Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Document-01-16-25.pdf

Overview

General Information

Sample name:Document-01-16-25.pdf
Analysis ID:1591442
MD5:8ecce729a5760b28b76cb62e79303981
SHA1:6f43fdec72833659693f1e26bbd8fc2b3093ae6f
SHA256:c8f8f3532d48c50d9b11f98ccdc60d1f7ab44b6f72ecb089a023938da7b6bdfa
Infos:

Detection

Score:60
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found potential malicious PDF (bad image similarity)
AI detected landing page (webpage, office document or email)
HTML page contains obfuscated javascript
Suspicious PDF detected (based on various text indicators)
Detected non-DNS traffic on DNS port
Detected suspicious crossdomain redirect
HTML body contains low number of good links
HTML body contains password input but no form action
HTML body with high number of embedded images detected
IP address seen in connection with other malware
No HTML title found

Classification

  • System is w10x64
  • Acrobat.exe (PID: 4284 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Document-01-16-25.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
    • AcroCEF.exe (PID: 6752 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
      • AcroCEF.exe (PID: 7308 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1736,i,15747255056421889917,546776103974383720,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • chrome.exe (PID: 5548 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://snip.ly/h183fa" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 280 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2004,i,12619154024189246498,552907076724909782,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: PDF documentJoe Sandbox AI: Page contains button: 'CLICK HERE TO VIEW DOCUMENT' Source: 'PDF document'
Source: PDF documentJoe Sandbox AI: PDF document contains QR code
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: (function(_0x2b9809,_0x492856){function _0x56bd7f(_0x37c2b7,_0x511a67,_0x261015,_0x464a1e){
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: const _0xf39cac=_0x2f2b,_0xd57ea2=_0x2f2b;(function(_0x59f5e1,_0x45dd31){const _0x68f60a=_0x2f2
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: const _0x13721f=_0x5e52,_0x7cc2d2=_0x5e52;(function(_0x4b37fb,_0x39d9b3){const _0xcfae=_0x5e52,
Source: Adobe Acrobat PDFOCR Text: DocuSign You have a new document to review and sign CLICK HERE TO VIEW DOCUMENT Dear Recepient, You have an important documents for your DocuSign Signature. Kindly use your phone camera to scan the above QRcode to access your document Thank you, Docusign.
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: Number of links: 0
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: Total embedded image size: 144184
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: HTML title missing
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: Iframe src: ./general_files/saved_resource.html
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: <input type="password" .../> found
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: No favicon
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: No favicon
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: No <meta name="author".. found
Source: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyHTTP Parser: No <meta name="copyright".. found
Source: global trafficTCP traffic: 192.168.2.4:52309 -> 1.1.1.1:53
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: snip.ly to https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply
Source: Joe Sandbox ViewIP Address: 34.117.59.81 34.117.59.81
Source: Joe Sandbox ViewIP Address: 34.117.59.81 34.117.59.81
Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /h183fa HTTP/1.1Host: snip.lyConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply HTTP/1.1Host: f005.backblazeb2.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /file/pplambo/general_files/saved_resource.html HTTP/1.1Host: f005.backblazeb2.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /json HTTP/1.1Host: ipinfo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://f005.backblazeb2.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://f005.backblazeb2.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: f005.backblazeb2.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /json HTTP/1.1Host: ipinfo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: x1.i.lencr.org
Source: global trafficDNS traffic detected: DNS query: snip.ly
Source: global trafficDNS traffic detected: DNS query: f005.backblazeb2.com
Source: global trafficDNS traffic detected: DNS query: ipinfo.io
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: 77EC63BDA74BD0D0E0426DC8F80085060.1.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: 2D85F72862B55C4EADD9E66E06947F3D0.1.drString found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_190.10.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Material
Source: chromecache_194.10.drString found in binary or memory: https://fonts.gstatic.com/s/materialsymbolsoutlined/v222/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMz
Source: chromecache_190.10.drString found in binary or memory: https://getbootstrap.com)
Source: chromecache_190.10.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_190.10.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_191.10.dr, chromecache_192.10.drString found in binary or memory: https://ipinfo.io/missingauth
Source: Document-01-16-25.pdfString found in binary or memory: https://snip.ly/h183fa)
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52319
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52316
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49672
Source: unknownNetwork traffic detected: HTTP traffic on port 52322 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52311
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52322
Source: unknownNetwork traffic detected: HTTP traffic on port 52323 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52561
Source: unknownNetwork traffic detected: HTTP traffic on port 52325 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52325
Source: unknownNetwork traffic detected: HTTP traffic on port 52324 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52323
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52324
Source: unknownNetwork traffic detected: HTTP traffic on port 52316 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52561 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52311 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 52319 -> 443

System Summary

barindex
Source: Document-01-16-25.pdfStatic PDF information: Image stream: 51
Source: classification engineClassification label: mal60.phis.winPDF@39/57@11/8
Source: Document-01-16-25.pdfInitial sample: https://snip.ly/h183fa
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journalJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeFile created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-01-14 18-48-25-486.logJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
Source: unknownProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Document-01-16-25.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1736,i,15747255056421889917,546776103974383720,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://snip.ly/h183fa"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2004,i,12619154024189246498,552907076724909782,262144 /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1736,i,15747255056421889917,546776103974383720,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2004,i,12619154024189246498,552907076724909782,262144 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Document-01-16-25.pdfInitial sample: PDF keyword /JS count = 0
Source: Document-01-16-25.pdfInitial sample: PDF keyword /JavaScript count = 0
Source: A96d41h9_a8kv2s_rc.tmp.0.drInitial sample: PDF keyword /JS count = 0
Source: A96d41h9_a8kv2s_rc.tmp.0.drInitial sample: PDF keyword /JavaScript count = 0
Source: Document-01-16-25.pdfInitial sample: PDF keyword stream count = 30
Source: Document-01-16-25.pdfInitial sample: PDF keyword /EmbeddedFile count = 0
Source: Document-01-16-25.pdfInitial sample: PDF keyword obj count = 63
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire Infrastructure1
Spearphishing Link
Windows Management Instrumentation1
Browser Extensions
1
Process Injection
1
Masquerading
OS Credential Dumping1
System Information Discovery
Remote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomains1
Drive-by Compromise
Scheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
Document-01-16-25.pdf0%ReversingLabs
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    high
    snip.ly
    172.67.11.119
    truefalse
      high
      f005.backblazeb2.com
      149.137.136.16
      truefalse
        high
        ipinfo.io
        34.117.59.81
        truefalse
          high
          www.google.com
          142.250.185.132
          truefalse
            high
            x1.i.lencr.org
            unknown
            unknownfalse
              high
              NameMaliciousAntivirus DetectionReputation
              https://f005.backblazeb2.com/file/pplambo/general_files/saved_resource.htmlfalse
                high
                https://f005.backblazeb2.com/favicon.icofalse
                  high
                  https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyfalse
                    high
                    https://snip.ly/h183fafalse
                      high
                      https://ipinfo.io/jsonfalse
                        high
                        NameSourceMaliciousAntivirus DetectionReputation
                        https://github.com/twbs/bootstrap/blob/master/LICENSE)chromecache_190.10.drfalse
                          high
                          https://ipinfo.io/missingauthchromecache_191.10.dr, chromecache_192.10.drfalse
                            high
                            https://snip.ly/h183fa)Document-01-16-25.pdffalse
                              high
                              http://x1.i.lencr.org/2D85F72862B55C4EADD9E66E06947F3D0.1.drfalse
                                high
                                https://github.com/twbs/bootstrap/graphs/contributors)chromecache_190.10.drfalse
                                  high
                                  https://getbootstrap.com)chromecache_190.10.drfalse
                                    high
                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs
                                    IPDomainCountryFlagASNASN NameMalicious
                                    172.67.11.119
                                    snip.lyUnited States
                                    13335CLOUDFLARENETUSfalse
                                    34.117.59.81
                                    ipinfo.ioUnited States
                                    139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                    142.250.185.132
                                    www.google.comUnited States
                                    15169GOOGLEUSfalse
                                    239.255.255.250
                                    unknownReserved
                                    unknownunknownfalse
                                    149.137.136.16
                                    f005.backblazeb2.comUnited States
                                    30103ZOOM-VIDEO-COMM-ASUSfalse
                                    IP
                                    192.168.2.4
                                    192.168.2.6
                                    192.168.2.5
                                    Joe Sandbox version:42.0.0 Malachite
                                    Analysis ID:1591442
                                    Start date and time:2025-01-15 00:47:29 +01:00
                                    Joe Sandbox product:CloudBasic
                                    Overall analysis duration:0h 5m 41s
                                    Hypervisor based Inspection enabled:false
                                    Report type:full
                                    Cookbook file name:defaultwindowspdfcookbook.jbs
                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                    Number of analysed new started processes analysed:13
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • HCA enabled
                                    • EGA enabled
                                    • AMSI enabled
                                    Analysis Mode:default
                                    Analysis stop reason:Timeout
                                    Sample name:Document-01-16-25.pdf
                                    Detection:MAL
                                    Classification:mal60.phis.winPDF@39/57@11/8
                                    EGA Information:Failed
                                    HCA Information:
                                    • Successful, ratio: 100%
                                    • Number of executed functions: 0
                                    • Number of non-executed functions: 0
                                    Cookbook Comments:
                                    • Found application associated with file extension: .pdf
                                    • Found PDF document
                                    • Close Viewer
                                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe, svchost.exe
                                    • Excluded IPs from analysis (whitelisted): 184.28.88.176, 54.224.241.105, 50.16.47.176, 34.237.241.83, 18.213.11.84, 2.16.168.107, 2.16.168.105, 172.64.41.3, 162.159.61.3, 23.209.209.135, 199.232.210.172, 2.17.190.73, 142.250.185.99, 142.250.185.174, 173.194.76.84, 142.250.184.206, 142.250.185.206, 142.250.184.234, 142.250.186.67, 142.250.184.202, 142.250.186.170, 216.58.206.42, 142.250.186.138, 142.250.186.42, 142.250.185.202, 216.58.212.170, 172.217.18.10, 142.250.185.106, 142.250.185.234, 172.217.16.202, 142.250.185.170, 142.250.181.234, 142.250.186.106, 142.250.185.138, 142.250.186.74, 216.58.206.74, 142.250.185.74, 172.217.23.106, 216.58.212.174, 216.58.206.46, 216.58.206.35, 172.217.16.206, 142.250.186.46, 142.250.185.78, 172.217.18.14, 2.23.242.162, 23.217.172.185, 4.175.87.197, 13.107.246.45
                                    • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, clientservices.googleapis.com, acroipm2.adobe.com, dns.msftncsi.com, clients2.google.com, ocsp.digicert.com, redirector.gvt1.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, update.googleapis.com, wu-b-net.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net, optimizationguide-pa.googleapis.com, clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com.delivery.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, armmf.adobe.com, clients.l.google.com, geo2.adobe.com
                                    • Not all processes where analyzed, report is missing behavior information
                                    • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                    TimeTypeDescription
                                    18:48:35API Interceptor2x Sleep call for process: AcroCEF.exe modified
                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                    239.255.255.250https://telegrams-ai.org/Get hashmaliciousUnknownBrowse
                                      https://telegrams-az.org/Get hashmaliciousUnknownBrowse
                                        https://telegrams-tk.org/Get hashmaliciousHTMLPhisherBrowse
                                          https://telegrams-ar.org/Get hashmaliciousUnknownBrowse
                                            https://teiegroj.cc/ZH/Get hashmaliciousTelegram PhisherBrowse
                                              https://teiegroj.cc/apps.htmlGet hashmaliciousTelegram PhisherBrowse
                                                https://teiegrvu.cc/VN/Get hashmaliciousTelegram PhisherBrowse
                                                  https://sqotify.sidreriaeltonel.com/world/Get hashmaliciousUnknownBrowse
                                                    https://mia-s-6m3a-sg5i-com-s4kuqcp9y8.vercel.app/facebook.com.htmlGet hashmaliciousHTMLPhisherBrowse
                                                      https://t1vil-telegram.org/login/index.htmlGet hashmaliciousUnknownBrowse
                                                        172.67.11.119https://e.cukurovadermatoloji.org.tr/i/Do-BbkmS8do2SSRbfKAqhcJT8K9iB0m-Get hashmaliciousUnknownBrowse
                                                          34.117.59.810t8amSU3vd.exeGet hashmaliciousCryptoWall, TrojanRansomBrowse
                                                          • ipinfo.io/ip
                                                          file.exeGet hashmaliciousInvicta Stealer, XWormBrowse
                                                          • ipinfo.io/json
                                                          Code%20Send%20meta%20Discord%20EXE.ps1Get hashmaliciousUnknownBrowse
                                                          • ipinfo.io/json
                                                          idl57nk7gk.exeGet hashmaliciousNeshtaBrowse
                                                          • ipinfo.io/json
                                                          idl57nk7gk.exeGet hashmaliciousNeshtaBrowse
                                                          • ipinfo.io/json
                                                          FormulariomillasbonusLATAM_GsqrekXCVBmUf.cmdGet hashmaliciousUnknownBrowse
                                                          • ipinfo.io/json
                                                          172.104.150.66.ps1Get hashmaliciousUnknownBrowse
                                                          • ipinfo.io/json
                                                          VertusinstruccionesFedEX_66521.zipGet hashmaliciousUnknownBrowse
                                                          • ipinfo.io/json
                                                          UjbjOP.ps1Get hashmaliciousUnknownBrowse
                                                          • ipinfo.io/json
                                                          I9xuKI2p2B.ps1Get hashmaliciousUnknownBrowse
                                                          • ipinfo.io/json
                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                          bg.microsoft.map.fastly.netEastern Contractors Corporation Contract and submittal document.emlGet hashmaliciousUnknownBrowse
                                                          • 199.232.214.172
                                                          v9xYj92wR3.dllGet hashmaliciousWannacryBrowse
                                                          • 199.232.214.172
                                                          https://securityalert-corporate.com/click/f288bff9-842d-4e34-8d2d-41ad20e48e9dGet hashmaliciousUnknownBrowse
                                                          • 199.232.214.172
                                                          FjSrGs0AE2.dllGet hashmaliciousWannacryBrowse
                                                          • 199.232.214.172
                                                          jgd5ZGl1vA.dllGet hashmaliciousWannacryBrowse
                                                          • 199.232.214.172
                                                          logitix.pdfGet hashmaliciousHTMLPhisherBrowse
                                                          • 199.232.214.172
                                                          DHL AWB CUSTOM CLEARANCE.xlsGet hashmaliciousUnknownBrowse
                                                          • 199.232.214.172
                                                          62.122.184.98 (2).ps1Get hashmaliciousUnknownBrowse
                                                          • 199.232.210.172
                                                          62.122.184.98 (2).ps1Get hashmaliciousUnknownBrowse
                                                          • 199.232.210.172
                                                          WZ6RvDzQeq.exeGet hashmaliciousUnknownBrowse
                                                          • 199.232.210.172
                                                          snip.lyhttps://snip.ly/kx81x2Get hashmaliciousUnknownBrowse
                                                          • 104.22.7.164
                                                          https://e.cukurovadermatoloji.org.tr/i/Do-BbkmS8do2SSRbfKAqhcJT8K9iB0m-Get hashmaliciousUnknownBrowse
                                                          • 172.67.11.119
                                                          http://7xv6.mjt.lu/lnk/AXMAAFFvlI0AAAAAAAAAA8Ye8moAAABKhgwAAAAAAAq7pgBnByOSeYt8cGpTTPaPBTAKJeV-UQAKnpI/1/EWmySlSHcyP6g54g0SDc-g/aHR0cHM6Ly9zbmlwLmx5L2V6NGxydwGet hashmaliciousUnknownBrowse
                                                          • 104.22.7.164
                                                          https://l4vm89ff.r.us-west-2.awstrack.me/L0/https:%2F%2Fsnip.ly%2FFedExx/1/010101917bbe6db8-0435991f-93dd-44cd-b7b8-51bfd5cf53c7-000000/HIvKUOwubES5gbenLtlgHO_SzP8=389Get hashmaliciousUnknownBrowse
                                                          • 104.22.7.164
                                                          https://snip.ly/v2W8cp5HS?_ga=2.175036770.1532108726.1709685580-1384135853.1709249081&_gl=1*1jo65d2*_ga*MTM4NDEzNTg1My4xNzA5MjQ5MDgx*_ga_VJBT5190M4*MTcwOTY5MzAyNy4zLjEuMTcwOTY5MzA3Ny4wLjAuMA..&c=E,1,T3I0brzoruDW5EI463I8dex3GUAZLHhWgpNkrw6AAl_mKjTDg6aG4kHrwrJlPG2TtUN-YLGyuTxI6GnyV-3Oxw46D8xwm6zZcMGc3GkS_VWpFQ,,&typo=1Get hashmaliciousHTMLPhisherBrowse
                                                          • 104.22.6.164
                                                          https://shoutout.wix.com/so/0cOeRzuRM/c?w=Jw_rqQ44rEGfmj9kjQ_k5rk6P-vMl-wAQU1Z_rhRmvY.eyJ1IjoiaHR0cHM6Ly9zbmlwLmx5L3d1OXNwaCIsInIiOiI0ZGM1ZmI5ZS0yYTJjLTQxOGQtYWU4OS1jZmRhZjQ5YjJmMDYiLCJtIjoibWFpbCIsImMiOiIyMWU4NzM1Zi1jMmQ0LTRmZmMtYTcyNi1hNThhM2M5MjNmZWUifQGet hashmaliciousHTMLPhisherBrowse
                                                          • 104.26.6.32
                                                          https://shoutout.wix.com/so/0cOeRzuRM/c?w=Jw_rqQ44rEGfmj9kjQ_k5rk6P-vMl-wAQU1Z_rhRmvY.eyJ1IjoiaHR0cHM6Ly9zbmlwLmx5L3d1OXNwaCIsInIiOiI0ZGM1ZmI5ZS0yYTJjLTQxOGQtYWU4OS1jZmRhZjQ5YjJmMDYiLCJtIjoibWFpbCIsImMiOiIyMWU4NzM1Zi1jMmQ0LTRmZmMtYTcyNi1hNThhM2M5MjNmZWUifQGet hashmaliciousHTMLPhisherBrowse
                                                          • 104.26.6.32
                                                          https://bit.ly/3GorH0rGet hashmaliciousGRQ ScamBrowse
                                                          • 104.26.7.32
                                                          https://gtekcontrol-my.sharepoint.com/:o:/g/personal/kylesteward_gtek_co_uk/EhDMe_tJrQJOvkqcPg32UXwBy3vPhK7eMi-pVi9x3HYU5w?e=WkWbuLGet hashmaliciousHTMLPhisherBrowse
                                                          • 104.26.7.32
                                                          http://bit.ly/3VtQGURGet hashmaliciousGRQ ScamBrowse
                                                          • 104.26.6.32
                                                          f005.backblazeb2.comPurchase_order-001.pdfGet hashmaliciousUnknownBrowse
                                                          • 149.137.136.16
                                                          https://lnkfwd.com/u/MhDkLABRGet hashmaliciousHTMLPhisherBrowse
                                                          • 149.137.136.16
                                                          rQTI6IKszT.exeGet hashmaliciousUnknownBrowse
                                                          • 149.137.136.16
                                                          LKEAHetlG6.exeGet hashmaliciousUnknownBrowse
                                                          • 149.137.136.16
                                                          zCYHTVvEqm.exeGet hashmaliciousCobaltStrike, MetasploitBrowse
                                                          • 149.137.136.16
                                                          http://www.ln.run/BSrHQ/Get hashmaliciousUnknownBrowse
                                                          • 149.137.136.16
                                                          https://f005.backblazeb2.com/file/roboties48/index.htmlGet hashmaliciousUnknownBrowse
                                                          • 149.137.136.16
                                                          https://na4.docusign.net/Signing/EmailStart.aspx?a=ba2f41e9-baaf-4cfa-bac9-97afaa73a1c7&acct=97628bf5-2dcc-4379-8c8b-719995aa39f7&er=432aa911-ffaa-47c2-9cba-5584ad4ba6ecGet hashmaliciousHTMLPhisherBrowse
                                                          • 149.137.136.16
                                                          https://f005.backblazeb2.com/file/yahoos66/glogin.htmlGet hashmaliciousUnknownBrowse
                                                          • 149.137.136.16
                                                          https://customervoice.microsoft.com/Pages/ResponsePage.aspx?id=tg1j7YnlEUCGCEN8r-hdbL2y774DAIJEjU_nCKb9wOlUNUlFWjRMS0ZCNloyVTM4R0U3T0c1TjBCVi4uGet hashmaliciousHTMLPhisherBrowse
                                                          • 149.137.136.16
                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                          CLOUDFLARENETUShttps://telegrams-tk.org/Get hashmaliciousHTMLPhisherBrowse
                                                          • 104.16.124.96
                                                          https://sqotify.sidreriaeltonel.com/world/Get hashmaliciousUnknownBrowse
                                                          • 104.18.11.207
                                                          https://mia-s-6m3a-sg5i-com-s4kuqcp9y8.vercel.app/facebook.com.htmlGet hashmaliciousHTMLPhisherBrowse
                                                          • 172.67.8.141
                                                          http://onlineausde.andhrauniversity.edu.in/studentLogin/Payments/Get hashmaliciousUnknownBrowse
                                                          • 104.17.25.14
                                                          https://link.space/@mailpageGet hashmaliciousUnknownBrowse
                                                          • 172.67.75.5
                                                          http://web3-connect-wallet.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                          • 104.17.245.203
                                                          https://cdn.trytraffics.com/rdr/YWE9MzUyODExMjgxJnNlaT0zMDM5ODczNCZ0az1LdmRFVldENjdLQW94U0FyQ2NQbCZ0PTUmYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=Get hashmaliciousUnknownBrowse
                                                          • 188.114.97.3
                                                          http://optimize-system-upgrades.vercel.app/Get hashmaliciousHTMLPhisherBrowse
                                                          • 172.67.70.233
                                                          https://telegrimc.cn/Get hashmaliciousUnknownBrowse
                                                          • 104.17.25.14
                                                          http://teleqvom.cn/Get hashmaliciousUnknownBrowse
                                                          • 104.17.25.14
                                                          ZOOM-VIDEO-COMM-ASUShttps://sites.google.com/view/01-25sharepoint/Get hashmaliciousHTMLPhisherBrowse
                                                          • 149.137.136.9
                                                          splppc.elfGet hashmaliciousUnknownBrowse
                                                          • 149.137.118.147
                                                          Purchase_order-001.pdfGet hashmaliciousUnknownBrowse
                                                          • 149.137.136.16
                                                          teste.i686.elfGet hashmaliciousMirai, Moobot, OkiruBrowse
                                                          • 149.137.206.106
                                                          x86_64.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                          • 198.251.214.52
                                                          x86_64.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                          • 149.137.95.155
                                                          pbnpvwfhco.elfGet hashmaliciousUnknownBrowse
                                                          • 149.137.206.127
                                                          la.bot.sparc.elfGet hashmaliciousUnknownBrowse
                                                          • 149.137.206.109
                                                          https://lnkfwd.com/u/MhDkLABRGet hashmaliciousHTMLPhisherBrowse
                                                          • 149.137.136.16
                                                          la.bot.mips.elfGet hashmaliciousUnknownBrowse
                                                          • 64.211.148.226
                                                          GOOGLE-AS-APGoogleAsiaPacificPteLtdSGhttps://teiegrvu.cc/VN/Get hashmaliciousTelegram PhisherBrowse
                                                          • 34.117.59.81
                                                          527.zipGet hashmaliciousUnknownBrowse
                                                          • 34.117.188.166
                                                          527.zipGet hashmaliciousUnknownBrowse
                                                          • 34.117.188.166
                                                          https://microsoft-visio.en.softonic.com/Get hashmaliciousUnknownBrowse
                                                          • 34.117.239.71
                                                          http://pub-dfc04553e9094cfc93a2df6d57084097.r2.dev/index.htmlGet hashmaliciousHTMLPhisherBrowse
                                                          • 34.117.59.81
                                                          https://urlz.fr/tJIZGet hashmaliciousUnknownBrowse
                                                          • 34.117.239.71
                                                          phish_alert_sp2_2.0.0.0 (2).emlGet hashmaliciousUnknownBrowse
                                                          • 34.117.59.81
                                                          ElixirInjector.exeGet hashmaliciousDCRat, PureLog Stealer, zgRATBrowse
                                                          • 34.117.59.81
                                                          http://cosmetological.xyz/xoqae/go?rgcid=&rx_p=&rgsubid=d-wboqentba-argGet hashmaliciousUnknownBrowse
                                                          • 34.117.59.81
                                                          http://clumsy-sulky-helium.glitch.me/Get hashmaliciousUnknownBrowse
                                                          • 34.117.59.81
                                                          No context
                                                          No context
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):292
                                                          Entropy (8bit):5.225828926589656
                                                          Encrypted:false
                                                          SSDEEP:6:iO82u3+q2Pwkn2nKuAl9OmbnIFUtW2rZZmwo2rNVkwOwkn2nKuAl9OmbjLJ:77uOvYfHAahFUtBl/f35JfHAaSJ
                                                          MD5:C5752553460E133DFC1ECC8645FE3E51
                                                          SHA1:A8492CA05D86853160E344A6B71B531F5EE6345F
                                                          SHA-256:6B2AD31CE93032BA537358C98DE0067A58AFC4383767F475F28756EF3AF36ED7
                                                          SHA-512:DB9E7F24B5EEB121FE9B1F18BE110221D03128CFCC5622C7918749456C47A1F3CC634B908BCF2A5B584A45224AC5BEF0C60E72DA00FD6D8190AB39820E8EE6A7
                                                          Malicious:false
                                                          Reputation:low
                                                          Preview:2025/01/14-18:48:23.068 1c78 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2025/01/14-18:48:23.070 1c78 Recovering log #3.2025/01/14-18:48:23.070 1c78 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):292
                                                          Entropy (8bit):5.225828926589656
                                                          Encrypted:false
                                                          SSDEEP:6:iO82u3+q2Pwkn2nKuAl9OmbnIFUtW2rZZmwo2rNVkwOwkn2nKuAl9OmbjLJ:77uOvYfHAahFUtBl/f35JfHAaSJ
                                                          MD5:C5752553460E133DFC1ECC8645FE3E51
                                                          SHA1:A8492CA05D86853160E344A6B71B531F5EE6345F
                                                          SHA-256:6B2AD31CE93032BA537358C98DE0067A58AFC4383767F475F28756EF3AF36ED7
                                                          SHA-512:DB9E7F24B5EEB121FE9B1F18BE110221D03128CFCC5622C7918749456C47A1F3CC634B908BCF2A5B584A45224AC5BEF0C60E72DA00FD6D8190AB39820E8EE6A7
                                                          Malicious:false
                                                          Reputation:low
                                                          Preview:2025/01/14-18:48:23.068 1c78 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2025/01/14-18:48:23.070 1c78 Recovering log #3.2025/01/14-18:48:23.070 1c78 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):336
                                                          Entropy (8bit):5.181316953285922
                                                          Encrypted:false
                                                          SSDEEP:6:iO82gxK+q2Pwkn2nKuAl9Ombzo2jMGIFUtW2gEJGZmwo2g/e3VkwOwkn2nKuAl97:77gg+vYfHAa8uFUtBg9/fg/KV5JfHAaU
                                                          MD5:B75B9D36C2F87F8B9263E4563ABC38DA
                                                          SHA1:C4A25591C2A05E9B2730F71BB4B619090B396D72
                                                          SHA-256:C3814722D1EFFB5DDE4B245B7B6BD6B704F9AA9D28ABDB599D7CD51268619126
                                                          SHA-512:911074F5AC95BA93D0688D989C40735FB1FBD4E4EC96905DBA79F367AE0BF09E3BA3CE76ABA67B2012410C5C1A9CA4F2E659BED111F0DA3BAD3352E6E8929C2B
                                                          Malicious:false
                                                          Reputation:low
                                                          Preview:2025/01/14-18:48:23.117 1cbc Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2025/01/14-18:48:23.118 1cbc Recovering log #3.2025/01/14-18:48:23.119 1cbc Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):336
                                                          Entropy (8bit):5.181316953285922
                                                          Encrypted:false
                                                          SSDEEP:6:iO82gxK+q2Pwkn2nKuAl9Ombzo2jMGIFUtW2gEJGZmwo2g/e3VkwOwkn2nKuAl97:77gg+vYfHAa8uFUtBg9/fg/KV5JfHAaU
                                                          MD5:B75B9D36C2F87F8B9263E4563ABC38DA
                                                          SHA1:C4A25591C2A05E9B2730F71BB4B619090B396D72
                                                          SHA-256:C3814722D1EFFB5DDE4B245B7B6BD6B704F9AA9D28ABDB599D7CD51268619126
                                                          SHA-512:911074F5AC95BA93D0688D989C40735FB1FBD4E4EC96905DBA79F367AE0BF09E3BA3CE76ABA67B2012410C5C1A9CA4F2E659BED111F0DA3BAD3352E6E8929C2B
                                                          Malicious:false
                                                          Reputation:low
                                                          Preview:2025/01/14-18:48:23.117 1cbc Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2025/01/14-18:48:23.118 1cbc Recovering log #3.2025/01/14-18:48:23.119 1cbc Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):475
                                                          Entropy (8bit):4.951295469561047
                                                          Encrypted:false
                                                          SSDEEP:12:YH/um3RA8sqLyysBdOg2Hvcaq3QYiubInP7E4T3y:Y2sRdsN3dMHe3QYhbG7nby
                                                          MD5:134FD697535BE516B44A9B3AC32B6DC8
                                                          SHA1:DDC3A919331F4DF0E12E3A55B8F84FC42DF2905A
                                                          SHA-256:44E60C0A8799C39925F6EBBD96E78851DDCE747B6635C19601C8D07E7515FEE1
                                                          SHA-512:1D5F13451CC77C2F4E6E9B13D93039A29853FB80FC4DDA031A86DF7934CED083100D8A14211A5CFEB0C00110B4C7C0E6A5252D94F1632223C4213C90C76F872A
                                                          Malicious:false
                                                          Reputation:low
                                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13381458515714162","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":126413},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:JSON data
                                                          Category:modified
                                                          Size (bytes):475
                                                          Entropy (8bit):4.951295469561047
                                                          Encrypted:false
                                                          SSDEEP:12:YH/um3RA8sqLyysBdOg2Hvcaq3QYiubInP7E4T3y:Y2sRdsN3dMHe3QYhbG7nby
                                                          MD5:134FD697535BE516B44A9B3AC32B6DC8
                                                          SHA1:DDC3A919331F4DF0E12E3A55B8F84FC42DF2905A
                                                          SHA-256:44E60C0A8799C39925F6EBBD96E78851DDCE747B6635C19601C8D07E7515FEE1
                                                          SHA-512:1D5F13451CC77C2F4E6E9B13D93039A29853FB80FC4DDA031A86DF7934CED083100D8A14211A5CFEB0C00110B4C7C0E6A5252D94F1632223C4213C90C76F872A
                                                          Malicious:false
                                                          Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://armmf.adobe.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13381458515714162","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":126413},"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):4730
                                                          Entropy (8bit):5.254156964451269
                                                          Encrypted:false
                                                          SSDEEP:96:etJCV4FAsszrNamjTN/2rjYMta02fDtehgO7BtTgo7ud3GZ:etJCV4FiN/jTN/2r8Mta02fEhgO73go7
                                                          MD5:3DFDE4EE76EA5BF8AB2C78E08CADE1F9
                                                          SHA1:3B3D66DBA99FAFBB69E247069487F355649B45A5
                                                          SHA-256:F8494E32B8717F2F669C7DC02190941C087B63B871AFD3B4D904763C36803383
                                                          SHA-512:CCBA8A0506A588568560E14CD8DD5D784D3E91DF1CD4AB42600F0F834869D1FDB10B63C0363C0E0960EC8C446DF49D64690B2216B92E81F43EBF7F1D9E0D8011
                                                          Malicious:false
                                                          Preview:*...#................version.1..namespace-['O.o................next-map-id.1.Pnamespace-158f4913_074a_4bdf_b463_eb784cc805b4-https://rna-resource.acrobat.com/.0>...r................next-map-id.2.Snamespace-fd2db5bd_ef7e_4124_bfa7_f036ce1d74e5-https://rna-v2-resource.acrobat.com/.1O..r................next-map-id.3.Snamespace-cd5be8d1_42d2_481d_ac0e_f904ae470bda-https://rna-v2-resource.acrobat.com/.2.\.o................next-map-id.4.Pnamespace-6070ce43_6a74_4d0a_9cb8_0db6c3126811-https://rna-resource.acrobat.com/.3....^...............Pnamespace-158f4913_074a_4bdf_b463_eb784cc805b4-https://rna-resource.acrobat.com/..|.^...............Pnamespace-6070ce43_6a74_4d0a_9cb8_0db6c3126811-https://rna-resource.acrobat.com/n..Fa...............Snamespace-fd2db5bd_ef7e_4124_bfa7_f036ce1d74e5-https://rna-v2-resource.acrobat.com/DQ..a...............Snamespace-cd5be8d1_42d2_481d_ac0e_f904ae470bda-https://rna-v2-resource.acrobat.com/i.`do................next-map-id.5.Pnamespace-de635bf2_6773_4d83_ad16_
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):324
                                                          Entropy (8bit):5.224145894935436
                                                          Encrypted:false
                                                          SSDEEP:6:iO82il+q2Pwkn2nKuAl9OmbzNMxIFUtW2ibZmwo2irVkwOwkn2nKuAl9OmbzNMFd:77i+vYfHAa8jFUtBg/fQV5JfHAa84J
                                                          MD5:51622511D892BB59596B00B4A2303080
                                                          SHA1:33372ECAC3A8FBF9B6EE4762C53C44CB4AFD6DB2
                                                          SHA-256:8F38A468FD3A9D210709ADC00872BF2D569DE41A1D8B0B9EAA1ADCAFF739C6B9
                                                          SHA-512:177B6A3EB1DDA8B85259A927ADF302697CD9B0C3F06763BF090E85C14AAB3814620B2B528D15FD7EC71950A808C21B19D5981F1BC0E749E58BA474F5BAC3F71D
                                                          Malicious:false
                                                          Preview:2025/01/14-18:48:23.376 1cbc Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2025/01/14-18:48:23.378 1cbc Recovering log #3.2025/01/14-18:48:23.378 1cbc Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:ASCII text
                                                          Category:dropped
                                                          Size (bytes):324
                                                          Entropy (8bit):5.224145894935436
                                                          Encrypted:false
                                                          SSDEEP:6:iO82il+q2Pwkn2nKuAl9OmbzNMxIFUtW2ibZmwo2irVkwOwkn2nKuAl9OmbzNMFd:77i+vYfHAa8jFUtBg/fQV5JfHAa84J
                                                          MD5:51622511D892BB59596B00B4A2303080
                                                          SHA1:33372ECAC3A8FBF9B6EE4762C53C44CB4AFD6DB2
                                                          SHA-256:8F38A468FD3A9D210709ADC00872BF2D569DE41A1D8B0B9EAA1ADCAFF739C6B9
                                                          SHA-512:177B6A3EB1DDA8B85259A927ADF302697CD9B0C3F06763BF090E85C14AAB3814620B2B528D15FD7EC71950A808C21B19D5981F1BC0E749E58BA474F5BAC3F71D
                                                          Malicious:false
                                                          Preview:2025/01/14-18:48:23.376 1cbc Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2025/01/14-18:48:23.378 1cbc Recovering log #3.2025/01/14-18:48:23.378 1cbc Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
                                                          Category:dropped
                                                          Size (bytes):65110
                                                          Entropy (8bit):1.947317462458769
                                                          Encrypted:false
                                                          SSDEEP:192:azkIk7Ck7CkAkzk6k6k6kbkSkeBkvkeDkkkfkFOkXOk6k6kgkrk4k6kGkGkGkGki:pZUMUBbmLYhU7r
                                                          MD5:51803AD3AC630383FB67DA787F878794
                                                          SHA1:2033CFBDDFBADB6F319A2D6B8943DE3ABB5425CE
                                                          SHA-256:CC1CBDEEACC363035AA9EF8F154868135D1F5AC5BA3F4F0A4EFA9BF0BEC392E8
                                                          SHA-512:526DB4E03F4B05AFFD3A1DB6F11B1C2C3349B332F21ED3DF2F5423CF161DF0A0B76BA1C675E6DB273904187A13BD81AFDFDCAFF0FE1AE5D026B331E9E4D740AD
                                                          Malicious:false
                                                          Preview:BMV.......6...(...k...h..... ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 15
                                                          Category:dropped
                                                          Size (bytes):86016
                                                          Entropy (8bit):4.445435441159137
                                                          Encrypted:false
                                                          SSDEEP:384:yezci5t9iBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:rWs3OazzU89UTTgUL
                                                          MD5:153BE8582D9406F41217D1AFDDFF1E3E
                                                          SHA1:C90CF0B0FBF4BC1E5CC8E3284FDAC858BB9E64E4
                                                          SHA-256:F6FC3450E09AEE136E214141F5A4005003DDFA72111E428E5BFDE79E9F391F42
                                                          SHA-512:EB56903CA87728FF2569650D30C210D2D0803436B1D0AC4F654765E3786F77C7A26B95F1875A3894206171998DC0F951FD20B01A018B2A00F06C4B8D434F3F7A
                                                          Malicious:false
                                                          Preview:SQLite format 3......@ ..........................................................................c.......1........T...U.1.D............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:SQLite Rollback Journal
                                                          Category:dropped
                                                          Size (bytes):8720
                                                          Entropy (8bit):3.778053582122238
                                                          Encrypted:false
                                                          SSDEEP:48:7Mfp/E2ioyVoC0ioy9oWoy1Cwoy1pCnKOioy1noy1AYoy1Wioy1hioybioyzCBo+:7IpjuoC0F6CNXKQsCzCb9IVXEBodRBk2
                                                          MD5:7C49C67F41EE836F840B22A07ADFD220
                                                          SHA1:29A7B7B060B1ADB5A77C7D88F393F621D1197F0D
                                                          SHA-256:D5342B39CE435303D6AE9D932B7E42C75F5DDA37FA17CFEB3C5A22C179190CC3
                                                          SHA-512:B9AE634929CA0971BCF21D25A37BEFBEC2B83101B62559255FA094DA8AAC698027F582D8341BFAB4D3B725E947BAF38B02723F3D56A0DBCA6243FAB8DF0D6875
                                                          Malicious:false
                                                          Preview:.... .c........$...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................T...[...b...r...t...}.....L..............................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:Certificate, Version=3
                                                          Category:dropped
                                                          Size (bytes):1391
                                                          Entropy (8bit):7.705940075877404
                                                          Encrypted:false
                                                          SSDEEP:24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1
                                                          MD5:0CD2F9E0DA1773E9ED864DA5E370E74E
                                                          SHA1:CABD2A79A1076A31F21D253635CB039D4329A5E8
                                                          SHA-256:96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
                                                          SHA-512:3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910
                                                          Malicious:false
                                                          Preview:0..k0..S............@.YDc.c...0...*.H........0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10...150604110438Z..350604110438Z0O1.0...U....US1)0'..U... Internet Security Research Group1.0...U....ISRG Root X10.."0...*.H.............0..........$s..7.+W(.....8..n<.W.x.u...jn..O(..h.lD...c...k....1.!~.3<.H..y.....!.K...qiJffl.~<p..)"......K...~....G.|.H#S.8.O.o...IW..t../.8.{.p!.u.0<.....c...O..K~.....w...{J.L.%.p..)..S$........J.?..aQ.....cq...o[...\4ylv.;.by.../&.....................6....7..6u...r......I.....*.A..v........5/(.l....dwnG7..Y^h..r...A)>Y>.&.$...Z.L@.F....:Qn.;.}r...xY.>Qx....../..>{J.Ks......P.|C.t..t.....0.[q6....00\H..;..}`...).........A.......|.;F.H*..v.v..j.=...8.d..+..(.....B.".'].y...p..N..:..'Qn..d.3CO......B0@0...U...........0...U.......0....0...U......y.Y.{....s.....X..n0...*.H.............U.X....P.....i ')..au\.n...i/..VK..s.Y.!.~.Lq...`.9....!V..P.Y...Y.............b.E.f..|o..;.....'...}~.."......
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                          Category:dropped
                                                          Size (bytes):71954
                                                          Entropy (8bit):7.996617769952133
                                                          Encrypted:true
                                                          SSDEEP:1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ
                                                          MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
                                                          SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
                                                          SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
                                                          SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
                                                          Malicious:false
                                                          Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):192
                                                          Entropy (8bit):2.7425532007658724
                                                          Encrypted:false
                                                          SSDEEP:3:kkFkl+O2ekXfllXlE/HT8kVNNX8RolJuRdxLlGB9lQRYwpDdt:kKnO2xIT8UNMa8RdWBwRd
                                                          MD5:6FAF5C1EE86897F662CDB95ADBD91627
                                                          SHA1:3F790FAD380CBD2C0F9996EA979A593212DBA0F1
                                                          SHA-256:7DA8593DF07D38A1F4B6F3EF06F39954BC0B5938576F602AD4481FC0766F5A66
                                                          SHA-512:60CE0B7C3DEA46E3B76F54849A158E8C0D005879552700D7AE735DC7886137EA9E21201FA49DE9330CBA0D49529A3736B6E5CDB7FCDA2E9B793A41AD238C2446
                                                          Malicious:false
                                                          Preview:p...... .........t...f..(....................................................... ..........W....................o...h.t.t.p.:././.x.1...i...l.e.n.c.r...o.r.g./...".6.4.c.d.6.6.5.4.-.5.6.f."...
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:data
                                                          Category:modified
                                                          Size (bytes):328
                                                          Entropy (8bit):3.245596380966818
                                                          Encrypted:false
                                                          SSDEEP:6:kK1jt/99UswD8HGsL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:B1kDImsLNkPlE99SNxAhUe/3
                                                          MD5:91473E2CCF8B077C5E56009FF25DA222
                                                          SHA1:C25AEDDB28634CD42C44F8FDFD67A10BC54933B1
                                                          SHA-256:59FE027BCFD5CE6C1FAED8C8B01530050746BF4E61C2925A984DC587CBD7295C
                                                          SHA-512:B80A12690A3158C765791985DF209562A5F928A2A60612164A91BB281E3A36A7C8B4A7AB47C38488099FD777BC8F730E3DC6015AE77109DBE94915E1C75C3109
                                                          Malicious:false
                                                          Preview:p...... ........0[...f..(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):295
                                                          Entropy (8bit):5.341919303842739
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJM3g98kUwPeUkwRe9:YvXKXTHZzlHEZc0v84GMbLUkee9
                                                          MD5:598F84060495EA755145231D97928F9B
                                                          SHA1:15FEE0A6718C96A5F7B6BA4BE10779F10CB81662
                                                          SHA-256:9C297B2DA68EC6FE9416C68961A20BC1F12C8EF7E6685D0A02F2A44D3617BA81
                                                          SHA-512:5536ECF39CA4463E2FA16A2A48C0265514623C3BD079CDE3696ADAAB8598D80E3B4BD16F6590B764425F185DA19ADEC07BCC3BAF1974A9C967E8DD626B8D1750
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"ACROBAT_READER_MASTER_SURFACEID","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):294
                                                          Entropy (8bit):5.285460467698007
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfBoTfXpnrPeUkwRe9:YvXKXTHZzlHEZc0v84GWTfXcUkee9
                                                          MD5:7B9BCC15B83100B52740DEF474058692
                                                          SHA1:C961478583A682D1C6668B026BEAF5BBE685D553
                                                          SHA-256:9CFC4204C2CB6A80E15F711907CAB21406CF0D7FFC93729E4C50A44B60AD7CF7
                                                          SHA-512:5C21590364C7FE03A5DCB302DF8FC336D8EB19040BEB0DAF53C0D5BEBE6A969063790FBA900A0E0F05095D0A22C61C14D7C5113E8E51F6DD65E774674D8B2286
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_FirstMile_Home_View_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):294
                                                          Entropy (8bit):5.263998144382421
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfBD2G6UpnrPeUkwRe9:YvXKXTHZzlHEZc0v84GR22cUkee9
                                                          MD5:BE6CD707848A5B5BE5030185F6C99931
                                                          SHA1:E4D1204B0FC898164D7C825CC069A4A09DE83CD2
                                                          SHA-256:706B00F76E9F57A1E584EB7A1962CE75549817559216EC52187E5EF3963687FB
                                                          SHA-512:7CF245FFE549C501C3AE8C3921D19FD175ACAB98F1382C8659280B8BB1B19E9F3D8A5E7C55724B977C9B105614CC88FE5AF4BEA862F74992B2D34D6B86A658C0
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_FirstMile_Right_Sec_Surface","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):285
                                                          Entropy (8bit):5.328177386091427
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfPmwrPeUkwRe9:YvXKXTHZzlHEZc0v84GH56Ukee9
                                                          MD5:1C969F0546B35DEB49C41E5D0A2738EE
                                                          SHA1:803C7B68A3DAB1F0E2EB1FCB5B808564949EBF21
                                                          SHA-256:461287E709903B820780B05F92A470251F4D73DAF6F5A538FA0F358A1C2C533F
                                                          SHA-512:432425C3DBAC89BB8B76B371BCB1657D4AC50B495E65D1D6F3315FC2056848B0BB460B43CE89D0150C52A7FF48183CD3EF0FECB37382497066E080C108F4A7B3
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_READER_LAUNCH_CARD","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):1123
                                                          Entropy (8bit):5.683678782094151
                                                          Encrypted:false
                                                          SSDEEP:24:Yv6XFtEzv8pLgE9cQx8LennAvzBvkn0RCmK8czOCCSV1:Yv4GEhgy6SAFv5Ah8cv/V1
                                                          MD5:4F017C4675265B4BB3B3DB3BCFD48022
                                                          SHA1:B285D6C352FF818793E0541215AE685591E0A03D
                                                          SHA-256:2F21BBD44986AD8680DC894C85B1A59DECDC7D08E384CE34D4A4490159200926
                                                          SHA-512:FC0A7D154D557A95E660904DE9CC74FFAFEDFA710F640592F8B86372ADDD436E1E31AB6C18C0BAEC83CA47979715843C85A6EB41D08663087682933437258161
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_Convert_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Convert_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_1","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"d5bba1ae-6009-4d23-8886-fd4a474b8ac9","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Convert_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IkNvbnZlcnRQREZSZHJSSFBBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkV4cG9ydCBQREZzIHRvIE1pY3Jvc29mdCBXb3JkIGFuZCBFeGNlbC4ifSwidGNh
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):289
                                                          Entropy (8bit):5.271965660790737
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJf8dPeUkwRe9:YvXKXTHZzlHEZc0v84GU8Ukee9
                                                          MD5:F654CF4303CAE57B6066E338C344D3A0
                                                          SHA1:1687FDDBAFDBE9D8AF7CAA969114CE11BF2F4B77
                                                          SHA-256:990BB319103954512B7946BBAF4082D1A5C7DB7BB42E7C2DBE246FE842A29C3A
                                                          SHA-512:6D2269345609848CD949931EDE321594BDA5B8BEAA073680A7B5BB488995C1D27527591E990DE382A52AB6556476810BA7504B8EBEF4401EAC82C3A755640144
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):292
                                                          Entropy (8bit):5.275372394914136
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfQ1rPeUkwRe9:YvXKXTHZzlHEZc0v84GY16Ukee9
                                                          MD5:2D8BD4BEBAC87392C9AC9CA36235A69A
                                                          SHA1:62838FFB7694379A26903FD55800E955F2F8A886
                                                          SHA-256:C52FD33B8B26C8D0177834C8C3E8CCD4A9DE1CDBB93B998C9A87F8B6D8521B7D
                                                          SHA-512:B1B59DE8C431DC1AAA70BE6FFC000A62CA5932C155275729B5855A39AA726FB70E2E9B49B0964F8E65B0FA538E90D2E2E2722BF1A19DADB3C576EB2B1B2EEF5E
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_Disc_LHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):289
                                                          Entropy (8bit):5.283144847015957
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfFldPeUkwRe9:YvXKXTHZzlHEZc0v84Gz8Ukee9
                                                          MD5:B94CC3E3FDFF7A2D40D945DF39242E5B
                                                          SHA1:9FB6CF8C4F2BA25998BAA7E58DF1286CB6080020
                                                          SHA-256:00000F13802F9B22347ABE4818CC19036DDAF910088003118021D00EBCD52B5F
                                                          SHA-512:E941A060DC2D7A944A5FBF0DC5158EECDDD961B5C572DA95AFB2BB2ABBBC7FFBB9BEAC8F4145EB739BD90DBFAD4ECE51E127A0AECFC3FD01B03A4845E83192B1
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_Edit_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):295
                                                          Entropy (8bit):5.298134237356373
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfzdPeUkwRe9:YvXKXTHZzlHEZc0v84Gb8Ukee9
                                                          MD5:87D735926A072CB949A67C98BAD2AF11
                                                          SHA1:4CE33A2761C0CFC4B7DF7A29286DD1BEC6D8511B
                                                          SHA-256:BEA087D5218050EDB8D146D3B27DE29B22D8EB23013695930162CE27B94DF1C7
                                                          SHA-512:65005153ECF74FFF71B29E105F5CD254E9421CD09B438003662591641855C8894E0B0EE5C0E9709589CB2F60CA87542E66351648A770C05E23D0BB55653FF30B
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_Home_LHP_Trial_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):289
                                                          Entropy (8bit):5.278337231682401
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfYdPeUkwRe9:YvXKXTHZzlHEZc0v84Gg8Ukee9
                                                          MD5:38E3F4A7A8EC83EDED4945C95D5258A8
                                                          SHA1:657C3E3F2B0A22C160E82FC6510879E862A4E5A4
                                                          SHA-256:D1BF4675D7A8CEB10669BAA2C581DAA5D3E458C7CAE60BF594CC072F86A64F9D
                                                          SHA-512:145E5B825EEABDD67BF418AD6A3ED8C2A0E3A302B180B169AFA4E011D4EE4B10E758C7C6EB0E7BDFEABDDCC632B6F508322616B7F95E277FC61869DA93026797
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_More_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):284
                                                          Entropy (8bit):5.265109160272045
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJf+dPeUkwRe9:YvXKXTHZzlHEZc0v84G28Ukee9
                                                          MD5:A160719B538793845A7180F30FE873DE
                                                          SHA1:EF7ABA7553565F7694F6022D69693D66488E6E9E
                                                          SHA-256:2F31E462A5C222DD2EBFC734E94B062CF1B9165EE4A0A0031ABA22DECD685A2F
                                                          SHA-512:B85C268B8F8B99758787C56A978F174A66F8A7186D353D4B3773B01D56BA44064EBE85CA748E0610090DB8343A064315214324EC35EFE11AF090251F9B8FB8ED
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_RHP_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):291
                                                          Entropy (8bit):5.262033214361884
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfbPtdPeUkwRe9:YvXKXTHZzlHEZc0v84GDV8Ukee9
                                                          MD5:83C7201474DE04EA93AC19AF79BD5CA6
                                                          SHA1:645F6F09D1A66258206D14F752513644EB968B85
                                                          SHA-256:37F15B7CE92FA3396E1C697D17AA4912AD807FC8665CC2C8FDEBAC87A7BC5107
                                                          SHA-512:60E1029E977CB779849ECD50E1EF5067235AC4F0E7E93AD82E86C9CADE011B4C5EEF3677265F073B87E0A790339F6F2F70A1B84494303A5B57D1362B3EC7895A
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_RHP_Intent_Banner","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):287
                                                          Entropy (8bit):5.266384821934527
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJf21rPeUkwRe9:YvXKXTHZzlHEZc0v84G+16Ukee9
                                                          MD5:959D536F5786A151FC63B17C2D5AA99E
                                                          SHA1:D67685DAD416F7E63C324F2A0763DD61FCEC0DBA
                                                          SHA-256:EF4F1452B7C5EF972BE7EE39826B8BD610FAE953AADA2DE0E0511CDEF40243B5
                                                          SHA-512:350ED97DC88734F5CFDB1F24AF8479A9118B0BB54CA65E3B66B06EDE9530407ECEA26166E9649AED0ADADF07A20AA448DD4CE99B48A3DD8249DC29F8F46D0C35
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_RHP_Retention","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):1090
                                                          Entropy (8bit):5.661240195281036
                                                          Encrypted:false
                                                          SSDEEP:24:Yv6XFtEzvIamXayLgE+cNDxeNaqnAvz7xHn0RCmK8czOC/BSV1:Yv4GmBgkDMUJUAh8cvMV1
                                                          MD5:2A4343523103D3E447C8EA61202B23B3
                                                          SHA1:93C7FBA9F96C0B67B7E0E82AC83F75F9CE4ED6FE
                                                          SHA-256:B6A93FB0D18C4FD9E4BC4493E8E971B54632535AF7DEB0B42DA1480BB203CAE3
                                                          SHA-512:53427F5CCE5FBC230FB5172BD05236CE1AE83DEE209BD28210C254AF105EE0A5DD75734336238014FC1A60E58F196FF4134C3A23F4C08D2950FB2496C902D75B
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_Sign_LHP_Banner","surfaceObj":{"SurfaceAnalytics":{"surfaceId":"DC_Reader_Sign_LHP_Banner"},"containerMap":{"1":{"containerAnalyticsData":{"actionBlockId":"93365_289436ActionBlock_0","campaignId":93365,"containerId":"1","controlGroupId":"","treatmentId":"266234d2-130d-426e-8466-c7a061db101f","variationId":"289436"},"containerId":1,"containerLabel":"JSON for DC_Reader_Sign_LHP_Banner","content":{"data":"eyJjdGEiOnsidGV4dCI6IkZyZWUgdHJpYWwiLCJjbGljayI6Im9wZW5Ub29sIiwidG9vbF9pZCI6IlVwZ3JhZGVSSFBSZHJBcHAifSwidWkiOnsidGl0bGVfc3R5bGluZyI6eyJmb250X3NpemUiOiIxNHB4IiwiZm9udF9zdHlsZSI6IjAifSwiZGVzY3JpcHRpb25fc3R5bGluZyI6eyJmb250X3NpemUiOiIxMnB4IiwiZm9udF9zdHlsZSI6Ii0xIn0sInRpdGxlIjpudWxsLCJkZXNjcmlwdGlvbiI6IkVhc2lseSBmaWxsIGFuZCBzaWduIFBERnMuIn0sInRjYXRJZCI6bnVsbH0=","dataType":"app
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):286
                                                          Entropy (8bit):5.243763939184208
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfshHHrPeUkwRe9:YvXKXTHZzlHEZc0v84GUUUkee9
                                                          MD5:AB8878D7CF37FDE3D23E75CCDCFFB85C
                                                          SHA1:F02333F478D7ECB7745382C8810053EDD134ABD9
                                                          SHA-256:CB687E285F312E3E15EEF68755CB395D6CB256C3400536B64DF83FB1D377C89F
                                                          SHA-512:DEB59BC63A251EC36FD3878346B9321EB859E5B6E528DAA05FDBB6459E6F0448E9CA258996D80071B97EBBD6EE2529E6D7DEB1B4C68DBFA2D384D26E52D21B22
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"DC_Reader_Upsell_Cards","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):282
                                                          Entropy (8bit):5.254399048613551
                                                          Encrypted:false
                                                          SSDEEP:6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJTqgFCrPeUkwRe9:YvXKXTHZzlHEZc0v84GTq16Ukee9
                                                          MD5:E38B1B0E142D40ECA53E216137DFFB86
                                                          SHA1:ABB751802F4ABA45FA3A10E3A03ECA028A286712
                                                          SHA-256:94BB3F12CE9EE94A0F5A2B530B9E7C50629F213B9CCB91164F83A52D5ED18B7D
                                                          SHA-512:D1A96CB3036B394E918C4496163E5FFB288FA7B14FB644DA2CCD17ACACFE961AE89B5D224817A165F3271B7DE66A697AFB91A82967848D4C7C0144A3DFB6628A
                                                          Malicious:false
                                                          Preview:{"analyticsData":{"responseGUID":"8aecbd58-4ee1-405f-8cc7-2c3fefa90e36","sophiaUUID":"BB455677-E4C2-45EB-A908-4974DBA96F4C"},"encodingScheme":true,"expirationDTS":1737074204333,"statusCode":200,"surfaceID":"Edit_InApp_Aug2020","surfaceObj":{"SurfaceAnalytics":{},"containerMap":{}}}
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):4
                                                          Entropy (8bit):0.8112781244591328
                                                          Encrypted:false
                                                          SSDEEP:3:e:e
                                                          MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                          SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                          SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                          SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                          Malicious:false
                                                          Preview:....
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):2814
                                                          Entropy (8bit):5.118517747247908
                                                          Encrypted:false
                                                          SSDEEP:24:YN36an4ayedAQg4vZyhH3zkoSjPWj0SS5nGa2mO2LSMCY7XnFPaLpNJ5HPU89D68:YNBEhIZ2A3A0d+Gb73FPGt1889j
                                                          MD5:9C6C64871B8F3694BF1708E441345BA2
                                                          SHA1:E87BB54D3513AAFCB4F1E61D65B5B8FC3B9B6D59
                                                          SHA-256:4F9F78083208132CC4520154864BCD1BAF5FFA267A6B4D0579DC2F46857DC85E
                                                          SHA-512:1EFD18E822171FB10495C77220799406D2AC0325A8ED365454F26E2E4048500F6462FC8F5C0E3E5A2082FF872CE8A0689DF1C957FDEAC2985DFE4EA88DC8F6AE
                                                          Malicious:false
                                                          Preview:{"all":[{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"3b7e9559ae3e8d5d1fc075a4957d7e72","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":289,"ts":1736898508000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"fd5f11aefcd0928b1de8baeef7f5dfa6","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1090,"ts":1736898508000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"845c641fcd4929aea42f5c4c1c9ec1d8","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1123,"ts":1736898508000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"00d92ddd7dd4621ef09a67425cae658f","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":295,"ts":1736898508000},{"id":"DC_Reader_Disc_LHP_Retention","info":{"dg":"f1f9268fbd28eee63bb04a3e176ce623","sid":"DC_Reader_Disc_LHP_Retention"},"mimeType":"file","size":292,"ts":1736898508000},{"id":"DC_Reader_More_LHP_Banner","info":{"dg":"89150c5ffa5d8a33781d0c0fc806a937","sid":"DC_Reader_More_LHP_Banner"},"mimeType":"file","
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 25
                                                          Category:dropped
                                                          Size (bytes):12288
                                                          Entropy (8bit):1.1887632530261794
                                                          Encrypted:false
                                                          SSDEEP:48:TGufl2GL7msEHUUUUUUUU/SvR9H9vxFGiDIAEkGVvpD:lNVmswUUUUUUUU/+FGSItf
                                                          MD5:6BBDD6825B423872D70EBECB5CEE0B3D
                                                          SHA1:C073A29D6FE800B2A99E9A2FA9C5413F9B74B3FF
                                                          SHA-256:F6644E4A7A47EE37EE2D1AD41D02670ACB2FCD53FAA875BC3BC09DAFE82546EB
                                                          SHA-512:6F735E8525EB6144447A5555A62835F36B185A012AA197896F09B86DEA75CCAC9251FCCB8A824FA9BF1EE6EF5FB86994851F4BCC06FA0ED286BF7160A97A0224
                                                          Malicious:false
                                                          Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:SQLite Rollback Journal
                                                          Category:dropped
                                                          Size (bytes):8720
                                                          Entropy (8bit):1.6065534892028872
                                                          Encrypted:false
                                                          SSDEEP:48:7MBKUUUUUUUUUUDvR9H9vxFGiDIAEkGVvCqFl2GL7msh:7TUUUUUUUUUUTFGSItkKVmsh
                                                          MD5:6E78C6A9CF7229B7296D0C69BDFD1BDB
                                                          SHA1:C34D13A6213CCD8D2993E6EF0B8470E4C5BF029A
                                                          SHA-256:6AD960D3D3F6AF516FBDECE42795612CCA9506BC48E07AFB983AB29997E5BDFD
                                                          SHA-512:2F522A0D881B6C83A45874910DE987AD848DC9D190A5D0D8B5349B0BA8D8B45E410C726C561973D33899B5283C94BBB1989B5C218B3865028497783E48D640FE
                                                          Malicious:false
                                                          Preview:.... .c.....7..L......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................f.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:data
                                                          Category:dropped
                                                          Size (bytes):66726
                                                          Entropy (8bit):5.392739213842091
                                                          Encrypted:false
                                                          SSDEEP:768:RNOpblrU6TBH44ADKZEgJYqegiJ+W0g5FwfORS4f0CZOPPYyu:6a6TZ44ADEuqegiJ+WTgCZyPK
                                                          MD5:B4025B9F5D6DF9DB569C87A451A14F40
                                                          SHA1:62D0B4F7234903E3316AE644DD8E740D5CD9597F
                                                          SHA-256:8E521E3816A0CBE65FE8CCB62D3E12C37ACC304C1B83E50D8A439FE94F52EBD6
                                                          SHA-512:4535A97C6BC07111E8B1B667F38CC0A268A93F2761029E072E19470E0BCF003F299D593277510BE66B05F00AD3E66CEEC3A346BE29975CBFA2E588E6C858131E
                                                          Malicious:false
                                                          Preview:4.397.90.FID.2:o:..........:F:AgencyFB-Reg.P:Agency FB.L:$.........................."F:Agency FB.#.96.FID.2:o:..........:F:AgencyFB-Bold.P:Agency FB Bold.L:%.........................."F:Agency FB.#.84.FID.2:o:..........:F:Algerian.P:Algerian.L:$..........................RF:Algerian.#.95.FID.2:o:..........:F:ArialNarrow.P:Arial Narrow.L:$.........................."F:Arial Narrow.#.109.FID.2:o:..........:F:ArialNarrow-Italic.P:Arial Narrow Italic.L:$.........................."F:Arial Narrow.#.105.FID.2:o:..........:F:ArialNarrow-Bold.P:Arial Narrow Bold.L:%.........................."F:Arial Narrow.#.118.FID.2:o:..........:F:ArialNarrow-BoldItalic.P:Arial Narrow Bold Italic.L:%.........................."F:Arial Narrow.#.77.FID.2:o:..........:F:ArialMT.P:Arial.L:$.........................."F:Arial.#.91.FID.2:o:..........:F:Arial-ItalicMT.P:Arial Italic.L:$.........................."F:Arial.#.87.FID.2:o:..........:F:Arial-BoldMT.P:Arial Bold.L:$.........................."F:Arial.#.100.FID.2
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                          Category:dropped
                                                          Size (bytes):246
                                                          Entropy (8bit):3.5248044522866877
                                                          Encrypted:false
                                                          SSDEEP:6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K84sClEFuMH:Qw946cPbiOxDlbYnuRKIDg6
                                                          MD5:602450FA985DDED1C257180DF7163D54
                                                          SHA1:6F8F9EA294477470170E3D84B7FA6CF707375F6D
                                                          SHA-256:BD6AE6122AD70EB473D9E17E9EB743A48397AF5EAE6595BD4F1DB46926DA4F29
                                                          SHA-512:49E62FC6A6E09B69A31C87DBD29FF3272C208DA1E9DDD475B96470435F8F05CEE19E7F14210E5274EA7FFB323A536A38AFAF4901C6B27145A093CC675DF4803A
                                                          Malicious:false
                                                          Preview:..E.r.r.o.r. .2.7.1.1...T.h.e. .s.p.e.c.i.f.i.e.d. .F.e.a.t.u.r.e. .n.a.m.e. .(.'.A.R.M.'.). .n.o.t. .f.o.u.n.d. .i.n. .F.e.a.t.u.r.e. .t.a.b.l.e.......=.=.=. .L.o.g.g.i.n.g. .s.t.o.p.p.e.d.:. .1.4./.0.1./.2.0.2.5. . .1.8.:.4.8.:.3.1. .=.=.=.....
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:PDF document, version 1.6, 0 pages
                                                          Category:dropped
                                                          Size (bytes):358
                                                          Entropy (8bit):5.0098668951893695
                                                          Encrypted:false
                                                          SSDEEP:6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOlOfhWUOfhWZvLCSyAAO:IngVMre9T0HQIDmy9g06JX1OZtOZiLlX
                                                          MD5:0CF141E82302E70FE103EE771FD3A098
                                                          SHA1:A02EF5031769F99E288C9BC914AA62B83D92FA46
                                                          SHA-256:AA31DC6B1F4600FA7EF1814B6AE806221A3434C43F43C51E2E3A6AC8AD25E072
                                                          SHA-512:E4044E338A6D433FE61B1382B46F33AA4CA6DFC4BD2CC5182B08FD10C59FD81174368AFB506807CFB1B365200E8C86383D87954D74B4A5B52CCA5C3D67A7FCD8
                                                          Malicious:false
                                                          Preview:%PDF-1.6.%......1 0 obj.<</Pages 2 0 R/Type/Catalog>>.endobj.2 0 obj.<</Count 0/Kids[]/Type/Pages>>.endobj.3 0 obj.<<>>.endobj.xref..0 4..0000000000 65535 f..0000000016 00000 n..0000000061 00000 n..0000000107 00000 n..trailer..<</Size 4/Root 1 0 R/Info 3 0 R/ID[<AA3107735F0BE64CA133AAF6CABDCBC1><AA3107735F0BE64CA133AAF6CABDCBC1>]>>..startxref..127..%%EOF..
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:ASCII text, with very long lines (393)
                                                          Category:dropped
                                                          Size (bytes):16525
                                                          Entropy (8bit):5.345946398610936
                                                          Encrypted:false
                                                          SSDEEP:384:zHIq8qrq0qoq/qUILImCIrImI9IWdFdDdoPtPTPtP7ygyAydy0yGV///X/J/VokV:nNW
                                                          MD5:8947C10F5AB6CFFFAE64BCA79B5A0BE3
                                                          SHA1:70F87EEB71BA1BE43D2ABAB7563F94C73AB5F778
                                                          SHA-256:4F3449101521DA7DF6B58A2C856592E1359BA8BD1ACD0688ECF4292BA5388485
                                                          SHA-512:B76DB9EF3AE758F00CAF0C1705105C875838C7801F7265B17396466EECDA4BCD915DA4611155C5F2AD1C82A800C1BEC855E52E2203421815F915B77AA7331CA0
                                                          Malicious:false
                                                          Preview:SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:088+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=f94b8f43-fcd8-49f4-8c6e-bbf5cd863db9.1696420882088 Timestamp=2023-10-04T13:01:22:089+0100 ThreadID=3400 Component=ngl-lib_NglAppLib Description="SetConfig:
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                                          Category:dropped
                                                          Size (bytes):15114
                                                          Entropy (8bit):5.39141321562178
                                                          Encrypted:false
                                                          SSDEEP:384:9KMn0uVrWtPBV2cm4gTjHhG7vk5vdC3CHCFCICDCKC0CeCGCUCpCHp9waGZMCvyp:pcFyi4N+3pLzJ8IPwYIGDcfnwtM
                                                          MD5:5A201C32CAF383EAE97AAB4D4433F731
                                                          SHA1:703FDDC906745900C71129EDD6FD3097A64D529C
                                                          SHA-256:11DC5190217B9E55DC5303B426E1C422385A34C402F6651969FAE5C7FB419BB7
                                                          SHA-512:DF3026BF1C6D11AE9F24D6B60AE3C78265BDD8A0C8F60CFB859C4647242D9B72F6EC265F09176A6EDA6A1AC8F18FC160435A5E5BD9889FE999F1E75E6499B6DA
                                                          Malicious:false
                                                          Preview:SessionID=20dc4cfa-3d8b-4a3b-b682-77b910b9d8d3.1736898505497 Timestamp=2025-01-14T18:48:25:497-0500 ThreadID=7892 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=20dc4cfa-3d8b-4a3b-b682-77b910b9d8d3.1736898505497 Timestamp=2025-01-14T18:48:25:503-0500 ThreadID=7892 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=20dc4cfa-3d8b-4a3b-b682-77b910b9d8d3.1736898505497 Timestamp=2025-01-14T18:48:25:503-0500 ThreadID=7892 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=20dc4cfa-3d8b-4a3b-b682-77b910b9d8d3.1736898505497 Timestamp=2025-01-14T18:48:25:503-0500 ThreadID=7892 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=20dc4cfa-3d8b-4a3b-b682-77b910b9d8d3.1736898505497 Timestamp=2025-01-14T18:48:25:503-0500 ThreadID=7892 Component=ngl-lib_NglAppLib Description="SetConf
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          File Type:ASCII text, with CRLF line terminators
                                                          Category:dropped
                                                          Size (bytes):29752
                                                          Entropy (8bit):5.395525189335076
                                                          Encrypted:false
                                                          SSDEEP:768:anddBuBYZwcfCnwZCnR8Bu5hx18HoCnLlAY+iCBuzhLCnx1CnPrRRFS10l8gT2rp:1
                                                          MD5:A30E372F0BE95572E1B535F132F02AEA
                                                          SHA1:68C7D8EF1224E18C6C44C4208A3B531A13DA58F6
                                                          SHA-256:417DCC31FC5AD6D9BDF480CE257FC9BC8808372C2E8CA4D5841953347497FA82
                                                          SHA-512:9FE02D18BBADECFCF580C0736309BE71AD4BD406A9A1571FAA04670355C7D66D33C983AAA10C616F570F8CE0151772A8947C0C54F857CFAAFE15FFBF5B8C5382
                                                          Malicious:false
                                                          Preview:03-10-2023 12:50:40:.---2---..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ***************************************..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ***************************************..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : Starting NGL..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..03-10-2023 12:50:40:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..03-10-2023 12:50:40:.Closing File..03-10-
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 416226
                                                          Category:dropped
                                                          Size (bytes):758601
                                                          Entropy (8bit):7.98639316555857
                                                          Encrypted:false
                                                          SSDEEP:12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9Uo:O3Pjegf121YS8lkipdjMMNB1DofjgJJ0
                                                          MD5:12DDE6151F5E778520B3C8434B61AD0C
                                                          SHA1:2D3EA4300ED7D77866B96F7BE2BD8FA4F03D2081
                                                          SHA-256:4EDFCFF1CCA3192ECCBA77FFB1572D1C544566CFC73749F0FAC5DD0BF0C73C76
                                                          SHA-512:3DE45A91E3D8A7EF05C37CC274ECD8BD8BCB99A1AAD7A4252AC6714B57AFC281D3BB6926CE2910F7BC366F1595B27EC89D96158D94E2ABEE7B7567ACEA861F93
                                                          Malicious:false
                                                          Preview:...........kWT..0...W`.........b..@..nn........5.._..I.R3I..9g.x....s.\+.J......F...P......V]u......t....jK...C.fD..]..K....;......y._.U..}......S.........7...Q.............W.D..S.....y......%..=.....e..^.RG......L..].T.9.y.zqm.Q]..y..(......Q]..~~..}..q...@.T..xI.B.L.a.6...{..W..}.mK?u...5.#.{...n...........z....m^.6!.`.....u...eFa........N....o..hA-..s.N..B.q..{..z.{=..va4_`5Z........3.uG.n...+...t...z.M."2..x.-...DF..VtK.....o]b.Fp.>........c....,..t..an[............5.1.(}..q.q......K3.....[>..;e..f.Y.........mV.cL...]eF..7.e.<.._.o\.S..Z...`..}......>@......|.......ox.........h.......o....-Yj=.s.g.Cc\.i..\..A.B>.X..8`...P......[..O...-.g...r..u\...k..7..#E....N}...8.....(..0....w....j.......>.L....H.....y.x3...[>..t......0..z.qw..]X..i8..w.b..?0.wp..XH.A.[.....S..g.g..I.A.15.0?._n.Q.]..r8.....l..18...(.].m...!|G.1...... .3.`./....`~......G.............|..pS.e.C....:o.u_..oi.:..|....joi...eM.m.K...2%...Z..j...VUh..9.}.....
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
                                                          Category:dropped
                                                          Size (bytes):1419751
                                                          Entropy (8bit):7.976496077007677
                                                          Encrypted:false
                                                          SSDEEP:24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru
                                                          MD5:18E3D04537AF72FDBEB3760B2D10C80E
                                                          SHA1:B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC
                                                          SHA-256:BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4
                                                          SHA-512:2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298
                                                          Malicious:false
                                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
                                                          Category:dropped
                                                          Size (bytes):1407294
                                                          Entropy (8bit):7.97605879016224
                                                          Encrypted:false
                                                          SSDEEP:24576:/M7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R077WLaGZjZwYIGNPJe:RB3mlind9i4ufFXpAXkrfUs03WLaGZje
                                                          MD5:716C2C392DCD15C95BBD760EEBABFCD0
                                                          SHA1:4B4CE9C6AED6A7F809236B2DAFA9987CA886E603
                                                          SHA-256:DD3E6CFC38DA1B30D5250B132388EF73536D00628267E7F9C7E21603388724D8
                                                          SHA-512:E164702386F24FF72111A53DA48DC57866D10DAE50A21D4737B5687E149FF9D673729C5D2F2B8DA9EB76A2E5727A2AFCFA5DE6CC0EEEF7D6EBADE784385460AF
                                                          Malicious:false
                                                          Preview:...........[.s.8..}.....!#..gw.n.`uNl.f6.3....d%EK.D["...#.......!)...r.$.G.......Z..u.._>.~....^e..<..u..........._D.r.Z..M.:...$.I..N.....\`.B.wj...:...E|.P..$ni.{.....T.^~<m-..J....RQk..*..f.....q.......V.rC.M.b.DiL\.....wq.*...$&j....O.........~.U.+..So.]..n..#OJ..p./..-......<...5..WB.O....i....<./T.P.L.;.....h.ik..D*T...<...j..o..fz~..~."...w&.fB...4..@[.g.......Y.>/M.".....-..N.{.2.....\....h..ER..._..(.-..o97..[.t:..>..W*..0.....u...?.%...1u..fg..`.Z.....m ~.GKG.q{.vU.nr..W.%.W..#z..l.T......1.....}.6......D.O...:....PX.......*..R.....j.WD).M..9.Fw...W.-a..z.l\..u*.^....*L..^.`.T...l.^.B.DMc.d....i...o.|M.uF|.nQ.L.E,.b!..NG.....<...J......g.o....;&5..'a.M...l..1.V.iB2.T._I....".+.W.yA ._.......<.O......O$."C....n!H.L`..q.....5..~./.._t.......A....S..3........Q[..+..e..P;...O...x~<B........'.)...n.$e.m.:...m.....&..Y.".H.s....5.9..A5)....s&.k0,.g4.V.K.,*.e....5...X.}6.P....y\.s|..Si..BB..y...~.....D^g...*7'T-.5*.!K.$\...2.
                                                          Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
                                                          Category:dropped
                                                          Size (bytes):386528
                                                          Entropy (8bit):7.9736851559892425
                                                          Encrypted:false
                                                          SSDEEP:6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m
                                                          MD5:5C48B0AD2FEF800949466AE872E1F1E2
                                                          SHA1:337D617AE142815EDDACB48484628C1F16692A2F
                                                          SHA-256:F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
                                                          SHA-512:44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324
                                                          Malicious:false
                                                          Preview:...........]s[G. Z...{....;...J$%K&..%.[..k...S....$,.`. )Z..m........a.......o..7.VfV...S..HY}Ba.<.NUVVV~W.].;qG4..b,N..#1.=1.#1..o.Fb.........IC.....Z...g_~.OO.l..g.uO...bY.,[..o.s.D<..W....w....?$4..+..%.[.?..h.w<.T.9.vM.!..h0......}..H..$[...lq,....>..K.)=..s.{.g.O...S9".....Q...#...+..)>=.....|6......<4W.'.U.j$....+..=9...l.....S..<.\.k.'....{.1<.?..<..uk.v;.7n.!...g....."P..4.U........c.KC..w._G..u..g./.g....{'^.-|..h#.g.\.PO.|...]x..Kf4..s..............+.Y.....@.K....zI..X......6e?[..u.g"{..h.vKbM<.?i6{%.q)i...v..<P8P3.......CW.fwd...{:@h...;........5..@.C.j.....a.. U.5...].$.L..wW....z...v.......".M.?c.......o..}.a.9..A..%V..o.d....'..|m.WC.....|.....e.[W.p.8...rm....^..x'......5!...|......z..#......X_..Gl..c..R..`...*.s-1f..]x......f...g...k........g....... ).3.B..{"4...!r....v+As...Zn.]K{.8[..M.r.Y..........+%...]...J}f]~}_..K....;.Z.[..V.&..g...>...{F..{I..@~.^.|P..G.R>....U..../HY...(.z.<.~.9OW.Sxo.Y
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:HTML document, ASCII text, with very long lines (65265)
                                                          Category:downloaded
                                                          Size (bytes):886767
                                                          Entropy (8bit):6.114107751762554
                                                          Encrypted:false
                                                          SSDEEP:12288:JPM9JWL9vOEpgFqhcpMnvJ2gsKO+ILx5V9EW9EfrArDrj1wVl:JPM9JWhOEmFrpMnEnKO+Ih9j9El
                                                          MD5:0C8093CA93E475E1D1F3A6062CCCF365
                                                          SHA1:3B5A177E17610BF7B99CFF4956F98E23D098A7D0
                                                          SHA-256:76A6247A8BA693394D62456C28E8870071735E30EFC6BD02263DDE36678153F3
                                                          SHA-512:6F6DE4CE0B5048585934773D873A5FBCD6FD2CECD4109E028984FD6D2B670B71B2E45C7A6219BF0E148B1DD038DADE162B0A5107966E737640D44B51C5C11E7E
                                                          Malicious:false
                                                          URL:https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply
                                                          Preview:<!DOCTYPE html>.<html>. <head>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1">.. <link rel="stylesheet" href="./general_files/bootstrap.min.css"> -->. <style>. :root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";--font-family-monospace:SFMono-Regular,Menlo,Monaco,Consolas,"Liberation Mono","Courier New",monospace}*
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:JSON data
                                                          Category:downloaded
                                                          Size (bytes):321
                                                          Entropy (8bit):4.99323851364312
                                                          Encrypted:false
                                                          SSDEEP:6:kX32J19HgIJAuuuthkP//f4IoWzqs4jW1CRW35jY:kWJ1JgIOuHhA/XvoPPWV5k
                                                          MD5:7225D8C283F7B303692A163301880199
                                                          SHA1:7BF7F829E108693DB3DAD66B557EAA1DBA464D94
                                                          SHA-256:19B824BE603626AAD3EB7CAAA5F56F709F22AE80965559A81977DEC9CB22A944
                                                          SHA-512:05125D14C265EED21453D2A6E8007F3BF2C2F339567718AF4F4A20C8EB1474EA73A7656B4EDF13B937B25AB3045601F49D19F8E47521C601FD17D3A218BE0D60
                                                          Malicious:false
                                                          URL:https://ipinfo.io/json
                                                          Preview:{. "ip": "8.46.123.189",. "hostname": "static-cpe-8-46-123-189.centurylink.com",. "city": "New York City",. "region": "New York",. "country": "US",. "loc": "40.7143,-74.0060",. "org": "AS3356 Level 3 Parent, LLC",. "postal": "10001",. "timezone": "America/New_York",. "readme": "https://ipinfo.io/missingauth".}
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:JSON data
                                                          Category:dropped
                                                          Size (bytes):321
                                                          Entropy (8bit):4.99323851364312
                                                          Encrypted:false
                                                          SSDEEP:6:kX32J19HgIJAuuuthkP//f4IoWzqs4jW1CRW35jY:kWJ1JgIOuHhA/XvoPPWV5k
                                                          MD5:7225D8C283F7B303692A163301880199
                                                          SHA1:7BF7F829E108693DB3DAD66B557EAA1DBA464D94
                                                          SHA-256:19B824BE603626AAD3EB7CAAA5F56F709F22AE80965559A81977DEC9CB22A944
                                                          SHA-512:05125D14C265EED21453D2A6E8007F3BF2C2F339567718AF4F4A20C8EB1474EA73A7656B4EDF13B937B25AB3045601F49D19F8E47521C601FD17D3A218BE0D60
                                                          Malicious:false
                                                          Preview:{. "ip": "8.46.123.189",. "hostname": "static-cpe-8-46-123-189.centurylink.com",. "city": "New York City",. "region": "New York",. "country": "US",. "loc": "40.7143,-74.0060",. "org": "AS3356 Level 3 Parent, LLC",. "postal": "10001",. "timezone": "America/New_York",. "readme": "https://ipinfo.io/missingauth".}
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:Web Open Font Format (Version 2), TrueType, length 263912, version 1.0
                                                          Category:downloaded
                                                          Size (bytes):263912
                                                          Entropy (8bit):7.9989774457926055
                                                          Encrypted:true
                                                          SSDEEP:6144:G5VufZWf5Xuch4xmEiOdLtBQ/MHE2F4VNVeI627H0NdCmERCb:+VuxWN349/mMHEDfnnxmiCb
                                                          MD5:B682D2A5CC647D344BC15AE0923F25BD
                                                          SHA1:66565D0618C3642C9D9DFFFAFCD7C08354FE92E9
                                                          SHA-256:E91B114406D343A5B1749FFD6DA8A1056D0546B486D38ECC4A4ECDB063903F0C
                                                          SHA-512:D9BFD58EE82342278473EA7F5D169A315D331CC8390EB7BBD520E5DAC94ECF2CEDA2C44DF2D8B33EBD5646F57C573C22E7C9C5C170E48A8828EFB8BC78F2767D
                                                          Malicious:false
                                                          URL:https://fonts.gstatic.com/s/materialsymbolsoutlined/v222/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2
                                                          Preview:wOF2...............................................Z.`?STATp..^.....D..*.....6.$.... .........[.)...:b.Wh.z...4..M....&X.#.yQ...]......Jxs...v...t..T............|yt.%./..-.P..8..yc.&.!........!..0..Y_F....D..R...G..|*b..Hb.3X).t....n....J..5..>^hf...ffM/.......(..m..j......ze.Zk..-.*...RJDN.9..z5.Zk......<..k...J")f.A..[y...Uf....r.G`...JVI.T.....^<b.\.V.t*.<7...CP..r..(m|V...1../r/)))).>..RD.$...U.c.. S.^.j.8K3.[..P0h.T8........h..>TR%U.7.o].u...RR...mz....7.b.n>.g.z.......C.................c.........668..|..H..6.I.M~.T..Aa........L,.L.F.:A.".l".4...4..h.n.|.i.5....=.*..CT...N..TRe....57w.n.,....3!..+4S.f.Yp'..+t.7.a7.N3.D...~Rf.....b...G..L...G.....b.....]..{..=iwjZ.....n....l.1.).,.....I.}a.&aesG.......+.....i.uW_..OSd2}&E.....EE.2{-.............I.3.C...8.'H.~...U...O...$...1+T(W-+....Z+.?....[\0.(.J|..n.n\...e..AP. ([P.......53K..R.e...u.YYY.Uw........uc..!A.y...i.P $...x,.m..tL.V.C6..... A.e..e..Y?..K..~....^7".,"..`DD.x...a.......#".&.
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:ASCII text
                                                          Category:downloaded
                                                          Size (bytes):696
                                                          Entropy (8bit):5.31027038341894
                                                          Encrypted:false
                                                          SSDEEP:12:Uc11FPk+5O6ZRoT6pHAH6yYw47gmfDmx8YpFk+56ZmOHc9n+5cMK00k14enEPCe4:3Fs+5OYsKo6yYw4LfaKYA+5YmOOk4TfE
                                                          MD5:39A16DB346F67785A77E4FDBD5EEA3C1
                                                          SHA1:6A5860970E7C43B2ED818A915FFFCDB0EEA73A62
                                                          SHA-256:4DB2B7B738792BF0C7E6A6928E21D510B2389447A2CFEEEE70E98FB988EF795A
                                                          SHA-512:ADBDEE600DC189D91DDB2EF39608381591CB37E86F911584463640A33F7AFC42482B8A7FC7E80D5C18638A5ED3254AF2AB55B1C99156ACC892872D4F301E0621
                                                          Malicious:false
                                                          URL:"https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,0,0"
                                                          Preview:/* fallback */.@font-face {. font-family: 'Material Symbols Outlined';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/materialsymbolsoutlined/v222/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2) format('woff2');.}...material-symbols-outlined {. font-family: 'Material Symbols Outlined';. font-weight: normal;. font-style: normal;. font-size: 24px;. line-height: 1;. letter-spacing: normal;. text-transform: none;. display: inline-block;. white-space: nowrap;. word-wrap: normal;. direction: ltr;. -webkit-font-feature-settings: 'liga';. -webkit-font-smoothing: antialiased;.}.
                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          File Type:ASCII text, with no line terminators
                                                          Category:downloaded
                                                          Size (bytes):56
                                                          Entropy (8bit):4.74692495803521
                                                          Encrypted:false
                                                          SSDEEP:3:mS9YHnPbDKthmmk+:mS+HPbqR
                                                          MD5:623A4DD46A6C0735D599710F8F875D74
                                                          SHA1:209B66E9914483C1E68A171805420A13040508A6
                                                          SHA-256:F2F4A71D8CDB3293EE3EEFC8247A52E90F07F32FB87EF6DB09D311ECD34E24F6
                                                          SHA-512:A0F1A861637242EB3D48F6C7EB3084279DCF03920B3F2A4F7A993BBC9BDBA4C5620F1028AB716608254D0FE58C0C674D15D50B69BE83BE90009646E47EA6BB4A
                                                          Malicious:false
                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHglk__D6lwa1MBIFDSFfFoQSBQ2DqFs9EgUNzkFMehIQCVRdreg1vn-qEgUN_6k_TQ==?alt=proto
                                                          Preview:ChsKBw0hXxaEGgAKBw2DqFs9GgAKBw3OQUx6GgAKCQoHDf+pP00aAA==
                                                          File type:PDF document, version 1.4, 1 pages (zip deflate encoded)
                                                          Entropy (8bit):7.884760502797368
                                                          TrID:
                                                          • Adobe Portable Document Format (5005/1) 100.00%
                                                          File name:Document-01-16-25.pdf
                                                          File size:53'275 bytes
                                                          MD5:8ecce729a5760b28b76cb62e79303981
                                                          SHA1:6f43fdec72833659693f1e26bbd8fc2b3093ae6f
                                                          SHA256:c8f8f3532d48c50d9b11f98ccdc60d1f7ab44b6f72ecb089a023938da7b6bdfa
                                                          SHA512:524f61f7484f3462330abca0d0069a2059b4b3b2a0888f4f7ebef73d801eaa4eb974eef6d2ca697d9c11de0c2bcb9fb1fec91b6673bb396da9a0b9140c44944e
                                                          SSDEEP:768:9uRfbhC8WRKrfST7iouLwaw43U0+d21yPNmARTmL3P/RlyVTt4Os9NvUB8:9aWg4FNal3kd21yPNlTmL3P3yv4OiA8
                                                          TLSH:7D33B094DA1A48CCFC965837183E3D0FC27AB2DB44DD749258698F82E684D443A62DFB
                                                          File Content Preview:%PDF-1.4.%.....3 0 obj.<</S/URI/Type/Action/URI(https://snip.ly/h183fa)>>.endobj.4 0 obj.<</W 0>>.endobj.2 0 obj.<</A 3 0 R/BS 4 0 R/Rect[202 465 379 489]/Subtype/Link/Type/Annot>>.endobj.5 0 obj.<</Filter/FlateDecode/Length 10>>stream.x.+......|.endstrea
                                                          Icon Hash:62cc8caeb29e8ae0

                                                          General

                                                          Header:%PDF-1.4
                                                          Total Entropy:7.884761
                                                          Total Bytes:53275
                                                          Stream Entropy:7.988645
                                                          Stream Bytes:44969
                                                          Entropy outside Streams:5.204934
                                                          Bytes outside Streams:8306
                                                          Number of EOF found:1
                                                          Bytes after EOF:
                                                          NameCount
                                                          obj63
                                                          endobj63
                                                          stream30
                                                          endstream30
                                                          xref1
                                                          trailer1
                                                          startxref1
                                                          /Page1
                                                          /Encrypt0
                                                          /ObjStm0
                                                          /URI2
                                                          /JS0
                                                          /JavaScript0
                                                          /AA0
                                                          /OpenAction0
                                                          /AcroForm0
                                                          /JBIG2Decode0
                                                          /RichMedia0
                                                          /Launch0
                                                          /EmbeddedFile0

                                                          Image Streams

                                                          IDDHASHMD5Preview
                                                          51dca66d5155599ac4ceb3c68b0a65e38427782232d0899215
                                                          50ccb26971757d92cccb87815411998bae8d5e8925c029f951
                                                          5249193f536d2b5d55678915a5e2a170a31605b003d789c972
                                                          5500000000000000003eae7cfaea782924b39e10457159bc49
                                                          530048280002221000ca59d29eb2b7fff8c6fac3165b27ed78
                                                          TimestampSource PortDest PortSource IPDest IP
                                                          Jan 15, 2025 00:48:25.575737000 CET49675443192.168.2.4173.222.162.32
                                                          Jan 15, 2025 00:48:36.875298023 CET49672443192.168.2.4173.222.162.32
                                                          Jan 15, 2025 00:48:36.875355005 CET44349672173.222.162.32192.168.2.4
                                                          Jan 15, 2025 00:48:41.626847029 CET4972380192.168.2.4199.232.214.172
                                                          Jan 15, 2025 00:48:41.635129929 CET8049723199.232.214.172192.168.2.4
                                                          Jan 15, 2025 00:48:41.635209084 CET4972380192.168.2.4199.232.214.172
                                                          Jan 15, 2025 00:48:41.740298033 CET5230953192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:41.746452093 CET53523091.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:41.746543884 CET5230953192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:41.753272057 CET53523091.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:42.203330040 CET5230953192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:42.210264921 CET53523091.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:42.210350037 CET5230953192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:49.940360069 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:49.940382957 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:49.940448999 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:49.942202091 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:49.942217112 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:50.417792082 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:50.418536901 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:50.418557882 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:50.419450998 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:50.419621944 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:50.422341108 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:50.422399044 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:50.423161983 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:50.423171043 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:50.464338064 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:51.151864052 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:51.151940107 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:51.152038097 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:51.162132978 CET52311443192.168.2.4172.67.11.119
                                                          Jan 15, 2025 00:48:51.162156105 CET44352311172.67.11.119192.168.2.4
                                                          Jan 15, 2025 00:48:51.177800894 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.177843094 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.177917957 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.178102016 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.178116083 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.651962996 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.652362108 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.652390957 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.654300928 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.654426098 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.655572891 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.655697107 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.655745029 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.698834896 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.698856115 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.744657993 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.804074049 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.804085970 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.804096937 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.804126024 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.804203033 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.804219961 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.804234982 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.809217930 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.809225082 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.809289932 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.809298992 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.809338093 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.849360943 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.891159058 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.891169071 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.891196012 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.891273975 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.891292095 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.892298937 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.892306089 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.892365932 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.892374992 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.893228054 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.893234968 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.893403053 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.893413067 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.894165993 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.894215107 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.894222021 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.894227982 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.894522905 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.946809053 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.977588892 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.977605104 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.977637053 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.977679968 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.977725029 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.978091955 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.978101969 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.978142977 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.978369951 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.978377104 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.978840113 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.978880882 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.978890896 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.978893995 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.978925943 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.978935957 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.978956938 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.979013920 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.979835987 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.980108976 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.980114937 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.980201960 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.980828047 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.980868101 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.980901003 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.980914116 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.980946064 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.980986118 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.982326031 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:51.982475042 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:51.982482910 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.025878906 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.064536095 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.064650059 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.064659119 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.064680099 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.064742088 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.064749002 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.064789057 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.064843893 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.064851046 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.064938068 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065001011 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.065007925 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065113068 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065215111 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.065223932 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065233946 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065301895 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.065309048 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065644979 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065705061 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.065711021 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065871954 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.065947056 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.065953970 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.069240093 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.069361925 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.069370031 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.069479942 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.069667101 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.069674969 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.069686890 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.069912910 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.069968939 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.069976091 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.069989920 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.070131063 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.070266008 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.070272923 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.070395947 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.070466995 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.070472956 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.118283987 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151106119 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151225090 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151231050 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151262999 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151299953 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151331902 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151338100 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151421070 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151495934 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151495934 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151504040 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151556969 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151679039 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151732922 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151732922 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151741028 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151853085 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.151911974 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.151920080 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152004957 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152129889 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152196884 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.152196884 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.152204990 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152240038 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152316093 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.152323008 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152407885 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152476072 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.152483940 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152506113 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152602911 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.152610064 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152642965 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152755022 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.152762890 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152797937 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152811050 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.152873993 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.152880907 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.152908087 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.153019905 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.153027058 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.153137922 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.153212070 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.153218985 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.194761038 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.194940090 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.194947958 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.237891912 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238015890 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238024950 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238111019 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238145113 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238157034 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238185883 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238190889 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238190889 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238197088 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238230944 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238230944 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238264084 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238323927 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238400936 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238487959 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238497019 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238502979 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238569975 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238569975 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238600969 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238639116 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238692045 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238692045 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238698959 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238867044 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.238890886 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238903999 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.238965988 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239020109 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239020109 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239026070 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239116907 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239145041 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239341021 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239346027 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239398956 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239437103 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239483118 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239483118 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239490032 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239654064 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239692926 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239712954 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239712954 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239718914 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239758015 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239758015 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239844084 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.239900112 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239900112 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.239907026 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.281498909 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.281708956 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.281735897 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.324820995 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.324955940 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.324985981 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325042963 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325162888 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.325174093 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325187922 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325299978 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325306892 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.325314999 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325434923 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325445890 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.325453043 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325608969 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.325614929 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.325654984 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.325663090 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.329782963 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.329912901 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.329935074 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.329996109 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330058098 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330065012 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.330073118 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330112934 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.330197096 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330265999 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.330271006 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330303907 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330343008 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.330348015 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330358028 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.330384016 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.330434084 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330591917 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.330598116 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330811024 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330854893 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330867052 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.330873013 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.330912113 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.331120014 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.331172943 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.331195116 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.331202030 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.331235886 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.368330002 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.368402004 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.368422985 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.381442070 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.411673069 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.411737919 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.411760092 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.411925077 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.411979914 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.411988974 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.412242889 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.412328959 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.412336111 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.412425041 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.412487984 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.412494898 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.412609100 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.412672997 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.412681103 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.416630983 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.416716099 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.416726112 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.416835070 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.416901112 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.416908026 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417046070 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417108059 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.417114973 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417248011 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417309046 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.417315960 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417515993 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417654991 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.417660952 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417745113 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417932034 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.417933941 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.417948008 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.418064117 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.418068886 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.418128014 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.418138981 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.418144941 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.418204069 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.418204069 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.418330908 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.418454885 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.418462038 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.418533087 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.418732882 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.418741941 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.455095053 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.455167055 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.455185890 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.498677015 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.498848915 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.498852968 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.498876095 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.498913050 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.498920918 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.498955011 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.499039888 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.499102116 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.499106884 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.499262094 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.499332905 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.499340057 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.499444008 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.499494076 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.499501944 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.503540993 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.503602982 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.503614902 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.503813028 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.503864050 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.503870964 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.504151106 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.504204988 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.504211903 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.504487038 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.504542112 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.504549026 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.504702091 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.504755974 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.504761934 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.504897118 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.504945040 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.504951000 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.505114079 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.505156994 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.505162954 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.505278111 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.505346060 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.505351067 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.505448103 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.505491972 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.505497932 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.505706072 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.505748034 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.505754948 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.542138100 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.542197943 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.542223930 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.542244911 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.542260885 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.542279005 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:52.542327881 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.542577028 CET52316443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:52.542594910 CET44352316149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.188958883 CET52319443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:53.189004898 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.189107895 CET52319443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:53.189682961 CET52319443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:53.189696074 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.334583998 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:53.334609032 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.334660053 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:53.335011005 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:53.335025072 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.764903069 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.765150070 CET52319443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:53.765161037 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.765559912 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.765885115 CET52319443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:53.765978098 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.766102076 CET52319443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:53.804712057 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.805351973 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:53.805377960 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.806487083 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.806590080 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:53.807339907 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.807852030 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:53.807926893 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.808134079 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:53.808149099 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.862129927 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:53.877698898 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.877791882 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.877872944 CET52319443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:53.906835079 CET52319443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:53.906879902 CET44352319149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:53.950711012 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.950855017 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:53.950951099 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.233778000 CET52323443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:54.233838081 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.233935118 CET52323443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:54.234596014 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:48:54.234641075 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:48:54.234705925 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:48:54.234859943 CET52323443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:54.234894991 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.235682964 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:48:54.235717058 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:48:54.236604929 CET52322443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.236624002 CET4435232234.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.331379890 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.331415892 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.331481934 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.331716061 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.331731081 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.724904060 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.735928059 CET52323443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:54.735991955 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.736381054 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.736830950 CET52323443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:54.736910105 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.737054110 CET52323443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:54.779341936 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.794696093 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.794955015 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.794970989 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.796000004 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.796056032 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.796535969 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.796602011 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.796686888 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.796693087 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.835983992 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.843589067 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.843652964 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.843718052 CET52323443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:54.845145941 CET52323443192.168.2.4149.137.136.16
                                                          Jan 15, 2025 00:48:54.845192909 CET44352323149.137.136.16192.168.2.4
                                                          Jan 15, 2025 00:48:54.887264967 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:48:54.887743950 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:48:54.887769938 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:48:54.888839006 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:48:54.888901949 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:48:54.890192986 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:48:54.890260935 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:48:54.927153111 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.927242994 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.927290916 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.928052902 CET52325443192.168.2.434.117.59.81
                                                          Jan 15, 2025 00:48:54.928069115 CET4435232534.117.59.81192.168.2.4
                                                          Jan 15, 2025 00:48:54.935684919 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:48:54.935714960 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:48:54.982604027 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:49:04.814436913 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:04.814505100 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:04.814559937 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:49:05.206901073 CET52324443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:49:05.206976891 CET44352324142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:30.633275032 CET4972480192.168.2.4199.232.214.172
                                                          Jan 15, 2025 00:49:30.638382912 CET8049724199.232.214.172192.168.2.4
                                                          Jan 15, 2025 00:49:30.638469934 CET4972480192.168.2.4199.232.214.172
                                                          Jan 15, 2025 00:49:54.165390968 CET52561443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:49:54.165491104 CET44352561142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:54.165750027 CET52561443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:49:54.166024923 CET52561443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:49:54.166063070 CET44352561142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:54.798240900 CET44352561142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:54.808501005 CET52561443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:49:54.808568954 CET44352561142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:54.809051037 CET44352561142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:54.809535980 CET52561443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:49:54.809757948 CET44352561142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:49:54.851612091 CET52561443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:50:04.710867882 CET44352561142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:50:04.710943937 CET44352561142.250.185.132192.168.2.4
                                                          Jan 15, 2025 00:50:04.711091995 CET52561443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:50:06.092813969 CET52561443192.168.2.4142.250.185.132
                                                          Jan 15, 2025 00:50:06.092859983 CET44352561142.250.185.132192.168.2.4
                                                          TimestampSource PortDest PortSource IPDest IP
                                                          Jan 15, 2025 00:48:36.214257956 CET6025353192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:41.739818096 CET53552411.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:42.160953999 CET138138192.168.2.4192.168.2.255
                                                          Jan 15, 2025 00:48:49.859652996 CET6272253192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:49.859868050 CET6080453192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:49.872245073 CET53557031.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:49.912141085 CET53627221.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:49.942284107 CET53629621.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:50.069660902 CET53608041.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:50.954420090 CET53554171.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:51.167327881 CET5163353192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:51.167476892 CET6541953192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:51.175949097 CET53516331.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:51.177284002 CET53654191.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:52.167996883 CET53516721.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:53.120503902 CET6158253192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:53.120682955 CET5322153192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:53.305500031 CET53532211.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:53.305694103 CET53499591.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:53.306030035 CET53615821.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:54.186619997 CET5094753192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:54.186789989 CET5702853192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:54.193382025 CET53509471.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:54.193562031 CET53570281.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:54.323235989 CET5769853192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:54.323482990 CET6377053192.168.2.41.1.1.1
                                                          Jan 15, 2025 00:48:54.330363989 CET53576981.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:48:54.330962896 CET53637701.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:49:02.250238895 CET53515371.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:49:08.003882885 CET53647491.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:49:27.096251965 CET53551351.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:49:49.322293997 CET53609991.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:49:49.454929113 CET53652151.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:50:20.301215887 CET53596551.1.1.1192.168.2.4
                                                          Jan 15, 2025 00:51:05.313267946 CET53624111.1.1.1192.168.2.4
                                                          TimestampSource IPDest IPChecksumCodeType
                                                          Jan 15, 2025 00:48:50.069746971 CET192.168.2.41.1.1.1c237(Port unreachable)Destination Unreachable
                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                          Jan 15, 2025 00:48:36.214257956 CET192.168.2.41.1.1.10x397bStandard query (0)x1.i.lencr.orgA (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:49.859652996 CET192.168.2.41.1.1.10x185bStandard query (0)snip.lyA (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:49.859868050 CET192.168.2.41.1.1.10xb9a5Standard query (0)snip.ly65IN (0x0001)false
                                                          Jan 15, 2025 00:48:51.167327881 CET192.168.2.41.1.1.10xa868Standard query (0)f005.backblazeb2.comA (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:51.167476892 CET192.168.2.41.1.1.10xaed6Standard query (0)f005.backblazeb2.com65IN (0x0001)false
                                                          Jan 15, 2025 00:48:53.120503902 CET192.168.2.41.1.1.10x42e2Standard query (0)ipinfo.ioA (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:53.120682955 CET192.168.2.41.1.1.10xbb20Standard query (0)ipinfo.io65IN (0x0001)false
                                                          Jan 15, 2025 00:48:54.186619997 CET192.168.2.41.1.1.10xab24Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:54.186789989 CET192.168.2.41.1.1.10x3fe9Standard query (0)www.google.com65IN (0x0001)false
                                                          Jan 15, 2025 00:48:54.323235989 CET192.168.2.41.1.1.10x4145Standard query (0)ipinfo.ioA (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:54.323482990 CET192.168.2.41.1.1.10x1f17Standard query (0)ipinfo.io65IN (0x0001)false
                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                          Jan 15, 2025 00:48:36.223509073 CET1.1.1.1192.168.2.40x397bNo error (0)x1.i.lencr.orgcrl.root-x1.letsencrypt.org.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                          Jan 15, 2025 00:48:36.941063881 CET1.1.1.1192.168.2.40xbe75No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:36.941063881 CET1.1.1.1192.168.2.40xbe75No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:49.912141085 CET1.1.1.1192.168.2.40x185bNo error (0)snip.ly172.67.11.119A (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:49.912141085 CET1.1.1.1192.168.2.40x185bNo error (0)snip.ly104.22.7.164A (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:49.912141085 CET1.1.1.1192.168.2.40x185bNo error (0)snip.ly104.22.6.164A (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:50.069660902 CET1.1.1.1192.168.2.40xb9a5No error (0)snip.ly65IN (0x0001)false
                                                          Jan 15, 2025 00:48:51.175949097 CET1.1.1.1192.168.2.40xa868No error (0)f005.backblazeb2.com149.137.136.16A (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:53.306030035 CET1.1.1.1192.168.2.40x42e2No error (0)ipinfo.io34.117.59.81A (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:54.193382025 CET1.1.1.1192.168.2.40xab24No error (0)www.google.com142.250.185.132A (IP address)IN (0x0001)false
                                                          Jan 15, 2025 00:48:54.193562031 CET1.1.1.1192.168.2.40x3fe9No error (0)www.google.com65IN (0x0001)false
                                                          Jan 15, 2025 00:48:54.330363989 CET1.1.1.1192.168.2.40x4145No error (0)ipinfo.io34.117.59.81A (IP address)IN (0x0001)false
                                                          • snip.ly
                                                          • f005.backblazeb2.com
                                                          • https:
                                                            • ipinfo.io
                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          0192.168.2.452311172.67.11.119443280C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          TimestampBytes transferredDirectionData
                                                          2025-01-14 23:48:50 UTC656OUTGET /h183fa HTTP/1.1
                                                          Host: snip.ly
                                                          Connection: keep-alive
                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                          sec-ch-ua-mobile: ?0
                                                          sec-ch-ua-platform: "Windows"
                                                          Upgrade-Insecure-Requests: 1
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                          Sec-Fetch-Site: none
                                                          Sec-Fetch-Mode: navigate
                                                          Sec-Fetch-User: ?1
                                                          Sec-Fetch-Dest: document
                                                          Accept-Encoding: gzip, deflate, br
                                                          Accept-Language: en-US,en;q=0.9
                                                          2025-01-14 23:48:51 UTC536INHTTP/1.1 302 Found
                                                          Date: Tue, 14 Jan 2025 23:48:51 GMT
                                                          Content-Type: text/html; charset=utf-8
                                                          Transfer-Encoding: chunked
                                                          Connection: close
                                                          Location: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply
                                                          Referer: (direct)
                                                          Vary: Cookie, Origin
                                                          Set-Cookie: sessionid=086nj1g8t2f99l60w3c43a90xiuwwy66; expires=Mon, 14 Apr 2025 23:48:51 GMT; HttpOnly; Max-Age=7776000; Path=/; SameSite=None; Secure
                                                          CF-Cache-Status: DYNAMIC
                                                          Server: cloudflare
                                                          CF-RAY: 902184e788a7de93-EWR
                                                          2025-01-14 23:48:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                                          Data Ascii: 0


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          1192.168.2.452316149.137.136.16443280C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          TimestampBytes transferredDirectionData
                                                          2025-01-14 23:48:51 UTC742OUTGET /file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply HTTP/1.1
                                                          Host: f005.backblazeb2.com
                                                          Connection: keep-alive
                                                          Upgrade-Insecure-Requests: 1
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                          Sec-Fetch-Site: none
                                                          Sec-Fetch-Mode: navigate
                                                          Sec-Fetch-User: ?1
                                                          Sec-Fetch-Dest: document
                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                          sec-ch-ua-mobile: ?0
                                                          sec-ch-ua-platform: "Windows"
                                                          Accept-Encoding: gzip, deflate, br
                                                          Accept-Language: en-US,en;q=0.9
                                                          2025-01-14 23:48:51 UTC658INHTTP/1.1 200
                                                          Server: nginx
                                                          Date: Tue, 14 Jan 2025 23:48:51 GMT
                                                          Content-Type: text/html
                                                          Content-Length: 886767
                                                          Connection: close
                                                          x-bz-file-name: index.html
                                                          x-bz-file-id: 4_z3a27e0f8f24548e89e40021b_f109ec5f96a4591a2_d20250110_m064522_c005_v0501026_t0044_u01736491522451
                                                          x-bz-content-sha1: 3b5a177e17610bf7b99cff4956f98e23d098a7d0
                                                          X-Bz-Upload-Timestamp: 1736491522451
                                                          Accept-Ranges: bytes
                                                          x-bz-info-src_last_modified_millis: 1736491367322
                                                          X-Bz-Server-Side-Encryption: AES256
                                                          X-Bz-Client-Unauthorized-To-Read: X-Bz-File-Retention-Mode,X-Bz-File-Retention-Retain-Until-Timestamp,X-Bz-File-Legal-Hold
                                                          Strict-Transport-Security: max-age=63072000
                                                          2025-01-14 23:48:51 UTC7594INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 0a 3c 21 2d 2d 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2e 2f 67 65 6e 65 72 61 6c 5f 66 69 6c 65 73 2f 62 6f 6f 74 73 74 72 61 70 2e 6d 69 6e 2e 63 73 73
                                                          Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1">... <link rel="stylesheet" href="./general_files/bootstrap.min.css
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 63 6f 6c 2d 73 6d 2d 38 2c 2e 63 6f 6c 2d 73 6d 2d 39 2c 2e 63 6f 6c 2d 73 6d 2d 61 75 74 6f 2c 2e 63 6f 6c 2d 78 6c 2c 2e 63 6f 6c 2d 78 6c 2d 31 2c 2e 63 6f 6c 2d 78 6c 2d 31 30 2c 2e 63 6f 6c 2d 78 6c 2d 31 31 2c 2e 63 6f 6c 2d 78 6c 2d 31 32 2c 2e 63 6f 6c 2d 78 6c 2d 32 2c 2e 63 6f 6c 2d 78 6c 2d 33 2c 2e 63 6f 6c 2d 78 6c 2d 34 2c 2e 63 6f 6c 2d 78 6c 2d 35 2c 2e 63 6f 6c 2d 78 6c 2d 36 2c 2e 63 6f 6c 2d 78 6c 2d 37 2c 2e 63 6f 6c 2d 78 6c 2d 38 2c 2e 63 6f 6c 2d 78 6c 2d 39 2c 2e 63 6f 6c 2d 78 6c 2d 61 75 74 6f 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 35 70
                                                          Data Ascii: col-sm-8,.col-sm-9,.col-sm-auto,.col-xl,.col-xl-1,.col-xl-10,.col-xl-11,.col-xl-12,.col-xl-2,.col-xl-3,.col-xl-4,.col-xl-5,.col-xl-6,.col-xl-7,.col-xl-8,.col-xl-9,.col-xl-auto{position:relative;width:100%;min-height:1px;padding-right:15px;padding-left:15p
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 31 3b 2d 6d 73 2d 66 6c 65 78 2d 70 6f 73 69 74 69 76 65 3a 31 3b 66 6c 65 78 2d 67 72 6f 77 3a 31 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 2e 63 6f 6c 2d 6c 67 2d 61 75 74 6f 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 30 3b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 61 75 74 6f 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 7d 2e 63 6f 6c 2d 6c 67 2d 31 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 30 3b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 38 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 38 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 38 2e 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67
                                                          Data Ascii: ;-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;max-width:100%}.col-lg-auto{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:auto;max-width:none}.col-lg-1{-webkit-box-flex:0;-ms-flex:0 0 8.333333%;flex:0 0 8.333333%;max-width:8.333333%}.col-lg
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 2d 63 6f 6c 6f 72 3a 23 64 65 65 32 65 36 7d 2e 74 61 62 6c 65 2d 64 61 72 6b 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 31 32 35 32 39 7d 2e 74 61 62 6c 65 2d 64 61 72 6b 20 74 64 2c 2e 74 61 62 6c 65 2d 64 61 72 6b 20 74 68 2c 2e 74 61 62 6c 65 2d 64 61 72 6b 20 74 68 65 61 64 20 74 68 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 33 32 33 38 33 65 7d 2e 74 61 62 6c 65 2d 64 61 72 6b 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 7b 62 6f 72 64 65 72 3a 30 7d 2e 74 61 62 6c 65 2d 64 61 72 6b 2e 74 61 62 6c 65 2d 73 74 72 69 70 65 64 20 74 62 6f 64 79 20 74 72 3a 6e 74 68 2d 6f 66 2d 74 79 70 65 28 6f 64 64 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35
                                                          Data Ascii: -color:#dee2e6}.table-dark{color:#fff;background-color:#212529}.table-dark td,.table-dark th,.table-dark thead th{border-color:#32383e}.table-dark.table-bordered{border:0}.table-dark.table-striped tbody tr:nth-of-type(odd){background-color:rgba(255,255,25
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 2d 63 6f 6e 74 72 6f 6c 2d 69 6e 70 75 74 2e 69 73 2d 76 61 6c 69 64 3a 66 6f 63 75 73 7e 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 3a 3a 62 65 66 6f 72 65 2c 2e 77 61 73 2d 76 61 6c 69 64 61 74 65 64 20 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 69 6e 70 75 74 3a 76 61 6c 69 64 3a 66 6f 63 75 73 7e 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 3a 3a 62 65 66 6f 72 65 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 31 70 78 20 23 66 66 66 2c 30 20 30 20 30 20 2e 32 72 65 6d 20 72 67 62 61 28 34 30 2c 31 36 37 2c 36 39 2c 2e 32 35 29 7d 2e 63 75 73 74 6f 6d 2d 66 69 6c 65 2d 69 6e 70 75 74 2e 69 73 2d 76 61 6c 69 64 7e 2e 63 75 73 74 6f 6d 2d 66 69 6c 65 2d 6c 61 62 65 6c 2c 2e 77 61 73 2d 76 61 6c 69 64 61
                                                          Data Ascii: -control-input.is-valid:focus~.custom-control-label::before,.was-validated .custom-control-input:valid:focus~.custom-control-label::before{box-shadow:0 0 0 1px #fff,0 0 0 .2rem rgba(40,167,69,.25)}.custom-file-input.is-valid~.custom-file-label,.was-valida
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 73 75 63 63 65 73 73 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 3a 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 73 75 63 63 65 73 73 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 66 6f 63 75 73 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 2e 32 72 65 6d 20 72 67 62 61 28 34 30 2c 31 36 37 2c 36 39 2c 2e 35 29 7d 2e 62 74 6e 2d 69 6e 66 6f 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 37 61 32 62 38 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 31 37 61 32 62 38 7d 2e 62 74 6e 2d 69 6e 66 6f 3a 68 6f 76 65 72 7b 63 6f 6c 6f
                                                          Data Ascii: :not(.disabled).active:focus,.btn-success:not(:disabled):not(.disabled):active:focus,.show>.btn-success.dropdown-toggle:focus{box-shadow:0 0 0 .2rem rgba(40,167,69,.5)}.btn-info{color:#fff;background-color:#17a2b8;border-color:#17a2b8}.btn-info:hover{colo
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 2e 61 63 74 69 76 65 2c 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 64 61 6e 67 65 72 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 3a 61 63 74 69 76 65 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 64 61 6e 67 65 72 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 63 33 35 34 35 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 64 63 33 35 34 35 7d 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 64 61 6e 67 65 72 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e
                                                          Data Ascii: disabled):not(.disabled).active,.btn-outline-danger:not(:disabled):not(.disabled):active,.show>.btn-outline-danger.dropdown-toggle{color:#fff;background-color:#dc3545;border-color:#dc3545}.btn-outline-danger:not(:disabled):not(.disabled).active:focus,.btn
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 70 75 74 5b 74 79 70 65 3d 72 61 64 69 6f 5d 2c 2e 62 74 6e 2d 67 72 6f 75 70 2d 74 6f 67 67 6c 65 3e 2e 62 74 6e 2d 67 72 6f 75 70 3e 2e 62 74 6e 20 69 6e 70 75 74 5b 74 79 70 65 3d 63 68 65 63 6b 62 6f 78 5d 2c 2e 62 74 6e 2d 67 72 6f 75 70 2d 74 6f 67 67 6c 65 3e 2e 62 74 6e 2d 67 72 6f 75 70 3e 2e 62 74 6e 20 69 6e 70 75 74 5b 74 79 70 65 3d 72 61 64 69 6f 5d 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 63 6c 69 70 3a 72 65 63 74 28 30 2c 30 2c 30 2c 30 29 3b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 7d 2e 69 6e 70 75 74 2d 67 72 6f 75 70 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 64 69 73 70 6c 61 79 3a 2d 77 65 62 6b 69 74 2d 62 6f 78 3b 64 69 73 70 6c 61 79 3a 2d 6d 73 2d 66 6c 65 78 62 6f 78 3b 64 69 73 70
                                                          Data Ascii: put[type=radio],.btn-group-toggle>.btn-group>.btn input[type=checkbox],.btn-group-toggle>.btn-group>.btn input[type=radio]{position:absolute;clip:rect(0,0,0,0);pointer-events:none}.input-group{position:relative;display:-webkit-box;display:-ms-flexbox;disp
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 30 3b 6c 65 66 74 3a 30 3b 7a 2d 69 6e 64 65 78 3a 31 3b 68 65 69 67 68 74 3a 63 61 6c 63 28 32 2e 32 35 72 65 6d 20 2b 20 32 70 78 29 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 72 65 6d 20 2e 37 35 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 3b 63 6f 6c 6f 72 3a 23 34 39 35 30 35 37 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 65 64 34 64 61 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 35 72 65 6d 7d 2e 63 75 73 74 6f 6d 2d 66 69 6c 65 2d 6c 61 62 65 6c 3a 3a 61 66 74 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 72 69 67 68 74 3a 30 3b 62 6f 74 74 6f 6d 3a 30 3b 7a 2d 69 6e 64 65 78 3a 33 3b 64 69 73 70 6c 61 79 3a 62 6c 6f
                                                          Data Ascii: 0;left:0;z-index:1;height:calc(2.25rem + 2px);padding:.375rem .75rem;line-height:1.5;color:#495057;background-color:#fff;border:1px solid #ced4da;border-radius:.25rem}.custom-file-label::after{position:absolute;top:0;right:0;bottom:0;z-index:3;display:blo
                                                          2025-01-14 23:48:51 UTC8192INData Raw: 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 2e 6e 61 76 62 61 72 2d 65 78 70 61 6e 64 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2d 72 69 67 68 74 7b 72 69 67 68 74 3a 30 3b 6c 65 66 74 3a 61 75 74 6f 7d 2e 6e 61 76 62 61 72 2d 65 78 70 61 6e 64 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 2e 6e 61 76 2d 6c 69 6e 6b 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 2e 35 72 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 2e 35 72 65 6d 7d 2e 6e 61 76 62 61 72 2d 65 78 70 61 6e 64 3e 2e 63 6f 6e 74 61 69 6e 65 72 2c 2e 6e 61 76 62 61 72 2d 65 78 70 61 6e 64 3e 2e 63 6f 6e 74 61 69 6e 65 72 2d 66 6c 75 69 64 7b 2d 6d 73 2d 66 6c 65 78 2d 77 72 61
                                                          Data Ascii: avbar-nav .dropdown-menu{position:absolute}.navbar-expand .navbar-nav .dropdown-menu-right{right:0;left:auto}.navbar-expand .navbar-nav .nav-link{padding-right:.5rem;padding-left:.5rem}.navbar-expand>.container,.navbar-expand>.container-fluid{-ms-flex-wra


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          2192.168.2.452319149.137.136.16443280C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          TimestampBytes transferredDirectionData
                                                          2025-01-14 23:48:53 UTC813OUTGET /file/pplambo/general_files/saved_resource.html HTTP/1.1
                                                          Host: f005.backblazeb2.com
                                                          Connection: keep-alive
                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                          sec-ch-ua-mobile: ?0
                                                          sec-ch-ua-platform: "Windows"
                                                          Upgrade-Insecure-Requests: 1
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                          Sec-Fetch-Site: same-origin
                                                          Sec-Fetch-Mode: navigate
                                                          Sec-Fetch-Dest: iframe
                                                          Referer: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply
                                                          Accept-Encoding: gzip, deflate, br
                                                          Accept-Language: en-US,en;q=0.9
                                                          2025-01-14 23:48:53 UTC245INHTTP/1.1 404
                                                          Server: nginx
                                                          Date: Tue, 14 Jan 2025 23:48:53 GMT
                                                          Content-Type: application/json;charset=utf-8
                                                          Content-Length: 94
                                                          Connection: close
                                                          Cache-Control: max-age=0, no-cache, no-store
                                                          Strict-Transport-Security: max-age=63072000
                                                          2025-01-14 23:48:53 UTC94INData Raw: 7b 0a 20 20 22 63 6f 64 65 22 3a 20 22 6e 6f 74 5f 66 6f 75 6e 64 22 2c 0a 20 20 22 6d 65 73 73 61 67 65 22 3a 20 22 46 69 6c 65 20 77 69 74 68 20 73 75 63 68 20 6e 61 6d 65 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 2e 22 2c 0a 20 20 22 73 74 61 74 75 73 22 3a 20 34 30 34 0a 7d
                                                          Data Ascii: { "code": "not_found", "message": "File with such name does not exist.", "status": 404}


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          3192.168.2.45232234.117.59.81443280C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          TimestampBytes transferredDirectionData
                                                          2025-01-14 23:48:53 UTC551OUTGET /json HTTP/1.1
                                                          Host: ipinfo.io
                                                          Connection: keep-alive
                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                          sec-ch-ua-mobile: ?0
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                          sec-ch-ua-platform: "Windows"
                                                          Accept: */*
                                                          Origin: https://f005.backblazeb2.com
                                                          Sec-Fetch-Site: cross-site
                                                          Sec-Fetch-Mode: cors
                                                          Sec-Fetch-Dest: empty
                                                          Referer: https://f005.backblazeb2.com/
                                                          Accept-Encoding: gzip, deflate, br
                                                          Accept-Language: en-US,en;q=0.9
                                                          2025-01-14 23:48:53 UTC345INHTTP/1.1 200 OK
                                                          access-control-allow-origin: *
                                                          Content-Length: 321
                                                          content-type: application/json; charset=utf-8
                                                          date: Tue, 14 Jan 2025 23:48:53 GMT
                                                          x-content-type-options: nosniff
                                                          via: 1.1 google
                                                          strict-transport-security: max-age=2592000; includeSubDomains
                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                          Connection: close
                                                          2025-01-14 23:48:53 UTC321INData Raw: 7b 0a 20 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 0a 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 73 74 61 74 69 63 2d 63 70 65 2d 38 2d 34 36 2d 31 32 33 2d 31 38 39 2e 63 65 6e 74 75 72 79 6c 69 6e 6b 2e 63 6f 6d 22 2c 0a 20 20 22 63 69 74 79 22 3a 20 22 4e 65 77 20 59 6f 72 6b 20 43 69 74 79 22 2c 0a 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 2c 0a 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 22 6c 6f 63 22 3a 20 22 34 30 2e 37 31 34 33 2c 2d 37 34 2e 30 30 36 30 22 2c 0a 20 20 22 6f 72 67 22 3a 20 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20 33 20 50 61 72 65 6e 74 2c 20 4c 4c 43 22 2c 0a 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 31 30 30 30 31 22 2c 0a 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a
                                                          Data Ascii: { "ip": "8.46.123.189", "hostname": "static-cpe-8-46-123-189.centurylink.com", "city": "New York City", "region": "New York", "country": "US", "loc": "40.7143,-74.0060", "org": "AS3356 Level 3 Parent, LLC", "postal": "10001", "timezone":


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          4192.168.2.452323149.137.136.16443280C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          TimestampBytes transferredDirectionData
                                                          2025-01-14 23:48:54 UTC675OUTGET /favicon.ico HTTP/1.1
                                                          Host: f005.backblazeb2.com
                                                          Connection: keep-alive
                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                          sec-ch-ua-mobile: ?0
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                          sec-ch-ua-platform: "Windows"
                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                          Sec-Fetch-Site: same-origin
                                                          Sec-Fetch-Mode: no-cors
                                                          Sec-Fetch-Dest: image
                                                          Referer: https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply
                                                          Accept-Encoding: gzip, deflate, br
                                                          Accept-Language: en-US,en;q=0.9
                                                          2025-01-14 23:48:54 UTC245INHTTP/1.1 404
                                                          Server: nginx
                                                          Date: Tue, 14 Jan 2025 23:48:54 GMT
                                                          Content-Type: application/json;charset=UTF-8
                                                          Content-Length: 43
                                                          Connection: close
                                                          Cache-Control: max-age=0, no-cache, no-store
                                                          Strict-Transport-Security: max-age=63072000
                                                          2025-01-14 23:48:54 UTC43INData Raw: 7b 0a 20 20 22 63 6f 64 65 22 3a 20 22 6e 6f 74 5f 66 6f 75 6e 64 22 2c 0a 20 20 22 73 74 61 74 75 73 22 3a 20 34 30 34 0a 7d 0a
                                                          Data Ascii: { "code": "not_found", "status": 404}


                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                          5192.168.2.45232534.117.59.81443280C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          TimestampBytes transferredDirectionData
                                                          2025-01-14 23:48:54 UTC337OUTGET /json HTTP/1.1
                                                          Host: ipinfo.io
                                                          Connection: keep-alive
                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                          Accept: */*
                                                          Sec-Fetch-Site: none
                                                          Sec-Fetch-Mode: cors
                                                          Sec-Fetch-Dest: empty
                                                          Accept-Encoding: gzip, deflate, br
                                                          Accept-Language: en-US,en;q=0.9
                                                          2025-01-14 23:48:54 UTC345INHTTP/1.1 200 OK
                                                          access-control-allow-origin: *
                                                          Content-Length: 321
                                                          content-type: application/json; charset=utf-8
                                                          date: Tue, 14 Jan 2025 23:48:54 GMT
                                                          x-content-type-options: nosniff
                                                          via: 1.1 google
                                                          strict-transport-security: max-age=2592000; includeSubDomains
                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                          Connection: close
                                                          2025-01-14 23:48:54 UTC321INData Raw: 7b 0a 20 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 0a 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 73 74 61 74 69 63 2d 63 70 65 2d 38 2d 34 36 2d 31 32 33 2d 31 38 39 2e 63 65 6e 74 75 72 79 6c 69 6e 6b 2e 63 6f 6d 22 2c 0a 20 20 22 63 69 74 79 22 3a 20 22 4e 65 77 20 59 6f 72 6b 20 43 69 74 79 22 2c 0a 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 2c 0a 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 22 6c 6f 63 22 3a 20 22 34 30 2e 37 31 34 33 2c 2d 37 34 2e 30 30 36 30 22 2c 0a 20 20 22 6f 72 67 22 3a 20 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20 33 20 50 61 72 65 6e 74 2c 20 4c 4c 43 22 2c 0a 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 31 30 30 30 31 22 2c 0a 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a
                                                          Data Ascii: { "ip": "8.46.123.189", "hostname": "static-cpe-8-46-123-189.centurylink.com", "city": "New York City", "region": "New York", "country": "US", "loc": "40.7143,-74.0060", "org": "AS3356 Level 3 Parent, LLC", "postal": "10001", "timezone":


                                                          Click to jump to process

                                                          Click to jump to process

                                                          Click to dive into process behavior distribution

                                                          Click to jump to process

                                                          Target ID:0
                                                          Start time:18:48:22
                                                          Start date:14/01/2025
                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\Document-01-16-25.pdf"
                                                          Imagebase:0x7ff6bc1b0000
                                                          File size:5'641'176 bytes
                                                          MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                                          Has elevated privileges:true
                                                          Has administrator privileges:true
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:true

                                                          Target ID:1
                                                          Start time:18:48:22
                                                          Start date:14/01/2025
                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                                          Imagebase:0x7ff74bb60000
                                                          File size:3'581'912 bytes
                                                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                          Has elevated privileges:true
                                                          Has administrator privileges:true
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:true

                                                          Target ID:3
                                                          Start time:18:48:23
                                                          Start date:14/01/2025
                                                          Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2104 --field-trial-handle=1736,i,15747255056421889917,546776103974383720,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                                          Imagebase:0x7ff74bb60000
                                                          File size:3'581'912 bytes
                                                          MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                          Has elevated privileges:true
                                                          Has administrator privileges:true
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:true

                                                          Target ID:9
                                                          Start time:18:48:47
                                                          Start date:14/01/2025
                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "https://snip.ly/h183fa"
                                                          Imagebase:0x7ff76e190000
                                                          File size:3'242'272 bytes
                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                          Has elevated privileges:true
                                                          Has administrator privileges:true
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:false

                                                          Target ID:10
                                                          Start time:18:48:48
                                                          Start date:14/01/2025
                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          Wow64 process (32bit):false
                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2004,i,12619154024189246498,552907076724909782,262144 /prefetch:8
                                                          Imagebase:0x7ff76e190000
                                                          File size:3'242'272 bytes
                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                          Has elevated privileges:true
                                                          Has administrator privileges:true
                                                          Programmed in:C, C++ or other language
                                                          Reputation:high
                                                          Has exited:false

                                                          No disassembly