Edit tour

Windows Analysis Report
https://www.calameo.com/read/005652686f8ff374103f3

Overview

General Information

Sample URL:	https://www.calameo.com/read/005652686f8ff374103f3
Analysis ID:	1584553
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

HTML body with high number of embedded SVGs detected

Classification

Process Tree

System is w10x64

chrome.exe (PID: 4192 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4908 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2524,i,13939320870459092663,15708760969845321266,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6536 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.calameo.com/read/005652686f8ff374103f3" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: https://kwanza.co.tz/gdpr-compliance

Avira URL Cloud: Label: malware

Source: https://www.calameo.com/read/005652686f8ff374103f3

HTTP Parser: Total embedded SVG size: 170094

Source: https://www.calameo.com/read/005652686f8ff374103f3

HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /read/005652686f8ff374103f3 HTTP/1.1Host: www.calameo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pinwheel/viewer/book/get?bkcode=005652686f8ff374103f3 HTTP/1.1Host: d.calameo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.calameo.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.calameo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pinwheel/viewer/book/get?bkcode=005652686f8ff374103f3 HTTP/1.1Host: d.calameo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: lang=en
Source: global traffic	HTTP traffic detected: GET /collect?e=view&aid=5652686&bid=14840225&dv=desktop&src=calameo&_c=544524610 HTTP/1.1Host: calameo-beacon.global.ssl.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.calameo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?e=pageview&aid=5652686&bid=14840225&pages=1&dv=desktop&src=calameo&_c=570123435 HTTP/1.1Host: calameo-beacon.global.ssl.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.calameo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?e=view&aid=5652686&bid=14840225&dv=desktop&src=calameo&_c=544524610 HTTP/1.1Host: calameo-beacon.global.ssl.fastly.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?e=pageview&aid=5652686&bid=14840225&pages=1&dv=desktop&src=calameo&_c=570123435 HTTP/1.1Host: calameo-beacon.global.ssl.fastly.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=10001&dv=desktop&src=calameo&_c=163033674 HTTP/1.1Host: calameo-beacon.global.ssl.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.calameo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=10001&dv=desktop&src=calameo&_c=163033674 HTTP/1.1Host: calameo-beacon.global.ssl.fastly.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=20002&dv=desktop&src=calameo&_c=532180254 HTTP/1.1Host: calameo-beacon.global.ssl.fastly.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.calameo.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=20002&dv=desktop&src=calameo&_c=532180254 HTTP/1.1Host: calameo-beacon.global.ssl.fastly.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=u;return t},Ik:function(){e=nb()},Gd:function(){d()}}};var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: if(!(e\|\|f\|\|g\|\|k.length\|\|m.length))return;var p={Hh:e,Fh:f,Gh:g,mi:k,ni:m,Xe:n,Jb:b},q=A.YT;if(q)return q.ready&&q.ready(d),b;var r=A.onYouTubeIframeAPIReady;A.onYouTubeIframeAPIReady=function(){r&&r();d()};G(function(){for(var u=E.getElementsByTagName("script"),v=u.length,t=0;t<v;t++){var w=u[t].getAttribute("src");if(hE(w,"iframe_api")\|\|hE(w,"player_api"))return b}for(var x=E.getElementsByTagName("iframe"),y=x.length,B=0;B<y;B++)if(!ZD&&fE(x[B],p.Xe))return lc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.calameo.com
Source: global traffic	DNS traffic detected: DNS query: v.calameo.com
Source: global traffic	DNS traffic detected: DNS query: consent.cookiebot.com
Source: global traffic	DNS traffic detected: DNS query: consentcdn.cookiebot.com
Source: global traffic	DNS traffic detected: DNS query: s.calameoassets.com
Source: global traffic	DNS traffic detected: DNS query: imgsct.cookiebot.com
Source: global traffic	DNS traffic detected: DNS query: d.calameo.com
Source: global traffic	DNS traffic detected: DNS query: ps.calameoassets.com
Source: global traffic	DNS traffic detected: DNS query: calameo-beacon.global.ssl.fastly.net

Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: http://adnordic.eu/privacypolicy.html
Source: chromecache_105.2.dr	String found in binary or memory: http://firstdonoharm.dev
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: http://help.dhgate.com/help/buyer_about_usen.php?catpid=g9
Source: chromecache_82.2.dr, chromecache_89.2.dr	String found in binary or memory: http://loading.retry.widdit.com/
Source: chromecache_104.2.dr, chromecache_101.2.dr	String found in binary or memory: http://skin.calameo.com/2.0
Source: chromecache_82.2.dr, chromecache_89.2.dr	String found in binary or memory: http://tt.epicplay.com
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: http://www.360.cn/privacy/v3/bpsxy.html
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: http://www.adsbynimbus.com/privacy-policy
Source: chromecache_104.2.dr, chromecache_101.2.dr	String found in binary or memory: http://www.calameo.com/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: http://www.fancydigital.com.cn/html/privacy_GDRP.html
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: http://www.link.ch/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: http://www.livelyimpact.com/privacy-policy.html
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: http://www.signifimedia.com.au/home/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://ads.innovativeadserver.com/gdrp
Source: chromecache_78.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_105.2.dr	String found in binary or memory: https://animate.style/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://app.flexitive.com/signup/privacy
Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://cdn.stroeerdigitalgroup.de/metatag/iabtcf/deviceStorage.json
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://corp.fluct.jp/privacy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://exposebox.com/privacy-policy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://firststars.de/datenschutzeinstellungen
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://flarie.com/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://foursquare.com/legal/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://fsharp.co/privacy-policy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://kaden.ai/privacy-policy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://kidoz.net/gdpr/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://kimiagroup.com/en/privacy-policy.html
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://kinesso.com/privacy-center/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://kobler.no/privacy-policy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://kubico.com/privacy-policy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://kwanza.co.tz/gdpr-compliance
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://lacunads.ushareit.com/policy.html
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://liftoff.io/privacy-policy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://listenloop.com/user-consent-policy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://lokaplatform.com/privacy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://nextlevel.sl/datenschutz/
Source: chromecache_78.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://partner.lentainform.com/privacy-policy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://rebelai.com/gdpr
Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://terms.line.me/line_rules
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.admaster.com.cn/en/about_us/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.adv.admeme.net/en/privacy/optout.html
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.crownpeak.com/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.everflow.io/legal/gdpr-policy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.expedia.co.uk/p/support/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.factual.com/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.fancs.com/privacypolicy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.fiverr.com/privacy-policy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.flywheel.jp/privacy-policy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.forbes.com/privacy/english/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.fortvision.com/privacy-policy/index.html
Source: chromecache_78.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_78.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.ingenio.com/privacypolicy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.jysk.ee/cookies
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.kadam.net/ru/privacy-policy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.kaufda.de/Datenschutz
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.kayak.com/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.kelkoo.fr/info-societe/politique-confidentialite
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.keycdn.com/gdpr
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.kwanzoo.com/gdpr
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.landsend.com/customerservice/legal_policies/privacy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.leadbolt.com/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.lendingtree.com/legal/privacy-policy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.lidl.es/es/politica-de-privacidad/s797
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.ligatus.com/en/privacy-policy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.linkstorm.net/privacy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.livepartners.com/confidentiality.html
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.loblaw.ca/en/privacy-policy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.localstars.com/localstars-privacy-policy
Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.nexstardigital.com/privacy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.nexus-soft.org/index/privacy
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.ninthdecimal.com/privacy/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.nomuraholdings.com/policy/privacy.html
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.philips.com/a-w/privacy-notice.html#triggername=info_how_we_protect_data
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.stroeer.de/werben-mit-stroeer/onlinewerbung/programmatic-data/datenschutz-sdi/
Source: chromecache_93.2.dr, chromecache_99.2.dr	String found in binary or memory: https://www.stroeer.de/werben-mit-stroeer/onlinewerbung/programmatic-data/sdi-datenschutz-b2c
Source: chromecache_100.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866

Source: classification engine

Classification label: mal48.win@17/62@34/5

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2524,i,13939320870459092663,15708760969845321266,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.calameo.com/read/005652686f8ff374103f3"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2524,i,13939320870459092663,15708760969845321266,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.calameo.com/read/005652686f8ff374103f3	0%	Avira URL Cloud	safe

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://www.loblaw.ca/en/privacy-policy/	0%	Avira URL Cloud	safe
https://www.flywheel.jp/privacy-policy/	0%	Avira URL Cloud	safe
https://www.ninthdecimal.com/privacy/	0%	Avira URL Cloud	safe
http://tt.epicplay.com	0%	Avira URL Cloud	safe
https://www.kadam.net/ru/privacy-policy	0%	Avira URL Cloud	safe
http://www.adsbynimbus.com/privacy-policy	0%	Avira URL Cloud	safe
http://adnordic.eu/privacypolicy.html	0%	Avira URL Cloud	safe
https://www.everflow.io/legal/gdpr-policy	0%	Avira URL Cloud	safe
https://www.stroeer.de/werben-mit-stroeer/onlinewerbung/programmatic-data/datenschutz-sdi/	0%	Avira URL Cloud	safe
https://kinesso.com/privacy-center/	0%	Avira URL Cloud	safe
http://loading.retry.widdit.com/	0%	Avira URL Cloud	safe
https://www.ligatus.com/en/privacy-policy	0%	Avira URL Cloud	safe
https://www.nomuraholdings.com/policy/privacy.html	0%	Avira URL Cloud	safe
http://firstdonoharm.dev	0%	Avira URL Cloud	safe
https://firststars.de/datenschutzeinstellungen	0%	Avira URL Cloud	safe
https://www.nexstardigital.com/privacy/	0%	Avira URL Cloud	safe
https://lokaplatform.com/privacy/	0%	Avira URL Cloud	safe
https://www.nexus-soft.org/index/privacy	0%	Avira URL Cloud	safe
https://www.livepartners.com/confidentiality.html	0%	Avira URL Cloud	safe
https://rebelai.com/gdpr	0%	Avira URL Cloud	safe
http://www.livelyimpact.com/privacy-policy.html	0%	Avira URL Cloud	safe
http://www.fancydigital.com.cn/html/privacy_GDRP.html	0%	Avira URL Cloud	safe
https://flarie.com/privacy	0%	Avira URL Cloud	safe
https://www.stroeer.de/werben-mit-stroeer/onlinewerbung/programmatic-data/sdi-datenschutz-b2c	0%	Avira URL Cloud	safe
https://kimiagroup.com/en/privacy-policy.html	0%	Avira URL Cloud	safe
https://partner.lentainform.com/privacy-policy/	0%	Avira URL Cloud	safe
https://www.kelkoo.fr/info-societe/politique-confidentialite	0%	Avira URL Cloud	safe
http://www.signifimedia.com.au/home/privacy	0%	Avira URL Cloud	safe
http://help.dhgate.com/help/buyer_about_usen.php?catpid=g9	0%	Avira URL Cloud	safe
https://www.crownpeak.com/privacy	0%	Avira URL Cloud	safe
https://kubico.com/privacy-policy/	0%	Avira URL Cloud	safe
https://kwanza.co.tz/gdpr-compliance	100%	Avira URL Cloud	malware
https://www.admaster.com.cn/en/about_us/privacy	0%	Avira URL Cloud	safe
https://nextlevel.sl/datenschutz/	0%	Avira URL Cloud	safe
https://www.keycdn.com/gdpr	0%	Avira URL Cloud	safe
https://www.factual.com/privacy	0%	Avira URL Cloud	safe
https://www.localstars.com/localstars-privacy-policy	0%	Avira URL Cloud	safe
https://www.fancs.com/privacypolicy	0%	Avira URL Cloud	safe
https://www.fortvision.com/privacy-policy/index.html	0%	Avira URL Cloud	safe
https://www.adv.admeme.net/en/privacy/optout.html	0%	Avira URL Cloud	safe
https://www.kwanzoo.com/gdpr	0%	Avira URL Cloud	safe
https://kaden.ai/privacy-policy/	0%	Avira URL Cloud	safe
https://ads.innovativeadserver.com/gdrp	0%	Avira URL Cloud	safe
http://skin.calameo.com/2.0	0%	Avira URL Cloud	safe
https://app.flexitive.com/signup/privacy	0%	Avira URL Cloud	safe
https://www.lidl.es/es/politica-de-privacidad/s797	0%	Avira URL Cloud	safe
https://www.leadbolt.com/privacy	0%	Avira URL Cloud	safe
https://fsharp.co/privacy-policy	0%	Avira URL Cloud	safe
https://www.linkstorm.net/privacy/	0%	Avira URL Cloud	safe
https://www.ingenio.com/privacypolicy	0%	Avira URL Cloud	safe
http://www.link.ch/privacy	0%	Avira URL Cloud	safe
https://corp.fluct.jp/privacy/	0%	Avira URL Cloud	safe
https://www.jysk.ee/cookies	0%	Avira URL Cloud	safe
https://lacunads.ushareit.com/policy.html	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
www.calameo.com	85.233.202.179	true	false	high
www.google.com	172.217.16.196	true	false	high
d.calameo.com	85.233.202.179	true	false	high
calameo-beacon.global.ssl.fastly.net	151.101.1.194	true	false	high
consentcdn.cookiebot.com	unknown	unknown	false	high
imgsct.cookiebot.com	unknown	unknown	false	high
v.calameo.com	unknown	unknown	false	high
consent.cookiebot.com	unknown	unknown	false	high
s.calameoassets.com	unknown	unknown	false	high
ps.calameoassets.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Reputation
https://d.calameo.com/pinwheel/viewer/book/get?bkcode=005652686f8ff374103f3	false	high
https://www.calameo.com/read/005652686f8ff374103f3	false	high
https://calameo-beacon.global.ssl.fastly.net/collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=20002&dv=desktop&src=calameo&_c=532180254	false	high
https://calameo-beacon.global.ssl.fastly.net/collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=10001&dv=desktop&src=calameo&_c=163033674	false	high
https://calameo-beacon.global.ssl.fastly.net/collect?e=view&aid=5652686&bid=14840225&dv=desktop&src=calameo&_c=544524610	false	high
https://calameo-beacon.global.ssl.fastly.net/collect?e=pageview&aid=5652686&bid=14840225&pages=1&dv=desktop&src=calameo&_c=570123435	false	high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.flywheel.jp/privacy-policy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/g/collect	chromecache_100.2.dr, chromecache_78.2.dr	false		high
https://www.stroeer.de/werben-mit-stroeer/onlinewerbung/programmatic-data/datenschutz-sdi/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.everflow.io/legal/gdpr-policy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.kadam.net/ru/privacy-policy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.loblaw.ca/en/privacy-policy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
http://tt.epicplay.com	chromecache_82.2.dr, chromecache_89.2.dr	false	Avira URL Cloud: safe	unknown
https://kinesso.com/privacy-center/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://cdn.stroeerdigitalgroup.de/metatag/iabtcf/deviceStorage.json	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://www.fiverr.com/privacy-policy	chromecache_93.2.dr, chromecache_99.2.dr	false		high
http://www.calameo.com/	chromecache_104.2.dr, chromecache_101.2.dr	false		high
https://liftoff.io/privacy-policy/	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://www.ninthdecimal.com/privacy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://listenloop.com/user-consent-policy	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://www.google.com	chromecache_78.2.dr	false		high
https://www.youtube.com/iframe_api	chromecache_100.2.dr, chromecache_78.2.dr	false		high
http://www.adsbynimbus.com/privacy-policy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://terms.line.me/line_rules	chromecache_93.2.dr, chromecache_99.2.dr	false		high
http://adnordic.eu/privacypolicy.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.philips.com/a-w/privacy-notice.html#triggername=info_how_we_protect_data	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://www.lendingtree.com/legal/privacy-policy	chromecache_93.2.dr, chromecache_99.2.dr	false		high
http://loading.retry.widdit.com/	chromecache_82.2.dr, chromecache_89.2.dr	false	Avira URL Cloud: safe	unknown
https://foursquare.com/legal/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://www.ligatus.com/en/privacy-policy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.nomuraholdings.com/policy/privacy.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://firststars.de/datenschutzeinstellungen	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.landsend.com/customerservice/legal_policies/privacy/	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://www.kaufda.de/Datenschutz	chromecache_93.2.dr, chromecache_99.2.dr	false		high
http://firstdonoharm.dev	chromecache_105.2.dr	false	Avira URL Cloud: safe	unknown
https://www.livepartners.com/confidentiality.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.nexstardigital.com/privacy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://lokaplatform.com/privacy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.nexus-soft.org/index/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://rebelai.com/gdpr	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
http://www.livelyimpact.com/privacy-policy.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
http://www.fancydigital.com.cn/html/privacy_GDRP.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://partner.lentainform.com/privacy-policy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.forbes.com/privacy/english/	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://flarie.com/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.stroeer.de/werben-mit-stroeer/onlinewerbung/programmatic-data/sdi-datenschutz-b2c	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://kimiagroup.com/en/privacy-policy.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
http://help.dhgate.com/help/buyer_about_usen.php?catpid=g9	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.kelkoo.fr/info-societe/politique-confidentialite	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://kidoz.net/gdpr/	chromecache_93.2.dr, chromecache_99.2.dr	false		high
http://www.signifimedia.com.au/home/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.crownpeak.com/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://kobler.no/privacy-policy	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://kwanza.co.tz/gdpr-compliance	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: malware	unknown
https://kubico.com/privacy-policy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.admaster.com.cn/en/about_us/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://animate.style/	chromecache_105.2.dr	false		high
https://www.keycdn.com/gdpr	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://nextlevel.sl/datenschutz/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.localstars.com/localstars-privacy-policy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://cct.google/taggy/agent.js	chromecache_100.2.dr, chromecache_78.2.dr	false		high
https://www.factual.com/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.fancs.com/privacypolicy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.fortvision.com/privacy-policy/index.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
http://www.360.cn/privacy/v3/bpsxy.html	chromecache_93.2.dr, chromecache_99.2.dr	false		high
https://td.doubleclick.net	chromecache_100.2.dr, chromecache_78.2.dr	false		high
https://www.adv.admeme.net/en/privacy/optout.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.kwanzoo.com/gdpr	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://kaden.ai/privacy-policy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.lidl.es/es/politica-de-privacidad/s797	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.merchant-center-analytics.goog	chromecache_100.2.dr, chromecache_78.2.dr	false		high
https://fsharp.co/privacy-policy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://app.flexitive.com/signup/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.leadbolt.com/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
http://skin.calameo.com/2.0	chromecache_104.2.dr, chromecache_101.2.dr	false	Avira URL Cloud: safe	unknown
https://www.linkstorm.net/privacy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://ads.innovativeadserver.com/gdrp	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.ingenio.com/privacypolicy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.kayak.com/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false		high
http://www.link.ch/privacy	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://adservice.google.com/pagead/regclk?	chromecache_78.2.dr	false		high
https://corp.fluct.jp/privacy/	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://www.jysk.ee/cookies	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown
https://lacunads.ushareit.com/policy.html	chromecache_93.2.dr, chromecache_99.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
85.233.202.179	www.calameo.com	France	15830	EQUINIX-CONNECT-EMEAGB	false
151.101.1.194	calameo-beacon.global.ssl.fastly.net	United States	54113	FASTLYUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.16.196	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1584553
Start date and time:	2025-01-05 20:37:23 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 0s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.calameo.com/read/005652686f8ff374103f3
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.win@17/62@34/5

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.195, 142.250.186.46, 66.102.1.84, 142.250.186.142, 172.217.16.206, 142.250.185.238, 2.19.126.151, 2.19.126.140, 95.101.54.211, 95.101.54.122, 2.23.227.209, 2.23.227.216, 2.18.64.31, 2.18.64.26, 23.215.21.26, 2.16.168.12, 2.16.168.4, 199.232.214.172, 192.229.221.95, 172.217.18.8, 95.101.54.121, 2.16.202.128, 2.20.245.138, 2.20.245.137, 142.250.184.200, 142.250.186.138, 172.217.18.106, 172.217.16.138, 142.250.186.106, 216.58.206.42, 142.250.185.170, 142.250.185.234, 142.250.184.202, 142.250.185.138, 142.250.181.234, 142.250.74.202, 172.217.18.10, 142.250.185.202, 142.250.186.170, 142.250.186.42, 142.250.185.106, 142.250.185.78, 142.250.186.110, 216.58.212.174, 142.250.74.206, 142.250.185.163, 216.58.206.78, 184.28.90.27, 4.175.87.197, 13.107.246.45
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, v.calameo.com.edgesuite.net, a559.dscb.akamai.net, ps.calameoassets.com.edgesuite.net, clients2.google.com, ocsp.digicert.com, redirector.gvt1.com, www.googletagmanager.com, update.googleapis.com, a1779.dscb.akamai.net, consent.cookiebot.com-v2.edgekey.net, consentcdn.cookiebot.com-v1.edgekey.net, www.google-analytics.com, s.calameoassets.com.edgesuite.net, fs.microsoft.com, e3849.dsca.akamaiedge.net, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, a1435.dscb.akamai.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, imgsct.cookiebot.com.edgekey.net, clients.l.google.com, e110990.dsca.akamaiedge.net
Not all processes where analyzed, report is missing behavior information
VT rate limit hit for: https://www.calameo.com/read/005652686f8ff374103f3

Simulations

Behavior and APIs

⊘No simulations

Input	Output
URL: https://www.calameo.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": false }
URL: https://www.calameo.com
URL: https://www.calameo.com/read/005652686f8ff374103f3 Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.calameo.com/read/005652686f8ff374103f3 Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.calameo.com/read/005652686f8ff374103f3 Model: Joe Sandbox AI	{ "brands": "unknown" }

URL: https://www.calameo.com/read/005652686f8ff374103f3 Model: Joe Sandbox AI	{ "brands": "unknown" }

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5945)
Category:	dropped
Size (bytes):	311651
Entropy (8bit):	5.583063767276838
Encrypted:	false
SSDEEP:	6144:i4KGYnsmQ8DvZ1HcRCrKkEZMf3/5TfVEuT+bsHo:rKim9Dv7Hc81CCo
MD5:	489D45A0992FF2AA8335B2A765567B13
SHA1:	CA810078E97260D745B8E4705C3C629FC8D5C133
SHA-256:	9A6FABAE33CC842996DCFAA25077A6C1A04930ECB0F7A831A953DCFC1CA2B287
SHA-512:	70BECBCD5F19EDAD412A1B43B801018E936E3D1E6C757E7E72325874D1CDD7F88E4962F9E3F04458283FBEFF3BCB6173F64D774C63F3113BC247BBFC2BBA1DB2
Malicious:	false
Reputation:	low
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_dma","priority":11,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":8},{"function":"__ogt_1p_data_v2","priority":11,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_l

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, Unicode text, UTF-8 text
Category:	dropped
Size (bytes):	8537
Entropy (8bit):	5.182249910747252
Encrypted:	false
SSDEEP:	192:sz+2E739yb0OY6qVOyCdeQ+PX+UaIrUJjkTB96D+gorT:sz6TbH
MD5:	6475ABCC2C2E392E2C8D507082E53912
SHA1:	252AB24D8D50F6046C25A8E8BDAA672D19C09C61
SHA-256:	9A2ED41B9B257BFD99DFE8AA75133D9E66536563B69666D03EC353DDC76E7952
SHA-512:	DD3F570A8B5DA200F0D71A6760CB7F23B58544215997F05B5124213ACB4E628E96C0F9DCEA45ED008615FB3B28C925902799C849918C7005671A13264696FE2D
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0"?>.<root xmlns="http://skin.calameo.com/2.0" backgroundColor="0x313639">... ...Calam.o Skin: 2021...Version: 2.1...Author: Mathieu "FastJack" Quisefit...Date: 2021-01-04...Copyright(c) 2011-2030 Calameo SARL....contact@calameo.com...http://www.calameo.com/..-->... Assets -->..<media name="skin" source="assets.png"/>... Styles -->..<styles>..<![CDATA[...tooltips.common.border.radius=3...tooltips.common.text.size=9...popups.title.color=0x999999...popups.title.bold=false...popups.horizontalmargin=10...popups.verticalmargin=10...popups.selected.alpha=0.2...popups.border.radius=4...popups.items.verticalmargin=6...related.items.title.size=14...related.items.title.bold=false...related.items.text.size=11...search.items.title.size=14...search.items.title.bold=false...search.items.text.size=11...tooltips.link.text.color=0xFFFFFF...tooltips.link.url.color=0x999999...tooltips.link.url.size=11...scroller.inertia.deceleration=5...fields.border.radius=3...fields.border.

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 240, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	32524
Entropy (8bit):	7.939116333134086
Encrypted:	false
SSDEEP:	768:p35hlxITeApcJgT601SHDn8d+4OASCvtHxK077U4cMB:KTeAaJR8d8ASCDK0cOB
MD5:	8308F11AFCA06D192F764F4D968BF608
SHA1:	B29BD444A3A4A44816FE03825B97432FD0A8C22A
SHA-256:	9FB47156EA909621C0BB83623A93A990E5CBBF90D0F186BC1680172BB9DD08CE
SHA-512:	E9A48756613D6DDCD421E5D00A4B83D03B279C41F85114FFB7AC75BF16EBCBEF5A6F4E90896B6F1B6D5162E04D4E9DAE60591F6218CC0715533C06F3D3303332
Malicious:	false
Reputation:	low
URL:	https://v.calameo.com/pinwheel/skin/2.1/2021/assets.png
Preview:	.PNG........IHDR..............6......pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (62169), with LF, NEL line terminators
Category:	downloaded
Size (bytes):	281699
Entropy (8bit):	5.494684174661139
Encrypted:	false
SSDEEP:	3072:8CSo8hcd56O4W1jQi95xKJ4sWIPAMIKaIn1chfogFmpB:ZSLLO4W1jQi95xKq04w1OFC
MD5:	B935EF7DB79C76736B8E28D6E6BA9DEF
SHA1:	46E45DBBABCC616194D06821721F92286750AE05
SHA-256:	0E16438EB50D68F22561E6F9B32623E858AC5D63AE23306B4F8E3FD8286D7290
SHA-512:	DF0430037BE124674BCC4D1E17D544866EB0AD593092186B46170FD128CA443CA19BB1816A26A8D4C5888A5AA2936BFFCB8B2661162946632698D54ED27B4D11
Malicious:	false
Reputation:	low
URL:	https://consent.cookiebot.com/Framework/IAB/consent-sdk-2.2.js
Preview:	// 2.80.0 - 2024-12-10T11:48:39.456Z."undefined"==typeof CookiebotCMPControl&&(CookiebotCMPControl={}),CookiebotCMPControl.IABCMP=function(){this.CmpId=134,this.CmpVersion=1,this.CmpApi=null,this.GACMSpecVersion=2,this.gdprApplies=!0,this.GACMCommonList=[7,12,35,62,66,70,89,108,122,134,149,153,154,161,162,165,167,184,196,221,229,241,253,259,311,317,323,338,348,350,359,414,415,440,448,449,482,486,494,495,540,571,574,588,590,609,782,817,864,932,976,981,1047,1051,1095,1097,1126,1127,1170,1171,1201,1205,1211,1212,1232,1236,1248,1276,1301,1313,1344,1365,1415,1423,1449,1451,1509,1570,1577,1651,1652,1669,1716,1733,1735,1753,1765,1834,1870,1878,1889,1896,1922,2012,2072,2078,2079,2202,2253,2290,2299,2316,2357,2373,2382,2464,2526,2531,2568,2571,2575,2663,2677,2776,2778,2779],this.getAllowedGoogleVendors=function(){var allowedGooglePartners=[];if(window.CookieConsentDialog)if(CookieConsentDialog.googlePartnersSortedIds&&(allowedGooglePartners=CookieConsentDialog.googlePartnersSortedIds),CookieCon

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, Unicode text, UTF-8 text
Category:	downloaded
Size (bytes):	8537
Entropy (8bit):	5.182249910747252
Encrypted:	false
SSDEEP:	192:sz+2E739yb0OY6qVOyCdeQ+PX+UaIrUJjkTB96D+gorT:sz6TbH
MD5:	6475ABCC2C2E392E2C8D507082E53912
SHA1:	252AB24D8D50F6046C25A8E8BDAA672D19C09C61
SHA-256:	9A2ED41B9B257BFD99DFE8AA75133D9E66536563B69666D03EC353DDC76E7952
SHA-512:	DD3F570A8B5DA200F0D71A6760CB7F23B58544215997F05B5124213ACB4E628E96C0F9DCEA45ED008615FB3B28C925902799C849918C7005671A13264696FE2D
Malicious:	false
Reputation:	low
URL:	https://v.calameo.com/pinwheel/skin/2.1/2021/skin.xml
Preview:	<?xml version="1.0"?>.<root xmlns="http://skin.calameo.com/2.0" backgroundColor="0x313639">... ...Calam.o Skin: 2021...Version: 2.1...Author: Mathieu "FastJack" Quisefit...Date: 2021-01-04...Copyright(c) 2011-2030 Calameo SARL....contact@calameo.com...http://www.calameo.com/..-->... Assets -->..<media name="skin" source="assets.png"/>... Styles -->..<styles>..<![CDATA[...tooltips.common.border.radius=3...tooltips.common.text.size=9...popups.title.color=0x999999...popups.title.bold=false...popups.horizontalmargin=10...popups.verticalmargin=10...popups.selected.alpha=0.2...popups.border.radius=4...popups.items.verticalmargin=6...related.items.title.size=14...related.items.title.bold=false...related.items.text.size=11...search.items.title.size=14...search.items.title.bold=false...search.items.text.size=11...tooltips.link.text.color=0xFFFFFF...tooltips.link.url.color=0x999999...tooltips.link.url.size=11...scroller.inertia.deceleration=5...fields.border.radius=3...fields.border.

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65346)
Category:	downloaded
Size (bytes):	178094
Entropy (8bit):	5.788108140459645
Encrypted:	false
SSDEEP:	3072:8kZ8wz1bAMkhDi3HyR50r3et0hT1UoCUlcKEwbFp1PGmFbyd:8kZ8wz1bAMkhDi3HyR50r3et0hT6/0IB
MD5:	71A8DE2134EE60203A07C212475D10CC
SHA1:	94EB86584846B619C3C49DD80E45E90694A5334C
SHA-256:	257CEC89580B85E59A2C3BD8F558449B8E5D4F31DDE3F1C458E32300FA44A2E1
SHA-512:	17F7A808945F342FF5251B2B112EAB6B98A0B47A23A6D3C386315A559302E0C4383E1C01C7B398EF9534083435A5C59D02F222C5F2B2E93673D98161B7819CE9
Malicious:	false
Reputation:	low
URL:	https://v.calameo.com/9108-000163/pinwheel/viewer/css/main.css
Preview:	@charset "UTF-8";/!. animate.css - https://animate.style/. * Version - 4.1.1. * Licensed under the Hippocratic License 2.1 - http://firstdonoharm.dev. . Copyright (c) 2022 Animate.css. /body,input{font-family:Roboto,Helvetica,Arial,sans-serif}#CybotCookiebotDialog ,#CybotCookiebotDialogBodyUnderlay,#ad-close,#ad-layout,#ad-layout .button-close,.loader-error .error-id,.loader-error .error-link,.loader-error .error-overlay,.notification,.viewer *,body button,body embed,body iframe,body input,body object,body select,body textarea{pointer-events:auto}#vc,body,html{top:0;bottom:0}#ad,#vc,body,html{left:0;right:0}#ad-close,body{font-size:12px}#vc,body,body.withad-bottom #ad,html{bottom:0}body.withad-320x100 #adi,body.withad-320x50 #adi{width:320px}:root{--animate-duration:1s;--animate-delay:1s;--animate-repeat:1;color-scheme:light only}.animate__animated{-webkit-animation-duration:var(--animate-duration);animation-duration:var(--animate-duration);-webkit-animation-fill-mode:both;anim

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	157794
Entropy (8bit):	4.7924777122434525
Encrypted:	false
SSDEEP:	3072:wcSlDrXhOgpU7a4KzmoSFw3A0QZu0s7S7k7HpX4:R29m
MD5:	3225BF6FB99D157D1BB4696E49BB41A2
SHA1:	E3AE209F6505ED6866C3616792B317DCB6CEDF5A
SHA-256:	6D569CAFB339C3864ED829B194927BD14F34CE390E000C94C9ECC8E1489BE00A
SHA-512:	F57884B9C1DFBFA8DC9B74620C094DAF40D98C38AF30950B635E2C8DF88085E2BB19E4CC166F7526E2B410CD91564B8AC3C0DE476FC957415C0835C8544E34DF
Malicious:	false
Reputation:	low
URL:	https://v.calameo.com/9108-000163/pinwheel/viewer/images/desktop/internal-assets.svg
Preview:	<svg width="0" height="0" style="position:absolute"><symbol viewBox="0 0 28.347 28.347" id="gfxAvatar" xmlns="http://www.w3.org/2000/svg"><path fill="#bed731" d="M8.62.173h11.11v3.675H8.62z"/><path fill="#fff" d="M17.708 15.892h-6.791c0-4.7 1.024-5.411 3.594-5.411 2.211 0 3.238.632 3.238 4.186 0 .395 0 .87-.041 1.225M14.47 6.295c-6.713 0-8.846 3.356-8.846 10.938 0 7.898 2.449 10.939 8.807 10.939 4.463 0 7.859-.789 7.859-.789l-.08-4.148s-3.08.437-6.871.437c-3.119 0-4.227-1.065-4.266-4.543h11.452s.197-1.539.197-3.515c.002-6.081-1.776-9.319-8.252-9.319"/></symbol><symbol viewBox="0 0 30 30" id="gfxButtonAudioPlayDisabled" xmlns="http://www.w3.org/2000/svg"><circle opacity=".8" fill="#99a5ab" cx="15" cy="15" r="14"/><path fill="#313639" d="M16.912 5.667h-2.254V16.64c-2.669-.526-5.455 1.844-4.666 4.08 1.043 2.954 6.917 2.063 6.922-1.921 0-.976 0-5.04-.003-8.727 2.108 1.556 4.099 2.528 3.703 5.159 4.616-5.565-3.702-6.852-3.702-9.564"/></symbol><symbol viewBox="0 0 30 30" id="gfxButtonAudioPl

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	downloaded
Size (bytes):	1150
Entropy (8bit):	5.2807062151153215
Encrypted:	false
SSDEEP:	24:XBwpaUPG3mEvBXfXhGrIw8PpUD42l7NvM9FXfLehdVj:X4aT3dfXhGrV0ylRE3PLQdV
MD5:	F8AABCEFFEB91327109A1396B7F88C02
SHA1:	CECECF0E0B896F2DAC17730B7448D24C526AA9B1
SHA-256:	5B6839B79356AFE6BE577391766FFF3B95D0594589F6E1E9258EAAE82DB82E89
SHA-512:	52F5EB48F168A3633978161F1DD0EE80186108BE6F04E5CE8885EBAE273E92869611DF35FCE65435B25354CD84A61D6F21856C2D52569431B25C34B11839A9C4
Malicious:	false
Reputation:	low
URL:	https://s.calameoassets.com/pinwheel/9108-9e6b05/platform/img/favicon/favicon.ico
Preview:	............ .h.......(....... ..... .........................'#..&"..'$ .(%!.&#..(&%." ..(&%.#! .(&%.$"!.(%!.)&".)&".$ ..&!./+&.%!..%"..+($.%"../-,.(&%.%#".)'&.'%$.(&%. ...%"..(%!.$ ..($..%!..'#...+'.+($.....^\[.....................DA=.!...+($./+&.'#..,(#..%.&#..!...QNJ.........................eb^.'$ .+($..%."...!...3/.-&.%"....}.............YWV.b`_...~.A>:.+($.'$ .$ ..($..&!.)% ."...,)%.............fdc.`^].WUT.ecb.30,.!...&#..%!...%.($..)% .(%!..+'...............................}.0-).-&.&!.'#..'#..0,'.)&".$!..................................(%!.%"..&!.)% .8!..5&#.%"..%,'.............5%&.7'(.........ipk.,3.."...3$!.=&$.#...3/.'&".....bfa.........................GKF.....)($.)% .%...#0(..!..,'$.2%#.=+.........................5#".5(&.$...##..,$..$..'".0$"., ......">8.1k`.@...B....h].$@:......" .4(&.'"..&..2&".+...1%#.'-(...#.,.t.K..3..4..I..,.t..,!.(.).5)'.%...5)%.$...9..+... ....)#.-XO..vi.(.s."~m.6~q.$OF..)#.$...(...:/+.& ...%.. "..*!..?-,.3...3. .6&'.."".."".0 !.:%

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	163776
Entropy (8bit):	6.043239828521164
Encrypted:	false
SSDEEP:	3072:kxioLSpcFxtSap52mHvXJuCNVVlK6yjS8FDLfnhlnMRXhp:kxbLSpc1Rbv5fzVtyjSSbnhBMRXz
MD5:	4B2A7FE5258FE54066ADED33CB155000
SHA1:	945EF6E93258C6DBCE1995D4500F48B4458EE71F
SHA-256:	79F56825C6F144FD2FAAEDE11F9465AFD0E6D8F0D3EA0475952B78DD8E29ECA8
SHA-512:	AB59C7B11C499D8EB51418A66CA30D5BB2BBA6E6E568266A2F7FC31CDF77734809107CF874CC332EC6FD1DADF41B51F19330A92AAB067F18943C9016AA14B8F1
Malicious:	false
Reputation:	low
Preview:	<svg viewBox="0 0 1600 1131" version="1.1" preserveAspectRatio="xMinYMin meet" text-rendering="geometricPrecision" class="p3" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><style type="text/css">text{white-space:pre;font-size:16px;font-weight:normal;font-style:normal;fill:none;unicode-bidi:bidi-override}@font-face{font-family:"p3_g_d0_f11";src:url("data:application/font-woff;charset=utf-8;base64,d09GRk9UVE8AAAf4AAkAAAAACvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDRkYgAAAA4AAABP8AAAZmGDD45E9TLzIAAAXgAAAARwAAAGBqTmZmY21hcAAABigAAABpAAAAtARJAwxoZWFkAAAGlAAAADAAAAA2ac+VbGhoZWEAAAbEAAAAGwAAACQD5AM1aG10eAAABuAAAAA7AAAATDdSAABtYXhwAAAHHAAAAAYAAAAGABNQAG5hbWUAAAckAAAAxgAAAhCs2PxocG9zdAAAB+wAAAAMAAAAIAADAAB4nJ1UfUxTVxR/D7jm4Ew3P950YTKyICRmC9SCmx9TUNx0k6LMqAOVEaBqCagrLUVb+Vh1y85UbPmwrZUPNYIQ6DRsOhadn8y5mUVaotuCWzLM5h82M5nvPa6bu5d2yt/753fuOefed8/5/c59ohAjCqIoTtquK9hcUJxaYNBquZ+sxAnKi1HKzGglPgZ3j1pG/WSmIAi3n+X4z2RkZoJhivC8KEZNe2nW7JS0eYuWLs/OXbeh0FC63byzWjvugwnZJcVbzWX

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	dropped
Size (bytes):	383
Entropy (8bit):	7.29317558342928
Encrypted:	false
SSDEEP:	6:6v/lhPkqP28yWDT1OiuyFYzhuH9S8W8saZ6Yq4tgmsPNd+ZXGrpVDR+GLuZsNzFf:6v/7sU5pn1OiFFQoUtfS3NEd+IpVDxCE
MD5:	98F27C16ADA95808B5629BD624B5CDFA
SHA1:	F652BA6995D550C02EEC64FCB32131ECC10A117F
SHA-256:	A759100304433AC80E920D415DEA3041FBBD34F53CCD0080C73DDA0410D30F2A
SHA-512:	B6D3C8523C0864A5CC10D0906D2E34BE5FF54446E8E9E7B88BE41C8DF732E6CF89EF2B004BCA19A30EB05C77694021BD79BFF6D16E89D81C03F4CE27FC7F1E78
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR... ... .....D......]PLTE. #$,...2$...CHK...........!...OSVz}.Wd$..+...imo[_a...49<>BF....+..(.....CM%..+q.(....*w..Q....IDATx...r. .E...U@.........>@^;=..3w.p.g.].E..\|.\|.i.c>x.4a.<.5..~rW..V.}1..w....k.....V:..Wk.u.{...\HiD.v"L.a!...HM...<..F1C+Xi.,.K.j..".>..".t.'Lp..._.w..".I{O.......s\|.!....s.u.!..2...OC....{..{...bL....L...Oy.7.....[.....IEND.B`.

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 1200 x 240, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	32524
Entropy (8bit):	7.939116333134086
Encrypted:	false
SSDEEP:	768:p35hlxITeApcJgT601SHDn8d+4OASCvtHxK077U4cMB:KTeAaJR8d8ASCDK0cOB
MD5:	8308F11AFCA06D192F764F4D968BF608
SHA1:	B29BD444A3A4A44816FE03825B97432FD0A8C22A
SHA-256:	9FB47156EA909621C0BB83623A93A990E5CBBF90D0F186BC1680172BB9DD08CE
SHA-512:	E9A48756613D6DDCD421E5D00A4B83D03B279C41F85114FFB7AC75BF16EBCBEF5A6F4E90896B6F1B6D5162E04D4E9DAE60591F6218CC0715533C06F3D3303332
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR..............6......pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+.....x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D...A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

Chrome Cache Entry: 71

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Category:	dropped
Size (bytes):	1150
Entropy (8bit):	5.2807062151153215
Encrypted:	false
SSDEEP:	24:XBwpaUPG3mEvBXfXhGrIw8PpUD42l7NvM9FXfLehdVj:X4aT3dfXhGrV0ylRE3PLQdV
MD5:	F8AABCEFFEB91327109A1396B7F88C02
SHA1:	CECECF0E0B896F2DAC17730B7448D24C526AA9B1
SHA-256:	5B6839B79356AFE6BE577391766FFF3B95D0594589F6E1E9258EAAE82DB82E89
SHA-512:	52F5EB48F168A3633978161F1DD0EE80186108BE6F04E5CE8885EBAE273E92869611DF35FCE65435B25354CD84A61D6F21856C2D52569431B25C34B11839A9C4
Malicious:	false
Reputation:	low
Preview:	............ .h.......(....... ..... .........................'#..&"..'$ .(%!.&#..(&%." ..(&%.#! .(&%.$"!.(%!.)&".)&".$ ..&!./+&.%!..%"..+($.%"../-,.(&%.%#".)'&.'%$.(&%. ...%"..(%!.$ ..($..%!..'#...+'.+($.....^\[.....................DA=.!...+($./+&.'#..,(#..%.&#..!...QNJ.........................eb^.'$ .+($..%."...!...3/.-&.%"....}.............YWV.b`_...~.A>:.+($.'$ .$ ..($..&!.)% ."...,)%.............fdc.`^].WUT.ecb.30,.!...&#..%!...%.($..)% .(%!..+'...............................}.0-).-&.&!.'#..'#..0,'.)&".$!..................................(%!.%"..&!.)% .8!..5&#.%"..%,'.............5%&.7'(.........ipk.,3.."...3$!.=&$.#...3/.'&".....bfa.........................GKF.....)($.)% .%...#0(..!..,'$.2%#.=+.........................5#".5(&.$...##..,$..$..'".0$"., ......">8.1k`.@...B....h].$@:......" .4(&.'"..&..2&".+...1%#.'-(...#.,.t.K..3..4..I..,.t..,!.(.).5)'.%...5)%.$...9..+... ....)#.-XO..vi.(.s."~m.6~q.$OF..)#.$...(...:/+.& ...%.. "..*!..?-,.3...3. .6&'.."".."".0 !.:%

Chrome Cache Entry: 72

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Category:	downloaded
Size (bytes):	383
Entropy (8bit):	7.29317558342928
Encrypted:	false
SSDEEP:	6:6v/lhPkqP28yWDT1OiuyFYzhuH9S8W8saZ6Yq4tgmsPNd+ZXGrpVDR+GLuZsNzFf:6v/7sU5pn1OiFFQoUtfS3NEd+IpVDxCE
MD5:	98F27C16ADA95808B5629BD624B5CDFA
SHA1:	F652BA6995D550C02EEC64FCB32131ECC10A117F
SHA-256:	A759100304433AC80E920D415DEA3041FBBD34F53CCD0080C73DDA0410D30F2A
SHA-512:	B6D3C8523C0864A5CC10D0906D2E34BE5FF54446E8E9E7B88BE41C8DF732E6CF89EF2B004BCA19A30EB05C77694021BD79BFF6D16E89D81C03F4CE27FC7F1E78
Malicious:	false
Reputation:	low
URL:	https://s.calameoassets.com/pinwheel/9108-9e6b05/platform/img/favicon/favicon-32x32.png
Preview:	.PNG........IHDR... ... .....D......]PLTE. #$,...2$...CHK...........!...OSVz}.Wd$..+...imo[_a...49<>BF....+..(.....CM%..+q.(....*w..Q....IDATx...r. .E...U@.........>@^;=..3w.p.g.].E..\|.\|.i.c>x.4a.<.5..~rW..V.}1..w....k.....V:..Wk.u.{...\HiD.v"L.a!...HM...<..F1C+Xi.,.K.j..".>..".t.'Lp..._.w..".I{O.......s\|.!....s.u.!..2...OC....{..{...bL....L...Oy.7.....[.....IEND.B`.

Chrome Cache Entry: 73

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	downloaded
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:	3:V:V
MD5:	5A68DE997D60AFA9083B17FE00F7CDF2
SHA1:	92A5652D382A18E89C4881EC57041FC7D885CA80
SHA-256:	08DA7C45CB204377E7E42249CDA5713FA865116DDBB4CB5A1949B2E5B438A6AB
SHA-512:	893D66CC2E53523A09B4ECD6843B29D24B843C52C456445EA29E32FD1E1A853C32FA3433A4F4D29F2EC7BE4C0B0954B89EFBB8B38863B6A33EA99B4B67FFBC44
Malicious:	false
Reputation:	low
URL:	https://ps.calameoassets.com/231212153826-d998b00271c0281e09aa93681a25c810/link-9707340.bin?_token_=exp=1736149110~acl=%2F231212153826-d998b00271c0281e09aa93681a25c810%2F%2A~hmac=c5e473d1eaa22b29c401397f36a5951cf466e943930b6e1b2cab4ddeefd7cf78
Preview:	..

Chrome Cache Entry: 74

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	2
Entropy (8bit):	1.0
Encrypted:	false
SSDEEP:	3:V:V
MD5:	5A68DE997D60AFA9083B17FE00F7CDF2
SHA1:	92A5652D382A18E89C4881EC57041FC7D885CA80
SHA-256:	08DA7C45CB204377E7E42249CDA5713FA865116DDBB4CB5A1949B2E5B438A6AB
SHA-512:	893D66CC2E53523A09B4ECD6843B29D24B843C52C456445EA29E32FD1E1A853C32FA3433A4F4D29F2EC7BE4C0B0954B89EFBB8B38863B6A33EA99B4B67FFBC44
Malicious:	false
Reputation:	low
Preview:	..

Chrome Cache Entry: 75

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5323)
Category:	dropped
Size (bytes):	5479
Entropy (8bit):	4.9660352513737145
Encrypted:	false
SSDEEP:	96:46Ntj1YXQMD28VkR/SsUHZ2qT1GTzHqPfNtg+PLZ8ZULPvct8f3:461YXu8eUTrTOgl8m48f3
MD5:	0C2E098B515AD356859E1456C3F3117C
SHA1:	B598C3527C14CD751913A8EA346232634373E16A
SHA-256:	9684D5CA32985855E9419369C61E42BFF107FCBB2132D4CC87E10EF47B29573D
SHA-512:	5F9F3504E2EA2DA6ADE5ADED31525FDB94660F6511FA9652C704D43F30D4B7CD1F07B1AC5F7DA1AFA37038339880B0557B877DF5029FDAB92A13187AA6180C14
Malicious:	false
Reputation:	low
Preview:	/*******************************..* Calameo.* Lang: en-EN.* Build: pinwheel (8639-65f8fa).* Date: 2023-11-07 11:45:52..*******************************/._i18n({"__BUILD__":{"date":"2023-11-07 11:45:52","name":"pinwheel","id":"8639-65f8fa"},"ad":{"button":{"close":"Close ad"}},"audio":{"error":"Loading error","playing":"Playing: __name__...","title":"Audio player"},"buttons":{"cancel":"Cancel","ok":"OK","slider":"<b>__page__<\/b> of <b>__total__<\/b>"},"consents":{"cookies":{"acceptAll":"Yes","acceptEssential":"Allow essential cookies","cta":"I understand","learn_more":"Learn more","refuse":"No","text":"In order to offer you customized content, measure our audience, and develop and improve our products and services, do you accept that Calam\u00e9o and its partners use cookies or similar technologies to process your browsing data?"}},"contextItems":{"copyEmbed":"Copy the HTML code","copyUrl":"Copy the publication's URL","copyright":"© 2008-__year__. All rights reserved.","readOnC

Chrome Cache Entry: 76

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	157794
Entropy (8bit):	4.7924777122434525
Encrypted:	false
SSDEEP:	3072:wcSlDrXhOgpU7a4KzmoSFw3A0QZu0s7S7k7HpX4:R29m
MD5:	3225BF6FB99D157D1BB4696E49BB41A2
SHA1:	E3AE209F6505ED6866C3616792B317DCB6CEDF5A
SHA-256:	6D569CAFB339C3864ED829B194927BD14F34CE390E000C94C9ECC8E1489BE00A
SHA-512:	F57884B9C1DFBFA8DC9B74620C094DAF40D98C38AF30950B635E2C8DF88085E2BB19E4CC166F7526E2B410CD91564B8AC3C0DE476FC957415C0835C8544E34DF
Malicious:	false
Reputation:	low
Preview:	<svg width="0" height="0" style="position:absolute"><symbol viewBox="0 0 28.347 28.347" id="gfxAvatar" xmlns="http://www.w3.org/2000/svg"><path fill="#bed731" d="M8.62.173h11.11v3.675H8.62z"/><path fill="#fff" d="M17.708 15.892h-6.791c0-4.7 1.024-5.411 3.594-5.411 2.211 0 3.238.632 3.238 4.186 0 .395 0 .87-.041 1.225M14.47 6.295c-6.713 0-8.846 3.356-8.846 10.938 0 7.898 2.449 10.939 8.807 10.939 4.463 0 7.859-.789 7.859-.789l-.08-4.148s-3.08.437-6.871.437c-3.119 0-4.227-1.065-4.266-4.543h11.452s.197-1.539.197-3.515c.002-6.081-1.776-9.319-8.252-9.319"/></symbol><symbol viewBox="0 0 30 30" id="gfxButtonAudioPlayDisabled" xmlns="http://www.w3.org/2000/svg"><circle opacity=".8" fill="#99a5ab" cx="15" cy="15" r="14"/><path fill="#313639" d="M16.912 5.667h-2.254V16.64c-2.669-.526-5.455 1.844-4.666 4.08 1.043 2.954 6.917 2.063 6.922-1.921 0-.976 0-5.04-.003-8.727 2.108 1.556 4.099 2.528 3.703 5.159 4.616-5.565-3.702-6.852-3.702-9.564"/></symbol><symbol viewBox="0 0 30 30" id="gfxButtonAudioPl

Chrome Cache Entry: 77

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	dropped
Size (bytes):	35
Entropy (8bit):	2.9302005337813077
Encrypted:	false
SSDEEP:	3:CUkrllHh/:qJ/
MD5:	C2196DE8BA412C60C22AB491AF7B1409
SHA1:	5FBD472222FEB8A22CF5B8AA5DC5B8E13AF88E2B
SHA-256:	6ADC3D4C1056996E4E8B765A62604C78B1F867CCEB3B15D0B9BEDB7C4857F992
SHA-512:	84E24A70B78E9DE9C9D0DFEB49F3F4247DBC1C715D8844471EE40669270682E199D48F5FBEC62BD984C9C0270534B407C4D2561DD6C05ADEC3C83C1534F32D5C
Malicious:	false
Reputation:	low
Preview:	GIF89a.............,...........D..;

Chrome Cache Entry: 78

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5945)
Category:	downloaded
Size (bytes):	311651
Entropy (8bit):	5.583075005676275
Encrypted:	false
SSDEEP:	6144:i4KGYnsmQ8D0Z1HcRCrKkEZMf3/5TfVEuT+bsHo:rKim9D07Hc81CCo
MD5:	667801B45118DE2FE40AF1EE2CCE2CAE
SHA1:	67472DF794CAB98074268F9CD5F568D9A29B121E
SHA-256:	86D7514D61202D3EA19F5DCF50A51F3A0B99162E881DE5020D8F6B108604B0AD
SHA-512:	BC7377CB9AFCFE916DFBB1CA9155D3AD784B803D02FC46BD38EFA0939F529797BD1068C1BB0C6DD0DBEFCE0BB7303A50C6079704891D4634C37CC9D89ACEB60B
Malicious:	false
Reputation:	low
URL:	https://www.googletagmanager.com/gtag/js?id=G-H0TZZDDBNK
Preview:	.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_dma","priority":11,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":8},{"function":"__ogt_1p_data_v2","priority":11,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_l

Chrome Cache Entry: 79

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (65499)
Category:	dropped
Size (bytes):	113332
Entropy (8bit):	5.165461640561705
Encrypted:	false
SSDEEP:	1536:Jb6I3l3okfYD8EvKDJ5b1Q39FyfzRJmunPG0Hk0JrMdXq41nEqZUgJeW5QKF9xF0:X3okfYD8P2un/HHV7YMwFK
MD5:	A6FC4F43E16F6AB9D5EC7E70156FA5B2
SHA1:	34C494219CF1593076FAB3C2404F49A7303266C8
SHA-256:	39D5774E35F5214DD8567D4D6774865350B9600504CCEB8B8F8BB5C3B9FFFEEA
SHA-512:	5E08BEDE93D51C9AD80FE96B51372FBDDB63040AF3A1D639D0946D7C61DCF895FD44309087C9F406C516E6C3CA903EB407C83F5719AE49D8F896B40532C19D29
Malicious:	false
Reputation:	low
Preview:	// 2.80.0 - 2024-12-10T11:48:39.456Z.!function(){function finallyConstructor(callback){var constructor=this.constructor;return this.then((function(value){return constructor.resolve(callback()).then((function(){return value}))}),(function(reason){return constructor.resolve(callback()).then((function(){return constructor.reject(reason)}))}))}function allSettled(arr){var P=this;return new P((function(resolve,reject){if(!arr\|\|void 0===arr.length)return reject(new TypeError(typeof arr+" "+arr+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var args=Array.prototype.slice.call(arr);if(0===args.length)return resolve([]);var remaining=args.length;function res(i,val){if(val&&("object"==typeof val\|\|"function"==typeof val)){var then=val.then;if("function"==typeof then)return void then.call(val,(function(val){res(i,val)}),(function(e){args[i]={status:"rejected",reason:e},0==--remaining&&resolve(args)}))}args[i]={status:"fulfilled",value:val},0==--remaining&&resolve(args)}for(var

Chrome Cache Entry: 80

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 136x136, segment length 16, baseline, precision 8, 1590x1124, components 3
Category:	dropped
Size (bytes):	260701
Entropy (8bit):	7.815443190590878
Encrypted:	false
SSDEEP:	6144:LRl9ef8brlQaQlCS/hfffffffYpPjrn2yjsvzqAzYX:LRl9ef8b5QazS/CvvVX
MD5:	7FC85946C70846D19D4BDA9A8B89AE30
SHA1:	3B83695D5BB92675345EE1A3620F73D61B5C130B
SHA-256:	6C022592143B3462E7BC11045187D03D04E33384ED7BCA7EA44DBB0526FCC464
SHA-512:	86CADAC58B991C5F17FC8204B2B44FCAF4DC77D2C51E9300A9498E060201AC9A8F1520A039FEAA5277D08FC9D426004C10FC515F66C352E21D5086D17978DF34
Malicious:	false
Reputation:	low
Preview:	......JFIF............. ICC_PROFILE...............mntrRGB XYZ ............acspAPPL...................................-....................................................desc.......\|cprt...x...(wtpt........bkpt........rXYZ........gXYZ........bXYZ........rTRC........gTRC........bTRC........desc......."Artifex Software sRGB ICC Profile..........."Artifex Software sRGB ICC Profile..................................text....Copyright Artifex Software 2011.XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........curv.......................#.(.-.2.7.;.@.E.J.O.T.Y.^.c.h.m.r.w.\|...............................................................%.+.2.8.>.E.L.R.Y.`.g.n.u.\|.........................................&./.8.A.K.T.].g.q.z...............................!.-.8.C.O.Z.f.r.~......................... .-.;.H.U.c.q.~.......................+.:.I.X.g.w.....................'.7.H.Y.j.{...................+.=.O.a.t...................2.F.Z.n.................%.:.O.d

Chrome Cache Entry: 81

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 136x136, segment length 16, baseline, precision 8, 1590x1124, components 3
Category:	downloaded
Size (bytes):	260701
Entropy (8bit):	7.815443190590878
Encrypted:	false
SSDEEP:	6144:LRl9ef8brlQaQlCS/hfffffffYpPjrn2yjsvzqAzYX:LRl9ef8b5QazS/CvvVX
MD5:	7FC85946C70846D19D4BDA9A8B89AE30
SHA1:	3B83695D5BB92675345EE1A3620F73D61B5C130B
SHA-256:	6C022592143B3462E7BC11045187D03D04E33384ED7BCA7EA44DBB0526FCC464
SHA-512:	86CADAC58B991C5F17FC8204B2B44FCAF4DC77D2C51E9300A9498E060201AC9A8F1520A039FEAA5277D08FC9D426004C10FC515F66C352E21D5086D17978DF34
Malicious:	false
Reputation:	low
URL:	https://ps.calameoassets.com/231212153826-d998b00271c0281e09aa93681a25c810/p2.jpg?_token_=exp=1736149110~acl=%2F231212153826-d998b00271c0281e09aa93681a25c810%2F%2A~hmac=c5e473d1eaa22b29c401397f36a5951cf466e943930b6e1b2cab4ddeefd7cf78
Preview:	......JFIF............. ICC_PROFILE...............mntrRGB XYZ ............acspAPPL...................................-....................................................desc.......\|cprt...x...(wtpt........bkpt........rXYZ........gXYZ........bXYZ........rTRC........gTRC........bTRC........desc......."Artifex Software sRGB ICC Profile..........."Artifex Software sRGB ICC Profile..................................text....Copyright Artifex Software 2011.XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........curv.......................#.(.-.2.7.;.@.E.J.O.T.Y.^.c.h.m.r.w.\|...............................................................%.+.2.8.>.E.L.R.Y.`.g.n.u.\|.........................................&./.8.A.K.T.].g.q.z...............................!.-.8.C.O.Z.f.r.~......................... .-.;.H.U.c.q.~.......................+.:.I.X.g.w.....................'.7.H.Y.j.{...................+.=.O.a.t...................2.F.Z.n.................%.:.O.d

Chrome Cache Entry: 82

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (32083)
Category:	dropped
Size (bytes):	360102
Entropy (8bit):	5.4214385703677745
Encrypted:	false
SSDEEP:	6144:V3oqXxRuSwR0ieVYjiY+bE2/BniPaMVUxB8:VPXaSwR02+bE2/JkbZ
MD5:	66EED419E8F23606BB03E05B57BC858B
SHA1:	24BF879B9BC2AA39BD1FBC3EF3308508DBD79B0F
SHA-256:	B24563E80247EF7C4BA465955DAF209BA4EEBD1013AE60A3246F4AC739637EC2
SHA-512:	D9FA2E0328A15623C1F9C57E964D09943496F9838A388DFC7586064E15AD1C8F354CDFE6A1206B529451EFC231876A1E4F82C90BBA3AC4103FC3B2A28C9BC7B5
Malicious:	false
Reputation:	low
Preview:	var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var n;for(n=0;n<e.length&&(!e[n]\|\|!t(e[n],n,e));n+=1);}}function eachReverse(e,t){if(e){var n;for(n=e.length-1;n>-1&&(!e[n]\|\|!t(e[n],n,e));n-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var n;for(n in e)if(hasProp(e,n)&&t(e[n],n))break}function mixin(e,t,n,r){return t&&eachProp(t,function(t,i){(n\|\|!hasProp(e,i))&&(!r\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[i]=t:(e[i]\|\|(e[i]={}),mixin(e[i],t,n,r)))}),e}function bind(e,t){return function(){return t.apply(e,arguments)}}function scripts(){return document.getElementsByTagName("script")}function defaultOnError(e){throw e}function getGlobal(e){if(!e)return e;var t=global;return each(e.split("."),function(e){t=t[e]}),t}function makeError(

Chrome Cache Entry: 83

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	163776
Entropy (8bit):	6.043239828521164
Encrypted:	false
SSDEEP:	3072:kxioLSpcFxtSap52mHvXJuCNVVlK6yjS8FDLfnhlnMRXhp:kxbLSpc1Rbv5fzVtyjSSbnhBMRXz
MD5:	4B2A7FE5258FE54066ADED33CB155000
SHA1:	945EF6E93258C6DBCE1995D4500F48B4458EE71F
SHA-256:	79F56825C6F144FD2FAAEDE11F9465AFD0E6D8F0D3EA0475952B78DD8E29ECA8
SHA-512:	AB59C7B11C499D8EB51418A66CA30D5BB2BBA6E6E568266A2F7FC31CDF77734809107CF874CC332EC6FD1DADF41B51F19330A92AAB067F18943C9016AA14B8F1
Malicious:	false
Reputation:	low
URL:	https://ps.calameoassets.com/231212153826-d998b00271c0281e09aa93681a25c810/p3.svgz?_token_=exp=1736149110~acl=%2F231212153826-d998b00271c0281e09aa93681a25c810%2F%2A~hmac=c5e473d1eaa22b29c401397f36a5951cf466e943930b6e1b2cab4ddeefd7cf78
Preview:	<svg viewBox="0 0 1600 1131" version="1.1" preserveAspectRatio="xMinYMin meet" text-rendering="geometricPrecision" class="p3" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><style type="text/css">text{white-space:pre;font-size:16px;font-weight:normal;font-style:normal;fill:none;unicode-bidi:bidi-override}@font-face{font-family:"p3_g_d0_f11";src:url("data:application/font-woff;charset=utf-8;base64,d09GRk9UVE8AAAf4AAkAAAAACvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDRkYgAAAA4AAABP8AAAZmGDD45E9TLzIAAAXgAAAARwAAAGBqTmZmY21hcAAABigAAABpAAAAtARJAwxoZWFkAAAGlAAAADAAAAA2ac+VbGhoZWEAAAbEAAAAGwAAACQD5AM1aG10eAAABuAAAAA7AAAATDdSAABtYXhwAAAHHAAAAAYAAAAGABNQAG5hbWUAAAckAAAAxgAAAhCs2PxocG9zdAAAB+wAAAAMAAAAIAADAAB4nJ1UfUxTVxR/D7jm4Ew3P950YTKyICRmC9SCmx9TUNx0k6LMqAOVEaBqCagrLUVb+Vh1y85UbPmwrZUPNYIQ6DRsOhadn8y5mUVaotuCWzLM5h82M5nvPa6bu5d2yt/753fuOefed8/5/c59ohAjCqIoTtquK9hcUJxaYNBquZ+sxAnKi1HKzGglPgZ3j1pG/WSmIAi3n+X4z2RkZoJhivC8KEZNe2nW7JS0eYuWLs/OXbeh0FC63byzWjvugwnZJcVbzWX

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 136x136, segment length 16, baseline, precision 8, 1590x1124, components 3
Category:	dropped
Size (bytes):	266528
Entropy (8bit):	7.8255531109712715
Encrypted:	false
SSDEEP:	6144:PNUqUf7Rptd5tGvjsaceBRffffffffFXUNsWtI82x2S2:zUf7RptngzcGyDGM
MD5:	D8A86A698D134BE01A8DA6A13A9948A0
SHA1:	3B168CB653BF682948B99EE4B78208DCD1142BCC
SHA-256:	1426FBF5A3BA402FA35FAF622B6957BEBF15FBB972323E1E887A8D7A7B932A03
SHA-512:	71082780377D57C9B1EBA2AAD0B62301B2BBD86FC6DC3468300CF79E00E0A48270A0BC5644F606E16D1ED3BBF4D14F7BBF6AB525A591DEC2FD486F7FAA92C2C8
Malicious:	false
Reputation:	low
Preview:	......JFIF............. ICC_PROFILE...............mntrRGB XYZ ............acspAPPL...................................-....................................................desc.......\|cprt...x...(wtpt........bkpt........rXYZ........gXYZ........bXYZ........rTRC........gTRC........bTRC........desc......."Artifex Software sRGB ICC Profile..........."Artifex Software sRGB ICC Profile..................................text....Copyright Artifex Software 2011.XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........curv.......................#.(.-.2.7.;.@.E.J.O.T.Y.^.c.h.m.r.w.\|...............................................................%.+.2.8.>.E.L.R.Y.`.g.n.u.\|.........................................&./.8.A.K.T.].g.q.z...............................!.-.8.C.O.Z.f.r.~......................... .-.;.H.U.c.q.~.......................+.:.I.X.g.w.....................'.7.H.Y.j.{...................+.=.O.a.t...................2.F.Z.n.................%.:.O.d

Chrome Cache Entry: 85

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	35
Entropy (8bit):	2.9302005337813077
Encrypted:	false
SSDEEP:	3:CUkrllHh/:qJ/
MD5:	C2196DE8BA412C60C22AB491AF7B1409
SHA1:	5FBD472222FEB8A22CF5B8AA5DC5B8E13AF88E2B
SHA-256:	6ADC3D4C1056996E4E8B765A62604C78B1F867CCEB3B15D0B9BEDB7C4857F992
SHA-512:	84E24A70B78E9DE9C9D0DFEB49F3F4247DBC1C715D8844471EE40669270682E199D48F5FBEC62BD984C9C0270534B407C4D2561DD6C05ADEC3C83C1534F32D5C
Malicious:	false
Reputation:	low
URL:	https://imgsct.cookiebot.com/1.gif?dgi=2372292c-680d-47b7-90f2-1af22359ed6d
Preview:	GIF89a.............,...........D..;

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (5323)
Category:	downloaded
Size (bytes):	5479
Entropy (8bit):	4.9660352513737145
Encrypted:	false
SSDEEP:	96:46Ntj1YXQMD28VkR/SsUHZ2qT1GTzHqPfNtg+PLZ8ZULPvct8f3:461YXu8eUTrTOgl8m48f3
MD5:	0C2E098B515AD356859E1456C3F3117C
SHA1:	B598C3527C14CD751913A8EA346232634373E16A
SHA-256:	9684D5CA32985855E9419369C61E42BFF107FCBB2132D4CC87E10EF47B29573D
SHA-512:	5F9F3504E2EA2DA6ADE5ADED31525FDB94660F6511FA9652C704D43F30D4B7CD1F07B1AC5F7DA1AFA37038339880B0557B877DF5029FDAB92A13187AA6180C14
Malicious:	false
Reputation:	low
URL:	https://v.calameo.com/9108-000163/pinwheel/viewer/locales/viewer/en-EN.js?callback=_i18n
Preview:	/*******************************..* Calameo.* Lang: en-EN.* Build: pinwheel (8639-65f8fa).* Date: 2023-11-07 11:45:52..*******************************/._i18n({"__BUILD__":{"date":"2023-11-07 11:45:52","name":"pinwheel","id":"8639-65f8fa"},"ad":{"button":{"close":"Close ad"}},"audio":{"error":"Loading error","playing":"Playing: __name__...","title":"Audio player"},"buttons":{"cancel":"Cancel","ok":"OK","slider":"<b>__page__<\/b> of <b>__total__<\/b>"},"consents":{"cookies":{"acceptAll":"Yes","acceptEssential":"Allow essential cookies","cta":"I understand","learn_more":"Learn more","refuse":"No","text":"In order to offer you customized content, measure our audience, and develop and improve our products and services, do you accept that Calam\u00e9o and its partners use cookies or similar technologies to process your browsing data?"}},"contextItems":{"copyEmbed":"Copy the HTML code","copyUrl":"Copy the publication's URL","copyright":"© 2008-__year__. All rights reserved.","readOnC

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (62169), with LF, NEL line terminators
Category:	dropped
Size (bytes):	281699
Entropy (8bit):	5.494684174661139
Encrypted:	false
SSDEEP:	3072:8CSo8hcd56O4W1jQi95xKJ4sWIPAMIKaIn1chfogFmpB:ZSLLO4W1jQi95xKq04w1OFC
MD5:	B935EF7DB79C76736B8E28D6E6BA9DEF
SHA1:	46E45DBBABCC616194D06821721F92286750AE05
SHA-256:	0E16438EB50D68F22561E6F9B32623E858AC5D63AE23306B4F8E3FD8286D7290
SHA-512:	DF0430037BE124674BCC4D1E17D544866EB0AD593092186B46170FD128CA443CA19BB1816A26A8D4C5888A5AA2936BFFCB8B2661162946632698D54ED27B4D11
Malicious:	false
Reputation:	low
Preview:	// 2.80.0 - 2024-12-10T11:48:39.456Z."undefined"==typeof CookiebotCMPControl&&(CookiebotCMPControl={}),CookiebotCMPControl.IABCMP=function(){this.CmpId=134,this.CmpVersion=1,this.CmpApi=null,this.GACMSpecVersion=2,this.gdprApplies=!0,this.GACMCommonList=[7,12,35,62,66,70,89,108,122,134,149,153,154,161,162,165,167,184,196,221,229,241,253,259,311,317,323,338,348,350,359,414,415,440,448,449,482,486,494,495,540,571,574,588,590,609,782,817,864,932,976,981,1047,1051,1095,1097,1126,1127,1170,1171,1201,1205,1211,1212,1232,1236,1248,1276,1301,1313,1344,1365,1415,1423,1449,1451,1509,1570,1577,1651,1652,1669,1716,1733,1735,1753,1765,1834,1870,1878,1889,1896,1922,2012,2072,2078,2079,2202,2253,2290,2299,2316,2357,2373,2382,2464,2526,2531,2568,2571,2575,2663,2677,2776,2778,2779],this.getAllowedGoogleVendors=function(){var allowedGooglePartners=[];if(window.CookieConsentDialog)if(CookieConsentDialog.googlePartnersSortedIds&&(allowedGooglePartners=CookieConsentDialog.googlePartnersSortedIds),CookieCon

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38062)
Category:	dropped
Size (bytes):	572693
Entropy (8bit):	5.369357440471009
Encrypted:	false
SSDEEP:	6144:ATHE1lWf3EetJd/1ZGND7Hpl0Ghyx6fdzd8pG/VP19Mi:G3/1A7dxBJ
MD5:	2F2CE70FCC083B3F9FDF289605FA9F3B
SHA1:	C0885943A8D05F87EEEAF837E892103BAF877BE2
SHA-256:	D9DDA7386B069C8831BAD0BC618E985862A974B60F7163E4831AB55BB25033BC
SHA-512:	8979EC6E7BEDA0B466FCD0F14996CB34AC16074295CEA83862B191F5D919B2210B2CA2D7AC2B9C396829FF00729130779C82B086C4EC98B95694748F4F2FE14F
Malicious:	false
Reputation:	low
Preview:	function _typeof(t){return(_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function ownKeys(t,e){var i=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter(function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable})),i.push.apply(i,n)}return i}function _objectSpread(t){for(var e=1;e<arguments.length;e++){var i=null!=arguments[e]?arguments[e]:{};e%2?ownKeys(Object(i),!0).forEach(function(e){_defineProperty(t,e,i[e])}):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(i)):ownKeys(Object(i)).forEach(function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(i,e))})}return t}function _regeneratorRuntime(){function t(t,e,i){return Object.defineProperty(t,e,{value:i,enumerable:!0,configurable:!0,writable:!0}),t[e]}functi

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (32083)
Category:	downloaded
Size (bytes):	360110
Entropy (8bit):	5.421365523241856
Encrypted:	false
SSDEEP:	6144:V3oqXxRuSwR0ieVYkiY+br2/BLiPaMVUxh8:VPXaSwR05+br2/1kbl
MD5:	3DB96F24C81DF709742472F888D2524A
SHA1:	388FE537D390B345B6A2725938AF1FB690EBAC78
SHA-256:	14B54190CAAA3A0BFCA4412FBF0864F518A74C1307DD44438D2CBE0B489FAEA2
SHA-512:	2ABDE8C05F897F5A3288BF3ED62C1D57581286E41A52C4DA71EDB3FC4F6E72378442834E4E1D82BAD043720E44A7131987994172AB1B6D0BF5B0606B2ED75909
Malicious:	false
Reputation:	low
URL:	https://v.calameo.com/9108-000163/pinwheel/viewer/scripts/loader.js
Preview:	var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var n;for(n=0;n<e.length&&(!e[n]\|\|!t(e[n],n,e));n+=1);}}function eachReverse(e,t){if(e){var n;for(n=e.length-1;n>-1&&(!e[n]\|\|!t(e[n],n,e));n-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var n;for(n in e)if(hasProp(e,n)&&t(e[n],n))break}function mixin(e,t,n,r){return t&&eachProp(t,function(t,i){(n\|\|!hasProp(e,i))&&(!r\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[i]=t:(e[i]\|\|(e[i]={}),mixin(e[i],t,n,r)))}),e}function bind(e,t){return function(){return t.apply(e,arguments)}}function scripts(){return document.getElementsByTagName("script")}function defaultOnError(e){throw e}function getGlobal(e){if(!e)return e;var t=global;return each(e.split("."),function(e){t=t[e]}),t}function makeError(

Chrome Cache Entry: 90

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (627), with no line terminators
Category:	downloaded
Size (bytes):	627
Entropy (8bit):	5.168490899475983
Encrypted:	false
SSDEEP:	12:qTj2v571pt+cYoq7c4CD/EPEo8ecVHNnUEcwaxMELIx83rR+b/II:0j291pt+cYo+c4C7E8oOdcHLIxMrcb/t
MD5:	3D08665FA4C7BCF9FA2DCBBC7EFE1D0F
SHA1:	BA57ECEE011A4B99D4BB56707325C8E4D0FB8A2B
SHA-256:	738E5435F2D18427D291A0D6289EEE0EBBC87B596D6003919F255760AC293104
SHA-512:	E86FC61D20680F6F486C61E3730ACA4CDEBEE3AD0670C69EC177691AE979F81951DBD409F8CDA648AB2EBED13C5A2BFB57174FB5167EECB15300B807FC7BBF3E
Malicious:	false
Reputation:	low
URL:	https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Preview:	<!doctype html><html><body><script>(function(){var n="CookieConsentBulkSetting-";this.handleRequest=function(t){function f(n){t.source.postMessage(n,t.origin)}var i,e,o,r,u;try{if(i=t.data,e=typeof i=="string",e&&(i=JSON.parse(i)),o=i.value&&i.value.expireMonths&&i.value.expireMonths===0,!i.serial\|\|o){f("bcEmpty");return}r=n+i.serial;switch(i.action){case"get":u=JSON.parse(localStorage.getItem(r));u?f(u):f("bcEmpty");break;case"set":localStorage.setItem(r,JSON.stringify(i.value));break;case"remove":localStorage.removeItem(r)}}catch(s){}};window.addEventListener("message",this.handleRequest,!1)})()</script></body></html>

Chrome Cache Entry: 91

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	1018
Entropy (8bit):	5.057788695683675
Encrypted:	false
SSDEEP:	24:pbajHbU5bCzHbek5bSCmHbe5bVEHb45bmK367Hb/5bi8eDHbv:pb6HbU5bCzHbt5bSCmHbe5bVEHb45bjd
MD5:	3F77F985A925B668E65ED7B040F46D1E
SHA1:	7E2D12502AF56D40DF08A35405DDA119E9671531
SHA-256:	02862414D46D1849ABEF9704955274AF49E11BBAD240DCF8F4E1E746C39763D1
SHA-512:	E42F2C52966DCEF6E2BF5536D241D2418E9A5BEB32E471B42DC9F60CB77A1A3267D1EC10121CD462308D75B3D9FEA0F890507FD367BCD1A2A2CD97455C32D19B
Malicious:	false
Reputation:	low
URL:	https://s.calameoassets.com/pinwheel/9108-9e6b05/platform/img/favicon/manifest.json
Preview:	{.."name": "My app",.."icons": [...{...."src": "\/pinwheel\/7011-062fb5\/platform\/img\/favicon\/android-chrome-36x36.png",...."sizes": "36x36",...."type": "image\/png",...."density": "0.75"...},...{...."src": "\/pinwheel\/7011-062fb5\/platform\/img\/favicon\/android-chrome-48x48.png",...."sizes": "48x48",...."type": "image\/png",...."density": "1.0"...},...{...."src": "\/pinwheel\/7011-062fb5\/platform\/img\/favicon\/android-chrome-72x72.png",...."sizes": "72x72",...."type": "image\/png",...."density": "1.5"...},...{...."src": "\/pinwheel\/7011-062fb5\/platform\/img\/favicon\/android-chrome-96x96.png",...."sizes": "96x96",...."type": "image\/png",...."density": "2.0"...},...{...."src": "\/pinwheel\/7011-062fb5\/platform\/img\/favicon\/android-chrome-144x144.png",...."sizes": "144x144",...."type": "image\/png",...."density": "3.0"...},...{...."src": "\/pinwheel\/7011-062fb5\/platform\/img\/favicon\/android-chrome-192x192.png",...."sizes": "192x192",...."type": "image\/png",...."density

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (65499)
Category:	downloaded
Size (bytes):	113332
Entropy (8bit):	5.165461640561705
Encrypted:	false
SSDEEP:	1536:Jb6I3l3okfYD8EvKDJ5b1Q39FyfzRJmunPG0Hk0JrMdXq41nEqZUgJeW5QKF9xF0:X3okfYD8P2un/HHV7YMwFK
MD5:	A6FC4F43E16F6AB9D5EC7E70156FA5B2
SHA1:	34C494219CF1593076FAB3C2404F49A7303266C8
SHA-256:	39D5774E35F5214DD8567D4D6774865350B9600504CCEB8B8F8BB5C3B9FFFEEA
SHA-512:	5E08BEDE93D51C9AD80FE96B51372FBDDB63040AF3A1D639D0946D7C61DCF895FD44309087C9F406C516E6C3CA903EB407C83F5719AE49D8F896B40532C19D29
Malicious:	false
Reputation:	low
URL:	https://consent.cookiebot.com/uc.js
Preview:	// 2.80.0 - 2024-12-10T11:48:39.456Z.!function(){function finallyConstructor(callback){var constructor=this.constructor;return this.then((function(value){return constructor.resolve(callback()).then((function(){return value}))}),(function(reason){return constructor.resolve(callback()).then((function(){return constructor.reject(reason)}))}))}function allSettled(arr){var P=this;return new P((function(resolve,reject){if(!arr\|\|void 0===arr.length)return reject(new TypeError(typeof arr+" "+arr+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var args=Array.prototype.slice.call(arr);if(0===args.length)return resolve([]);var remaining=args.length;function res(i,val){if(val&&("object"==typeof val\|\|"function"==typeof val)){var then=val.then;if("function"==typeof then)return void then.call(val,(function(val){res(i,val)}),(function(e){args[i]={status:"rejected",reason:e},0==--remaining&&resolve(args)}))}args[i]={status:"fulfilled",value:val},0==--remaining&&resolve(args)}for(var

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65444), with CRLF line terminators
Category:	dropped
Size (bytes):	735056
Entropy (8bit):	5.149887705437146
Encrypted:	false
SSDEEP:	3072:9sT023gi2STjilApv1hDFHIIW9mdqLBmf19P37L/FpkxH:2ThTj1vrpIny/3fbkl
MD5:	F3B111994282E847B871B83E6C23616E
SHA1:	96E0C299C1A5BB7B89005B34DC0FFD96C9FF5071
SHA-256:	EBD6CD7F9C919448222FE21604C02E99D6A9D3016F65F8A8423E33F8A5CBEEEB
SHA-512:	D5473688E96ACA1EC69831FD6114CA2ABB15546DC31A88B8C340E4BCC4D894EDA23E3B95DE178EE8ADFA4397170EB0805114A3BC50DB55FB3FF5E854BA33C2DE
Malicious:	false
Reputation:	low
Preview:	window['CookieConsentDialog'] = window['CookieConsentDialog'] \|\| {};..CookieConsentDialog.IABGVL = {"gvlSpecificationVersion":3,"vendorListVersion":86,"tcfPolicyVersion":5,"lastUpdated":"2024-12-26T16:07:39Z","purposes":{"1":{"id":1,"name":"Store and/or access information on a device","description":"Cookies, device or similar online identifiers (e.g. login-based identifiers, randomly assigned identifiers, network based identifiers) together with other information (e.g. browser type and information, language, screen size, supported technologies etc.) can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here.","illustrations":["Most purposes explained in this notice rely on the storage or accessing of information from your device when you use an app or visit a website. For example, a vendor or publisher might need to store a cookie on your device during your first visit on a website, to be able

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (38068)
Category:	downloaded
Size (bytes):	573423
Entropy (8bit):	5.369085285708362
Encrypted:	false
SSDEEP:	6144:EvHcwsaTDIFNRMQlGpkgcplUKBg1CRdzdo9Kvr3dFOZ:0DzQdggx/u
MD5:	E96416C7DFE6CB7589BCAB0D9D67B934
SHA1:	9E4962A8D47674D839A0814B3D4C86FC5F8B659C
SHA-256:	2F7C1065CDC9008565BCFE241A44D165B47586AE39829B3212CAB6DCF5A5EDB0
SHA-512:	670B604A640635A8EC3FB5BABF12047559F574FF888ED547B0370DE623081D484292F8ECEDB6D6CE78EC36F0C6068FA89574563C30AFEB00484F38BB3719E16D
Malicious:	false
Reputation:	low
URL:	https://v.calameo.com/9108-000163/pinwheel/viewer/scripts/modules/desktop/viewer-desktop.js
Preview:	function _typeof(t){return(_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function ownKeys(t,e){var i=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter(function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable})),i.push.apply(i,n)}return i}function _objectSpread(t){for(var e=1;e<arguments.length;e++){var i=null!=arguments[e]?arguments[e]:{};e%2?ownKeys(Object(i),!0).forEach(function(e){_defineProperty(t,e,i[e])}):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(i)):ownKeys(Object(i)).forEach(function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(i,e))})}return t}function _regeneratorRuntime(){function t(t,e,i){return Object.defineProperty(t,e,{value:i,enumerable:!0,configurable:!0,writable:!0}),t[e]}functi

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	341997
Entropy (8bit):	6.004023054815308
Encrypted:	false
SSDEEP:	6144:FAVJh7twtg3O0utbYHKLSCqMc7/Q8mGHi/94rG7dDzXfzro/T+mS:qVP7aOa1SQSrB/QD4rYdDzzM9S
MD5:	E448F7A71BC0797ECB378B70D1C39085
SHA1:	4D3497E267E23FBE7A2738A6D58FA3333A7B4595
SHA-256:	71312FCAA5D33A9EA06A5A97C6842B1363FD1E26CA6F8730FA55F190234A1009
SHA-512:	23402C479BCD71C271FCF0FAEAEC87E01468B233A83977E8F61A99A8515FAC7DAC6E8E28A30A327E619E383B9B67C5EE1B972E209489866BA9B217E6B4BA93C9
Malicious:	false
Reputation:	low
URL:	https://ps.calameoassets.com/231212153826-d998b00271c0281e09aa93681a25c810/p4.svgz?_token_=exp=1736149110~acl=%2F231212153826-d998b00271c0281e09aa93681a25c810%2F%2A~hmac=c5e473d1eaa22b29c401397f36a5951cf466e943930b6e1b2cab4ddeefd7cf78
Preview:	<svg viewBox="0 0 1600 1131" version="1.1" preserveAspectRatio="xMinYMin meet" text-rendering="geometricPrecision" class="p4" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><style type="text/css">text{white-space:pre;font-size:16px;font-weight:normal;font-style:normal;fill:none;unicode-bidi:bidi-override}@font-face{font-family:"p4_g_d0_f35";src:url("data:application/font-woff;charset=utf-8;base64,d09GRk9UVE8AAA/8AAkAAAAAF+QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDRkYgAAAA4AAADNQAABLVjMSu+09TLzIAAA20AAAARQAAAGBrQ2QxY21hcAAADfwAAACYAAABBAcrBh9oZWFkAAAOlAAAAC8AAAA2aPWTwGhoZWEAAA7EAAAAGgAAACQD6gIEaG10eAAADuAAAAA/AAAAdDTvAABtYXhwAAAPIAAAAAYAAAAGAB1QAG5hbWUAAA8oAAAAxgAAAhNmW/n2cG9zdAAAD/AAAAAMAAAAIAADAAB4nN1Xa2wj13UW157mS7LexIGZGLUdG22CdQu3tddrG0Fs54cL1KmT2ijiB2xjtdZqJa1EaiWKz+FwOBw+xSON+BjODIdDiqRESeRSK++juwvb63gLo0HRblrEqQs0cZC2SWCgQLf/hhtt0N6hnHYLNAnQ/ghQDnmGd2buufd+93zfOeMaudU14nK59s8dHp0cHX9wdOLhR5z2/YO7RgZ37xvcc8vg87fS7vmfCtc/5O4ZGXF99lOOffZ2YqfP/N1nRu5zufb

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	28
Entropy (8bit):	4.280394654123195
Encrypted:	false
SSDEEP:	3:WZoSISHmn:WZoSfmn
MD5:	4708D1B37F72B842EFE4238A9825064B
SHA1:	889321990FC6854DD351DF9DE8D41D2C9253BAF0
SHA-256:	10B772A54149F2086265D2CAF0C434B7CABE913BBE3665CB9DE5FAEC5EB2FB7F
SHA-512:	1285F4AEFE4F061D9D53FE96509AD93070843265C306123D197DF3603EEFF92FC6017019410015203B2DF139CC9594E387246D4211EADE320A7E77CCCA6EFDDA
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwkpjkC5C6WgAxIFDZFhlU4SBQ0G7bv_?alt=proto
Preview:	ChIKBw2RYZVOGgAKBw0G7bv/GgA=

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 136x136, segment length 16, baseline, precision 8, 1590x1124, components 3
Category:	downloaded
Size (bytes):	266528
Entropy (8bit):	7.8255531109712715
Encrypted:	false
SSDEEP:	6144:PNUqUf7Rptd5tGvjsaceBRffffffffFXUNsWtI82x2S2:zUf7RptngzcGyDGM
MD5:	D8A86A698D134BE01A8DA6A13A9948A0
SHA1:	3B168CB653BF682948B99EE4B78208DCD1142BCC
SHA-256:	1426FBF5A3BA402FA35FAF622B6957BEBF15FBB972323E1E887A8D7A7B932A03
SHA-512:	71082780377D57C9B1EBA2AAD0B62301B2BBD86FC6DC3468300CF79E00E0A48270A0BC5644F606E16D1ED3BBF4D14F7BBF6AB525A591DEC2FD486F7FAA92C2C8
Malicious:	false
Reputation:	low
URL:	https://ps.calameoassets.com/231212153826-d998b00271c0281e09aa93681a25c810/p1.jpg?_token_=exp=1736149110~acl=%2F231212153826-d998b00271c0281e09aa93681a25c810%2F%2A~hmac=c5e473d1eaa22b29c401397f36a5951cf466e943930b6e1b2cab4ddeefd7cf78
Preview:	......JFIF............. ICC_PROFILE...............mntrRGB XYZ ............acspAPPL...................................-....................................................desc.......\|cprt...x...(wtpt........bkpt........rXYZ........gXYZ........bXYZ........rTRC........gTRC........bTRC........desc......."Artifex Software sRGB ICC Profile..........."Artifex Software sRGB ICC Profile..................................text....Copyright Artifex Software 2011.XYZ .......Q........XYZ ................XYZ ......o...8.....XYZ ......b.........XYZ ......$.........curv.......................#.(.-.2.7.;.@.E.J.O.T.Y.^.c.h.m.r.w.\|...............................................................%.+.2.8.>.E.L.R.Y.`.g.n.u.\|.........................................&./.8.A.K.T.].g.q.z...............................!.-.8.C.O.Z.f.r.~......................... .-.;.H.U.c.q.~.......................+.:.I.X.g.w.....................'.7.H.Y.j.{...................+.=.O.a.t...................2.F.Z.n.................%.:.O.d

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	341997
Entropy (8bit):	6.004023054815308
Encrypted:	false
SSDEEP:	6144:FAVJh7twtg3O0utbYHKLSCqMc7/Q8mGHi/94rG7dDzXfzro/T+mS:qVP7aOa1SQSrB/QD4rYdDzzM9S
MD5:	E448F7A71BC0797ECB378B70D1C39085
SHA1:	4D3497E267E23FBE7A2738A6D58FA3333A7B4595
SHA-256:	71312FCAA5D33A9EA06A5A97C6842B1363FD1E26CA6F8730FA55F190234A1009
SHA-512:	23402C479BCD71C271FCF0FAEAEC87E01468B233A83977E8F61A99A8515FAC7DAC6E8E28A30A327E619E383B9B67C5EE1B972E209489866BA9B217E6B4BA93C9
Malicious:	false
Reputation:	low
Preview:	<svg viewBox="0 0 1600 1131" version="1.1" preserveAspectRatio="xMinYMin meet" text-rendering="geometricPrecision" class="p4" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><style type="text/css">text{white-space:pre;font-size:16px;font-weight:normal;font-style:normal;fill:none;unicode-bidi:bidi-override}@font-face{font-family:"p4_g_d0_f35";src:url("data:application/font-woff;charset=utf-8;base64,d09GRk9UVE8AAA/8AAkAAAAAF+QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDRkYgAAAA4AAADNQAABLVjMSu+09TLzIAAA20AAAARQAAAGBrQ2QxY21hcAAADfwAAACYAAABBAcrBh9oZWFkAAAOlAAAAC8AAAA2aPWTwGhoZWEAAA7EAAAAGgAAACQD6gIEaG10eAAADuAAAAA/AAAAdDTvAABtYXhwAAAPIAAAAAYAAAAGAB1QAG5hbWUAAA8oAAAAxgAAAhNmW/n2cG9zdAAAD/AAAAAMAAAAIAADAAB4nN1Xa2wj13UW157mS7LexIGZGLUdG22CdQu3tddrG0Fs54cL1KmT2ijiB2xjtdZqJa1EaiWKz+FwOBw+xSON+BjODIdDiqRESeRSK++juwvb63gLo0HRblrEqQs0cZC2SWCgQLf/hhtt0N6hnHYLNAnQ/ghQDnmGd2buufd+93zfOeMaudU14nK59s8dHp0cHX9wdOLhR5z2/YO7RgZ37xvcc8vg87fS7vmfCtc/5O4ZGXF99lOOffZ2YqfP/N1nRu5zufb

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65444), with CRLF line terminators
Category:	downloaded
Size (bytes):	735056
Entropy (8bit):	5.149887705437146
Encrypted:	false
SSDEEP:	3072:9sT023gi2STjilApv1hDFHIIW9mdqLBmf19P37L/FpkxH:2ThTj1vrpIny/3fbkl
MD5:	F3B111994282E847B871B83E6C23616E
SHA1:	96E0C299C1A5BB7B89005B34DC0FFD96C9FF5071
SHA-256:	EBD6CD7F9C919448222FE21604C02E99D6A9D3016F65F8A8423E33F8A5CBEEEB
SHA-512:	D5473688E96ACA1EC69831FD6114CA2ABB15546DC31A88B8C340E4BCC4D894EDA23E3B95DE178EE8ADFA4397170EB0805114A3BC50DB55FB3FF5E854BA33C2DE
Malicious:	false
Reputation:	low
URL:	https://consent.cookiebot.com/2372292c-680d-47b7-90f2-1af22359ed6d/cc.js?renew=false&referer=www.calameo.com&dnt=false&init=false&framework=TCFv2.2
Preview:	window['CookieConsentDialog'] = window['CookieConsentDialog'] \|\| {};..CookieConsentDialog.IABGVL = {"gvlSpecificationVersion":3,"vendorListVersion":86,"tcfPolicyVersion":5,"lastUpdated":"2024-12-26T16:07:39Z","purposes":{"1":{"id":1,"name":"Store and/or access information on a device","description":"Cookies, device or similar online identifiers (e.g. login-based identifiers, randomly assigned identifiers, network based identifiers) together with other information (e.g. browser type and information, language, screen size, supported technologies etc.) can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here.","illustrations":["Most purposes explained in this notice rely on the storage or accessing of information from your device when you use an app or visit a website. For example, a vendor or publisher might need to store a cookie on your device during your first visit on a website, to be able

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 5, 2025 20:38:08.479155064 CET	49675	443	192.168.2.4	173.222.162.32
Jan 5, 2025 20:38:18.182384014 CET	49675	443	192.168.2.4	173.222.162.32
Jan 5, 2025 20:38:22.129548073 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:22.129581928 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:22.129657984 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:22.129913092 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:22.129921913 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:22.849586964 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:22.849855900 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:22.849877119 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:22.850770950 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:22.850825071 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:22.852138042 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:22.852200985 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:22.901660919 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:22.901684046 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:22.948537111 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:23.242048979 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:23.242084026 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:23.242140055 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:23.242311001 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:23.242331028 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:23.242379904 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:23.242650032 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:23.242660999 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:23.242875099 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:23.242885113 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.043677092 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.044128895 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.044148922 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.045043945 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.045111895 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.049794912 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.049846888 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.049997091 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.050004959 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.057145119 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.057395935 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.057415009 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.058579922 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.058641911 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.058943987 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.059003115 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.091722012 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.107192993 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.107203960 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.152899981 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.227199078 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.227217913 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.227225065 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.227268934 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:24.227288008 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.227335930 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.230482101 CET	49740	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:24.230493069 CET	443	49740	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:28.601376057 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:28.601392984 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:28.601459980 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:28.601720095 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:28.601731062 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:28.782726049 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:28.782789946 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:28.782881021 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.058540106 CET	49739	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.058557987 CET	443	49739	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.410691023 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.410911083 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.410932064 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.411979914 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.412044048 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.412996054 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.413062096 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.416230917 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.416239023 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.457422972 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.606465101 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.606488943 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.606498003 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.606543064 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.606553078 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.606573105 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.606618881 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.607407093 CET	49757	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.607417107 CET	443	49757	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.633615971 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.633641005 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:29.633773088 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.634247065 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:29.634258986 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.434397936 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.434643030 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:30.434662104 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.435653925 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.435708046 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:30.436017990 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:30.436079979 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.436180115 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:30.436187029 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.481067896 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:30.612782001 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.612804890 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.612812042 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.612871885 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:30.612886906 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:30.612935066 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:30.614288092 CET	49762	443	192.168.2.4	85.233.202.179
Jan 5, 2025 20:38:30.614300013 CET	443	49762	85.233.202.179	192.168.2.4
Jan 5, 2025 20:38:32.750936985 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:32.750997066 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:32.751065016 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:32.926440001 CET	49737	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:38:32.926459074 CET	443	49737	172.217.16.196	192.168.2.4
Jan 5, 2025 20:38:34.387675047 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.387695074 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.387701035 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.387746096 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.387774944 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.388149023 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.388401985 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.388413906 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.388413906 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.388438940 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.940782070 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.941092968 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.941118002 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.942151070 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.942218065 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.943579912 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.943579912 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.943604946 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.943681955 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.961371899 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.961792946 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.961807966 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.962709904 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.962785959 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.965464115 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.965542078 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.965795040 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.965801001 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:34.999186993 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:34.999212027 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.012547970 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.037755013 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.037856102 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.039038897 CET	49785	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.039066076 CET	443	49785	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.063994884 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.064033031 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.064068079 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.064095974 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.064181089 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.064182043 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.067759037 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.067770004 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.069348097 CET	49784	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.069359064 CET	443	49784	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.149288893 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.149318933 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.149426937 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.281536102 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.281548977 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.722865105 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.723136902 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.723160028 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.724083900 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.724152088 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.724692106 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.724745035 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.725056887 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.725065947 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.777355909 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.827286005 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.827433109 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.827497959 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.828188896 CET	49791	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.828207970 CET	443	49791	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.920249939 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.920568943 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.920581102 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.921497107 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.921560049 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.921869993 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.921921968 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.922009945 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:35.922014952 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:35.963712931 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:36.039113045 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:36.039752007 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:36.039822102 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:36.039958954 CET	49792	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:36.039969921 CET	443	49792	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.376702070 CET	49800	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.376740932 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.376833916 CET	49800	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.377101898 CET	49800	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.377113104 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.834075928 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.834441900 CET	49800	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.834459066 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.834765911 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.835089922 CET	49800	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.835141897 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.835239887 CET	49800	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.879334927 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.937750101 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.937998056 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.938066959 CET	49800	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.938425064 CET	49800	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.938435078 CET	443	49800	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.941390038 CET	49801	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.941431999 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:44.941502094 CET	49801	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.941740990 CET	49801	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:44.941757917 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:45.401094913 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:45.401444912 CET	49801	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:45.401474953 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:45.401796103 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:45.402793884 CET	49801	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:45.402852058 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:45.403044939 CET	49801	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:45.447333097 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:45.503504038 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:45.503576994 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:38:45.503643036 CET	49801	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:45.512634993 CET	49801	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:38:45.512658119 CET	443	49801	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:04.378081083 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:04.378113985 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:04.378202915 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:04.378452063 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:04.378463984 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:04.934829950 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:04.935132027 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:04.935158968 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:04.935667038 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:04.935991049 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:04.936069012 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:04.936125040 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:04.979329109 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:04.989140987 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.031980991 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.032327890 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.032464981 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.032571077 CET	49802	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.032582998 CET	443	49802	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.035574913 CET	49803	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.035614967 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.035686970 CET	49803	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.035906076 CET	49803	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.035921097 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.609906912 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.610213041 CET	49803	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.610235929 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.610547066 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.610860109 CET	49803	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.610919952 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.611001968 CET	49803	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.655324936 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.710071087 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.710155010 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:05.710221052 CET	49803	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.710906029 CET	49803	443	192.168.2.4	151.101.1.194
Jan 5, 2025 20:39:05.710920095 CET	443	49803	151.101.1.194	192.168.2.4
Jan 5, 2025 20:39:22.178550959 CET	49866	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:39:22.178581953 CET	443	49866	172.217.16.196	192.168.2.4
Jan 5, 2025 20:39:22.178652048 CET	49866	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:39:22.179013968 CET	49866	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:39:22.179028988 CET	443	49866	172.217.16.196	192.168.2.4
Jan 5, 2025 20:39:22.817480087 CET	443	49866	172.217.16.196	192.168.2.4
Jan 5, 2025 20:39:22.817756891 CET	49866	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:39:22.817775965 CET	443	49866	172.217.16.196	192.168.2.4
Jan 5, 2025 20:39:22.818089008 CET	443	49866	172.217.16.196	192.168.2.4
Jan 5, 2025 20:39:22.818403006 CET	49866	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:39:22.818459988 CET	443	49866	172.217.16.196	192.168.2.4
Jan 5, 2025 20:39:22.867240906 CET	49866	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:39:26.060036898 CET	49723	80	192.168.2.4	199.232.210.172
Jan 5, 2025 20:39:26.065007925 CET	80	49723	199.232.210.172	192.168.2.4
Jan 5, 2025 20:39:26.065057993 CET	49723	80	192.168.2.4	199.232.210.172
Jan 5, 2025 20:39:32.732415915 CET	443	49866	172.217.16.196	192.168.2.4
Jan 5, 2025 20:39:32.732489109 CET	443	49866	172.217.16.196	192.168.2.4
Jan 5, 2025 20:39:32.732543945 CET	49866	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:39:34.339560032 CET	49866	443	192.168.2.4	172.217.16.196
Jan 5, 2025 20:39:34.339574099 CET	443	49866	172.217.16.196	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 5, 2025 20:38:17.870362997 CET	53	60401	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:17.899981022 CET	53	62011	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:18.906543970 CET	53	64767	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:22.121723890 CET	49710	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:22.121912003 CET	62513	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:22.128457069 CET	53	49710	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:22.128812075 CET	53	62513	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:23.208668947 CET	57799	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:23.209017992 CET	49874	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:23.226125956 CET	53	49874	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:23.226377010 CET	53	57799	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:24.261930943 CET	64725	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:24.262093067 CET	56264	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:25.630667925 CET	65033	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:25.631077051 CET	53023	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:25.664782047 CET	57299	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:25.664964914 CET	60390	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:26.814893961 CET	50239	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:26.815057039 CET	61512	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:26.867634058 CET	49806	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:26.867873907 CET	55781	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:27.917637110 CET	50043	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:27.917785883 CET	65477	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:28.580215931 CET	57150	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:28.580713987 CET	57789	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:28.584347010 CET	49922	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:28.584511042 CET	51953	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:28.591248989 CET	53	49922	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:28.601070881 CET	53	51953	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:29.499787092 CET	61974	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:29.499921083 CET	56979	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:29.504786968 CET	52988	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:29.504935026 CET	58473	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:29.617202044 CET	52899	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:29.617348909 CET	54000	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:29.625477076 CET	53	52899	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:29.633155107 CET	53	54000	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:31.995101929 CET	55525	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:31.995261908 CET	50355	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:31.997427940 CET	53	50889	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:33.024374008 CET	51034	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:33.024571896 CET	55996	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:33.414761066 CET	53	57608	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:34.375309944 CET	51530	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:34.375309944 CET	50863	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:34.380366087 CET	53	55696	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:34.383588076 CET	53	50863	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:34.384299994 CET	53	51530	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:34.401312113 CET	53	53625	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:35.046495914 CET	53520	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:35.046766043 CET	59369	53	192.168.2.4	1.1.1.1
Jan 5, 2025 20:38:35.053877115 CET	53	59369	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:35.055300951 CET	53	53520	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:35.987766027 CET	53	63177	1.1.1.1	192.168.2.4
Jan 5, 2025 20:38:37.647579908 CET	138	138	192.168.2.4	192.168.2.255
Jan 5, 2025 20:38:54.917172909 CET	53	56498	1.1.1.1	192.168.2.4
Jan 5, 2025 20:39:17.343790054 CET	53	60802	1.1.1.1	192.168.2.4
Jan 5, 2025 20:39:17.979494095 CET	53	55232	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Jan 5, 2025 20:38:32.023513079 CET	192.168.2.4	1.1.1.1	c277	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 5, 2025 20:38:22.121723890 CET	192.168.2.4	1.1.1.1	0x17fc	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:22.121912003 CET	192.168.2.4	1.1.1.1	0xaee2	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:23.208668947 CET	192.168.2.4	1.1.1.1	0x6eed	Standard query (0)	www.calameo.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:23.209017992 CET	192.168.2.4	1.1.1.1	0x26cb	Standard query (0)	www.calameo.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:24.261930943 CET	192.168.2.4	1.1.1.1	0x9fde	Standard query (0)	v.calameo.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:24.262093067 CET	192.168.2.4	1.1.1.1	0xc21	Standard query (0)	v.calameo.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:25.630667925 CET	192.168.2.4	1.1.1.1	0x2d41	Standard query (0)	v.calameo.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:25.631077051 CET	192.168.2.4	1.1.1.1	0xe3cc	Standard query (0)	v.calameo.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:25.664782047 CET	192.168.2.4	1.1.1.1	0x994b	Standard query (0)	consent.cookiebot.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:25.664964914 CET	192.168.2.4	1.1.1.1	0xb82b	Standard query (0)	consent.cookiebot.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:26.814893961 CET	192.168.2.4	1.1.1.1	0x185f	Standard query (0)	consent.cookiebot.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:26.815057039 CET	192.168.2.4	1.1.1.1	0xd05e	Standard query (0)	consent.cookiebot.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:26.867634058 CET	192.168.2.4	1.1.1.1	0x97c1	Standard query (0)	consentcdn.cookiebot.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:26.867873907 CET	192.168.2.4	1.1.1.1	0xb62d	Standard query (0)	consentcdn.cookiebot.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:27.917637110 CET	192.168.2.4	1.1.1.1	0x7e5a	Standard query (0)	s.calameoassets.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:27.917785883 CET	192.168.2.4	1.1.1.1	0x52a0	Standard query (0)	s.calameoassets.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:28.580215931 CET	192.168.2.4	1.1.1.1	0x63a9	Standard query (0)	imgsct.cookiebot.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:28.580713987 CET	192.168.2.4	1.1.1.1	0x9557	Standard query (0)	imgsct.cookiebot.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:28.584347010 CET	192.168.2.4	1.1.1.1	0x7045	Standard query (0)	d.calameo.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:28.584511042 CET	192.168.2.4	1.1.1.1	0x4262	Standard query (0)	d.calameo.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:29.499787092 CET	192.168.2.4	1.1.1.1	0x82f3	Standard query (0)	s.calameoassets.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:29.499921083 CET	192.168.2.4	1.1.1.1	0x1c03	Standard query (0)	s.calameoassets.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:29.504786968 CET	192.168.2.4	1.1.1.1	0x7955	Standard query (0)	imgsct.cookiebot.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:29.504935026 CET	192.168.2.4	1.1.1.1	0x2329	Standard query (0)	imgsct.cookiebot.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:29.617202044 CET	192.168.2.4	1.1.1.1	0x96c3	Standard query (0)	d.calameo.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:29.617348909 CET	192.168.2.4	1.1.1.1	0x3bf	Standard query (0)	d.calameo.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:31.995101929 CET	192.168.2.4	1.1.1.1	0xe25e	Standard query (0)	ps.calameoassets.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:31.995261908 CET	192.168.2.4	1.1.1.1	0x7649	Standard query (0)	ps.calameoassets.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:33.024374008 CET	192.168.2.4	1.1.1.1	0x5ab2	Standard query (0)	ps.calameoassets.com	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:33.024571896 CET	192.168.2.4	1.1.1.1	0xfb9a	Standard query (0)	ps.calameoassets.com	65	IN (0x0001)	false
Jan 5, 2025 20:38:34.375309944 CET	192.168.2.4	1.1.1.1	0xa1aa	Standard query (0)	calameo-beacon.global.ssl.fastly.net	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:34.375309944 CET	192.168.2.4	1.1.1.1	0x436a	Standard query (0)	calameo-beacon.global.ssl.fastly.net	65	IN (0x0001)	false
Jan 5, 2025 20:38:35.046495914 CET	192.168.2.4	1.1.1.1	0xe4c1	Standard query (0)	calameo-beacon.global.ssl.fastly.net	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:35.046766043 CET	192.168.2.4	1.1.1.1	0xb0a5	Standard query (0)	calameo-beacon.global.ssl.fastly.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 5, 2025 20:38:22.128457069 CET	1.1.1.1	192.168.2.4	0x17fc	No error (0)	www.google.com		172.217.16.196	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:22.128812075 CET	1.1.1.1	192.168.2.4	0xaee2	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 5, 2025 20:38:23.226377010 CET	1.1.1.1	192.168.2.4	0x6eed	No error (0)	www.calameo.com		85.233.202.179	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:24.278163910 CET	1.1.1.1	192.168.2.4	0x9fde	No error (0)	v.calameo.com	v.calameo.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:24.285959005 CET	1.1.1.1	192.168.2.4	0xc21	No error (0)	v.calameo.com	v.calameo.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:25.650022030 CET	1.1.1.1	192.168.2.4	0xe3cc	No error (0)	v.calameo.com	v.calameo.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:25.651745081 CET	1.1.1.1	192.168.2.4	0x2d41	No error (0)	v.calameo.com	v.calameo.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:25.671591043 CET	1.1.1.1	192.168.2.4	0xb82b	No error (0)	consent.cookiebot.com	consent.cookiebot.com-v2.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:25.671854973 CET	1.1.1.1	192.168.2.4	0x994b	No error (0)	consent.cookiebot.com	consent.cookiebot.com-v2.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:26.821571112 CET	1.1.1.1	192.168.2.4	0xd05e	No error (0)	consent.cookiebot.com	consent.cookiebot.com-v2.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:26.822160959 CET	1.1.1.1	192.168.2.4	0x185f	No error (0)	consent.cookiebot.com	consent.cookiebot.com-v2.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:26.874504089 CET	1.1.1.1	192.168.2.4	0xb62d	No error (0)	consentcdn.cookiebot.com	consentcdn.cookiebot.com-v1.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:26.874906063 CET	1.1.1.1	192.168.2.4	0x97c1	No error (0)	consentcdn.cookiebot.com	consentcdn.cookiebot.com-v1.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:27.943053961 CET	1.1.1.1	192.168.2.4	0x52a0	No error (0)	s.calameoassets.com	s.calameoassets.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:27.953392029 CET	1.1.1.1	192.168.2.4	0x7e5a	No error (0)	s.calameoassets.com	s.calameoassets.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:28.587205887 CET	1.1.1.1	192.168.2.4	0x63a9	No error (0)	imgsct.cookiebot.com	imgsct.cookiebot.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:28.587416887 CET	1.1.1.1	192.168.2.4	0x9557	No error (0)	imgsct.cookiebot.com	imgsct.cookiebot.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:28.591248989 CET	1.1.1.1	192.168.2.4	0x7045	No error (0)	d.calameo.com		85.233.202.179	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:29.511518002 CET	1.1.1.1	192.168.2.4	0x7955	No error (0)	imgsct.cookiebot.com	imgsct.cookiebot.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:29.511632919 CET	1.1.1.1	192.168.2.4	0x2329	No error (0)	imgsct.cookiebot.com	imgsct.cookiebot.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:29.519109011 CET	1.1.1.1	192.168.2.4	0x1c03	No error (0)	s.calameoassets.com	s.calameoassets.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:29.520452976 CET	1.1.1.1	192.168.2.4	0x82f3	No error (0)	s.calameoassets.com	s.calameoassets.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:29.625477076 CET	1.1.1.1	192.168.2.4	0x96c3	No error (0)	d.calameo.com		85.233.202.179	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:32.004400969 CET	1.1.1.1	192.168.2.4	0xe25e	No error (0)	ps.calameoassets.com	ps.calameoassets.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:32.023411989 CET	1.1.1.1	192.168.2.4	0x7649	No error (0)	ps.calameoassets.com	ps.calameoassets.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:33.044084072 CET	1.1.1.1	192.168.2.4	0xfb9a	No error (0)	ps.calameoassets.com	ps.calameoassets.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:33.044193029 CET	1.1.1.1	192.168.2.4	0x5ab2	No error (0)	ps.calameoassets.com	ps.calameoassets.com.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 5, 2025 20:38:34.384299994 CET	1.1.1.1	192.168.2.4	0xa1aa	No error (0)	calameo-beacon.global.ssl.fastly.net		151.101.1.194	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:34.384299994 CET	1.1.1.1	192.168.2.4	0xa1aa	No error (0)	calameo-beacon.global.ssl.fastly.net		151.101.65.194	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:34.384299994 CET	1.1.1.1	192.168.2.4	0xa1aa	No error (0)	calameo-beacon.global.ssl.fastly.net		151.101.129.194	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:34.384299994 CET	1.1.1.1	192.168.2.4	0xa1aa	No error (0)	calameo-beacon.global.ssl.fastly.net		151.101.193.194	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:35.055300951 CET	1.1.1.1	192.168.2.4	0xe4c1	No error (0)	calameo-beacon.global.ssl.fastly.net		151.101.1.194	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:35.055300951 CET	1.1.1.1	192.168.2.4	0xe4c1	No error (0)	calameo-beacon.global.ssl.fastly.net		151.101.65.194	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:35.055300951 CET	1.1.1.1	192.168.2.4	0xe4c1	No error (0)	calameo-beacon.global.ssl.fastly.net		151.101.129.194	A (IP address)	IN (0x0001)	false
Jan 5, 2025 20:38:35.055300951 CET	1.1.1.1	192.168.2.4	0xe4c1	No error (0)	calameo-beacon.global.ssl.fastly.net		151.101.193.194	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

www.calameo.com

https:

d.calameo.com

calameo-beacon.global.ssl.fastly.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49740	85.233.202.179	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:24 UTC	684	OUT	GET /read/005652686f8ff374103f3 HTTP/1.1 Host: www.calameo.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:38:24 UTC	411	IN	HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Jan 2025 19:38:24 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 7983 Connection: close X-Content-Type-Options: nosniff Last-Modified: Sun, 05 Jan 2025 16:42:16 GMT Age: 10567 Vary: Accept-Encoding Set-Cookie: lang=en; Domain=.calameo.com; Path=/ X-Server: CALAMVN01 Cache-Control: no-store, no-cache, must-revalidate Accept-Ranges: bytes
2025-01-05 19:38:24 UTC	7983	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 20 3c 68 65 61 64 3e 20 3c 74 69 74 6c 65 3e 43 61 6c 65 6e 64 72 69 65 72 20 32 30 32 34 20 4c 26 23 30 33 39 3b c3 89 74 61 6e 67 2d 6c 61 2d 56 69 6c 6c 65 3c 2f 74 69 74 6c 65 3e 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 63 61 6e 6f 6e 69 63 61 6c 22 20 Data Ascii: <!DOCTYPE html> <html lang="en" prefix="og: http://ogp.me/ns#"> <head> <title>Calendrier 2024 L'tang-la-Ville</title> <meta name="viewport" content="user-scalable=no, width=device-width, initial-scale=1.0, maximum-scale=1.0"> <link rel="canonical"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49757	85.233.202.179	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:29 UTC	636	OUT	GET /pinwheel/viewer/book/get?bkcode=005652686f8ff374103f3 HTTP/1.1 Host: d.calameo.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/javascript, /; q=0.01 sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://www.calameo.com Sec-Fetch-Site: same-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.calameo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:38:29 UTC	785	IN	HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Jan 2025 19:38:29 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Age: 0 Access-Control-Expose-Headers: X-Calameo-Hash-Version, X-Calameo-Hash-Expires, X-Calameo-Hash-Path, X-Calameo-Hash-Signature X-Calameo-Hash-Version: 1 X-Calameo-Hash-Expires: 1736149110 X-Calameo-Hash-Path: %2F231212153826-d998b00271c0281e09aa93681a25c810%2F%2A X-Calameo-Hash-Signature: c5e473d1eaa22b29c401397f36a5951cf466e943930b6e1b2cab4ddeefd7cf78 Access-Control-Allow-Origin: https://www.calameo.com Access-Control-Allow-Credentials: true Vary: Accept-Encoding,Origin Set-Cookie: lang=en; Domain=.calameo.com; Path=/ X-Server: CALAMVN01 Cache-Control: no-store, no-cache, must-revalidate Accept-Ranges: bytes
2025-01-05 19:38:29 UTC	8224	IN	Data Raw: 32 30 31 33 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 69 64 22 3a 22 6f 6e 62 30 6e 79 22 2c 22 64 61 74 65 22 3a 22 32 30 32 35 2d 30 31 2d 30 35 20 31 39 3a 33 38 3a 32 39 22 2c 22 62 75 69 6c 64 22 3a 22 39 31 30 38 2d 39 65 36 62 30 35 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 31 22 2c 22 63 6f 6e 74 65 6e 74 22 3a 7b 22 69 64 22 3a 22 30 30 35 36 35 32 36 38 36 66 38 66 66 33 37 34 31 30 33 66 33 22 2c 22 6b 65 79 22 3a 22 32 33 31 32 31 32 31 35 33 38 32 36 2d 64 39 39 38 62 30 30 32 37 31 63 30 32 38 31 65 30 39 61 61 39 33 36 38 31 61 32 35 63 38 31 30 22 2c 22 6e 61 6d 65 22 3a 22 43 61 6c 65 6e 64 72 69 65 72 20 32 30 32 34 20 4c 27 5c 75 30 30 63 39 74 61 6e 67 2d 6c 61 2d 56 69 6c 6c 65 22 2c 22 6d 6f 64 65 22 3a 22 70 75 62 6c 69 63 Data Ascii: 2013{"status":"ok","id":"onb0ny","date":"2025-01-05 19:38:29","build":"9108-9e6b05","version":"1","content":{"id":"005652686f8ff374103f3","key":"231212153826-d998b00271c0281e09aa93681a25c810","name":"Calendrier 2024 L'\u00c9tang-la-Ville","mode":"public

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49762	85.233.202.179	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:30 UTC	407	OUT	GET /pinwheel/viewer/book/get?bkcode=005652686f8ff374103f3 HTTP/1.1 Host: d.calameo.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: lang=en
2025-01-05 19:38:30 UTC	631	IN	HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Jan 2025 19:38:30 GMT Content-Type: application/json Content-Length: 8211 Connection: close Age: 4892 Access-Control-Expose-Headers: X-Calameo-Hash-Version, X-Calameo-Hash-Expires, X-Calameo-Hash-Path, X-Calameo-Hash-Signature X-Calameo-Hash-Version: 1 X-Calameo-Hash-Expires: 1736149111 X-Calameo-Hash-Path: %2F231212153826-d998b00271c0281e09aa93681a25c810%2F%2A X-Calameo-Hash-Signature: 4fe55edc4b290518814c05e103b1ddde61a8892508794ac72c4da3c760fa413a Vary: Accept-Encoding X-Server: CALAMVN02 Cache-Control: no-store, no-cache, must-revalidate Accept-Ranges: bytes
2025-01-05 19:38:30 UTC	8211	IN	Data Raw: 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 69 64 22 3a 22 7a 77 74 34 33 6d 22 2c 22 64 61 74 65 22 3a 22 32 30 32 35 2d 30 31 2d 30 35 20 31 38 3a 31 36 3a 35 38 22 2c 22 62 75 69 6c 64 22 3a 22 39 31 30 38 2d 39 65 36 62 30 35 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 31 22 2c 22 63 6f 6e 74 65 6e 74 22 3a 7b 22 69 64 22 3a 22 30 30 35 36 35 32 36 38 36 66 38 66 66 33 37 34 31 30 33 66 33 22 2c 22 6b 65 79 22 3a 22 32 33 31 32 31 32 31 35 33 38 32 36 2d 64 39 39 38 62 30 30 32 37 31 63 30 32 38 31 65 30 39 61 61 39 33 36 38 31 61 32 35 63 38 31 30 22 2c 22 6e 61 6d 65 22 3a 22 43 61 6c 65 6e 64 72 69 65 72 20 32 30 32 34 20 4c 27 5c 75 30 30 63 39 74 61 6e 67 2d 6c 61 2d 56 69 6c 6c 65 22 2c 22 6d 6f 64 65 22 3a 22 70 75 62 6c 69 63 22 2c 22 75 72 6c Data Ascii: {"status":"ok","id":"zwt43m","date":"2025-01-05 18:16:58","build":"9108-9e6b05","version":"1","content":{"id":"005652686f8ff374103f3","key":"231212153826-d998b00271c0281e09aa93681a25c810","name":"Calendrier 2024 L'\u00c9tang-la-Ville","mode":"public","url

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49785	151.101.1.194	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:34 UTC	670	OUT	GET /collect?e=view&aid=5652686&bid=14840225&dv=desktop&src=calameo&_c=544524610 HTTP/1.1 Host: calameo-beacon.global.ssl.fastly.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.calameo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:38:35 UTC	342	IN	HTTP/1.1 200 OK Connection: close Content-Length: 26 Content-Type: image/gif Accept-Ranges: bytes Date: Sun, 05 Jan 2025 19:38:34 GMT Age: 14205 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT Pragma: no-cache
2025-01-05 19:38:35 UTC	26	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 00 3b Data Ascii: GIF89a,;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49784	151.101.1.194	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:34 UTC	682	OUT	GET /collect?e=pageview&aid=5652686&bid=14840225&pages=1&dv=desktop&src=calameo&_c=570123435 HTTP/1.1 Host: calameo-beacon.global.ssl.fastly.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.calameo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:38:35 UTC	342	IN	HTTP/1.1 200 OK Connection: close Content-Length: 26 Content-Type: image/gif Accept-Ranges: bytes Date: Sun, 05 Jan 2025 19:38:35 GMT Age: 27114 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT Pragma: no-cache
2025-01-05 19:38:35 UTC	26	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 00 3b Data Ascii: GIF89a,;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49791	151.101.1.194	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:35 UTC	435	OUT	GET /collect?e=view&aid=5652686&bid=14840225&dv=desktop&src=calameo&_c=544524610 HTTP/1.1 Host: calameo-beacon.global.ssl.fastly.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:38:35 UTC	342	IN	HTTP/1.1 200 OK Connection: close Content-Length: 26 Content-Type: image/gif Accept-Ranges: bytes Date: Sun, 05 Jan 2025 19:38:35 GMT Age: 14206 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT Pragma: no-cache
2025-01-05 19:38:35 UTC	26	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 00 3b Data Ascii: GIF89a,;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49792	151.101.1.194	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:35 UTC	447	OUT	GET /collect?e=pageview&aid=5652686&bid=14840225&pages=1&dv=desktop&src=calameo&_c=570123435 HTTP/1.1 Host: calameo-beacon.global.ssl.fastly.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:38:36 UTC	342	IN	HTTP/1.1 200 OK Connection: close Content-Length: 26 Content-Type: image/gif Accept-Ranges: bytes Date: Sun, 05 Jan 2025 19:38:35 GMT Age: 14205 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT Pragma: no-cache
2025-01-05 19:38:36 UTC	26	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 00 3b Data Ascii: GIF89a,;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49800	151.101.1.194	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:44 UTC	693	OUT	GET /collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=10001&dv=desktop&src=calameo&_c=163033674 HTTP/1.1 Host: calameo-beacon.global.ssl.fastly.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.calameo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:38:44 UTC	342	IN	HTTP/1.1 200 OK Connection: close Content-Length: 26 Content-Type: image/gif Accept-Ranges: bytes Date: Sun, 05 Jan 2025 19:38:44 GMT Age: 14215 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT Pragma: no-cache
2025-01-05 19:38:44 UTC	26	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 00 3b Data Ascii: GIF89a,;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	49801	151.101.1.194	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:38:45 UTC	458	OUT	GET /collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=10001&dv=desktop&src=calameo&_c=163033674 HTTP/1.1 Host: calameo-beacon.global.ssl.fastly.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:38:45 UTC	342	IN	HTTP/1.1 200 OK Connection: close Content-Length: 26 Content-Type: image/gif Accept-Ranges: bytes Date: Sun, 05 Jan 2025 19:38:45 GMT Age: 14215 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT Pragma: no-cache
2025-01-05 19:38:45 UTC	26	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 00 3b Data Ascii: GIF89a,;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	49802	151.101.1.194	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:39:04 UTC	693	OUT	GET /collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=20002&dv=desktop&src=calameo&_c=532180254 HTTP/1.1 Host: calameo-beacon.global.ssl.fastly.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.calameo.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:39:05 UTC	342	IN	HTTP/1.1 200 OK Connection: close Content-Length: 26 Content-Type: image/gif Accept-Ranges: bytes Date: Sun, 05 Jan 2025 19:39:04 GMT Age: 27144 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT Pragma: no-cache
2025-01-05 19:39:05 UTC	26	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 00 3b Data Ascii: GIF89a,;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	49803	151.101.1.194	443	4908	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2025-01-05 19:39:05 UTC	458	OUT	GET /collect?e=pagetime&aid=5652686&bid=14840225&pages=1&time=20002&dv=desktop&src=calameo&_c=532180254 HTTP/1.1 Host: calameo-beacon.global.ssl.fastly.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-05 19:39:05 UTC	342	IN	HTTP/1.1 200 OK Connection: close Content-Length: 26 Content-Type: image/gif Accept-Ranges: bytes Date: Sun, 05 Jan 2025 19:39:05 GMT Age: 14236 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Sun, 17 May 1998 03:00:00 GMT Pragma: no-cache
2025-01-05 19:39:05 UTC	26	IN	Data Raw: 47 49 46 38 39 61 01 00 01 00 00 ff 00 2c 00 00 00 00 01 00 01 00 00 02 00 3b Data Ascii: GIF89a,;

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 4192, Parent PID: 2892

General

Target ID:	0
Start time:	14:38:11
Start date:	05/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4908, Parent PID: 4192

General

Target ID:	2
Start time:	14:38:16
Start date:	05/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 --field-trial-handle=2524,i,13939320870459092663,15708760969845321266,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6536, Parent PID: 2892

General

Target ID:	3
Start time:	14:38:21
Start date:	05/01/2025
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.calameo.com/read/005652686f8ff374103f3"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.calameo.com/read/005652686f8ff374103f3

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 71

Chrome Cache Entry: 72

Chrome Cache Entry: 73

Chrome Cache Entry: 74

Chrome Cache Entry: 75

Chrome Cache Entry: 76

Chrome Cache Entry: 77

Chrome Cache Entry: 78

Chrome Cache Entry: 79

Chrome Cache Entry: 80

Chrome Cache Entry: 81

Chrome Cache Entry: 82

Chrome Cache Entry: 83

Chrome Cache Entry: 84

Chrome Cache Entry: 85

Chrome Cache Entry: 86

Chrome Cache Entry: 87

Windows Analysis Report
https://www.calameo.com/read/005652686f8ff374103f3