...hl.~.;..1p...[.9}...+....o..%..........,t..k`....5..@..l...Px...^...N...t....$.m...Z....D.....]..p....Q.?B.z.@dD.>.O...j.x.F.P.Y.C.[.. ..f30A?d.4.....S.F.D.....K.PA....m.....)Hs?H..b,(<......4..&{..5.N.7......./..J..$fqo..UQ.............os..k/..=.X..P.]..J..X.S.i.ekg?r.........0~.%,..D.T~...vF.y\|o...%.T.g...........2..).;.t....Ai.Bi.*...:k...N...%.+.'..j.w...).G(...=.i..^....\..b....[...(M.9

Chrome Cache Entry: 173

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (10204), with no line terminators
Category:	dropped
Size (bytes):	10204
Entropy (8bit):	5.282533445396263
Encrypted:	false
SSDEEP:	192:U38kcmi3U2hQctc1cJcpcZrEccxNsMlcTctcIceCgycLcvXRkEsYNtGr:U38ZZU2hxtc1cJcpclEHllcTctcIc3gP
MD5:	97E3F38781BA136C719D08CA0EC5162F
SHA1:	5604E5C9095068500FD764E4E7608CD489D272CC
SHA-256:	9DC2DC3E987AC76A2AE4DCC3A4DE7BF5D09DEACD4780C9F8BA7EC263380809CF
SHA-512:	0716DD98795D9184A7A1508B87F9D17FAE217CC0364D42D075AF5D4C6BC1FD37E6FC07C4F6798D96AF028608075666D133C15977F38F8748421586BB9833E507
Malicious:	false
Reputation:	low
Preview:	!function t(e,i,n){function s(o,r){if(!i[o]){if(!e[o]){var l="function"==typeof require&&require;if(!r&&l)return l(o,!0);if(a)return a(o,!0);var c=new Error("Cannot find module '"+o+"'");throw c.code="MODULE_NOT_FOUND",c}var h=i[o]={exports:{}};e[o][0].call(h.exports,(function(t){return s(e[o][1][t]\|\|t)}),h,h.exports,t,e,i,n)}return i[o].exports}for(var a="function"==typeof require&&require,o=0;o<n.length;o++)s(n[o]);return s}({1:[function(t,e,i){"use strict";e.exports={EventEmitterMicro:t(2)}},{2:2}],2:[function(t,e,i){"use strict";function n(){this._events={}}let s=n.prototype;s.on=function(t,e){return this._events[t]=this._events[t]\|\|[],this._events[t].unshift(e),e},s.once=function(t,e){let i=this;return this.on(t,(function n(s){i.off(t,n),void 0!==s?e(s):e()}))},s.off=function(t,e){if(!this.has(t))return;if(1===arguments.length)return this._events[t]=null,void delete this._events[t];let i=this._events[t].indexOf(e);-1!==i&&this._events[t].splice(i,1)},s.trigger=function(t,e){if(thi

Chrome Cache Entry: 174

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 97812, version 1.0
Category:	downloaded
Size (bytes):	97812
Entropy (8bit):	7.9978966269531435
Encrypted:	true
SSDEEP:	1536:MxlNoV+iuaRqgnUJ9gPxMZXFwme9Xvaw8aeyH17mP4bTJagZcXU4N/42Y/4g2H4O:MLNoVXuaogUQyZVPeB0yHB9bhoU4NrYc
MD5:	FCF85E1007388C2707C982FB27D09163
SHA1:	1329D694C10F4F8DC05AEF70257E93D0481ECCB5
SHA-256:	878C9752B9A516DDE472D30E4E5C57172B2E766CF21F336DF168E2302382CA0E
SHA-512:	B1ED620469C913144DEB20BA1984DAC483112554ACE2320ACFA0F17CD529D3A0CA2F9B06AE0F7F819136842C798F05DECB16A2DCA77D126428FB0FEA9401344E
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/wss/fonts/SF-Pro-Display/v2/sf-pro-display_regular.woff2
Preview:	wOF2......~....... ...}............................$..H.`H...X...`....6.$..$..(.. ?meta....X. 8.t[.,.......?...t.!.......F..R.~..CL-8..C.F4..UW..3.m..u..1..[9...........\|y...o.......b.Z.....D..1.EL%E..".....iS.Rb].y..j...YBX..R05%3%..$..ZF..Ok7.~......lSR......6.e.....yz...F<..FU....Q..H.)....p".m.+..".~..Y.......@#.........tQ.y~..q92.c..GO.`..x..p.\|RD....7.....T.......b.+u\@.W:....T.u.... .AB.$>. E1.A......?.,.!m..).~e......gd.....v.4..i......<......^e.3.R.J.V4;_..{....tV..Q.._.l....E..,F..\.b.. ..............{..(......C.".......z{...g...F...h+A^...<..\..c..MP.J*..... ....Q+v.5.9E\.q...h..D..%"...p......}Z._..#..8A..w....5[.<\|@v&..1C...m3?w...n...r\|0d{....d./...[.-A.Crre .Ds.T....F.5U.Ly....#rs..?...7%@......a2.B.b7L.....>.=.. ...~..2..o........mo. \C@5W.6....6.i....w...@s.ww+.F..D..h..0....k..........H...l......AR...l.X...n..d....1`T..b`$`...........i....?@s..#. .A0..c..e...6j.....="[T.B.......W?.......}...7.,...5...n..6...Z..

Chrome Cache Entry: 175

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (3175)
Category:	dropped
Size (bytes):	45694
Entropy (8bit):	5.118242929635633
Encrypted:	false
SSDEEP:	768:tpi7T07ytsSwuLFB3t8KbX3zrcW3HsBtuv3BtlK7vKH5v9u8kEFsW1:tpK1L5bTIByv9u1EFd
MD5:	8B2EA74C2950F702116F9B02ABC52BCB
SHA1:	AD7455A6E9F0D7E73BA4B80422EF805FC66F7879
SHA-256:	FFEA291B7D7F014FDC619350CAC7B5CECF876DD20EFB498EF0D915FE3AC4BA17
SHA-512:	942397EE9B53797364C02D073689CD3FC049E2EA7AF9D89F19608A61EBB76DA8A554D124F8BE99CECE74EB540806C9BBC383DAC238448D07A42DFC4D421B89A3
Malicious:	false
Reputation:	low
Preview:	"use strict";(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[990],{67990:function(e,t,n){n.r(t),n.d(t,{ClickstreamProcessor:function(){return we}}).var r=n(24178),i=n(32722),o=n(76588),s=function(){}.s.prototype.setDelegate=function(e){return r.SC.attachDelegate(this,e)},s.prototype.localStorageObject=r.tO.localStorageObject,s.prototype.sessionStorageObject=r.tO.sessionStorageObject.var a=function(){this.environment=new s,this.logger=(0,o.RG)("mt-client-constraints")},c={nonEmpty:function(e,t){return!!r.SC.isObject(t)&&t.hasOwnProperty(e)&&r.SC.isDefinedNonNullNonEmpty(t[e])},valueMatches:function(e,t,n){if(!r.SC.isObject(t))return!1.var i=t[e].return t.hasOwnProperty(e)&&n.indexOf(i)>-1}},p="overrideFieldValue",u=function(){}.u.prototype.constrainedValue=function(e,t,n){var r=e&&e.hasOwnProperty(n)?e[n]:null.return this.applyConstraintRules(r,t)},u.prototype.applyConstraintRules=function(e,t){var n=e.return t&&t.blacklisted?n=null:t&&t.hasOwnProp

Chrome Cache Entry: 82

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7626
Category:	downloaded
Size (bytes):	2620
Entropy (8bit):	7.925904502971369
Encrypted:	false
SSDEEP:	48:X8Hhj6D2c4Q7DmFfKJyNWs2RRstH7lChoIuu7rwBFHnW+H+Wiywc4aN2QmvccdRt:MV6io3mFJ2RslwhoIuufwBFzHz4aN2AG
MD5:	BA4451FF198A78B1A6738510FF360720
SHA1:	0CA6827D2843843E6654D2C4594A01CF1348F15F
SHA-256:	9328F5D1CDA84190350D4220A2A418CA1ADDF26D0C72D8535E0F06F3DA840604
SHA-512:	95C928A69E22000797EA7FAEAB7BD111DF051A05894E262960D276DE746140ED4D0F39218035825CE76131C049E2B4B0C00C2327DE6BBDF452DA1FBA1E1629A0
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.26.d8fd25d7ba389f9fe03e.js
Preview:	...........Yms.H..........}y.bW...x.{k..'uw..k@.(.3df..@..zF..B.I.1z.y.~..gFv,..J.Ce..H.F...3:\|:.........4V.1..P.........7....?~.@V.....;...U..D..'......"+`.Pp6...Kw%@.Y4!0.W.0.".Qcr..p:. .....~MH....w..a..\<..&D.2...!....%S .4.2:. .iu.$ncN.%}.\|x..\"...............].}...<...N.!.1..P....%GnF........q..4....j...Y....._..y..M..g...........].>....%.N0<.6..:....)..M~...;...3;!s..\|.MA.J...x.'.-.P....0..0.s(^^....D.!3....e`........<4..X..C.S.(jd.d......(rb........[..3,..'d...xt6.....A..Lp..6.d..!mG.8.....u.......=/w........s..........t_3.2.St..9.F\t...S.@..P`).N\7..Y..........N....5..:...Wy.PK..e.c..d.._d...4.A.."..N.<....8#.<.#q:F.f.\|...`..L8.....O.8.f.....C0.so...+>.#...w..;m"...]..C...:{.._}?$..........>h.`........a).CDh....^.[...Dy...A.Uz+w.....I.Y.2N.\.p.1.......32k.......z}.n7..FzZ.t..!.M.<LH..[..........`^.l.&.&...&....i`j.M...W........o.S..t.(..b..A.Z..~...:...Z!^....m-&.p..Mk..d..:.4._.\..*.E.G.`...Y84.o.]5B8.}......ivy..LgJ~w....o

Chrome Cache Entry: 83

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (878)
Category:	dropped
Size (bytes):	1441
Entropy (8bit):	4.923625217494772
Encrypted:	false
SSDEEP:	24:ildT+lZadfID4P9Gpl3fBzR1SQLA2RAMRMT6XFKg/7/GpSw8G9bFw4YZn:ild2ZbI9GpvRQQ82OUugFKg/7/Gpj8Gw
MD5:	188415311B33E9DFC79C3CC6147ED47D
SHA1:	486B072C15EA89B3D39F607F92327F1A338254B0
SHA-256:	8B3DA2AC016CE7C6F38F10052C50C7958935276BD5885009716FEC7B3D8ED681
SHA-512:	DD95C297899B58507824F3A3129E060BBA8A9F7D2045526DC66DAB584D19571069D84EB2591B7FBE71A0FBA96DD1BE1A32995184D37FCA9A1F699FC71739644B
Malicious:	false
Reputation:	low
Preview:	"use strict";(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[356],{84356:function(t){var o="touch".function s(t,o){this._target=t\|\|document.body,this._attr=o\|\|"data-focus-method",this._focusMethod=this._lastFocusMethod=!1,this._onKeyDown=this._onKeyDown.bind(this),this._onMouseDown=this._onMouseDown.bind(this),this._onTouchStart=this._onTouchStart.bind(this),this._onFocus=this._onFocus.bind(this),this._onBlur=this._onBlur.bind(this),this._onWindowBlur=this._onWindowBlur.bind(this),this._bindEvents()}var n=s.prototype.n._bindEvents=function(){this._target.addEventListener("keydown",this._onKeyDown,!0),this._target.addEventListener("mousedown",this._onMouseDown,!0),this._target.addEventListener("touchstart",this._onTouchStart,!0),this._target.addEventListener("focus",this._onFocus,!0),this._target.addEventListener("blur",this._onBlur,!0),window.addEventListener("blur",this._onWindowBlur)},n._onKeyDown=function(t){this._focusMethod="key"},n._onMouseD

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1015)
Category:	downloaded
Size (bytes):	996812
Entropy (8bit):	5.473483498850375
Encrypted:	false
SSDEEP:	12288:qBoMXaFHzsbqCI4/LdRb8uCjZqXXUBExd:qW2/LEtoUixd
MD5:	2C9F0D0C9A9EB391A9861A238385EF50
SHA1:	3D6AFC7321D8B4F9B99BC70BFCD7D77F8B3FB140
SHA-256:	7914ED4BA32201861AB68D070EF5A2E218147E7B8927D129255166CB51C0961F
SHA-512:	9CC35A9FC5216FDA3ACF43E943DF379B033DE563B2BC8F142ED9262D80851402216054CE9A223CC1DCEF144F2E927737E54B7D869B38DA29FF7860B444810DF4
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/vendor-7f5ec215d934d1838e849710c21c22b7.js
Preview:	window.EmberENV=function(e,t){for(var r in t)e[r]=t[r].return e}(window.EmberENV\|\|{},{FEATURES:{},EXTEND_PROTOTYPES:{Date:!1},_APPLICATION_TEMPLATE_WRAPPER:!1,_DEFAULT_ASYNC_OBSERVERS:!0,_JQUERY_INTEGRATION:!1,_TEMPLATE_ONLY_GLIMMER_COMPONENTS:!0}).var loader,define,requireModule,require,requirejs,runningTests=!1;(function(e){"use strict".function t(){var e=Object.create(null).return e.__=void 0,delete e.__,e}var r={loader:loader,define:define,requireModule:requireModule,require:require,requirejs:requirejs}.requirejs=require=requireModule=function(e){for(var t=[],r=c(e,"(require)",t),n=t.length-1;n>=0;n--)t[n].exports().return r.module.exports},loader={noConflict:function(t){var n,i.for(n in t)t.hasOwnProperty(n)&&r.hasOwnProperty(n)&&(i=t[n],e[i]=e[n],e[n]=r[n])},makeDefaultExport:!0}.var n=t(),i=(t(),0).function o(e){throw new Error("an unsupported module was defined, expected `define(id, deps, module)` instead got: `"+e+"` arguments to define`")}var a=["require","exports","module"].

Chrome Cache Entry: 85

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1027063
Category:	downloaded
Size (bytes):	93717
Entropy (8bit):	7.997042517900328
Encrypted:	true
SSDEEP:	1536:QOTY3f8UU+Dt3AXK+NQQoiyW+tPEkISUd7M5r65xlYD/X9uK6nyYqR2knM:zTY30UxQKyoRvED+5e5zwh6PqQknM
MD5:	AF4EA63CA0FA75ACF2F8CB401D489EF4
SHA1:	9F17822C04F5A55E96DA67D883176937166A5307
SHA-256:	D9F1B354E7D43D34FF2E3DDCED87E215AAB3B6318CA164EAFA89572D1AB0E52D
SHA-512:	B3DC489CA0F90F780D3A472D00B3A13B7C94B3997308BFC14EFFC8BE220E0DF4A403ED549D99F3D0E436A360576041905D1823F1303DF91ED0DB7DD587B3EE7D
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/web-experience-app-real-5fe15baeec967759cb4cdf00909e8e46.css
Preview:	...........k.$9r .W..j....x?.lW..w...k..Y.VkcQ.....\|0"..{......N"Ow..'..).....AI.D3..h...E?@p........a.lgE ....p8......YU............."+..uW./...`..p...]^....u.\........n{....x.....s]....X....:/n.pW..MQ..W...V.]./.,......\|.....n{...'..b........M.,..n[.....l..]l...A.u<....~jEP.q......(>..z..%..f)...U^f..NKi.q.2b.......6m.P.#w... .........{...."...C.x./.)&Q...&YS.-.$...Z\|...X...3.u.'......\Y@......&...pO.G.H..3;p...u.x.M4.V{.U.u.Q$..f..h.2O...&..Y.......v....9..m....;.......n...^T.~... i)...x..1L..76.]..Dhs.~.$'k. ._........U.0....*[!.5.\|h...f.\3B...27.._.yV]!._.l}.\|.g..MTf..q.p.....k..ia....y.....UneU..f...gC..............l.Q...U.b..Yd..h..u...<..k..........i...\|.@...8..)6.5....n..^.x./..Ta!~X..].h........1m.....9....T./5..)..mAt.<.)......$..#..b+J...&.p...\^......i.D.j(h&.....,.7..z.gu>i.P.5`]....q.CS\H".Ii.u..j..aB.;J.s].....5s'.n=..gG...{].c.@3...H.l.m..."";\./pi.....w. ...LS..,..iZ!S.4c.gk2..n....o...Ah.f.q.a....D.LJ..0A..!%.

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 99196, version 1.0
Category:	downloaded
Size (bytes):	99196
Entropy (8bit):	7.997868398992993
Encrypted:	true
SSDEEP:	1536:SQIJfyDgC8VN2bW1ToDcINoJjl3ox2/OSTGaaLDg39z0mRGRBLfG:lgpEW1T+Hel402bxk3ymQP+
MD5:	474D73A771E0CC31B43849CD2BAD9CC4
SHA1:	1D973B9CD90543FA43E6E74F164149278B9331FD
SHA-256:	AE98C3B1ED18478144791BFA0C71056B422287CD41F9B7D35C99063B04BE58EB
SHA-512:	257279598503AA3203ADA4A1A29CFA550F0485D3F7231E815A3734405D6BA18472D3E3F248CABDF39A774BF9B752D83218244F578D2FECA2C33711AA53888C01
Malicious:	false
Reputation:	low
URL:	https://www.apple.com/wss/fonts/SF-Pro-Text/v2/sf-pro-text_regular.woff2
Preview:	wOF2.......\|....../0...............................&..H.`H...>...,..c.6.$..$..(.. ?meta....@. 8.t[;5..Cng....5.P........-..3.j......1.c..6@..;.......FI}..#.........a.....{0.w.. .fd.i.K.+..p.cL.b]YJ.%..+...c.HF4.ett....=...N......."F......../p,1Z...V$...)^.M..-M%..y/\|.^I......;..>..%...Jl....4.L%....<.l.,.:..u.Wy......:W.F.....}j,. V......-.U.F...8Q..Z}^t{x7......j.]-..V.]..7.).....Zqt..kD...~.......dG.U..b.V1S..8......Q...D7.]....n.9b'....="........&...OtG..R......S._.D$.1d..&...9..=.l..yQ.._J.5.{.T.6TX...\..NX.....#.tqR8L.iDuRkW..2hUa)..7.+........Y...!.........z.J.5U6..C......R..;CN....=..\...j......o...[..P.....{@.L........Y....B..?..;.f..Y...j.]...`..$.iW0=.9Yue.xH7....5F.o6.._[......K.,...-..J[.f!w...VaT.r..\..^TXq....S..G..6...n]l..TA0..0A,D1....R.\|...S?..v...!1Z.lR.......5.LF.....H=..X......`$....`0....F]..m..1...i.S.x..Vc.v?..DQ_&..(.(.......3.........K....`.....E.......n.?..5L...5P.c.( .*..EAQ.....c.F.+.l.s.3..J.k:....+...}v..

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1441
Category:	downloaded
Size (bytes):	481
Entropy (8bit):	7.536297036081311
Encrypted:	false
SSDEEP:	12:XmqGweju7oE/EvKq/CVyOuh/JAklWouQPVqk0sL+QK:XbzMufEp/6LuZJAk8oDP8k5LZK
MD5:	CE6EF0A72B10EAF78B3E6C5FE3136D12
SHA1:	09AB522BB7344C9689F6C0F14BF902B644CDEB4D
SHA-256:	9EEFA8900BB7E44D7EEBF8B99C83AE0AF72DCA68D846D1101F5A0700E854D883
SHA-512:	A158582FD5B0FEC6BEBB454D4B368464A6EB95D29DA9D9002A6704BDD91CF118A96053E51BD6CC844A1C2774983E2E756BC85CC9A5E9FA1A582AD756492ADA09
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.356.4d5c8581cf04321d0a9b.js
Preview:	...........TM..0...W$>...Z..V>...K..V.!......<...F!...@..MsB~~..y3cV....YL..7.^.-DE....R...#.AX..Y^..@.B.....EiR>..y.~..?....R.....7...d.e..Iw35.\|...fF....@.....A..0....HK...../-...@)&.e4.k..#...}......q...YD.Jx.z'.+Z.......k.a.!9.\.&C98.h_.......B..P..XP./.....F...iW.D.....a.D....3C.@s..........Om^{;T..E....f....f..=.."k1...Qm....?..;..?..=.Ozm6k..I...I.ww...\|.%...9`+8N.UnU9.:...-Z...g..YT...s0...G..?":...c[E.=.".<4..W*.e...nY......P#...&.........

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	2580
Entropy (8bit):	7.889992667355294
Encrypted:	false
SSDEEP:	48:8nPGIhH7aGrS8RLQKcVZXr3dh03Rz4P/k9OJ4rU+kuWRxRUX+raVXmyi5J7lI+jM:wP597TXUZb3d2Bz4nSYaU+7D+kXmyi5o
MD5:	037FCB1B6CCFBD92165E0FA4674183CD
SHA1:	8A9EE51277566914FDEEDFF265154F91D319D98E
SHA-256:	937DC778F9A05B92C404109E69DD26618F583B9B27C6412D0393AECE9B26B364
SHA-512:	2627746559A0BED78B7D1ED5FCD2AAFDEC720178DBC02219AAAC56BF72D745E8A7052CC261DEDE26FE16E389A17CE0456A3016440AEA27FAB07AEFB74552A50C
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X..............VP8 ....04.......>.R.I$"...].D.D..z..HJ....Hv.............5...t.YV........m.+...NZ...]....z..Q..(..(.......\|Y..LfJ.x.9..."m..._.H...\.>y....v)w1`..b..R37....}k.R..\S...n.p..d.c.......ZY.NW<7../...2.?D..h.sDji.{$...(..5....Q...UNZFOQ..:.q.;.[.}D..w..iE..m.._-@tY^.d!.rLI.._X...j.....D....=.0..SnJ..Fo_gvic.....m..]..'..............5.8'....P.......c.P2t:.....F.e..{`??Me.....AF.....;..d.x..4.-.....V\| &...+T...P....U..'..v..._<....I..p..}.......H.. 2..0."..:....P38....8...N..i...K..T...F..]k...C.X......`KD......KR.......{j..I..L.+.....t.3.iB..9.jz..-..r.^.T.]........q......T4...Vx`.3.D..y...R..V5..a".Q.9\|gM.;.%..E...Z..t..\|...nX.y.].l.......0.m..Z..X..p.... ...4...6~.'...x..a.`..6pV+...je.Se<..B......uJ.a(..`.\.X.[....a........v e.0).8....5.zU.....^B....n...fH..pO\l..a=....?ez..$.]..y-...X...\6r..:\|.c..qCKh.2.`>hyw....V..+Y...%.J...k]\].%....i.w.S..G...n..,N.........v/A...RZ.o...J..l......c....:....#.r...._0..v..v

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (750)
Category:	dropped
Size (bytes):	2169
Entropy (8bit):	4.9548772147686115
Encrypted:	false
SSDEEP:	48:ildRbgqluYoCoLUmledemlxUlIUvfALSAl/lmmqlmWlfBlAlVlWlgwheAYf9hbF5:INx4gd/d4fTvsaMefp5oD
MD5:	89F8EE167E82FADB507197C109ED684B
SHA1:	F5A728E7805C71BAE1A8786921AB2735AB07C15E
SHA-256:	0B70D5380DCC5A0C4BDD30DE4D68C4B0F598EB4EA92BEEC1B6D5F0852BD96D22
SHA-512:	BC12D7CB827E364176A691C2ED5C73A481547C572A0C00E5FF6B8BD8E698AC7DA96F2D8DA08485F9363F98A1F21338E61A9E813A31DF0A2EB7E96D43A902E5CE
Malicious:	false
Reputation:	low
Preview:	"use strict";(self.webpackChunk_ember_auto_import_=self.webpackChunk_ember_auto_import_\|\|[]).push([[961],{54961:function(n,e,t){t.r(e),t.d(e,{cleanup:function(){return c},environment:function(){return o},eventQueue:function(){return i},eventRecorder:function(){return r},immediateEventRecorder:function(){return u}}).var i=t(71026),o={_document:function(){if("undefined"!=typeof document)return document.throw"metricskit-delegates-html.environment HTML delegate 'document' object not found"},_window:function(){if("undefined"!=typeof window)return window.throw"metricskit-delegates-html.environment HTML delegate 'window' object not found"},cookie:function(){return o._window().document.cookie},pageUrl:function(){return o._window().location.href},parentPageUrl:function(){var n,e=o._window(),t=e.parent.if(t!==e)try{n=t.location.href}catch(e){n=o._document().referrer}return n},pixelRatio:function(){return o._window().devicePixelRatio},screenHeight:function(){return o._window().screen.height},scre

Chrome Cache Entry: 90

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	1994
Entropy (8bit):	7.837040994242216
Encrypted:	false
SSDEEP:	24:hGsDfUi3AiQCB+zWhMsRxK5kXZQxLMF2dUGeDYmAi6ov27g0PZPz3xm+CvHI:h43iQ9A5xHgLbneDYmAIghPcvHI
MD5:	03F59E71CB4F59BE5C57F613150CDA9A
SHA1:	63D59F81AA0ABD19BB30F6A48E8D9A300C676FB3
SHA-256:	618B7E32A02065767CCF398EE34FFD51F61A42311668CBDCA2AD542EC1255636
SHA-512:	AB7EBA9509B1F97FCBBF303D633F90900024C9B0D044648690905E6090D39BC0BBEC86D87E2068275A700FF9B29FC4DF4B159F43EB18C259DF711546310AB485
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8X..............VP8 @...P'.......>.P.I#...k.(<...7n.....\|..W...q.?.U.K..x...#...".d......g.......?D.-......._c\|...~.......7.R...^........R....\|c..m....r1..q..Z.Z?0..C....C....).........U?3.....p.<.f.....[..1> 5...q....4~#......,FGgiSh.ZRb.=+2.$PW..YZ......4L.._..i...(......B.Hs..[.Nc...0..x`"..i..../.wW..Qj/.....2td...h.:rG..........f.J......x"K..y.....u..y?.!k;..bC....Q.I.A.=.94^-...C^..J..X....!..1......4)^.vhZ......\|...F.1..-..GP@...............?....,<.,.XU... Z.........b.....u.]t. .L0.I.\|..L.5.Sk.4..L..7.`..va.A...7......).p;.7....<.._...`..p4.zy'...G.y..`.4..l.@...3:[......r..Y..^&.Z[.....@....;..eryf.0.R...{8.:.].iC......h.Y.N.......r...K"...q..B..7i#>Hr.....n.... ....Ij#^.J.......b.%j........,...>.t>p..u.)..MR2....e..9.<.i..{.(e..d.Hr..X6Zj..5.[1....;...q@#\G+fu.p..^..'`T....y&...:j3.zW....:.F..p.Y....&hy..<.....;.=$....(rT^!E..).:@"..,.A(...........L2.N........4d.....!...Ae..}..}p......S/.E........G.gE.Iy.oO.ca.....3

Chrome Cache Entry: 91

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	11540
Entropy (8bit):	7.977881962879142
Encrypted:	false
SSDEEP:	192:Vmq07FUYxXlzlR6wW13hGKka7SVf3qHrxdTkv84D3dMsvIDRyWSJG:x07FpXlBRhQcZa7sf3qHNlOvbdM1yzg
MD5:	1C1744F7024CF05D64881FDD710B6AF3
SHA1:	01680DFFF2A0A8B620A5D74E71B8B322A7C74DC3
SHA-256:	FB93BE9170BE41B4B755BEBA71F887185153B13EECF3CA9ECE03A7EB24BBF96A
SHA-512:	2FA4C50C00E19371B2EF7945E05712DDE179C0E6C934A7EFA11DEE77804BF7F89072155A020CEED7995597B6AB17F3EA9DEF00CAEAC5E9D572C358989EC7C8A3
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/PurpleSource116/v4/61/37/67/613767ae-ff3b-483c-f604-7c1ebd136d66/c399df7a-e6b8-4bcf-ab21-7692da1192ab_iOS_6.5_-_Frame_03.jpg/230x0w.webp
Preview:	RIFF.-..WEBPVP8X..............VP8 .,...........>.L.I..!..%.<....t..}..7.?.........#...{y...J....v.......1.......N<.........#..~6.....#._.?.2.............{g./._..u...'...`?........3.G...=........g........b.....3.;..b.G.>^..a,%...Ze:..%....4.....}X$.X...>...x.)...f..C...L"......S.E.....Mu.)..)u..{....\...p..+c..Q..2J.{.b. Z..Kzy~...,l..$..1.c'#.\|X..H..s.._X.l..q..........a'..VYC.Ip./k.Q.....b....E.....4......&f~p.b0..?...g,.......{.]..,8.\.\|.k....d..U..}..o....\|)...V..C,.t.A...K......5?;.e.<....j%......7=.d.`..../.V....r....o&.~.....{p".C..6>.m..e.b.`...Z..rX..{.RWeG....w..W....E.....>......0Jl...K.5L.9mC.....u2.7.V.p.W..CU.3.J.\|..0.... .....j8Z....W<.R.n}e*..}.J.r,p.^.(%A.....J.{i.!....zi...z.T.$.~..f....P..M58.N..^..'o....y.5.T.^.H..T.3.W4....SHZ.Q.....}/\|...x..:..5.Gjn!^:..U....}-...e.....\6.^N.<.%...q.b...EA#}._q.....L-.gF...A..J...,...x<c..+...7..x....hX&2..l.`...1......=5a.m....5nJ.]C\|.....(...!(E.D@..uqe}.N...t....WZ.c.h#.p...!r..k.

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 17977
Category:	downloaded
Size (bytes):	6015
Entropy (8bit):	7.963473050891759
Encrypted:	false
SSDEEP:	96:LM5HMlI/xnQhLkkPZ0qViiGg1I+hlebBH1fffPtMt8+wHE3DajlRj:LM/pQhAsZrVi5J+hKBHZPe2PEGn
MD5:	36B996E849FA8B1D54033A79F6DD58FC
SHA1:	FE8C2B02F7AB281D1A3E81BFA40213945062B4EA
SHA-256:	7264FF0C8D56EAC532C34A71102475552C32A6ED9CE2C635B5AEC0BFE1C34D94
SHA-512:	CA06C729ECAD53121DCE408DCD93778C6CC7CB9243F81B6C525359E9DC99C117CE50798617EF2FC98DFD4F579FC4A00B064E6A7BA06DDA0BFB310C706ACDE3FF
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.359.1a547c0d896fa5233fdb.js
Preview:	...........\.s...........%a.wo.....-[....j...y..d..4"dm..~..]....w.........=c..../Y......g...g..r......^....'?F......`.....H.<....".TE._..8={...h..W4_D..b......../h9Kj.f.r.J>#....L.A...+.2.....oO../."E>}.....Q...<.M...^.s.e.r..%)..1........ o/>.GIUe..fc;.. ....(.0,IR^.KZ..iq.....Q1...".1...7)....U2...FWI...xW..-.M.&y.....'lJ(..z..>o.(Y...._eUhz...._"..O.i.G..........C..2N....D.C>.S..A/[.E..,$O<@....F......j...W....M.gDW../,.......k.s......4..iz..d...^...p/...K..c?.....N."...{[3.U.t..t.yAcD.PT.u..+.G1......z..:.e.M..Yp2..6.kJW..v...7n.....\%u..._......r.!.Z.u....f....Q.....Rm?....%g=.e.o....:=.....EN..C1...F,H^....R.H.5m...b...:.ec0...Ln...OT......X......#./.<..c....B..9]...eA.y.a..4).....Y.g....L.1......X.....A.).....K...X=......q..]y...KGG.Y1g.c...j.g..xegti=...na.{)+*.S.].VE.C.T..T...9.xszQ_z..;.<...O.Q4~x......S...(.E...]..{.....O...k+of....".g3p5%..,....U3h../.o....gzS.e....G..BfE%l.M.l....,C..2....=e.a....L.L.....{.9....`\..

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (9869)
Category:	downloaded
Size (bytes):	10413
Entropy (8bit):	5.257533978847801
Encrypted:	false
SSDEEP:	192:8nla2OCNzv/zCPfx1WY6Q8X4tYPNF9cxi3/lpemo+AW4mr+oaq5:8nl3OCRvbIfxkgUPRcxw/lpemoPW4mrb
MD5:	1B5686244F6C6516B3C0CB73B85DEB30
SHA1:	207E5F9CC6C80B1B84C18CDFA732A5C3CC43AE2B
SHA-256:	3A91FF301DBC45B9035E65C7CACB68C5C06105196AB82BDE6AD6970348F2D819
SHA-512:	73AC415260CAA2291E3F2A24393B226E1275A1981775E3AA4183B2ECC941872AEB3F1024756479FD56E26F3E27976607E576A835864892F547E17DA17A3B6A32
Malicious:	false
Reputation:	low
URL:	https://js-cdn.music.apple.com/musickit/v2/components/musickit-components//musickit-components.esm.js?t=1728492271431
Preview:	/!. IMPORTANT NOTE:. * . * This file is licensed only for the use of Apple developers in providing MusicKit Web Services,. * and is subject to the Apple Media Services Terms and Conditions and the Apple Developer Program. * License Agreement. You may not copy, modify, re-host, or create derivative works of this file or the. * accompanying Documentation, or any part thereof, including any updates, without Apple's written consent.. * . * ACKNOWLEDGEMENTS:. * https://js-cdn.music.apple.com/musickit/v1/acknowledgements.txt. */.import{d as e,N as a,w as i,p as t,b as o}from"./p-1ec6e574.js";import{g as l}from"./p-42d04e97.js";(()=>{const o=Array.from(e.querySelectorAll("script")).find((e=>new RegExp(`/${a}(\\.esm)?\\.js($\|\\?\|#)`).test(e.src)\|\|e.getAttribute("data-stencil-namespace")===a)),l={};return"onbeforeload"in o&&!history.scrollRestoration?{then(){}}:(l.resourcesUrl=new URL(".",new URL(o.getAttribute("data-resources-url")\|\|o.src,i.location.href)).href,t(l))})().then((e

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	157537
Entropy (8bit):	5.450896766346486
Encrypted:	false
SSDEEP:	1536:VcQ2UlYdxMXwcK2Bg6mqBhHPVy/ynVmXeXWH2H3i47UW4nb00pqpIReMaahQYg5U:f1mhfaahWIhsMkVT+BTtdOaBrdD
MD5:	E8E8B7A18F4EBDA24A25F702B22FA5C1
SHA1:	45DF73C1E3A0A3221A36654FCC46250E31D44C3C
SHA-256:	B740DD04F5C2A05AC983F4716999989B7A05B48C7E4717F77729B3DF19E97E3C
SHA-512:	57098BD96ADF38227E5B3C05CB1C715A9207F0BD4B198E3CF2B2A654D020BA3E0D65D04614F041E4291C86D928AB290619319C8C27F54D4563CBE71779568030
Malicious:	false
Reputation:	low
Preview:	(function(mt){typeof define=="function"&&define.amd?define(mt):mt()})(function(){"use strict";function mt(e,t){return t.forEach(function(s){s&&typeof s!="string"&&!Array.isArray(s)&&Object.keys(s).forEach(function(n){if(n!=="default"&&!(n in e)){var a=Object.getOwnPropertyDescriptor(s,n);Object.defineProperty(e,n,a.get?a:{enumerable:!0,get:function(){return s[n]}})}})}),Object.freeze(Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}))}var Ye,M,ss,ns,Je,is,as,dt={},os=[],Pn=/acit\|ex(?:s\|g\|n\|p\|$)\|rph\|grid\|ows\|mnc\|ntw\|ine[ch]\|zoo\|^ord\|itera/i;function we(e,t){for(var s in t)e[s]=t[s];return e}function rs(e){var t=e.parentNode;t&&t.removeChild(e)}function Xe(e,t,s){var n,a,i,l={};for(i in t)i=="key"?n=t[i]:i=="ref"?a=t[i]:l[i]=t[i];if(arguments.length>2&&(l.children=arguments.length>3?Ye.call(arguments,2):s),typeof e=="function"&&e.defaultProps!=null)for(i in e.defaultProps)l[i]===void 0&&(l[i]=e.defaultProps[i]);return et(e,l,n,a,null)}function et(e,t,s,n,a){var i={type:e,props:

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	downloaded
Size (bytes):	2380
Entropy (8bit):	7.867839733642069
Encrypted:	false
SSDEEP:	48:41KBazIrKYSyWW+4dhfKbBR5/mfu+zlc+hb+1RN2vcXOyPyMo0zxkMt:GKsUS/YtKbd/mflcbGvc+cyAzv
MD5:	4AE2393D0BA363C10EE1E2C0306DE387
SHA1:	0F5501A0FDB0210B3FD73E2F4BC23E25A4E32A06
SHA-256:	20C20E56C3A6F64E9EF226F29A794C5E11DDDD6EDBB7129F33DAEA7CB6CA9961
SHA-512:	11921726751D8A6F693A276C12CE1F44B8762AEFE08E5410E3D4D04230E33946143997504215D16EDD20BD57976C838AE85CD9AD6E68DC6CA91E78ECAEE8A13A
Malicious:	false
Reputation:	low
URL:	https://is1-ssl.mzstatic.com/image/thumb/Purple116/v4/da/84/f8/da84f835-7274-c870-d134-1369f8cd7967/AppIcon-0-85-220-0-0-0-0-4-0-0-0-2x-sRGB-0-0-0.png/146x0w.webp
Preview:	RIFFD...WEBPVP8X..............ALPH........f...Y.....J{..5.!.....M..8,...........;.......8^...........?.'.>......Ja.H.........x..c@....B./....2#Q.e.z.eW...A..8T.....n..C}..v....{.Q..qE......0.i[.[Q.u.P1.31.5..7.Y..t....B.`.7....j.x.3........V"l0.".P$Uo.q.QOEB.C...f...x...X4dk.._.L.M..i..@.. ..N..<'p...VP8 .....$.......>.H.I..'...x\|...f.oG4\|m..-..U..... .'.....:>.(..m...A,.=M.{...)E.P.....oI.B.....b.....xYB..r......mU.Q=.i?...J.FT..J..o.,Q;......]...A.S>c...U.u.o...Q."O.....X.&.VFX"KA..b...M\..E....,X..rG.Q..../;.!u.c&....,...(..y.8...k.u`>.L.>.rnT]4.T.v.O........<.5.uq!.....k...@[_Vp...CT{.~ j-j..Tg.0.5...#2.....$.$L.iin..\|...hI..=../u...9.e).....s.05.....Q......+.....\|e;........_I.......,..4.....V`.....t2....\.;..1..b.../y.....`..Q51p...Yo...V..e{.7.:....7;.x( .db.$.E&v.$..6.(.`.Hd.........)..<.....m[...y.T...h}.....T.L..............2.C...R-..EScz".E.yzGs..j.??.P.7...2yj....(..;.Vg*.~G.-F;jw<..%..0mZ..E..1s..2Zj.H.....[....D..

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image
Category:	dropped
Size (bytes):	1898
Entropy (8bit):	7.850523612158445
Encrypted:	false
SSDEEP:	48:ByD/lHddqCGo5OLsCvyMAgt6aFkl6l3m1GV:ByD9Hdd/dMLN64Pk8l0W
MD5:	1B7E5331C925D2955C32722373F22074
SHA1:	EA738298073178C42C9F331922CF957C4DF444CE
SHA-256:	2A90340B8C4DFD1D8B598948727D5DD18067C3249B0F4396F094B77DAF086CD7
SHA-512:	0CF6A908A9584AD494FB3BB2ABA7074A01464ED352EDAF1D9899356A726330038E8A9E989570653A01A422A234ECC0037BCD1B5205167E992B230947EDB03C25
Malicious:	false
Reputation:	low
Preview:	RIFFb...WEBPVP8X..............VP8 ....P$.......>.L.G....[..<.D.7p..\|.?....7..U.;....z.%..v...'...O.g././...o\.......\|..r~........C..?.pL...ar.`....y.}.P.g.....f..--.e..Q..Z.....+.aG....XcC.Kca{p..(12?MKI....E.1.omE.@.i.W8.K.m~......r.. 3<A....d.vZ/E(.:h4.W..[o....?7.N....+.7..TPh......N3.....d.jD=b..'....v.>_-..~.#MZ.j.......;...N.n.V\..03...m}.`....%.F..;..s.^..../n.x..4...N........$.k.].2.R..C...G3d...0-.!....G.rK.:...fi.g[..U..5.Sj.....>.V.V[.=k..!.z...........MR..>h..OU..h.-^..t.3k..}...bh-......8u..Pq..&w.K.+.....{.....a.?..cb...z.i.M..k.!.., ........HY...{~.x.>x....'lL..h.4.s... .#.S..>.QWA.@....n.bBy..-AX{z.X.G.;...z.......79....Y6.H.r7...6'...h...z...uT...@......y..8..s.}.[....q...j...=?.$3=lj.g.:.......h.....;.M..2.X..w.C..A.9....c/+...v.#U....ED...f.W,U-..Y.....=TM4....x.l.uk....o.!..B.... ..K...;.....Z...E.V.g...z..j.kk.....B./.P..X..h?......X...u...f.Y{.=......x.ED....T..........[.z.H....$AMD...E}...SEhB.......kz......_.s

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1164876
Category:	downloaded
Size (bytes):	202406
Entropy (8bit):	7.998409315533818
Encrypted:	true
SSDEEP:	6144:807aw89gykSqHvWhJQBEM4AkGI/xm9Oueho9X7fz164Q:RawQg3SqHQJRM4cAxmpnsR
MD5:	F64CA52DC9457ADBA31C368729B9CDB1
SHA1:	0B6852AF467D8EE05CE51A7683B318807994F126
SHA-256:	5229CA56BF2D4F0411C9A93B9AF23DB66448BF3D5E376DB709766BB0C42085AC
SHA-512:	C29DA09DF9B53D2BF986BF966486A5799DA80DA3EC0AE4DA3F4C465DACA07FB68EA3D891E0E484E2B8F9B25FF8DB181A4B3B56A69928F703864F452E26277D23
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/web-experience-app-cb8a2d1b9992309aaf3a40917f745758.modern.js
Preview:	...........ko$Ir ..~EVJe."...L.R.buUuM..k...i.DuDf.....H.X$..nF...V.A.. ..F.....V...N..5_gz>..[.a.8..#......L...y.2..annnnnnn~.k7K.AP......q....I0..Z.<+..I)..S7...0(E.0..AZ.....y...,..Y..(...A.\|..n.\|.$a0...7..F./;.e..'YZv.o..?Hp:....x.'...~.?...6...J.....Ip.f..4..i......j.(.Fn8.....A....t?<..L..$..n...Y..,...)..S.O..g........9..9i...J3....yI)......J6(.'.?..Av2...J8.....r.?...o.<....fP.u.....d..n..jY.$.'..G...T.(.G......>HjC/.p.gge4..<....PS!o&......4..K;.v/I.R~.....d.f%V.+.D....Z.z..].4=@..d......s<..JP=.d..Q.n..4G%.VC..w..5.O..IvB.{J.ZO.`:....G...CGs....0c....n.7@E.m...>..x4..2o..t..#...)...H.h. .}/.uK......Q\|\|.V......U.1..4-.K..,...R..;%.....Z..TO.9B..vf.l..NyBp~..f........y.Y<...@y.w.l.......C.Rw<....X.\|Q....T.<.Qv.........ZIkO......[.\|...{wv.{.^..-L.8.j.........~...z^....}%oH.....4... L. ....-o:.03..4..g.x.3.3.&..%i-.N..}...n..-.m.[d<..`N.l.......O&^....BY..zz..E.3..zJ.........(I.t....%W..:.n....Q.$V.^....o.... .>...sG....t.t.....#(.1...

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 18440
Category:	downloaded
Size (bytes):	4755
Entropy (8bit):	7.961731784481482
Encrypted:	false
SSDEEP:	96:2sTKlrt6+fvlKsWRfJxq2VqShzTxKn4w2qA19xVqgjMOqiXufn:2sTKlrrYLMhShJ84dxxMgjJUn
MD5:	240C7581C7DEB182CC1176BF5E2A21A2
SHA1:	48D3A361DE44692E37C30556B827317188EE415D
SHA-256:	F2C536B587BDA46B54205FE6530E4256C609143C9BCC47ECA6AAC20E76A46F3B
SHA-512:	3F302B28A87AA89064E93D2612AF89DB6CB40C04B395EA8920C9485BBEA4419280244358F50BE6F2CAA552A087627817D22F1D603231AAB02DBF19FEDA19FD9A
Malicious:	false
Reputation:	low
URL:	https://apps.apple.com/assets/chunk.934.167974858ffab5c06580.js
Preview:	...........\ms.6..._!...xI.k{.pndYNT.Yn.OFC..."....H...... %_{37.qD`..],.],....7.......p0.....}n/7..)^=b:u71...5...9.h...d..M.4.........'..9...'..Q....65c.Q.3c......qN..8.....`.=...".\.................:K.5.\|...M.<..zm .....h.a.R....]..Vj.%....D........i.{n...,zs~.GdCgx........8\|...2.....x.O`u.Z.06>.3....\|0`^.pc....\R7........q.l.n. h...v=..e!r`.Z.......;[^%...Z?N...c2..du.F..7cp.p......T4..^....K?.#..\.]L......Z.....+.ka...../..[.kJb.o....r..8[..."..n4x....1..0..1.7..8\|.A..X....I,.................R......e..Y.D....B.:.FqU..O.%%...'G.'3.....9H.%>L......~.'.\.....+7v.s..U>.k....%..cT..C..^.8."...!8[.0O.v.[.\|k...T.0..l'.Y.9.#1....o.1.......`>......!..k..lp8..1.=PcI<.....P.-^...2..._\(T...<......IF..7...,c...F<...:TN.BT..(.{..l.Wh.........&...]X.J6E2.........r....T.......~r..6.u....9..Vi..3k...E.!..-..@...=4wVh..2[m.Aw......`...b.....0..=...'.....-..../..]...../...........R...,..h..x%oj.-O...<...X..e."..p+"..Q.-..s..P.Bg....,...1..

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	35798
Entropy (8bit):	5.362239652266183
Encrypted:	false
SSDEEP:	768:xLV9hhNz5ouQq7vDsCYDHlo+yg2GsGsgo4ST5dX4+eT7Fi8mR5lfKGiLHCWtvdTZ:e
MD5:	3AB3496A7BFE9321B3FA0E2FC8668B14
SHA1:	EC704CA797F15BCDC6DE9AF8AB9F8311EB82B2A4
SHA-256:	E321803AB120C94CFFB459955214D4F783D14653749A9D9E01D5E81C5358C8D4
SHA-512:	1DDAFCEB91F8AF68ADDE9686537147615BD504D38FE24FAC13007DA412A58686D633A09A2E629B79297A826524D10374058E1A1178684C45D43795A62992E63A
Malicious:	false
Reputation:	low
URL:	"https://www.apple.com/wss/fonts?families=SF+Pro,v2\|SF+Pro+Icons,v1\|SF+Pro+Rounded,v1\|New+York+Small,v1\|New+York+Medium,v1"
Preview:	@font-face {...font-family:'SF Pro Display';...font-style:normal;...font-weight:100;...src:local('.'), url("/wss/fonts/SF-Pro-Display/v2/sf-pro-display_ultralight.woff2") format("woff2"), url("/wss/fonts/SF-Pro-Display/v2/sf-pro-display_ultralight.woff") format("woff"), url("/wss/fonts/SF-Pro-Display/v2/sf-pro-display_ultralight.ttf") format("truetype");.../* (C) 2015 Apple Inc. All rights reserved. /..}..@font-face {...font-family:'SF Pro Display';...font-style:italic;...font-weight:100;...src:local('.'), url("/wss/fonts/SF-Pro-Display/v2/sf-pro-display_ultralight-italic.woff2") format("woff2"), url("/wss/fonts/SF-Pro-Display/v2/sf-pro-display_ultralight-italic.woff") format("woff"), url("/wss/fonts/SF-Pro-Display/v2/sf-pro-display_ultralight-italic.ttf") format("truetype");.../ (C) 2015 Apple Inc. All rights reserved. /..}..@font-face {...font-family:'SF Pro Display 100';...src:url('/wss/fonts/SF-Pro-Display/v2/sf-pro-display_ultralight.eot');.../ (C) 2015 Apple Inc. All righ

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 24, 2024 11:05:55.916831017 CEST	49675	443	192.168.2.4	173.222.162.32
Oct 24, 2024 11:05:57.794811010 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:57.794867992 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:57.794953108 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:57.795011044 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:57.795080900 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:57.795136929 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:57.795331001 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:57.795350075 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:57.795478106 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:57.795499086 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.639822960 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.640208960 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.640225887 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.641228914 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.641289949 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.642262936 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.642324924 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.642596006 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.642605066 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.648566008 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.648823977 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.648838997 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.649853945 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.649914026 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.650230885 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.650298119 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.690718889 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.690718889 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:58.690752983 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:58.735883951 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:59.545094013 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:59.545605898 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:59.545681953 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:59.545681953 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:59.545707941 CEST	443	49742	13.32.27.51	192.168.2.4
Oct 24, 2024 11:05:59.545732975 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:59.545773029 CEST	49742	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:05:59.950309992 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:05:59.950356960 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:05:59.950433016 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:05:59.950629950 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:05:59.950649977 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:00.813025951 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:00.813460112 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:06:00.813488007 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:00.814552069 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:00.814619064 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:06:00.815990925 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:06:00.816111088 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:00.858247995 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:06:00.858292103 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:00.903744936 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:06:01.056288004 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:01.056330919 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:01.056411028 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:01.058073997 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:01.058090925 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:01.954061031 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:01.954128981 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:01.961667061 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:01.961688042 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:01.961975098 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.003978968 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:02.051325083 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.246150970 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.246218920 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.247325897 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:02.247350931 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.247365952 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:02.247374058 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.247387886 CEST	49749	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:02.247391939 CEST	443	49749	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.384370089 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:02.384464979 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.384547949 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:02.384829044 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:02.384866953 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:02.685441017 CEST	49755	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:02.685467958 CEST	443	49755	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:02.686022997 CEST	49755	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:02.690604925 CEST	49755	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:02.690634966 CEST	443	49755	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:02.701870918 CEST	443	49755	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:02.706999063 CEST	49768	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:02.707012892 CEST	443	49768	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:02.707355976 CEST	49768	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:02.709445000 CEST	49768	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:02.709455013 CEST	443	49768	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:02.729655027 CEST	443	49768	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:03.224239111 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:03.224307060 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:03.227891922 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:03.227900028 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:03.228162050 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:03.229188919 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:03.271325111 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:03.470902920 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:03.471013069 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:03.471143961 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:03.475054026 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:03.475073099 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:03.475090981 CEST	49750	443	192.168.2.4	184.28.90.27
Oct 24, 2024 11:06:03.475096941 CEST	443	49750	184.28.90.27	192.168.2.4
Oct 24, 2024 11:06:08.667679071 CEST	49672	443	192.168.2.4	173.222.162.32
Oct 24, 2024 11:06:08.667726994 CEST	443	49672	173.222.162.32	192.168.2.4
Oct 24, 2024 11:06:10.190499067 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:10.190537930 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:10.190604925 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:10.192768097 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:10.192784071 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:10.805315971 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:10.805377007 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:10.805591106 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:06:11.303697109 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:11.303770065 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:11.311022997 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:11.311036110 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:11.311472893 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:11.362518072 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:12.145715952 CEST	49747	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:06:12.145731926 CEST	443	49747	142.250.185.164	192.168.2.4
Oct 24, 2024 11:06:12.387639046 CEST	80	49723	46.228.146.128	192.168.2.4
Oct 24, 2024 11:06:12.387841940 CEST	49723	80	192.168.2.4	46.228.146.128
Oct 24, 2024 11:06:12.387841940 CEST	49723	80	192.168.2.4	46.228.146.128
Oct 24, 2024 11:06:12.393388987 CEST	80	49723	46.228.146.128	192.168.2.4
Oct 24, 2024 11:06:12.524054050 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:12.567336082 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.897327900 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.897360086 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.897368908 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.897381067 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.897409916 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.897449017 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:12.897469044 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.897505045 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:12.897842884 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:12.897893906 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.899962902 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:12.899970055 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:12.959717989 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:13.020565033 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:13.020627022 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:13.025484085 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:14.140355110 CEST	49803	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:14.140384912 CEST	443	49803	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:20.559899092 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:20.559963942 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:20.560035944 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:20.560779095 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:20.560794115 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:21.167877913 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:21.179613113 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:21.179630995 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:21.180895090 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:21.180959940 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:21.180968046 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:21.181124926 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:21.184437037 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:21.184504032 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:21.238554955 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:21.238573074 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:06:21.285069942 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:06:27.414951086 CEST	80	49724	46.228.146.128	192.168.2.4
Oct 24, 2024 11:06:27.415020943 CEST	49724	80	192.168.2.4	46.228.146.128
Oct 24, 2024 11:06:27.415527105 CEST	49724	80	192.168.2.4	46.228.146.128
Oct 24, 2024 11:06:27.420948029 CEST	80	49724	46.228.146.128	192.168.2.4
Oct 24, 2024 11:06:28.524362087 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:06:28.524439096 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:06:28.524585009 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:06:28.572439909 CEST	49743	443	192.168.2.4	13.32.27.51
Oct 24, 2024 11:06:28.572463036 CEST	443	49743	13.32.27.51	192.168.2.4
Oct 24, 2024 11:06:48.692002058 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:48.692054987 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:48.692507982 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:48.692797899 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:48.692814112 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.443057060 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.443136930 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.448110104 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.448122978 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.448524952 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.459400892 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.507337093 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.683537960 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.683564901 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.683579922 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.683633089 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.683648109 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.683689117 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.708194971 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.708211899 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.708273888 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.708282948 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.708323002 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.799061060 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.799086094 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.799141884 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.799153090 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.799190998 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.938652992 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.938678026 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.938719034 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.938729048 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.938787937 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.940557957 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.940573931 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.940612078 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.940627098 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.940649033 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.940666914 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.943053007 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.943068027 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.943098068 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.943140984 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.943145037 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.943181038 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.944916010 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.944931984 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.944976091 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.944979906 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.945008993 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.946934938 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.946952105 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.946999073 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.947002888 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.947045088 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.948812962 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.948831081 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.948870897 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:49.948874950 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:49.948915958 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.030447960 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.030473948 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.030514002 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.030528069 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.030586958 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.053002119 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.053019047 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.053057909 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.053066969 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.053109884 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.053652048 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.053668022 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.053719997 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.053725004 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.053755999 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.162061930 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.162087917 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.162126064 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.162132025 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.162147045 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.162197113 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.162204027 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.162216902 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.162235975 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.162265062 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.162508965 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.162525892 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.162534952 CEST	49882	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.162539959 CEST	443	49882	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.222851992 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.222908974 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.222965002 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.224658966 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.224672079 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.226943970 CEST	49884	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.226984978 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.227037907 CEST	49884	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.227591038 CEST	49884	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.227602959 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.228704929 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.228744984 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.228796005 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.229058027 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.229069948 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.232450008 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.232465029 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.232515097 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.233387947 CEST	49887	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.233417034 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.233469009 CEST	49887	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.234244108 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.234253883 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.234370947 CEST	49887	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.234383106 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.981368065 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.981950998 CEST	49884	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.981992006 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.982645988 CEST	49884	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.982657909 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.986790895 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.987366915 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.987406015 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.987833977 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.987843990 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.988657951 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.988694906 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.990228891 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.990258932 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.990494013 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.990498066 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.990648985 CEST	49887	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.990673065 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.993118048 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.993164062 CEST	49887	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.993181944 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.993973970 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.994007111 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:50.995894909 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:50.995917082 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.087555885 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:51.087609053 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:51.088074923 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:51.088074923 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:51.088108063 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:51.118201017 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.118273973 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.118499994 CEST	49884	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.118531942 CEST	49884	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.118531942 CEST	49884	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.118552923 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.118566036 CEST	443	49884	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.121429920 CEST	49889	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.121484995 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.121735096 CEST	49889	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.121735096 CEST	49889	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.121771097 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.124181032 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.124202967 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.124376059 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.124403000 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.124422073 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.124521017 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.124521017 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.124604940 CEST	49885	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.124617100 CEST	443	49885	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.126413107 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.126547098 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.126753092 CEST	49887	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.126754999 CEST	49890	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.126776934 CEST	49887	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.126777887 CEST	49887	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.126789093 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.126796961 CEST	443	49890	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.126799107 CEST	443	49887	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.126998901 CEST	49890	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.126998901 CEST	49890	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.127027988 CEST	443	49890	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.127340078 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.127356052 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.127645016 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.127650023 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.128094912 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.128094912 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.128166914 CEST	49883	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.128179073 CEST	443	49883	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.129523993 CEST	49891	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.129558086 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.130311966 CEST	49892	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.130337000 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.130364895 CEST	49891	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.130492926 CEST	49891	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.130505085 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.130536079 CEST	49892	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.130655050 CEST	49892	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.130666971 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.132461071 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.132483006 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.132534027 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.132561922 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.132587910 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.132688999 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.132688999 CEST	49886	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.132708073 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.132719040 CEST	443	49886	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.134821892 CEST	49893	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.134854078 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.135550022 CEST	49893	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.135550022 CEST	49893	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.135587931 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.889218092 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.889746904 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.890120029 CEST	49889	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.890140057 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.891654968 CEST	49889	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.891664982 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.892544031 CEST	49892	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.892565012 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.893980980 CEST	49892	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.893985987 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.894701958 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.895447969 CEST	49891	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.895456076 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.896703005 CEST	49891	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.896707058 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.897079945 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.897965908 CEST	49893	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.897979975 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.898607016 CEST	443	49890	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.899023056 CEST	49893	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.899029016 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.899717093 CEST	49890	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.899745941 CEST	443	49890	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:51.900923967 CEST	49890	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:51.900928020 CEST	443	49890	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.026886940 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.026964903 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.027009964 CEST	49892	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.027715921 CEST	49892	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.027730942 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.027748108 CEST	49892	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.027753115 CEST	443	49892	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.028069973 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.028141022 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.028187037 CEST	49889	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.030777931 CEST	49889	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.030793905 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.030805111 CEST	49889	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.030810118 CEST	443	49889	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.032988071 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.033042908 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.033083916 CEST	49891	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.034066916 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.034120083 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.034153938 CEST	49893	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.039463043 CEST	443	49890	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.039861917 CEST	443	49890	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.039905071 CEST	49890	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.058320045 CEST	49891	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.058326006 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.058347940 CEST	49891	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.058351994 CEST	443	49891	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.061899900 CEST	49893	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.061913013 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.061927080 CEST	49893	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.061932087 CEST	443	49893	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.064809084 CEST	49890	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.064825058 CEST	443	49890	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.083584070 CEST	49894	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.083606005 CEST	443	49894	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.083658934 CEST	49894	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.086342096 CEST	49894	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.086354017 CEST	443	49894	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.088574886 CEST	49895	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.088593006 CEST	443	49895	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.088640928 CEST	49895	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.090142012 CEST	49895	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.090153933 CEST	443	49895	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.092799902 CEST	49896	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.092820883 CEST	443	49896	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.092874050 CEST	49896	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.093246937 CEST	49896	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.093255997 CEST	443	49896	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.095968008 CEST	49897	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.095997095 CEST	443	49897	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.096040964 CEST	49897	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.098332882 CEST	443	49894	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.100102901 CEST	49898	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.100114107 CEST	443	49898	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.101531982 CEST	49897	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.101532936 CEST	49898	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.101531982 CEST	49899	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.101532936 CEST	49898	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.101558924 CEST	443	49897	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.101560116 CEST	443	49898	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.101573944 CEST	443	49899	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.101630926 CEST	49899	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.101886034 CEST	443	49895	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.102046013 CEST	49899	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.102057934 CEST	443	49899	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.102689028 CEST	49900	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.102724075 CEST	443	49900	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.102767944 CEST	49900	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.103326082 CEST	49900	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.103338957 CEST	443	49900	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.105171919 CEST	443	49896	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.105463028 CEST	49901	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.105506897 CEST	443	49901	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.105562925 CEST	49901	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.106019974 CEST	49901	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.106034040 CEST	443	49901	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.113827944 CEST	443	49898	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.114003897 CEST	443	49897	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.114132881 CEST	443	49899	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.114437103 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.114473104 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.114520073 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.116034985 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.116055012 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.116099119 CEST	443	49900	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.117952108 CEST	443	49901	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.121758938 CEST	49903	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.121795893 CEST	443	49903	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.121846914 CEST	49903	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.122230053 CEST	49903	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.122242928 CEST	443	49903	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.122473001 CEST	49904	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.122503996 CEST	443	49904	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.122545004 CEST	49904	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.123349905 CEST	49904	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.123362064 CEST	443	49904	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.127865076 CEST	49905	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.127876997 CEST	443	49905	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.127922058 CEST	49905	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.130944014 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.130968094 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.131016016 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.132518053 CEST	49905	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.132524014 CEST	443	49905	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.133424997 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.133440018 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.134170055 CEST	443	49903	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.134635925 CEST	49907	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.134645939 CEST	443	49907	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.134691000 CEST	49907	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.135248899 CEST	49907	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.135256052 CEST	443	49907	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.135287046 CEST	443	49904	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.139734983 CEST	49908	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.139760971 CEST	443	49908	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.139803886 CEST	49908	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.140436888 CEST	49908	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.140450001 CEST	443	49908	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.144584894 CEST	443	49905	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.144946098 CEST	49909	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.144983053 CEST	443	49909	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.145030975 CEST	49909	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.145482063 CEST	49909	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.145493031 CEST	443	49909	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.167342901 CEST	443	49907	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.168488979 CEST	443	49908	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.168605089 CEST	443	49909	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.169127941 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.169161081 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.169215918 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.171060085 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.171072006 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.174372911 CEST	49911	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.174437046 CEST	443	49911	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.174500942 CEST	49911	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.176904917 CEST	49911	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.176914930 CEST	443	49911	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.183408022 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.183490038 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.188179016 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.188195944 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.188477039 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.188697100 CEST	443	49911	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.189383030 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.189409018 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.189457893 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.198082924 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.198092937 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.216855049 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.263334990 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.589335918 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.589365005 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.589379072 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.589384079 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.589461088 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.589461088 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.589478970 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.589622021 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.590917110 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.591012001 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.591140032 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.591145039 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.591229916 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.593707085 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.593707085 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.593719006 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.593885899 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.593914986 CEST	443	49888	4.245.163.56	192.168.2.4
Oct 24, 2024 11:06:52.594050884 CEST	49888	443	192.168.2.4	4.245.163.56
Oct 24, 2024 11:06:52.876581907 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.876674891 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.877955914 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.877966881 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.878197908 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.879187107 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.892955065 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.893274069 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.901654005 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.901667118 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.901906013 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.917424917 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.923337936 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.937294960 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.937436104 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.938735962 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.938745022 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.938966990 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.942559004 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.948108912 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.948640108 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.949953079 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.949963093 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.950243950 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.951562881 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:52.963330984 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.983370066 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:52.999330997 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.012636900 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.012911081 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.013525963 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.013668060 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.013689995 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.013720036 CEST	49902	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.013725996 CEST	443	49902	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.055844069 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.055910110 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.057823896 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.072925091 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.072925091 CEST	49906	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.072949886 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.072962046 CEST	443	49906	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.117682934 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.117744923 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.118205070 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.118205070 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.118230104 CEST	49910	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.118242025 CEST	443	49910	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.129107952 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.129173040 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.129528046 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.129605055 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.129605055 CEST	49912	443	192.168.2.4	13.107.253.45
Oct 24, 2024 11:06:53.129615068 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:06:53.129622936 CEST	443	49912	13.107.253.45	192.168.2.4
Oct 24, 2024 11:07:00.169562101 CEST	49914	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:07:00.169681072 CEST	443	49914	142.250.185.164	192.168.2.4
Oct 24, 2024 11:07:00.170171022 CEST	49914	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:07:00.171576023 CEST	49914	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:07:00.171613932 CEST	443	49914	142.250.185.164	192.168.2.4
Oct 24, 2024 11:07:01.029004097 CEST	443	49914	142.250.185.164	192.168.2.4
Oct 24, 2024 11:07:01.029661894 CEST	49914	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:07:01.029690981 CEST	443	49914	142.250.185.164	192.168.2.4
Oct 24, 2024 11:07:01.029990911 CEST	443	49914	142.250.185.164	192.168.2.4
Oct 24, 2024 11:07:01.031002045 CEST	49914	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:07:01.031073093 CEST	443	49914	142.250.185.164	192.168.2.4
Oct 24, 2024 11:07:01.078454018 CEST	49914	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:07:06.253165960 CEST	49818	443	192.168.2.4	151.101.131.6
Oct 24, 2024 11:07:06.253196001 CEST	443	49818	151.101.131.6	192.168.2.4
Oct 24, 2024 11:07:11.028549910 CEST	443	49914	142.250.185.164	192.168.2.4
Oct 24, 2024 11:07:11.028672934 CEST	443	49914	142.250.185.164	192.168.2.4
Oct 24, 2024 11:07:11.028837919 CEST	49914	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:07:12.590799093 CEST	49914	443	192.168.2.4	142.250.185.164
Oct 24, 2024 11:07:12.590840101 CEST	443	49914	142.250.185.164	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 24, 2024 11:05:56.279979944 CEST	53	63196	1.1.1.1	192.168.2.4
Oct 24, 2024 11:05:56.284709930 CEST	53	59395	1.1.1.1	192.168.2.4
Oct 24, 2024 11:05:57.540180922 CEST	53	49159	1.1.1.1	192.168.2.4
Oct 24, 2024 11:05:57.774499893 CEST	51649	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:05:57.774739027 CEST	63060	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:05:57.785901070 CEST	53	63060	1.1.1.1	192.168.2.4
Oct 24, 2024 11:05:57.786736965 CEST	53	51649	1.1.1.1	192.168.2.4
Oct 24, 2024 11:05:59.941785097 CEST	56842	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:05:59.941896915 CEST	54789	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:05:59.949275017 CEST	53	56842	1.1.1.1	192.168.2.4
Oct 24, 2024 11:05:59.949506998 CEST	53	54789	1.1.1.1	192.168.2.4
Oct 24, 2024 11:06:02.676728964 CEST	54829	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.676855087 CEST	52355	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.677017927 CEST	64747	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.677128077 CEST	52226	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.691602945 CEST	59151	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.691731930 CEST	51028	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.692250013 CEST	60913	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.692369938 CEST	58885	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.696860075 CEST	52594	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:02.697107077 CEST	56764	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:04.013015985 CEST	51819	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:04.013164043 CEST	50926	53	192.168.2.4	1.1.1.1
Oct 24, 2024 11:06:12.701448917 CEST	138	138	192.168.2.4	192.168.2.255
Oct 24, 2024 11:06:14.603240013 CEST	53	54806	1.1.1.1	192.168.2.4
Oct 24, 2024 11:06:33.559850931 CEST	53	53009	1.1.1.1	192.168.2.4
Oct 24, 2024 11:06:55.712773085 CEST	53	56687	1.1.1.1	192.168.2.4
Oct 24, 2024 11:06:55.918382883 CEST	53	49827	1.1.1.1	192.168.2.4

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Oct 24, 2024 11:05:57.774499893 CEST	192.168.2.4	1.1.1.1	0xa622	Standard query (0)	url8018.lifelock.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:05:57.774739027 CEST	192.168.2.4	1.1.1.1	0x17db	Standard query (0)	url8018.lifelock.com	65	IN (0x0001)	false
Oct 24, 2024 11:05:59.941785097 CEST	192.168.2.4	1.1.1.1	0xc458	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:05:59.941896915 CEST	192.168.2.4	1.1.1.1	0x4220	Standard query (0)	www.google.com	65	IN (0x0001)	false
Oct 24, 2024 11:06:02.676728964 CEST	192.168.2.4	1.1.1.1	0x9a10	Standard query (0)	is1-ssl.mzstatic.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.676855087 CEST	192.168.2.4	1.1.1.1	0x3380	Standard query (0)	is1-ssl.mzstatic.com	65	IN (0x0001)	false
Oct 24, 2024 11:06:02.677017927 CEST	192.168.2.4	1.1.1.1	0xd40	Standard query (0)	is2-ssl.mzstatic.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.677128077 CEST	192.168.2.4	1.1.1.1	0x2fed	Standard query (0)	is2-ssl.mzstatic.com	65	IN (0x0001)	false
Oct 24, 2024 11:06:02.691602945 CEST	192.168.2.4	1.1.1.1	0x4137	Standard query (0)	is5-ssl.mzstatic.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.691731930 CEST	192.168.2.4	1.1.1.1	0x460e	Standard query (0)	is5-ssl.mzstatic.com	65	IN (0x0001)	false
Oct 24, 2024 11:06:02.692250013 CEST	192.168.2.4	1.1.1.1	0xecc8	Standard query (0)	is4-ssl.mzstatic.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.692369938 CEST	192.168.2.4	1.1.1.1	0x4dc0	Standard query (0)	is4-ssl.mzstatic.com	65	IN (0x0001)	false
Oct 24, 2024 11:06:02.696860075 CEST	192.168.2.4	1.1.1.1	0xae78	Standard query (0)	is3-ssl.mzstatic.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.697107077 CEST	192.168.2.4	1.1.1.1	0x2a53	Standard query (0)	is3-ssl.mzstatic.com	65	IN (0x0001)	false
Oct 24, 2024 11:06:04.013015985 CEST	192.168.2.4	1.1.1.1	0xa8c8	Standard query (0)	is1-ssl.mzstatic.com	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:04.013164043 CEST	192.168.2.4	1.1.1.1	0x3661	Standard query (0)	is1-ssl.mzstatic.com	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Oct 24, 2024 11:05:57.785901070 CEST	1.1.1.1	192.168.2.4	0x17db	No error (0)	url8018.lifelock.com	d3lva60p37ytto.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:05:57.786736965 CEST	1.1.1.1	192.168.2.4	0xa622	No error (0)	url8018.lifelock.com	d3lva60p37ytto.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:05:57.786736965 CEST	1.1.1.1	192.168.2.4	0xa622	No error (0)	d3lva60p37ytto.cloudfront.net		13.32.27.51	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:05:57.786736965 CEST	1.1.1.1	192.168.2.4	0xa622	No error (0)	d3lva60p37ytto.cloudfront.net		13.32.27.78	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:05:57.786736965 CEST	1.1.1.1	192.168.2.4	0xa622	No error (0)	d3lva60p37ytto.cloudfront.net		13.32.27.109	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:05:57.786736965 CEST	1.1.1.1	192.168.2.4	0xa622	No error (0)	d3lva60p37ytto.cloudfront.net		13.32.27.102	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:05:59.949275017 CEST	1.1.1.1	192.168.2.4	0xc458	No error (0)	www.google.com		142.250.185.164	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:05:59.949506998 CEST	1.1.1.1	192.168.2.4	0x4220	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 24, 2024 11:06:02.682990074 CEST	1.1.1.1	192.168.2.4	0x2e99	No error (0)	h3.apis.apple.map.fastly.net		151.101.131.6	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.682990074 CEST	1.1.1.1	192.168.2.4	0x2e99	No error (0)	h3.apis.apple.map.fastly.net		151.101.67.6	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.682990074 CEST	1.1.1.1	192.168.2.4	0x2e99	No error (0)	h3.apis.apple.map.fastly.net		151.101.195.6	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.682990074 CEST	1.1.1.1	192.168.2.4	0x2e99	No error (0)	h3.apis.apple.map.fastly.net		151.101.3.6	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:02.683393955 CEST	1.1.1.1	192.168.2.4	0xf8f2	No error (0)	h3.apis.apple.map.fastly.net			65	IN (0x0001)	false
Oct 24, 2024 11:06:02.683799982 CEST	1.1.1.1	192.168.2.4	0x9a10	No error (0)	is1-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.684686899 CEST	1.1.1.1	192.168.2.4	0x3380	No error (0)	is1-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.685039997 CEST	1.1.1.1	192.168.2.4	0x2fed	No error (0)	is2-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.686211109 CEST	1.1.1.1	192.168.2.4	0xd40	No error (0)	is2-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.698914051 CEST	1.1.1.1	192.168.2.4	0x460e	No error (0)	is5-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.700246096 CEST	1.1.1.1	192.168.2.4	0x4137	No error (0)	is5-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.700999975 CEST	1.1.1.1	192.168.2.4	0xecc8	No error (0)	is4-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.702889919 CEST	1.1.1.1	192.168.2.4	0x4dc0	No error (0)	is4-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.705008030 CEST	1.1.1.1	192.168.2.4	0x2a53	No error (0)	is3-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:02.706362009 CEST	1.1.1.1	192.168.2.4	0xae78	No error (0)	is3-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:04.020971060 CEST	1.1.1.1	192.168.2.4	0xa8c8	No error (0)	is1-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:04.021027088 CEST	1.1.1.1	192.168.2.4	0x3661	No error (0)	is1-ssl.mzstatic.com	is-ssl.mzstatic.com.itunes-apple.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:11.674417973 CEST	1.1.1.1	192.168.2.4	0x38a6	No error (0)	edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:11.674417973 CEST	1.1.1.1	192.168.2.4	0x38a6	No error (0)	default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com		217.20.57.34	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:12.539244890 CEST	1.1.1.1	192.168.2.4	0xb47b	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:12.539244890 CEST	1.1.1.1	192.168.2.4	0xb47b	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:26.916449070 CEST	1.1.1.1	192.168.2.4	0xdff2	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:26.916449070 CEST	1.1.1.1	192.168.2.4	0xdff2	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:48.690303087 CEST	1.1.1.1	192.168.2.4	0x302c	No error (0)	shed.dual-low.s-part-0017.t-0009.t-msedge.net	azurefd-t-fb-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:48.690303087 CEST	1.1.1.1	192.168.2.4	0x302c	No error (0)	dual.s-part-0017.t-0009.fb-t-msedge.net	s-part-0017.t-0009.fb-t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:48.690303087 CEST	1.1.1.1	192.168.2.4	0x302c	No error (0)	s-part-0017.t-0009.fb-t-msedge.net		13.107.253.45	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:06:48.698879957 CEST	1.1.1.1	192.168.2.4	0x8ef3	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:06:48.698879957 CEST	1.1.1.1	192.168.2.4	0x8ef3	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 24, 2024 11:07:09.058506012 CEST	1.1.1.1	192.168.2.4	0x75a9	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 24, 2024 11:07:09.058506012 CEST	1.1.1.1	192.168.2.4	0x75a9	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

url8018.lifelock.com

fs.microsoft.com

slscr.update.microsoft.com

otelrules.azureedge.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49742	13.32.27.51	443	3180	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:05:58 UTC	2204	OUT	GET /ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgamYIU7z3YHsAgniScBM5h0Igcf7XRM0q8kzYU-2BViPIo8PK7d3I7BXqWXBltQpjhAXlie5lfVhcEKt6f2NEENIs6XzuPFXm2og2-2B6GYXL-2B8uV-2BdpMKTY6SHZOfZQkECXywKr40yLxLyMwEJiwlUjaFZCB2F4RdJLIz4BNSyS3KMV4U54KvTv7R-2FqifQRfvWSC1F5g17i8L-2Bl4PqCzsLLHl8rP8YTD0DhfE2YmiCIkc0oBxtbbZFnod5AqaSYTaUZI9SVi3hNpmzksFbAwQ6gaKvTBPX-2B4xz9MKvtFp2avY6VRjGya-2FDbb6yjYRcuZkBGBXNkVFgaitYdkilhSs8o9AmQUfkLc005BJtShZkmuWaPg1VFX9mYqEM3w2Ov3GuEA2ggfOlpiCpDmriuLRkVjSA7KDN-2F7gE0n4iWUuIcLGL02hJ8Q9-2FY-2Bm-2Bvf8a7qHCcuMX3Cw4-2F-2FuqKcUc20mtlItLfHi1StJMXfLPtj8lbfEAL0wG01Wats6nLZ93cOR-2BU7M9H1T5BCE3x651jPcRKy6ZomldngTlfSOfUZ5Ohn02XucGqzG3c-2FHihAkffwpmbUe88dukyZlyKnSMtotQnWuE1fW87q-2B-2BIVbro6oGYoEtV-2B0nxypYcfOKBh7hpx0OA2W9xYu31nwWNEQ0kf2hKDVMF9wtGy-2F9Hxi4d3CWk1NjbX9quUnnzKNVw92V9NCJBR7iXNfy [TRUNCATED] Host: url8018.lifelock.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-24 09:05:59 UTC	437	IN	HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Content-Length: 65 Connection: close Server: nginx Date: Thu, 24 Oct 2024 09:05:59 GMT X-Robots-Tag: noindex, nofollow Location: https://apps.apple.com/us/app/id1422875903 X-Cache: Miss from cloudfront Via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-C2 X-Amz-Cf-Id: 5jZiJtdUfpcbLtABaA6wPyeyys00Tz-OLxn7b1MZG2NYvbINev8g0w==
2024-10-24 09:05:59 UTC	65	IN	Data Raw: 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 70 70 73 2e 61 70 70 6c 65 2e 63 6f 6d 2f 75 73 2f 61 70 70 2f 69 64 31 34 32 32 38 37 35 39 30 33 22 3e 46 6f 75 6e 64 3c 2f 61 3e 2e 0a 0a Data Ascii: <a href="https://apps.apple.com/us/app/id1422875903">Found</a>.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49749	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:02 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-24 09:06:02 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF70) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=27544 Date: Thu, 24 Oct 2024 09:06:02 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49750	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:03 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-24 09:06:03 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=27623 Date: Thu, 24 Oct 2024 09:06:03 GMT Content-Length: 55 Connection: close X-CID: 2
2024-10-24 09:06:03 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49803	4.245.163.56	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:12 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Gmf5FUYfkdRGVsz&MD=fhc4G3Oy HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-24 09:06:12 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 708e9705-e18c-41ab-96dc-1dc0699a774a MS-RequestId: 3f14b8f0-1aa6-4cd2-a2b7-4c390986f51c MS-CV: 7FEVRd7ZOka8cAiU.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 09:06:12 GMT Connection: close Content-Length: 24490
2024-10-24 09:06:12 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-10-24 09:06:12 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port
4	192.168.2.4	49882	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:49 UTC	195	OUT	GET /rules/other-Win32-v19.bundle HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:49 UTC	540	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:49 GMT Content-Type: text/plain Content-Length: 218853 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public Last-Modified: Mon, 21 Oct 2024 13:21:21 GMT ETag: "0x8DCF1D34132B902" x-ms-request-id: 84bcd95b-b01e-001e-1a38-240214000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090649Z-r1755647c66wjht63r8k9qqnrs00000007yg000000004ewb x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:49 UTC	15844	IN	Data Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20 Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
2024-10-24 09:06:49 UTC	16384	IN	Data Raw: 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e Data Ascii: "0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" />
2024-10-24 09:06:49 UTC	16384	IN	Data Raw: 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 Data Ascii: <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-781
2024-10-24 09:06:49 UTC	16384	IN	Data Raw: 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 Data Ascii: T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32"
2024-10-24 09:06:49 UTC	16384	IN	Data Raw: 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f Data Ascii: "0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Co
2024-10-24 09:06:49 UTC	16384	IN	Data Raw: 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a Data Ascii: <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C>
2024-10-24 09:06:49 UTC	16384	IN	Data Raw: 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 Data Ascii: <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMillisec
2024-10-24 09:06:49 UTC	16384	IN	Data Raw: 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e Data Ascii: R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIn
2024-10-24 09:06:49 UTC	16384	IN	Data Raw: 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L>
2024-10-24 09:06:50 UTC	16384	IN	Data Raw: 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c Data Ascii: T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <

Session ID	Source IP	Source Port	Destination IP	Destination Port
5	192.168.2.4	49884	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:50 UTC	192	OUT	GET /rules/rule224902v2s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:51 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 450 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT ETag: "0x8DC582BD4C869AE" x-ms-request-id: 52fc638d-b01e-0070-36c5-201cc0000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-r1755647c669hnl7dkxy835cqc00000007ag0000000036h0 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:51 UTC	450	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN

Session ID	Source IP	Source Port	Destination IP	Destination Port
6	192.168.2.4	49885	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:50 UTC	192	OUT	GET /rules/rule120600v4s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:51 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 2980 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT ETag: "0x8DC582BA80D96A1" x-ms-request-id: c9882c23-801e-0078-0c63-1fbac6000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-r1755647c66cdf7jx43n17haqc0000000adg0000000005f8 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:51 UTC	2980	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"

Session ID	Source IP	Source Port	Destination IP	Destination Port
7	192.168.2.4	49883	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:50 UTC	193	OUT	GET /rules/rule120402v21s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:51 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 3788 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT ETag: "0x8DC582BAC2126A6" x-ms-request-id: b8a73167-901e-0015-0f59-23b284000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-17fbfdc98bb6q7cv86r4xdspkg000000070g000000006nxm x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:51 UTC	3788	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""

Session ID	Source IP	Source Port	Destination IP	Destination Port
8	192.168.2.4	49887	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:50 UTC	192	OUT	GET /rules/rule120609v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:51 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 408 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT ETag: "0x8DC582BB56D3AFB" x-ms-request-id: 31a53d7e-801e-00a3-74f7-217cfb000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-r1755647c66ldfgxa3qp9d53us00000009m00000000021vp x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:51 UTC	408	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
9	192.168.2.4	49886	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:50 UTC	192	OUT	GET /rules/rule120608v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:51 UTC	563	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 2160 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT ETag: "0x8DC582BA3B95D81" x-ms-request-id: fdb61705-b01e-0001-2f09-2246e2000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-r1755647c66m4jttnz6nb8kzng000000084g0000000002xr x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:51 UTC	2160	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
10	192.168.2.4	49889	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:51 UTC	192	OUT	GET /rules/rule120610v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:52 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 474 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT ETag: "0x8DC582B9964B277" x-ms-request-id: e3ea90ed-d01e-0028-6059-237896000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-17fbfdc98bbl89flqtm21qm6rn000000076g000000002hdb x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:52 UTC	474	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
11	192.168.2.4	49892	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:51 UTC	192	OUT	GET /rules/rule120613v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:52 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 632 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB6E3779E" x-ms-request-id: fbb8ce34-501e-0064-0cbd-201f54000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-r1755647c66mgrw7zd8m1pn55000000007x0000000006qd6 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:52 UTC	632	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]\|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.4	49891	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:51 UTC	192	OUT	GET /rules/rule120612v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:52 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 471 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT ETag: "0x8DC582BB10C598B" x-ms-request-id: 8d314a1c-701e-0097-3ae5-21b8c1000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-r1755647c66zs9x4962sbyaz1w00000007u0000000000naf x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:52 UTC	471	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
13	192.168.2.4	49893	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:51 UTC	192	OUT	GET /rules/rule120614v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:52 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 467 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT ETag: "0x8DC582BA6C038BC" x-ms-request-id: ad393351-301e-0099-6d59-236683000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-17fbfdc98bb94gkbvedtsa5ef4000000077g000000000cu9 x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:52 UTC	467	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
14	192.168.2.4	49890	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:51 UTC	192	OUT	GET /rules/rule120611v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:52 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:51 GMT Content-Type: text/xml Content-Length: 415 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT ETag: "0x8DC582B9F6F3512" x-ms-request-id: f6e64d82-401e-0029-2a5d-239b43000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090651Z-17fbfdc98bb4k5z6ayu7yh2rsn000000078000000000013z x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:52 UTC	415	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.4	49888	4.245.163.56	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:52 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Gmf5FUYfkdRGVsz&MD=fhc4G3Oy HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-24 09:06:52 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: f41be7bc-2de7-4817-b392-e34707fbd321 MS-RequestId: 8e086724-019b-4e3f-93a6-85e0dc3f39c6 MS-CV: ft41ivI1o0md1CKR.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 24 Oct 2024 09:06:51 GMT Connection: close Content-Length: 30005
2024-10-24 09:06:52 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-10-24 09:06:52 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Session ID	Source IP	Source Port	Destination IP	Destination Port
16	192.168.2.4	49902	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:52 UTC	192	OUT	GET /rules/rule120619v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:53 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:52 GMT Content-Type: text/xml Content-Length: 407 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT ETag: "0x8DC582B9698189B" x-ms-request-id: ff230e40-901e-0016-5092-1fefe9000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090652Z-r1755647c66ldfgxa3qp9d53us00000009kg000000002a8z x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:53 UTC	407	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">

Session ID	Source IP	Source Port	Destination IP	Destination Port
17	192.168.2.4	49906	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:52 UTC	192	OUT	GET /rules/rule120622v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:53 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:52 GMT Content-Type: text/xml Content-Length: 477 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT ETag: "0x8DC582BB8CEAC16" x-ms-request-id: c39ac956-e01e-001f-465d-231633000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090652Z-17fbfdc98bbvwcxrk0yzwg4d58000000076g00000000116q x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:53 UTC	477	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
18	192.168.2.4	49910	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:52 UTC	192	OUT	GET /rules/rule120623v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:53 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:52 GMT Content-Type: text/xml Content-Length: 464 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT ETag: "0x8DC582B97FB6C3C" x-ms-request-id: c30aac03-701e-0098-3e64-23395f000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090652Z-17fbfdc98bbndwgn5b4pg7s8bs000000070g000000002nfx x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:53 UTC	464	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor

Session ID	Source IP	Source Port	Destination IP	Destination Port
19	192.168.2.4	49912	13.107.253.45	443

Timestamp	Bytes transferred	Direction	Data
2024-10-24 09:06:52 UTC	192	OUT	GET /rules/rule120624v0s19.xml HTTP/1.1 Connection: Keep-Alive Accept-Encoding: gzip User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro) Host: otelrules.azureedge.net
2024-10-24 09:06:53 UTC	470	IN	HTTP/1.1 200 OK Date: Thu, 24 Oct 2024 09:06:52 GMT Content-Type: text/xml Content-Length: 494 Connection: close Cache-Control: public, max-age=604800, immutable Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT ETag: "0x8DC582BB7010D66" x-ms-request-id: 1c1a6b29-f01e-0096-0e50-2310ef000000 x-ms-version: 2018-03-28 x-azure-ref: 20241024T090652Z-r1755647c66gb86l6k27ha2m1c000000083g000000000t7g x-fd-int-roxy-purgeid: 0 X-Cache: TCP_HIT Accept-Ranges: bytes
2024-10-24 09:06:53 UTC	494	IN	Data Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20 Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 3512, Parent PID: 6048

General

Target ID:	0
Start time:	05:05:51
Start date:	24/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 3180, Parent PID: 3512

General

Target ID:	2
Start time:	05:05:53
Start date:	24/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1984,i,13228301155508123986,3894751059693144124,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6380, Parent PID: 6048

General

Target ID:	3
Start time:	05:05:56
Start date:	24/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url8018.lifelock.com/ls/click?upn=u001.2StYnI9CMtCh8ANrL-2F7dVo-2Bac-2FtNUCc82j9q4DgjhH0kE6Ckryb8UcsVn4xUNuUrkIS3Ue5fw-2FJCF6otlEVwpQ-3D-3DndO7_s4s3CAiQifknn9tUfiEZ-2FRBkp3MRd25nppqcmA2KA00cnV2Cam1SwJc8qkumD3zO07TsKO7lrKl-2FQR859pbmT447UrZUkrojgyneznonN0ixxcnfFVqkwT3FEZamMJioF0c1fk1KkRUjAgamYIU7z3YHsAgniScBM5h0Igcf7XRM0q8kzYU-2BViPIo8PK7d3I7BXqWXBltQpjhAXlie5lfVhcEKt6f2NEENIs6XzuPFXm2og2-2B6GYXL-2B8uV-2BdpMKTY6SHZOfZQkECXywKr40yLxLyMwEJiwlUjaFZCB2F4RdJLIz4BNSyS3KMV4U54KvTv7R-2FqifQRfvWSC1F5g17i8L-2Bl4PqCzsLLHl8rP8YTD0DhfE2YmiCIkc0oBxtbbZFnod5AqaSYTaUZI9SVi3hNpmzksFbAwQ6gaKvTBPX-2B4xz9MKvtFp2avY6VRjGya-2FDbb6yjYRcuZkBGBXNkVFgaitYdkilhSs8o9AmQUfkLc005BJtShZkmuWaPg1VFX9mYqEM3w2Ov3GuEA2ggfOlpiCpDmriuLRkVjSA7KDN-2F7gE0n4iWUuIcLGL02hJ8Q9-2FY-2Bm-2Bvf8a7qHCcuMX3Cw4-2F-2FuqKcUc20mtlItLfHi1StJMXfLPtj8lbfEAL0wG01Wats6nLZ93cOR-2BU7M9H1T5BCE3x651jPcRKy6ZomldngTlfSOfUZ5Ohn02XucGqzG3c-2FHihAkffwpmbUe88dukyZlyKnSMtotQnWuE1fW87q-2B-2BIVbro6oGYoEtV-2B0nxypYcfOKBh7hpx0OA2W9xYu31nwWNEQ0kf2hKDVMF9wtGy-2F9Hxi4d3CWk1NjbX9quUnnzKNVw92V9NCJBR7iXNfy8dK4SqfVY2Rv5G0uIoaieOx7l7F704swLQ-2Bcz-2FrH2l0CT1G5CPFNCXqf2tFEygrkLog9ww7E-2FoaD4fLe5dX1FLQhNKJF7EpAzHKC6-2FDRZxWoB5MXv4rt13fNXy99zjRV9oHst-2B-2FjuGDqrLvXBJFqXxv9T59jymKzBcLMcnLrjyfAUhA1BQdsQH9xYUG6PoPeTBS0Ih1JdB6WJKcf6pWRwETqwCRVKHJKgyK4LlbOhMleXkXNbAU5Nn4AlYAP6jPE-2B-2Fhlhyb044eyBMM1ol2IB9oFGoPQkFZZ1btsn2Y8fpHcGQflIGHY5-2FzU054WO3FFs-2FudIErm4SW0Upe-2FUmiyieT-2BLHMtZrHqvoSpp1DQRUirNfak2mOHmUeFGMf2nsz2vWZkvEysgkvNGY3ppiA4GCddnMDWZoA4Ii0ke68rlffszl2CCmH-2BVqg338bz6Ppu8fGLjJkkHVrocI2ZoJ9MoS-2B0Ud-2FTJOFNF9C1TUVSzoTX"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Chrome Cache Entry: 127

Chrome Cache Entry: 128