Windows Analysis Report
https://www.google.as/url?q=https%3A%2F%2Fsites.google.com%2Fview%2Fjhgfgyfghbj%2Fhome&sa=D&sntz=1&usg=AOvVaw2QVFATlpDN2yC96BoBvv7c

Overview

General Information

Sample URL:	https://www.google.as/url?q=https%3A%2F%2Fsites.google.com%2Fview%2Fjhgfgyfghbj%2Fhome&sa=D&sntz=1&usg=AOvVaw2QVFATlpDN2yC96BoBvv7c
Analysis ID:	1649414
Infos:

Detection

Score:	1
Range:	0 - 100
Confidence:	80%

Signatures

Creates files inside the system directory

Deletes files inside the Windows folder

Classification

Signatures

Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon
Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon
Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon
Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon
Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 142.251.40.228:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.176.209:443 -> 192.168.2.5:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.174:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.206:443 -> 192.168.2.5:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.174:443 -> 192.168.2.5:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.5:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.5:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.123.96:443 -> 192.168.2.5:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.80.14:443 -> 192.168.2.5:49802 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 23.44.203.193
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.68.248
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 150.171.27.10
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /js/client.js?onload=gapiLoaded HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /RmS-Fulz9pAL2NVFb70sNRDKU_lBlDpSGDuoOELu4v6C8IYbkDVJw7x3WzVsrEhpIiADDVB3-Cft_1yZ-kENbhE=w16383 HTTP/1.1Host: lh4.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /RmS-Fulz9pAL2NVFb70sNRDKU_lBlDpSGDuoOELu4v6C8IYbkDVJw7x3WzVsrEhpIiADDVB3-Cft_1yZ-kENbhE=w16383 HTTP/1.1Host: lh4.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEIguXOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_1?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /auth_warmup HTTP/1.1Host: drive.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEIguXOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /js/api.js?checkCookie=1 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.gstatic.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.gstatic.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.fwXSHnIYz-4.O%2Fd%3D1%2Frs%3DAHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ%2Fm%3D__features__ HTTP/1.1Host: 272868631-atari-embeds.googleusercontent.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.gstatic.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEIguXOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /js/api.js?checkCookie=1 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveOrigin: https://272868631-atari-embeds.googleusercontent.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?compat=recaptcha HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/708f7a809116/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/cf-bg.jpg HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: chromecache_141.1.dr	String found in binary or memory: _.k.WN=function(){};_.k.QF=function(){};_.k.EO=function(){};_.k.OO=function(){};_.k.WO=function(){};_.k.zL=function(){return 0};_.k.OK=function(){return 0};_.k.uM=function(){return!1};_.E7a=new _.ka("Tc7Qif","Tc7Qif");var HO=function(a,c,e){a=DO.call(this,a,c,e)\|\|this;a.aa=!1;a.ready=!1;a.I=0;a.volume=0;a.ha=!1;a.H=null;a.Ba=null;a.R=-1;a.V=e.fa().C()\|\|new _.CO;a.host=_.K(a.V,1,"https://www.youtube.com");a.J={onError:a.wY.bind(a),onKeyPress:a.onKeyPress.bind(a),onReady:a.onReady.bind(a),onStateChange:a.onStateChange.bind(a),onTabOrderChange:a.gma.bind(a),onVideoProgress:a.onVideoProgress.bind(a),onVolumeChange:a.onVolumeChange.bind(a)};a.ea().listen(a.da().getWindow(),"message",a.wa);a.Ba=_.yg(e,q7a);return a}; equals www.youtube.com (Youtube)
Source: chromecache_131.1.dr	String found in binary or memory: af=y(["https://sandbox.google.com/tools/feedback/"]),bf=y(["https://www.google.cn/tools/feedback/"]),cf=y(["https://help.youtube.com/tools/feedback/"]),df=y(["https://asx-frontend-staging.corp.google.com/inapp/"]),ef=y(["https://asx-frontend-staging.corp.google.com/tools/feedback/"]),ff=y(["https://localhost.corp.google.com/inapp/"]),gf=y(["https://localhost.proxy.googlers.com/inapp/"]),hf=S(Ke),jf=[S(Le),S(Me)],kf=[S(Ne),S(Oe),S(Pe),S(Qe),S(Re),S(Se),S(Te),S(Ue),S(Ve),S(We)],lf=[S(Xe),S(Ye)],mf= equals www.youtube.com (Youtube)
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: inline:{css:1},disableRealtimeCallback:!1,drive_share:{skipInitCommand:!0},csi:{rate:.01},client:{cors:!1},signInDeprecation:{rate:0},include_granted_scopes:!0,llang:"en",iframes:{youtube:{params:{location:["search","hash"]},url:":socialhost:/:session_prefix:_/widget/render/youtube?usegapi=1",methods:["scroll","openwindow"]},ytsubscribe:{url:"https://www.youtube.com/subscribe_embed?usegapi=1"},plus_circle:{params:{url:""},url:":socialhost:/:session_prefix::se:_/widget/plus/circle?usegapi=1"}, equals www.youtube.com (Youtube)
Source: chromecache_141.1.dr	String found in binary or memory: null?void 0:(D=B.MD)==null?void 0:D.cJ)&&w.length>0&&(e.length_seconds=qhb(w[0]))}}if(_.J(this.context.fa(),192)){if(!a.tt\|\|!a.tt.dB)return this.context.get(_.XE).Wa({L:252}),e;B=a.tt.dB===mY.AVAILABLE?250:251;this.context.get(_.XE).Wa({L:B});a.tt.dB===mY.AVAILABLE&&(e.videoStoryboard=JSON.stringify(ohb(a.tt)))}return e};var j3=function(a){x0.call(this,a.da());this.context=a;this.J=new _.vg};_.H(j3,x0);j3.prototype.C=function(){return"onYouTubeIframeAPIReady"};j3.prototype.H=function(){var a=this.context.fa().C()\|\|new _.CO;return _.AO(_.K(a,1,"https://www.youtube.com"),"iframe_api")};j3.prototype.B=function(){return _.fh("YT.Player",this.da().getWindow())};j3.prototype.qd=function(){return this.J};var k3=function(a){_.vg.call(this);var c=this;this.context=a;this.D=null;this.R=!1;this.I=0;this.logger=this.H=null;this.ja(this.context);var e=a.fa();a=a.da();e.Uh()\|\|_.Gh(e,83);this.F=new lpb;var f=UGb(e);npb(this.F,f,function(){return hpb(f)});FW(this.F,f);this.handler=new _.tg(this);this.ja(this.handler);this.B=new Zyb;this.ja(this.B);VGb(this,e,a);WGb(this);var g=kR(e);this.C&&g&&(this.context.get(_.XE).start(),this.C.Wa({L:1}),_.uM(Nsb),(e=QR(e))&&this.context.iz().Qa(!!_.J(e,18)));this.root= equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.google.as
Source: global traffic	DNS traffic detected: DNS query: csp.withgoogle.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: lh4.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: drive.google.com
Source: global traffic	DNS traffic detected: DNS query: 272868631-atari-embeds.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gvt2.com

Source: unknown

HTTP traffic detected: POST /csp/proto/6b8ce7c01e3dacd3d2c7a8cd322ff979 HTTP/1.1Host: csp.withgoogle.comConnection: keep-aliveContent-Length: 56sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: text/plain;charset=UTF-8sec-ch-ua-mobile: ?0Accept: */*Origin: https://sites.google.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 26 Mar 2025 17:56:02 GMTContent-Type: text/plain; charset=UTF-8Content-Length: 12Connection: closeStrict-Transport-Security: max-age=31536000; includeSubDomainsPermissions-Policy: geolocation=(), camera=(), microphone=()Referrer-Policy: strict-origin-when-cross-originX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockSet-Cookie: __cf_bm=XvONuH379ggTK5asePbv_530rQVWuF1n_xOL0FNZIZE-1743011762-1.0.1.1-0Lnq4lZkAPWCWn0RaVt8kpoi.8_Rzx3UPRHg.xcY2iPLsku9ALB9Nzympnz3vTVIZhSitWs8n9oCwOjl5hKgXH7iJWGFODKgfLpaOz5ptsFY2BXcDUIkZgV9jNnzgbSs; path=/; expires=Wed, 26-Mar-25 18:26:02 GMT; domain=.www.cloudflare.com; HttpOnly; Secure; SameSite=NoneReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RBX22cdt%2FKYiaa7BUHPufVL7vrlR6rYf5kFiL2QBLZDLsv3KMdZmRYR2jEKGnkyLu3he%2B%2FeBD%2FkuVOyYG%2FBiteKEhTpTfgfEZZU6BwM7kZshFkQvouY23dCc%2BaichPKY7Ogcg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 926885bcce0619ae-EWRalt-svc: h3=":443"; ma=86400

Source: chromecache_118.1.dr	String found in binary or memory: http://csi.gstatic.com/csi
Source: chromecache_141.1.dr	String found in binary or memory: http://lh3.ggpht.com
Source: chromecache_141.1.dr	String found in binary or memory: http://lh4.ggpht.com
Source: chromecache_141.1.dr	String found in binary or memory: http://lh5.ggpht.com
Source: chromecache_141.1.dr	String found in binary or memory: http://lh6.ggpht.com
Source: chromecache_131.1.dr	String found in binary or memory: http://localhost.corp.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: http://localhost.proxy.googlers.com/inapp/
Source: chromecache_141.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_141.1.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_141.1.dr	String found in binary or memory: https://accounts.google.com/gsi/client
Source: chromecache_118.1.dr	String found in binary or memory: https://accounts.google.com/gsi/ottoken
Source: chromecache_118.1.dr	String found in binary or memory: https://accounts.google.com/o/fedcm/config.json
Source: chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_118.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_144.1.dr, chromecache_134.1.dr, chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_141.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/model-viewer/3.5.0/model-viewer.min.js
Source: chromecache_133.1.dr	String found in binary or memory: https://angular.dev/license
Source: chromecache_119.1.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_119.1.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_147.1.dr, chromecache_121.1.dr	String found in binary or memory: https://apis.google.com/js/api.js?checkCookie=1
Source: chromecache_144.1.dr, chromecache_141.1.dr, chromecache_131.1.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_141.1.dr	String found in binary or memory: https://apps-drive-picker-dev.corp.google.com/picker/minpick/main
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_133.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/mathjax/
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_141.1.dr	String found in binary or memory: https://clients5.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://clients5.google.com/webstore/wall/widget
Source: chromecache_141.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://cloud.google.com/bigquery/docs/connected-sheets
Source: chromecache_118.1.dr	String found in binary or memory: https://console.developers.google.com/
Source: chromecache_141.1.dr	String found in binary or memory: https://content-googleapis-staging.sandbox.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://content-googleapis-test.sandbox.google.com
Source: chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_118.1.dr	String found in binary or memory: https://csi.gstatic.com/csi
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: chromecache_118.1.dr	String found in binary or memory: https://developers.google.com/
Source: chromecache_118.1.dr	String found in binary or memory: https://developers.google.com/api-client-library/javascript/reference/referencedocs
Source: chromecache_118.1.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/gis-migration)
Source: chromecache_118.1.dr	String found in binary or memory: https://developers.googleblog.com/2018/03/discontinuing-support-for-json-rpc-and.html
Source: chromecache_134.1.dr, chromecache_118.1.dr, chromecache_135.1.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_141.1.dr	String found in binary or memory: https://drive-thirdparty.googleusercontent.com/
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com/drive/my-drive
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com/picker/minpick/main
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com/requestreview?id=
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com/viewer
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.usercontent.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://drivemetadata.clients6.google.com
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback-pa.clients6.google.com
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/annotator.css
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/render_frame2.html
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback2-test.corp.google.com/inapp/%
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback2-test.corp.google.com/tools/feedback/%
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/inapp/%
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_141.1.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Google
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RP
Source: chromecache_141.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialiconsfilled/close/v19/gm_grey200-24dp/1x/gm_filled_close
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAUi-qJCY.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwaPGR_p.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_FQft1dw.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_FQft1dw.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3-UBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlM-vWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMOvWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMevWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMuvWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPuvWjMY.woff2)
Source: chromecache_131.1.dr	String found in binary or memory: https://gstatic.com/uservoice/surveys/resources/
Source: chromecache_131.1.dr	String found in binary or memory: https://help.youtube.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://localhost.corp.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://localhost.proxy.googlers.com/inapp/
Source: chromecache_141.1.dr	String found in binary or memory: https://one.google.com/plans
Source: chromecache_141.1.dr	String found in binary or memory: https://one.google.com/storage
Source: chromecache_141.1.dr	String found in binary or memory: https://one.google.com/storage/management
Source: chromecache_141.1.dr	String found in binary or memory: https://onepick-autopush.sandbox.google.com/picker/minpick/main
Source: chromecache_141.1.dr	String found in binary or memory: https://onepick-preprod.sandbox.google.com/picker/minpick/main
Source: chromecache_141.1.dr	String found in binary or memory: https://onepick-staging-drivequal.sandbox.google.com/picker/minpick/main
Source: chromecache_141.1.dr	String found in binary or memory: https://onepick-staging.sandbox.google.com/picker/minpick/main
Source: chromecache_119.1.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_141.1.dr	String found in binary or memory: https://play.google.com
Source: chromecache_133.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_144.1.dr, chromecache_134.1.dr, chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_141.1.dr	String found in binary or memory: https://punctual-dev.corp.google.com
Source: chromecache_133.1.dr	String found in binary or memory: https://rapid.corp.google.com/
Source: chromecache_137.1.dr	String found in binary or memory: https://reportingwidget-staging.corp.google.com/u/0/widget/
Source: chromecache_137.1.dr	String found in binary or memory: https://reportingwidget.google.com/u/0/widget/
Source: chromecache_131.1.dr	String found in binary or memory: https://sandbox.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://sandbox.google.com/inapp/%
Source: chromecache_131.1.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/%
Source: chromecache_131.1.dr	String found in binary or memory: https://scone-pa.clients6.google.com
Source: chromecache_133.1.dr	String found in binary or memory: https://scriptz.corp.google.com/
Source: chromecache_141.1.dr	String found in binary or memory: https://signaler-pa.clients6.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://signaler-pa.googleapis.com
Source: chromecache_141.1.dr	String found in binary or memory: https://signaler-pa.youtube.com
Source: chromecache_141.1.dr	String found in binary or memory: https://signaler-staging.sandbox.google.com
Source: chromecache_124.1.dr	String found in binary or memory: https://sites.google.com/view/jhgfgyfghbj/home
Source: chromecache_141.1.dr	String found in binary or memory: https://ssl.gstatic.com/atari/images/no-results-found.svg
Source: chromecache_141.1.dr	String found in binary or memory: https://ssl.gstatic.com/atari/images/no_results_error.png
Source: chromecache_141.1.dr	String found in binary or memory: https://ssl.gstatic.com/atari/images/results-not-loaded.svg
Source: chromecache_141.1.dr	String found in binary or memory: https://ssl.gstatic.com/docs/common/cleardot.gif
Source: chromecache_118.1.dr	String found in binary or memory: https://ssl.gstatic.com/gb/js/
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_131.1.dr	String found in binary or memory: https://stagingqual-feedback-pa-googleapis.sandbox.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com
Source: chromecache_131.1.dr	String found in binary or memory: https://support.google.com/
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/a/answer/10411339
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/a/answer/33864?hl=en-US
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/cloudsearch/answer/6172299
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs/answer/148505
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs/answer/15001094
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs/answer/37603
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs/answer/49114
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs?p=editors_encryption
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/drive/answer/2407404?hl=en
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/drive/answer/2423485?hl=%s
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/drive/answer/2423694
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/drive/answer/7650301
Source: chromecache_131.1.dr	String found in binary or memory: https://support.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://support.google.com/inapp/%
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_131.1.dr	String found in binary or memory: https://test-scone-pa-googleapis.sandbox.google.com
Source: chromecache_133.1.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_141.1.dr	String found in binary or memory: https://workspace.google.com
Source: chromecache_144.1.dr, chromecache_134.1.dr, chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_141.1.dr	String found in binary or memory: https://workspace.google.com/products/sites/
Source: chromecache_141.1.dr	String found in binary or memory: https://workspacevideo-pa.googleapis.com
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.cn/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.cn/tools/feedback/%
Source: chromecache_141.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?trustedtypes=true
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.com/tools/feedback/%
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.com/tools/feedback/help_panel_binary.js
Source: chromecache_141.1.dr	String found in binary or memory: https://www.googleapis.com/auth/cloud_search.query
Source: chromecache_118.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.login
Source: chromecache_135.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_135.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_141.1.dr	String found in binary or memory: https://www.googleapis.com/auth/teams.readonly
Source: chromecache_118.1.dr, chromecache_141.1.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: chromecache_118.1.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.profile
Source: chromecache_133.1.dr	String found in binary or memory: https://www.gstatic.com/_/apps-fileview/_/js/
Source: chromecache_141.1.dr	String found in binary or memory: https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_131.1.dr	String found in binary or memory: https://www.gstatic.com/uservoice/feedback/client/web/
Source: chromecache_131.1.dr	String found in binary or memory: https://www.gstatic.com/uservoice/surveys/resources/
Source: chromecache_141.1.dr	String found in binary or memory: https://www.youtube.com
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1
Source: chromecache_141.1.dr	String found in binary or memory: https://www.youtubeeducation.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 142.251.40.228:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.176.209:443 -> 192.168.2.5:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.174:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.206:443 -> 192.168.2.5:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.174:443 -> 192.168.2.5:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.5:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.5:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.123.96:443 -> 192.168.2.5:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.80.14:443 -> 192.168.2.5:49802 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\scoped_dir4104_1867228295

Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir4104_1867228295

Jump to behavior

Source: classification engine

Classification label: clean1.win@26/59@44/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2016,i,1677511049627265133,4065197035755924340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2040 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2016,i,1677511049627265133,4065197035755924340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=4016 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.google.as/url?q=https%3A%2F%2Fsites.google.com%2Fview%2Fjhgfgyfghbj%2Fhome&sa=D&sntz=1&usg=AOvVaw2QVFATlpDN2yC96BoBvv7c"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2016,i,1677511049627265133,4065197035755924340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2040 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2016,i,1677511049627265133,4065197035755924340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=4016 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior

Click here to start
Slideshow Behavior Animation

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
142.250.80.14	google.com	United States	15169	GOOGLEUS	false
142.250.65.174	plus.l.google.com	United States	15169	GOOGLEUS	false
104.18.94.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
142.251.40.228	www.google.com	United States	15169	GOOGLEUS	false
142.251.40.129	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
142.250.176.209	csp.withgoogle.com	United States	15169	GOOGLEUS	false
142.250.65.206	drive.google.com	United States	15169	GOOGLEUS	false
142.251.40.174	play.google.com	United States	15169	GOOGLEUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.16.123.96	www.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.5

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
google.com	142.250.80.14	true
csp.withgoogle.com	142.250.176.209	true
plus.l.google.com	142.250.65.174	true
beacons.gvt2.com	142.250.113.94	true
www.google.as	142.251.40.195	true
play.google.com	142.251.40.174	true
www.cloudflare.com	104.16.123.96	true
cdnjs.cloudflare.com	104.17.24.14	true
challenges.cloudflare.com	104.18.94.41	true
gce-beacons.gcp.gvt2.com	35.186.229.172	true
www.google.com	142.251.40.228	true
drive.google.com	142.250.65.206	true
googlehosted.l.googleusercontent.com	142.251.40.129	true
beacons.gcp.gvt2.com	unknown	unknown
272868631-atari-embeds.googleusercontent.com	unknown	unknown
apis.google.com	unknown	unknown
lh4.googleusercontent.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://www.cloudflare.com/img/cf-bg.jpg	false	high
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_0?le=scs	false	high
https://challenges.cloudflare.com/turnstile/v0/b/708f7a809116/api.js	false	high
https://apis.google.com/js/api.js?checkCookie=1	false	high
https://google.com/domainreliability/upload	false	high
https://a.nel.cloudflare.com/report/v4?s=n%2BN1LggYiZ8vZYkvqKlCtFuMZGDkzR6%2B1ke9U35y5FHwL7IfTuPjJ%2BCdkXf4xbTjavCbjK8BG8KEci0kDCCl4%2FRuUHtZ0c7bnIqfRTbfXoZRnBhMSKTWx47lMInPXYg4EEYBIz6V	false	high
https://apis.google.com/js/client.js?onload=gapiLoaded	false	high
https://csp.withgoogle.com/csp/proto/6b8ce7c01e3dacd3d2c7a8cd322ff979	false	high
https://a.nel.cloudflare.com/report/v4?s=4RBX22cdt%2FKYiaa7BUHPufVL7vrlR6rYf5kFiL2QBLZDLsv3KMdZmRYR2jEKGnkyLu3he%2B%2FeBD%2FkuVOyYG%2FBiteKEhTpTfgfEZZU6BwM7kZshFkQvouY23dCc%2BaichPKY7Ogcg%3D%3D	false	high
https://lh4.googleusercontent.com/RmS-Fulz9pAL2NVFb70sNRDKU_lBlDpSGDuoOELu4v6C8IYbkDVJw7x3WzVsrEhpIiADDVB3-Cft_1yZ-kENbhE=w16383	false	high
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	false	high
https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha	false	high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 117	ASCII text, with very long lines (65451)	DC5E7F18C8D36AC1D3D4753A87C98D0A	C8E1C8B386DC5B7A9184C763C88D19A346EB3342	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
Chrome Cache Entry: 118	ASCII text, with very long lines (1617)	CAE3131D1170CC45E18A1D5C17EC2946	1823DE1FCDCEEE8FC4725D16CC3CD8126846DEAB	D01F4F86344F33AB0A39971366234954BA4CFC73CCB5D9DE3FA681FD53A025D2
Chrome Cache Entry: 119	ASCII text, with very long lines (2049)	1D6027EA94A28D5D8D4A0EA483B1A09E	9B0436FDE87D28277653B617F64D268080E831F0	A00B051B32904564D8398611D868C4AD7DDCF130E5F98E2C41A833BA8A6AF848
Chrome Cache Entry: 120	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	EA69A3F95DD5484853D128186DB7E13D	5FDB5FE05108FD6E5386BBDA06778AF4B446DC6A	8179E80BCFEF62154D1FF7371A1C60BD2C6C1E71C3DA2F4A8B1DB518A1900EC2
Chrome Cache Entry: 121	HTML document, ASCII text, with very long lines (1726)	BB6B878935B0C4C96AE6E6DD83930DAD	B726BFF3C3F32A38262EBD3AC4ED82EEA5445316	80E142904C9FEECA9D8C64AF55DABFDA8032B2AC29FC26CA11D59AA1ABDDC6AB
Chrome Cache Entry: 122	Web Open Font Format (Version 2), TrueType, length 40128, version 1.0	9A01B69183A9604AB3A439E388B30501	8ED1D59003D0DBE6360481017B44665153665FBE	20B535FA80C8189E3B87D1803038389960203A886D502BC2EF1857AFFC2F38D2
Chrome Cache Entry: 123	ASCII text, with very long lines (1421)	D833C676060F2F639F40EF65AA3AC3D9	664AB2AF0EAD0AA1D713D34C72B3036B71D9106F	27BF0178FB5B800096294A2B22D41C59AAE81D3843B6E038F85B26AB7FB76182
Chrome Cache Entry: 124	HTML document, ASCII text, with CRLF, LF line terminators	AB92AA32895B1025922FCB084ABA1BE8	1F1A24A7084C65D983CFE7405DF131CDBF30E221	EF18E8AB2A597C8656A0D6226002F17ED6953AC9B00F69E5F560A0A57721F60C
Chrome Cache Entry: 125	ASCII text	684F9458CC57E4E3D10A7371167FDD65	A1416D4521EE15728690F1E69C38AC5D3BA0C0D5	809DF0321E4C22FB83008EFCA44B5F5E7AA10B7BB1CA6234A78D0795A7EC6EA8
Chrome Cache Entry: 126	ASCII text, with very long lines (2049)	1D6027EA94A28D5D8D4A0EA483B1A09E	9B0436FDE87D28277653B617F64D268080E831F0	A00B051B32904564D8398611D868C4AD7DDCF130E5F98E2C41A833BA8A6AF848
Chrome Cache Entry: 127	ASCII text, with very long lines (383)	7D258021830179A0D0E5879533572B17	854D2F87A5DCFEA979C1708FE6741F20B2579FC2	7580507F24E6AEE675BC838B126143A1C27DDB03C5F51BC7D81C2D01F6AC1312
Chrome Cache Entry: 128	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	EA69A3F95DD5484853D128186DB7E13D	5FDB5FE05108FD6E5386BBDA06778AF4B446DC6A	8179E80BCFEF62154D1FF7371A1C60BD2C6C1E71C3DA2F4A8B1DB518A1900EC2
Chrome Cache Entry: 129	ASCII text, with very long lines (65536), with no line terminators	61B0BE54A61FFBEF11DA37BF6ADD6663	313D63A13602526C5F608A4D36344E23C549CDC8	07B70F21F0B691F53B3AE9BAFAC96814B33C071694B83CCE509557DB5734BE9D
Chrome Cache Entry: 130	ASCII text, with very long lines (1843)	46EC7206E2BD38DCA7CC830CA17C59BB	F862995C6225E0B891F74B53AEC049FCB187C8FC	82D2BEE7477CF555FDBF3500B6EFD9E15B4C78CF0BA15385284F51D23C0CF03C
Chrome Cache Entry: 131	ASCII text, with very long lines (4759)	F78C5811FB1C3BC3E1AE6A51D904128F	A7ACFAD864ADE5E58497E15AF3806AF08EE88BA3	969123D3F50E73190178C300F3FDE287A70BE2D0B8E051F0E26FA2019DC35F8F
Chrome Cache Entry: 132	Web Open Font Format (Version 2), TrueType, length 36216, version 1.0	7C702451150C376FF54A34249BCEB819	3AB4DC2F57C0FD141456C1CBE24F112ADF3710E2	77D21084014DCB10980C296E583371786B3886F5814D8357127F36F8C6045583
Chrome Cache Entry: 133	ASCII text, with very long lines (567)	B56717153042D4A602B97B6A8EBF2C0B	83B5880CF1E52F663A05F0882077D845C2B12892	13629094DDC315B365FA25FF5FA75550DACF6CCF26B86FAC074B3F4301AEA513
Chrome Cache Entry: 134	ASCII text, with very long lines (1617)	D853F7EBA1D968509A681B3D3B741954	5D9425D9D374C7E2242359A3E4A66C2C0605376B	E9F2E2C290303889731F4EFDEC87F19541DFBBEFC6C4A3B4BCA8CF91CF04B425
Chrome Cache Entry: 135	ASCII text, with very long lines (1617)	D853F7EBA1D968509A681B3D3B741954	5D9425D9D374C7E2242359A3E4A66C2C0605376B	E9F2E2C290303889731F4EFDEC87F19541DFBBEFC6C4A3B4BCA8CF91CF04B425
Chrome Cache Entry: 136	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1280x848, components 3	42E28CE8FA8CA76F8CEEB533C8B4F5F6	644C682A0F3ED90ACAA441633E47ADBA704C7B2B	CE8DDC8F67C570678040E37F8A4D589CD27A789A4B887BD5454BF6D44BDA1645
Chrome Cache Entry: 137	ASCII text, with very long lines (4683)	DD238C50D707D203969A51BF995C197D	E8D372FCEA8286C9F5C4068EB1DCB516713B79B6	33EF8B972479714498D2DFE16620F5B27B654197DD20AF2402B6FDC79F99328E
Chrome Cache Entry: 138	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1280x848, components 3	42E28CE8FA8CA76F8CEEB533C8B4F5F6	644C682A0F3ED90ACAA441633E47ADBA704C7B2B	CE8DDC8F67C570678040E37F8A4D589CD27A789A4B887BD5454BF6D44BDA1645
Chrome Cache Entry: 139	ASCII text	0F0336261FFB4C769231EE91D6572AEC	1606309F0CE78975348F70C4DFCAEF6C1E06AA24	3E0195B0E47A5BC3C0F4EC03488A1845EC41747C1FEA4489051A6FDCA120CD16
Chrome Cache Entry: 140	ASCII text, with very long lines (1572)	C42D2DC991DA600656402AE57030F1E8	BC7BC8BD658EB135ACDECAAA1204920F350261D6	0D48785BFA5F2DD9EC652CEE01F068CD7A938A6ACFB15E565ACA05A6E9C3653B
Chrome Cache Entry: 141	ASCII text, with very long lines (1111)	069B7C0C5DA28B4E275313FDC9F7DE37	7DDE022176973EEA189C22B0348825BBEFFFF001	3F4C7AC0D3DC4AA6A6631C8B49009CA61378CE3D305DC4ADB5A965090F76A657
Chrome Cache Entry: 142	ASCII text, with very long lines (48122)	EA38BDA3C117E2FE01BD862003357394	767CCB3589E3067EE1B348DF2426A9E2E32CEE5C	719423C7B70AC911F76D00B3AE514D108A8315EA60A80519820BE50C0E4C96EF
Chrome Cache Entry: 143	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	FBE36EB2EECF1B90451A3A72701E49D2	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
Chrome Cache Entry: 144	ASCII text, with very long lines (2049)	866C33D4C25A60EA64389F616A2F392E	CCD6D136412EEF1B3063529FC5A8508536675B99	4EB80C7C5137E2134345627EFD6682DC494BB222DF90C4F37CE372BB51CD4A0A
Chrome Cache Entry: 145	ASCII text, with very long lines (842)	2F13970C5C80B215FB9ED25E96C4440A	E692DADF9662B51E950722B3E6195CE7E5C2E5BA	7EF3F6138C9C27163430E43A7800F605CA07E4E517AF2ED3CDA91CE4F1C9DD81
Chrome Cache Entry: 146	ASCII text, with no line terminators	900914BC560773CAF9E095A8F17F6E37	51E0C4C0C0902C50F0D7E7581E0EDB0DCC191D7D	08E437A7674E58F221D4EE6D5742EF2643929FB566511709F988B5EBE4FE4C1E
Chrome Cache Entry: 147	HTML document, ASCII text, with very long lines (1759)	4FE36A65AF733D58A702E80CDA7A63F7	6C4CD770A611B0F5491AF5E1E5FEAD028C3DCB38	3691026B21B883801B6F0F4DF2E35D5C862A4DC92445D48A00FC43147D1C70C8

Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon
Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon
Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon
Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon
Source: https://sites.google.com/view/jhgfgyfghbj/home	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 142.251.40.228:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.176.209:443 -> 192.168.2.5:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.174:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.206:443 -> 192.168.2.5:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.174:443 -> 192.168.2.5:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.5:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.5:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.123.96:443 -> 192.168.2.5:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.80.14:443 -> 192.168.2.5:49802 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 23.44.203.193
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.68.248
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.90.172
Source: unknown	TCP traffic detected without corresponding DNS query: 150.171.27.10
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /js/client.js?onload=gapiLoaded HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /RmS-Fulz9pAL2NVFb70sNRDKU_lBlDpSGDuoOELu4v6C8IYbkDVJw7x3WzVsrEhpIiADDVB3-Cft_1yZ-kENbhE=w16383 HTTP/1.1Host: lh4.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /RmS-Fulz9pAL2NVFb70sNRDKU_lBlDpSGDuoOELu4v6C8IYbkDVJw7x3WzVsrEhpIiADDVB3-Cft_1yZ-kENbhE=w16383 HTTP/1.1Host: lh4.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEIguXOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_1?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /auth_warmup HTTP/1.1Host: drive.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=C8PsoDuKW_vXPuZREuUk0YcdG9HuGAdRCryzyXkcONqLXRXZ8DF0gyGOZk_jcb2SWICJ8knr-qyVaFNa4-lJVRjckc4IXrf3QdeWUlr5F3tAsi44EfDvcdOG7LmmAHtUnN9OrpwVMDQXj-SoHEwEMIqsjy_7_pageP1Y3wzU66RjM8NCnxGGlmmG7fBZ6UOkzrMTEw
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEIguXOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /js/api.js?checkCookie=1 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.gstatic.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.gstatic.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.fwXSHnIYz-4.O%2Fd%3D1%2Frs%3DAHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ%2Fm%3D__features__ HTTP/1.1Host: 272868631-atari-embeds.googleusercontent.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.gstatic.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEIguXOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /js/api.js?checkCookie=1 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.lb.en.fwXSHnIYz-4.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_SvulQ5pP6FvvJyrQeIOJ4MStGTQ/cb=gapi.loaded_0?le=scs HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiJo8sBCIWgzQEI9s/OAQiB1s4BCNLgzgEIr+TOAQji5M4BCILlzgEIi+XOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=1nDOkwS7-Tus_h_I2prNjxH6mZy9zE1t6XBvjojlRqo_CSdNBIFlBBGoMtF35f91e9XrnVkvoonezuLpAFjZvA8nXUX9BSg_H5IGN02w_jJDVUova4O1MxcHDX6C01AllEIIq3uifGorLIrs2UVHAn4wcMqoba9EFsS3HoINTtVBz6uF4g1B6Wr8znwEE3vv02I6Og2quyWEaA
Source: global traffic	HTTP traffic detected: GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveOrigin: https://272868631-atari-embeds.googleusercontent.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?compat=recaptcha HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/708f7a809116/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/cf-bg.jpg HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://272868631-atari-embeds.googleusercontent.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: chromecache_141.1.dr	String found in binary or memory: _.k.WN=function(){};_.k.QF=function(){};_.k.EO=function(){};_.k.OO=function(){};_.k.WO=function(){};_.k.zL=function(){return 0};_.k.OK=function(){return 0};_.k.uM=function(){return!1};_.E7a=new _.ka("Tc7Qif","Tc7Qif");var HO=function(a,c,e){a=DO.call(this,a,c,e)\|\|this;a.aa=!1;a.ready=!1;a.I=0;a.volume=0;a.ha=!1;a.H=null;a.Ba=null;a.R=-1;a.V=e.fa().C()\|\|new _.CO;a.host=_.K(a.V,1,"https://www.youtube.com");a.J={onError:a.wY.bind(a),onKeyPress:a.onKeyPress.bind(a),onReady:a.onReady.bind(a),onStateChange:a.onStateChange.bind(a),onTabOrderChange:a.gma.bind(a),onVideoProgress:a.onVideoProgress.bind(a),onVolumeChange:a.onVolumeChange.bind(a)};a.ea().listen(a.da().getWindow(),"message",a.wa);a.Ba=_.yg(e,q7a);return a}; equals www.youtube.com (Youtube)
Source: chromecache_131.1.dr	String found in binary or memory: af=y(["https://sandbox.google.com/tools/feedback/"]),bf=y(["https://www.google.cn/tools/feedback/"]),cf=y(["https://help.youtube.com/tools/feedback/"]),df=y(["https://asx-frontend-staging.corp.google.com/inapp/"]),ef=y(["https://asx-frontend-staging.corp.google.com/tools/feedback/"]),ff=y(["https://localhost.corp.google.com/inapp/"]),gf=y(["https://localhost.proxy.googlers.com/inapp/"]),hf=S(Ke),jf=[S(Le),S(Me)],kf=[S(Ne),S(Oe),S(Pe),S(Qe),S(Re),S(Se),S(Te),S(Ue),S(Ve),S(We)],lf=[S(Xe),S(Ye)],mf= equals www.youtube.com (Youtube)
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: inline:{css:1},disableRealtimeCallback:!1,drive_share:{skipInitCommand:!0},csi:{rate:.01},client:{cors:!1},signInDeprecation:{rate:0},include_granted_scopes:!0,llang:"en",iframes:{youtube:{params:{location:["search","hash"]},url:":socialhost:/:session_prefix:_/widget/render/youtube?usegapi=1",methods:["scroll","openwindow"]},ytsubscribe:{url:"https://www.youtube.com/subscribe_embed?usegapi=1"},plus_circle:{params:{url:""},url:":socialhost:/:session_prefix::se:_/widget/plus/circle?usegapi=1"}, equals www.youtube.com (Youtube)
Source: chromecache_141.1.dr	String found in binary or memory: null?void 0:(D=B.MD)==null?void 0:D.cJ)&&w.length>0&&(e.length_seconds=qhb(w[0]))}}if(_.J(this.context.fa(),192)){if(!a.tt\|\|!a.tt.dB)return this.context.get(_.XE).Wa({L:252}),e;B=a.tt.dB===mY.AVAILABLE?250:251;this.context.get(_.XE).Wa({L:B});a.tt.dB===mY.AVAILABLE&&(e.videoStoryboard=JSON.stringify(ohb(a.tt)))}return e};var j3=function(a){x0.call(this,a.da());this.context=a;this.J=new _.vg};_.H(j3,x0);j3.prototype.C=function(){return"onYouTubeIframeAPIReady"};j3.prototype.H=function(){var a=this.context.fa().C()\|\|new _.CO;return _.AO(_.K(a,1,"https://www.youtube.com"),"iframe_api")};j3.prototype.B=function(){return _.fh("YT.Player",this.da().getWindow())};j3.prototype.qd=function(){return this.J};var k3=function(a){_.vg.call(this);var c=this;this.context=a;this.D=null;this.R=!1;this.I=0;this.logger=this.H=null;this.ja(this.context);var e=a.fa();a=a.da();e.Uh()\|\|_.Gh(e,83);this.F=new lpb;var f=UGb(e);npb(this.F,f,function(){return hpb(f)});FW(this.F,f);this.handler=new _.tg(this);this.ja(this.handler);this.B=new Zyb;this.ja(this.B);VGb(this,e,a);WGb(this);var g=kR(e);this.C&&g&&(this.context.get(_.XE).start(),this.C.Wa({L:1}),_.uM(Nsb),(e=QR(e))&&this.context.iz().Qa(!!_.J(e,18)));this.root= equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.google.as
Source: global traffic	DNS traffic detected: DNS query: csp.withgoogle.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: lh4.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: drive.google.com
Source: global traffic	DNS traffic detected: DNS query: 272868631-atari-embeds.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gvt2.com

Source: unknown

Source: global traffic

Source: chromecache_118.1.dr	String found in binary or memory: http://csi.gstatic.com/csi
Source: chromecache_141.1.dr	String found in binary or memory: http://lh3.ggpht.com
Source: chromecache_141.1.dr	String found in binary or memory: http://lh4.ggpht.com
Source: chromecache_141.1.dr	String found in binary or memory: http://lh5.ggpht.com
Source: chromecache_141.1.dr	String found in binary or memory: http://lh6.ggpht.com
Source: chromecache_131.1.dr	String found in binary or memory: http://localhost.corp.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: http://localhost.proxy.googlers.com/inapp/
Source: chromecache_141.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_141.1.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_141.1.dr	String found in binary or memory: https://accounts.google.com/gsi/client
Source: chromecache_118.1.dr	String found in binary or memory: https://accounts.google.com/gsi/ottoken
Source: chromecache_118.1.dr	String found in binary or memory: https://accounts.google.com/o/fedcm/config.json
Source: chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_118.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_144.1.dr, chromecache_134.1.dr, chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_141.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/model-viewer/3.5.0/model-viewer.min.js
Source: chromecache_133.1.dr	String found in binary or memory: https://angular.dev/license
Source: chromecache_119.1.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_119.1.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_147.1.dr, chromecache_121.1.dr	String found in binary or memory: https://apis.google.com/js/api.js?checkCookie=1
Source: chromecache_144.1.dr, chromecache_141.1.dr, chromecache_131.1.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_141.1.dr	String found in binary or memory: https://apps-drive-picker-dev.corp.google.com/picker/minpick/main
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_133.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/mathjax/
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_141.1.dr	String found in binary or memory: https://clients5.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://clients5.google.com/webstore/wall/widget
Source: chromecache_141.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://cloud.google.com/bigquery/docs/connected-sheets
Source: chromecache_118.1.dr	String found in binary or memory: https://console.developers.google.com/
Source: chromecache_141.1.dr	String found in binary or memory: https://content-googleapis-staging.sandbox.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://content-googleapis-test.sandbox.google.com
Source: chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_118.1.dr	String found in binary or memory: https://csi.gstatic.com/csi
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: chromecache_118.1.dr	String found in binary or memory: https://developers.google.com/
Source: chromecache_118.1.dr	String found in binary or memory: https://developers.google.com/api-client-library/javascript/reference/referencedocs
Source: chromecache_118.1.dr	String found in binary or memory: https://developers.google.com/identity/gsi/web/guides/gis-migration)
Source: chromecache_118.1.dr	String found in binary or memory: https://developers.googleblog.com/2018/03/discontinuing-support-for-json-rpc-and.html
Source: chromecache_134.1.dr, chromecache_118.1.dr, chromecache_135.1.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_141.1.dr	String found in binary or memory: https://drive-thirdparty.googleusercontent.com/
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com/drive/my-drive
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com/picker/minpick/main
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com/requestreview?id=
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.google.com/viewer
Source: chromecache_141.1.dr	String found in binary or memory: https://drive.usercontent.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://drivemetadata.clients6.google.com
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback-pa.clients6.google.com
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/annotator.css
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/render_frame2.html
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback2-test.corp.google.com/inapp/%
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback2-test.corp.google.com/tools/feedback/%
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/inapp/%
Source: chromecache_131.1.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_141.1.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Google
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RP
Source: chromecache_141.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialiconsfilled/close/v19/gm_grey200-24dp/1x/gm_filled_close
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAUi-qJCY.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwaPGR_p.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_FQft1dw.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_FQft1dw.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2)
Source: chromecache_125.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3-UBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3CUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3GUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3OUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlM-vWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMOvWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMevWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlMuvWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2)
Source: chromecache_140.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcecodepro/v23/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPuvWjMY.woff2)
Source: chromecache_131.1.dr	String found in binary or memory: https://gstatic.com/uservoice/surveys/resources/
Source: chromecache_131.1.dr	String found in binary or memory: https://help.youtube.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://localhost.corp.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://localhost.proxy.googlers.com/inapp/
Source: chromecache_141.1.dr	String found in binary or memory: https://one.google.com/plans
Source: chromecache_141.1.dr	String found in binary or memory: https://one.google.com/storage
Source: chromecache_141.1.dr	String found in binary or memory: https://one.google.com/storage/management
Source: chromecache_141.1.dr	String found in binary or memory: https://onepick-autopush.sandbox.google.com/picker/minpick/main
Source: chromecache_141.1.dr	String found in binary or memory: https://onepick-preprod.sandbox.google.com/picker/minpick/main
Source: chromecache_141.1.dr	String found in binary or memory: https://onepick-staging-drivequal.sandbox.google.com/picker/minpick/main
Source: chromecache_141.1.dr	String found in binary or memory: https://onepick-staging.sandbox.google.com/picker/minpick/main
Source: chromecache_119.1.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_141.1.dr	String found in binary or memory: https://play.google.com
Source: chromecache_133.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_144.1.dr, chromecache_134.1.dr, chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_141.1.dr	String found in binary or memory: https://punctual-dev.corp.google.com
Source: chromecache_133.1.dr	String found in binary or memory: https://rapid.corp.google.com/
Source: chromecache_137.1.dr	String found in binary or memory: https://reportingwidget-staging.corp.google.com/u/0/widget/
Source: chromecache_137.1.dr	String found in binary or memory: https://reportingwidget.google.com/u/0/widget/
Source: chromecache_131.1.dr	String found in binary or memory: https://sandbox.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://sandbox.google.com/inapp/%
Source: chromecache_131.1.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/%
Source: chromecache_131.1.dr	String found in binary or memory: https://scone-pa.clients6.google.com
Source: chromecache_133.1.dr	String found in binary or memory: https://scriptz.corp.google.com/
Source: chromecache_141.1.dr	String found in binary or memory: https://signaler-pa.clients6.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://signaler-pa.googleapis.com
Source: chromecache_141.1.dr	String found in binary or memory: https://signaler-pa.youtube.com
Source: chromecache_141.1.dr	String found in binary or memory: https://signaler-staging.sandbox.google.com
Source: chromecache_124.1.dr	String found in binary or memory: https://sites.google.com/view/jhgfgyfghbj/home
Source: chromecache_141.1.dr	String found in binary or memory: https://ssl.gstatic.com/atari/images/no-results-found.svg
Source: chromecache_141.1.dr	String found in binary or memory: https://ssl.gstatic.com/atari/images/no_results_error.png
Source: chromecache_141.1.dr	String found in binary or memory: https://ssl.gstatic.com/atari/images/results-not-loaded.svg
Source: chromecache_141.1.dr	String found in binary or memory: https://ssl.gstatic.com/docs/common/cleardot.gif
Source: chromecache_118.1.dr	String found in binary or memory: https://ssl.gstatic.com/gb/js/
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_131.1.dr	String found in binary or memory: https://stagingqual-feedback-pa-googleapis.sandbox.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com
Source: chromecache_131.1.dr	String found in binary or memory: https://support.google.com/
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/a/answer/10411339
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/a/answer/33864?hl=en-US
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/cloudsearch/answer/6172299
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs/answer/148505
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs/answer/15001094
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs/answer/37603
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs/answer/49114
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/docs?p=editors_encryption
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/drive/answer/2407404?hl=en
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/drive/answer/2423485?hl=%s
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/drive/answer/2423694
Source: chromecache_141.1.dr	String found in binary or memory: https://support.google.com/drive/answer/7650301
Source: chromecache_131.1.dr	String found in binary or memory: https://support.google.com/inapp/
Source: chromecache_131.1.dr	String found in binary or memory: https://support.google.com/inapp/%
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_131.1.dr	String found in binary or memory: https://test-scone-pa-googleapis.sandbox.google.com
Source: chromecache_133.1.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_141.1.dr	String found in binary or memory: https://workspace.google.com
Source: chromecache_144.1.dr, chromecache_134.1.dr, chromecache_118.1.dr, chromecache_135.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_141.1.dr	String found in binary or memory: https://workspace.google.com/products/sites/
Source: chromecache_141.1.dr	String found in binary or memory: https://workspacevideo-pa.googleapis.com
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.cn/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.cn/tools/feedback/%
Source: chromecache_141.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_141.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?trustedtypes=true
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.com/tools/feedback/
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.com/tools/feedback/%
Source: chromecache_131.1.dr	String found in binary or memory: https://www.google.com/tools/feedback/help_panel_binary.js
Source: chromecache_141.1.dr	String found in binary or memory: https://www.googleapis.com/auth/cloud_search.query
Source: chromecache_118.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.login
Source: chromecache_135.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_135.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_141.1.dr	String found in binary or memory: https://www.googleapis.com/auth/teams.readonly
Source: chromecache_118.1.dr, chromecache_141.1.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: chromecache_118.1.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.profile
Source: chromecache_133.1.dr	String found in binary or memory: https://www.gstatic.com/_/apps-fileview/_/js/
Source: chromecache_141.1.dr	String found in binary or memory: https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_131.1.dr	String found in binary or memory: https://www.gstatic.com/uservoice/feedback/client/web/
Source: chromecache_131.1.dr	String found in binary or memory: https://www.gstatic.com/uservoice/surveys/resources/
Source: chromecache_141.1.dr	String found in binary or memory: https://www.youtube.com
Source: chromecache_144.1.dr, chromecache_126.1.dr, chromecache_119.1.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1
Source: chromecache_141.1.dr	String found in binary or memory: https://www.youtubeeducation.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: unknown	HTTPS traffic detected: 142.251.40.228:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.176.209:443 -> 192.168.2.5:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.174:443 -> 192.168.2.5:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.206:443 -> 192.168.2.5:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.65.174:443 -> 192.168.2.5:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.129:443 -> 192.168.2.5:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.251.40.174:443 -> 192.168.2.5:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.5:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.5:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.123.96:443 -> 192.168.2.5:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.80.14:443 -> 192.168.2.5:49802 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\scoped_dir4104_1867228295

Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir4104_1867228295

Jump to behavior

Source: classification engine

Classification label: clean1.win@26/59@44/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2016,i,1677511049627265133,4065197035755924340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2040 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2016,i,1677511049627265133,4065197035755924340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=4016 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.google.as/url?q=https%3A%2F%2Fsites.google.com%2Fview%2Fjhgfgyfghbj%2Fhome&sa=D&sntz=1&usg=AOvVaw2QVFATlpDN2yC96BoBvv7c"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2016,i,1677511049627265133,4065197035755924340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2040 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2016,i,1677511049627265133,4065197035755924340,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=4016 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1649414
Product:	CloudBasic
Start time:	18:54:49
Start date:	26.03.2025
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://www.google.as/url?q=https%3A%2F%2Fsites.google.com%2Fview%2Fjhgfgyfghbj%2Fhome&sa=D&sntz=1&usg=AOvVaw2QVFATlpDN2yC96BoBvv7c

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://www.google.as/url?q=https%3A%2F%2Fsites.google.com%2Fview%2Fjhgfgyfghbj%2Fhome&sa=D&sntz=1&usg=AOvVaw2QVFATlpDN2yC96BoBvv7c

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://www.google.as/url?q=https%3A%2F%2Fsites.google.com%2Fview%2Fjhgfgyfghbj%2Fhome&sa=D&sntz=1&usg=AOvVaw2QVFATlpDN2yC96BoBvv7c