Windows Analysis Report https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349

Overview

General Information

Sample URL:	https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349
Analysis ID:	507885
Infos:
Most interesting Screenshot:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Classification

Signatures

AV Detection:

Antivirus / Scanner detection for submitted sample

Source: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: unknown

DNS traffic detected: queries for: my.justuno.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: global traffic	HTTP traffic detected: GET /admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349 HTTP/1.1Host: my.justuno.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mwgt_4.1.js?v=1.6.68 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520
Source: global traffic	HTTP traffic detected: GET /admin/pages/promotion/promo-partials/fetch-preview.html?mobile=false&address=https://goview.com&loadcm=762519 HTTP/1.1Host: my.justuno.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; __cflb=04dToS6decDvtn94xCdmQthrL5q991KTGxXhd67Xqw
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: goview.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.3.1.min.js HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: my.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; __cflb=04dToS6decDvtn94xCdmQthrL5q991KTGxXhd67Xqw; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /store_0.html?v=0 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&p=1&cm=762519&pl= HTTP/1.1Host: my.justuno.comConnection: keep-aliveAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Content-Type: application/jsonSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; __cflb=04dToS6decDvtn94xCdmQthrL5q991KTGxXhd67Xqw; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /api/session/findp?callback=jsonFindCallback&accid=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&genhash=&device_static_hash=&userid_hash=&pageId=fqpv53&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fmy.justuno.com%2Fadmin%2Fpages%2Fpromotion%2Fpreview-popup.html%3Fonboarding%3D%26step%3D%26display%3D%26guid%3D%257b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%257d%26cm%3D762519%26url%3Dhttps%253A%252F%252Fgoview%252Ecom%2523ju%255Fpreview%26mobile%3Dfalse%26rnd%3D0.63515904724349&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F85.0.4183.121%20Safari%2F537.36&sw=1280&sh=1024 HTTP/1.1Host: aly.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /store_0.html?v=0 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /ifm_4.1.html?ju_num=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&p=1&d=my.justuno.com&iframe=false&preload=false&mobile=false&cmid=762519&eng=false&ex=0&host=justuno.com&cdn=https%3A%2F%2Fcdn.justuno.com%2F&customvar= HTTP/1.1Host: my.justuno.comConnection: keep-aliveAccept: /X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Content-Type: application/x-www-form-urlencodedSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; __cflb=04dToS6decDvtn94xCdmQthrL5q991KTGxXhd67Xqw; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /ifm_4.1.css?v=1.6.68 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /jquery.min.js HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /ifm_4.1.js?v=1.6.68 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /webfont.js HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /135910_1020202122920PM_0.5309107_.png HTTP/1.1Host: graphics.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /135910_1020202123043PM_0.4000055_.jpeg HTTP/1.1Host: graphics.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://my.justuno.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Raleway:400,700%7CRaleway:400i,700i%7CAbel:400,700%7CAbel:400i,700i&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://my.justuno.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Raleway:400,700%7CRaleway:400i,700i%7CAbel:400,700%7CAbel:400i,700i&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/raleway/v22/1Ptsg8zYS_SKggPNyCg4TYFq.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://my.justuno.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Raleway:400,700%7CRaleway:400i,700i%7CAbel:400,700%7CAbel:400i,700i&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chrome.exe, 00000009.00000002.527953708.00007773BE5A4000.00000004.00000001.sdmp	String found in binary or memory: <html xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml" lang="en" > equals www.facebook.com (Facebook)
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: function createnewlayer_facebook(obj){var zindex=obj['z-index'];var layercount=obj['layerid'];var layername=obj['layername'];var thiswidth=obj['layerwidth'];var thisheight=obj['layerheight'];var thisrotate=obj['layerrotate'];var thiseffect=obj['layereffect'];var thiseffect_delay=obj['layereffect-delay'];var thiseffect_speed=obj['layereffect-speed'];var x=obj['layerx'];var y=obj['layery'];obj.editable['facebook-connect']=obj.editable.hasOwnProperty("facebook-connect")?(obj.editable['facebook-connect']=="1"?"checked":obj.editable['facebook-connect']):'';obj.editable.access=obj.editable.hasOwnProperty("access")?obj.editable.access:"";obj.editable.tabindex=obj.editable.hasOwnProperty("tabindex")&&obj.editable.tabindex!=''?obj.editable.tabindex:parseInt(y);var layerinner='<div class="design-layer-editable" tabindex="'+obj.editable.tabindex+'" '+(obj.editable.access!=''?'aria-label="'+obj.editable.access+'"':'')+' data-facebook-id="'+obj['editable']['facebook-id']+'" data-facebook-link-shortened="'+obj['editable']['facebook-link-shortened']+'" data-facebook-language="'+obj['editable']['facebook-language']+'" data-facebook-layout="'+obj['editable']['facebook-layout']+'" data-facebook-url="'+obj['editable']['facebook-url']+'" data-facebook-connect="'+obj['editable']['facebook-connect']+'" data-facebook-liked-past="'+obj['editable']['facebook-liked-past']+'" data-facebook-notliked-past="'+obj['editable']['facebook-notliked-past']+'" data-facebook-title="'+obj['editable']['facebook-title']+'" data-facebook-description="'+obj['editable']['facebook-description']+'" data-facebook-photo="'+obj['editable']['facebook-photo']+'" data-facebook-link="'+obj['editable']['facebook-link']+'" data-sticky="'+obj['editable']['sticky']+'" data-offset-left="'+obj['editable']['offset-left']+'" data-offset-right="'+obj['editable']['offset-right']+'" data-offset-top="'+obj['editable']['offset-top']+'" data-offset-bottom="'+obj['editable']['offset-bottom']+'"><div class="fb-like" data-href="'+(obj['editable']['facebook-url']==''?'https://www.facebook.com/justunofans?ref=sample':obj['editable']['facebook-url'])+'" data-layout="'+obj['editable']['facebook-layout']+'" data-action="like" data-show-faces="false" data-share="false" data-ref="Justuno"></div></div>';addtolayers(layercount,layername,zindex,x,y,'facebook',thiswidth,thisheight,thisrotate,thiseffect,thiseffect_delay,thiseffect_speed,layerinner,true,true,true,obj['visible'],obj.scalex,obj.scaley,false);renderfacebookbutton(true,'');} equals www.facebook.com (Facebook)
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: function rendertwittertweetbutton(firsttime,local){var thislayereditable=$('.design-layer[data-layertype="twittertweet"] .design-layer-editable');thislayereditable.html('<a href="https://twitter.com/share" class="twitter-share-button" data-url="'+((thislayereditable.data('twittertweet-url')=='')?'https://www.justuno.com':thislayereditable.data('twittertweet-url'))+'" data-count="'+thislayereditable.data('twittertweet-layout')+'" data-text="'+thislayereditable.data('twittertweet-text')+'" data-via="'+thislayereditable.data('twittertweet-username')+'" data-hashtags="'+thislayereditable.data('twittertweet-hashtags')+'">Tweet</a>');setTimeout(function(){if(firsttime){window.twttr=(function(d,s,id){var t,js,fjs=d.getElementsByTagName(s)[0];if(d.getElementById(id))return;js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);return window.twttr\|\|(t={_e:[],ready:function(f){t._e.push(f)}});}(document,"script","twitter-wjs"));setTimeout(function(){twttr.ready(function(twttr){twttr.events.bind('tweet',function(event){getpromocode('3','',currentcp,1,1);});})},200)}else{twttr.widgets.load()}},700);} equals www.twitter.com (Twitter)
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: function startvideo(e){if(e.data('video-type')=='youtube'){if(!videoapiinitiated){$.getScript("https://www.youtube.com/iframe_api");}else{$('iframe#video_iframe').remove();player.destroy();player=new YT.Player('video_iframe',{height:'100%',width:'100%',videoId:e.data('video-id'),playerVars:{'autoplay':((e.data('video-start')=='yes')?1:0),'controls':((e.data('video-controls')=='yes')?1:0),'rel':0,'modestbranding':1,'showinfo':0},events:{'onStateChange':onPlayerStateChange}});}}else if(e.data('video-type')=='vimeo'){$.getScript("https://player.vimeo.com/api/player.js",function(){var options={id:e.data('video-id'),width:e.closest('.design-layer').data('layerwidth')-2,height:e.closest('.design-layer').data('layerheight')-2,autoplay:(e.data('video-start')=='yes'),byline:false,title:false};if(videoapiinitiated){player.unload();$('#video_iframe:has("iframe")').remove();} equals www.youtube.com (Youtube)
Source: chrome.exe, 00000009.00000002.526286200.00007773BE244000.00000004.00000001.sdmp	String found in binary or memory: http://www.facebook.com/2008/fbml equals www.facebook.com (Facebook)
Source: chrome.exe, 00000009.00000002.526286200.00007773BE244000.00000004.00000001.sdmp	String found in binary or memory: http://www.facebook.com/2008/fbmlh equals www.facebook.com (Facebook)

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Oct 2021 20:12:28 GMTContent-Type: application/xmlTransfer-Encoding: chunkedConnection: closex-amz-request-id: B29AF6FQE9KTK8T0x-amz-id-2: 6zmYTcddU+uyETDDGSLdAKQNC2lDVaNFv9N2h/QFXUeb9v2cFOl9XoKU/eOjM4W8ZM76U/Hhczw=X-77-NZT: AcO1ry+iPkOxX-77-NZT-Ray: O0kljriIUgo=X-Cache: MISSX-77-POP: frankfurtDEX-77-Cache: MISSCF-Cache-Status: DYNAMICExpect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"Server: cloudflareCF-RAY: 6a2561728b9b2c2e-FRAalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Oct 2021 20:12:29 GMTContent-Type: application/xmlTransfer-Encoding: chunkedConnection: closex-amz-request-id: 46B28J5EDJVN2S2Cx-amz-id-2: 3RIxdMJaURKWkr6LAXeNS7el867vOC9NsRt3cHS+uqoGEv30GP3IBMWH/b0LwYAJlL2zwx5rivA=X-77-NZT: AcO1ry+jgBfBX-77-NZT-Ray: +IN4AkMZdLo=X-Cache: MISSX-77-POP: frankfurtDEX-77-Cache: MISSCF-Cache-Status: DYNAMICExpect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"Server: cloudflareCF-RAY: 6a25617def751f35-FRAalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: http://accounts.google.com/
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: http://accounts.google.com/d
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: http://accounts.google.com/onds
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: http://accounts.google.com/paceeHit;
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/470411
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/473845
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/478929
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/510270
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/514696
Source: chrome.exe, 00000011.00000002.418561787.00006E8E35BCC000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/516527
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/541769
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/642141
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/908458
Source: chrome.exe, 0000001A.00000002.400748591.00000222A2B5A000.00000004.00000020.sdmp	String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwy
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp	String found in binary or memory: http://github.com/julianshapiro/velocity.
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.412175959.000002B5AD7C3000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.412333915.0000024946263000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.412294064.0000020E0AB03000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: http://google.com/
Source: chrome.exe, 00000009.00000002.527953708.00007773BE5A4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.526286200.00007773BE244000.00000004.00000001.sdmp	String found in binary or memory: http://opengraphprotocol.org/schema/
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.513582093.0000029330EBE000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.514724674.0000029331312000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFL
Source: chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFL8
Source: chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLPMe0
Source: chrome.exe, 00000009.00000002.513582093.0000029330EBE000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLWeightThin
Source: chrome.exe, 00000009.00000002.513582093.0000029330EBE000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLWeightThinExtraLightLightRegularMediumSemiBoldBoldExtraBoldBlackRalewayRom
Source: chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLaa
Source: chrome.exe, 00000009.00000002.507782013.0000029330B1F000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLi
Source: chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLom
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLu_googl
Source: chrome.exe, 0000001A.00000002.400683521.00000222A2B51000.00000004.00000020.sdmp, chrome.exe, 0000001A.00000002.400748591.00000222A2B5A000.00000004.00000020.sdmp	String found in binary or memory: http://www.google.com/update2/response
Source: chrome.exe, 0000001A.00000002.399948782.00000222A2B11000.00000004.00000020.sdmp	String found in binary or memory: http://www.google.com/update2/response/
Source: chrome.exe, 00000009.00000002.507782013.0000029330B1F000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.513582093.0000029330EBE000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.514724674.0000029331312000.00000004.00000001.sdmp	String found in binary or memory: http://www.madtype.com
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp, f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://accounts.google.com
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AddSession
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AuthSubRevokeToken
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AuthSubRevokeTokenm.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AuthSubRevokeTokenm.t.
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AuthSubRevokeTokenm.t.t.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/B
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ClientLogin
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ClientLoging
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ClientLoginx7
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo..
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo.Z
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo5
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetUserInfo
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetUserInfo$
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetUserInfoK
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetUserInfoc
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ListAccounts?json=standard
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ListAccounts?json=standard?
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ListAccounts?json=standardpp
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/Logout
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/Logout?
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/Logoutorm.S
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp, craw_window.js.0.dr	String found in binary or memory: https://accounts.google.com/MergeSession
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/MergeSessionP
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/MergeSessionk
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessToken
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessToken$
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessToken0
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessTokenent.)
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessTokenent.rm.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessTokenresent.
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthLogin
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthLogink
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthLogin~
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthWrapBridge
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthWrapBridgeed
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthWrapBridgeu
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthWrapBridgextension
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLogin
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLogin;
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginAuth
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginAuthform.ion.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginAuthresent.rm.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginAutht
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginO1n
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginT
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginX
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.402187568.000002494463A000.00000004.00000020.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/TokenAuth
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/TokenAuth.s
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/TokenAuthx
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/chrome/blank.html
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/chrome/blank.htmlplatform.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/chrome/blank.htmlplatform.(
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/chrome/blank.htmltform.
Source: chrome.exe, 00000016.00000002.412462749.0000020E0AB0E000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenu
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenuion.
Source: chrome.exe, 00000010.00000002.412175959.000002B5AD7C3000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenunsion.age
Source: chrome.exe, 00000013.00000002.402390769.0000024944651000.00000004.00000020.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenuon.xtesent.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenupresent.
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos.
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos.E
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos.Y
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windows
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windows.t.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windowsID.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windowsent.B
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windowsorm.F
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chrome
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chrome.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chromeD.P
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chromeV
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chromet.N
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktop
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktop&
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktop.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktopm.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktopm.j
Source: chrome.exe, 00000013.00000002.412495199.0000024946276000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/is
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth/GetOAuthToken/
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth/GetOAuthToken/.rm.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth/GetOAuthToken/n
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/authM
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/authlatform..
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/authplatform.
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/revoke
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/revokeap
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/revokeed
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/revokepresent..
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/oauth/multilogin
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/oauth/multiloginnt.
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/oauth/multiloginresent.
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/oauth/multiloginresent.rm.K
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1:y
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1m.Q
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1rm.?
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/style6
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/thods:
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/w
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/z
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.388582326.00000883085C0000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findp
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findp?callback=jsonFindCallback
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.388582326.00000883085C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://aly.justuno.com/api/session/findp?callback=jsonFindCallback&accid=1C0C9FA0-656D-4B45-85D3-9F
Source: chrome.exe, 00000017.00000002.440062202.00001DD408114000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findp?callback=jsonFindCallback&accid=1C0C9FA0-656D-4B45-85D
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findp?callback=jsonFindCallbackQ
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findpQ
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findpmsP
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp, f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://apis.google.com
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.387947061.0000088308600000.00000004.00000001.sdmp	String found in binary or memory: https://assets.justuno.com
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://assets.justuno.comQ
Source: chrome.exe, 00000009.00000003.381483357.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://assets.justuno.comX
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com
Source: chrome.exe, 00000009.00000003.361602139.00000883083C0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/
Source: chrome.exe, 00000009.00000002.520456128.0000088308380000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/A
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/Q
Source: chrome.exe, 00000009.00000002.527953708.00007773BE5A4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/ifm_4.1.css?v=1.6.68
Source: chrome.exe, 00000009.00000002.527953708.00007773BE5A4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/ifm_4.1.js?v=1.6.68
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/ifm_4.1.js?v=1.6.68P
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/ifm_4.1.js?v=1.6.68ll:
Source: chrome.exe, 00000017.00000002.441571856.00001DD408380000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.440168288.00001DD408149000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js8
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js8(
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js8((
Source: chrome.exe, 00000009.00000003.361521425.0000088308440000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.jsA
Source: chrome.exe, 00000009.00000003.367217008.0000029330B69000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.jsY
Source: chrome.exe, 00000009.00000003.369035385.0000029330B99000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js_
Source: data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.jsc
Source: chrome.exe, 00000009.00000003.369035385.0000029330B99000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.jsr
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/jquery.min.js
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jsCPPsP
Source: data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/jquery.min.jsW
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jscker8l
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jsdl
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jsl
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jssTo5msP
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/mwgt_4.1.js?v=1.6.68
Source: data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/store_0.html?v=0
Source: Current Session.0.dr	String found in binary or memory: https://cdn.justuno.com/store_0.html?v=0#1C0C9FA0-656D-4B45-85D3-9F4CFE984F19
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/store_0.html?v=0.js
Source: chrome.exe, 00000009.00000002.526286200.00007773BE244000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/webfont.js
Source: data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/webfont.jsO
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com682FD522F7DB512E9811437D7E0B76BE
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com682FD522F7DB512E9811437D7E0B76BE14
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com682FD522F7DB512E9811437D7E0B76BEchrome-extension://gdaefkejpgkiemlaofpalmlakk
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com8
Source: chrome.exe, 00000009.00000002.520286918.0000088308240000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.527644463.00007773BE4E0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.us8.co/
Source: chrome.exe, 00000019.00000002.494153237.000001DCB31D8000.00000004.00000020.sdmp	String found in binary or memory: https://chrome.google.com/webstore
Source: chrome.exe, 00000009.00000002.504016629.00000293307D5000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore-
Source: chrome.exe, 00000017.00000002.438767165.0000023D895CC000.00000004.00000020.sdmp	String found in binary or memory: https://chrome.google.com/webstore0
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.410972385.000002B5AD740000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.410719927.0000029EBCD50000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore206E5
Source: chrome.exe, 00000017.00000002.436930859.0000023D81C10000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore206E51
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore206E5d
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore279FAs
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore349F
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore6B6C
Source: chrome.exe, 00000016.00000002.404239304.0000020E0A78A000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstoreC
Source: chrome.exe, 00000013.00000002.403610211.0000024945EC0000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstoreIQc
Source: chrome.exe, 00000016.00000002.411432137.0000020E0AA80000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstoreT
Source: chrome.exe, 00000017.00000002.439375738.0000023D89696000.00000004.00000020.sdmp	String found in binary or memory: https://chrome.google.com/webstorej
Source: chrome.exe, 00000013.00000002.403610211.0000024945EC0000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstorep
Source: chrome.exe, 00000016.00000002.400990653.0000020E08E9C000.00000004.00000020.sdmp	String found in binary or memory: https://chrome.google.com/webstores
Source: chrome.exe, 00000013.00000002.403610211.0000024945EC0000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstoreuQg
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore~5m
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://client.justuno.com
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://client.justuno.com-
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://client.y
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://clients2.google.com
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crx%
Source: chrome.exe, 00000013.00000002.401106845.000002494459F000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crx9&k
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxB
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxRd
Source: chrome.exe, 00000010.00000002.400682895.000002B5ABA8F000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxW
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxX
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxh
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxn.
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: chrome.exe, 0000001A.00000002.400748591.00000222A2B5A000.00000004.00000020.sdmp, chrome.exe, 0000001A.00000002.400621988.00000222A2B41000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksB
Source: chrome.exe, 00000016.00000002.436598763.0000731B72A5C000.00000004.00000001.sdmp	String found in binary or memory: https://commondatastorage.googleapis.
Source: chrome.exe, 00000016.00000002.436396990.0000731B72A24000.00000004.00000001.sdmp	String found in binary or memory: https://commondatastorage.googleapis.com/chromium-boringssl-docs/bytestring.h.html
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://content.googleapis.com
Source: chrome.exe, 00000011.00000002.420514814.0000793A08080000.00000004.00000001.sdmp	String found in binary or memory: https://crbug.com/1014385
Source: chrome.exe, 00000010.00000002.417453599.000035BE3A3A4000.00000004.00000001.sdmp	String found in binary or memory: https://crbug.com/368855.)
Source: chrome.exe, 00000011.00000002.420514814.0000793A08080000.00000004.00000001.sdmp	String found in binary or memory: https://crbug.com/810012).
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://csp.withgoogle.com/csp/apps-themes
Source: chrome.exe, 00000009.00000002.526700401.00007773BE324000.00000004.00000001.sdmp	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: chrome.exe, 00000009.00000002.527401645.00007773BE45C000.00000004.00000001.sdmp	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU
Source: chrome.exe, 00000011.00000002.420514814.0000793A08080000.00000004.00000001.sdmp	String found in binary or memory: https://developer.mozilla.org/en/DOM/document.
Source: chrome.exe, 00000017.00000002.445916909.000079DFA60CC000.00000004.00000001.sdmp	String found in binary or memory: https://developers.google.com/web/updates/2016/08/removing-document-write
Source: chrome.exe, 00000017.00000002.445916909.000079DFA60CC000.00000004.00000001.sdmp	String found in binary or memory: https://developers.google.com/web/updates/2016/08/removing-document-writey
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://dns.google
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://feedback.googleusercontent.com
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://fonts.googleapis.com
Source: chrome.exe, 00000009.00000002.520719875.0000088308740000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.googleapis.com/css
Source: data_1.6.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Raleway:400
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.googleapis.com;
Source: chrome.exe, 00000009.00000002.526414676.00007773BE278000.00000004.00000001.sdmp, f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://fonts.gstatic.com
Source: data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2)
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2;;
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2;;ws
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2px;
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2ws
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4Q4FqPfE.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4Q4FqPfE.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2w
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QoFqPfE.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QoFqPfE.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4SYFqPfE.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4SYFqPfE.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4TYFq.woff2)
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4TYFq.woff2--dynamicFrameFB747673229AB42E
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2)
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2ws
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCAIT5lu.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCAIT5lu.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCIIT5lu.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCIIT5lu.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCMIT5lu.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCMIT5lu.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCkIT5lu.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCkIT5lu.woff2)
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com;
Source: craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/essedhreadO
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/lessedorm.
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/ntext_WebPage3
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/pecified
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/roundThread$
Source: chrome.exe, 00000009.00000003.362922964.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://goview.c
Source: chrome.exe, 00000007.00000002.514407080.00005CBD07020000.00000004.00000001.sdmp, chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com#ju_preview
Source: chrome.exe, 00000009.00000003.361521425.0000088308440000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com#ju_preview8
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com#ju_previewQ
Source: chrome.exe, 00000017.00000002.439713030.00001DD408080000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com&loadcm=762519#ju_preview
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.526700401.00007773BE324000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com&loadcm=762519#ju_preview
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com&loadcm=762519#ju_preview&
Source: chrome.exe, 00000009.00000002.526700401.00007773BE324000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com&loadcm=762519#ju_preview)u
Source: data_1.6.dr	String found in binary or memory: https://goview.com/
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, Current Session.0.dr	String found in binary or memory: https://goview.com/#ju_preview
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview(
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview.
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview.ion.
Source: chrome.exe, 00000007.00000002.502549992.0000026681B2A000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview0Tg
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview7
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview8
Source: chrome.exe, 00000007.00000002.502549992.0000026681B2A000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_previewdg:
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_previewo
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_previewr
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com8
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.comX-Frame-Options:
Source: chrome.exe, 00000009.00000003.375322434.00000883085E9000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com
Source: data_1.6.dr	String found in binary or memory: https://graphics.justuno.com/135910_1020202122920PM_0.5309107_.png
Source: chrome.exe, 00000009.00000003.381318862.00000883086C0000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com/135910_1020202122920PM_0.5309107_.png);background-repeat:no-repeat;back
Source: chrome.exe, 00000009.00000003.381318862.00000883086C0000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com/135910_1020202122920pm_0.5309107_.png
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.386644803.00000883080C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.489741091.000000B32B7F2000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://graphics.justuno.com/135910_1020202123043PM_0.4000055_.jpeg
Source: chrome.exe, 00000009.00000002.526745422.00007773BE334000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.386644803.00000883080C0000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com/135910_1020202123043PM_0.4000055_.jpeg);background-repeat:no-repeat;bac
Source: data_1.6.dr	String found in binary or memory: https://graphics.justuno.com/135910_1020202123043PM_0.4000055_.jpeg9
Source: chrome.exe, 00000009.00000003.386644803.00000883080C0000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com/135910_1020202123043pm_0.4000055_.jpeg
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.comQ
Source: chrome.exe, 00000019.00000002.494153237.000001DCB31D8000.00000004.00000020.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp	String found in binary or memory: https://hangouts.google.com/
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://instagram.com/oauth/authorize/?client_id=
Source: chrome.exe, 00000017.00000002.440062202.00001DD408114000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4D10/
Source: chrome.exe, 00000009.00000002.520719875.0000088308740000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.441571856.00001DD408380000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4D10/Q
Source: chrome.exe, 00000017.00000002.440379319.00001DD40815D000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.440202966.00001DD40814C000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.440168288.00001DD408149000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4D10/WX29sF8oMw06CBjR66XbZj7DAOi164RBGJM6ptpIWX29sF8
Source: chrome.exe, 00000009.00000002.526414676.00007773BE278000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4D10/st
Source: chrome.exe, 00000009.00000003.386699361.0000088308090000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4d10/
Source: chrome.exe, 00000013.00000002.402390769.0000024944651000.00000004.00000020.sdmp	String found in binary or memory: https://me.g
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://my.j2
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.c
Source: 000003.log5.0.dr, Current Session.0.dr	String found in binary or memory: https://my.justuno.com
Source: chrome.exe, 00000009.00000002.507782013.0000029330B1F000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/
Source: chrome.exe, 00000007.00000002.514521392.00005CBD07030000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com//eFCP
Source: chrome.exe, 00000009.00000002.527401645.00007773BE45C000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&c
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&
Source: chrome.exe, 00000017.00000002.441571856.00001DD408380000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.439968299.00001DD408107000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.446323593.000079DFA62A8000.00000004.00000001.sdmp, data_1.6.dr, History Provider Cache.0.dr	String found in binary or memory: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/admin/pages/promotion/promo-partials/fetch-preview.html?mobile=false&addrZq
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000007.00000002.514977593.00005CBD070B4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.527247999.00007773BE404000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://my.justuno.com/admin/pages/promotion/promo-partials/fetch-preview.html?mobile=false&address=
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html
Source: chrome.exe, 00000009.00000002.526150872.00007773BE204000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html/
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallback
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.375257516.00000883085C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.527247999.00007773BE404000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=1C0C9FA0-656D-4B45-
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallbackQ
Source: chrome.exe, 00000009.00000003.375257516.00000883085C0000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.htmlQ
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://my.justuno.com/ajax/instafollow-redirect-uri.html
Source: data_1.6.dr	String found in binary or memory: https://my.justuno.com/favicon.ico
Source: chrome.exe, 00000009.00000003.367217008.0000029330B69000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/favicon.icon
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ifm_4.1.html
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.388582326.00000883085C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.375257516.00000883085C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.526228825.00007773BE21C000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ifm_4.1.html?ju_num=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&p=1&d=my.justuno.com
Source: chrome.exe, 00000009.00000002.526228825.00007773BE21C000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/igin
Source: chrome.exe, 00000009.00000002.526150872.00007773BE204000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.520517696.0000088308480000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.508877245.0000029330B80000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/promocode/getcode_4.1.html
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/promocode/getcode_4.1.html.68
Source: chrome.exe, 00000009.00000002.520517696.0000088308480000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/promocode/getcode_4.1.htmlQ
Source: chrome.exe, 00000009.00000002.512989255.0000029330E5B000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/promocode/getcode_4.1.htmllu
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com9%(
Source: chrome.exe, 00000007.00000002.514521392.00005CBD07030000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com:443//
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comAccess-Control-Allow-Credentials:
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comF
Source: chrome.exe, 00000009.00000002.520517696.0000088308480000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.441571856.00001DD408380000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comQ
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comW
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comdmesPy
Source: chrome.exe, 00000009.00000002.526228825.00007773BE21C000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comeom
Source: Current Session.0.dr	String found in binary or memory: https://my.justuno.comh
Source: chrome.exe, 00000017.00000002.440062202.00001DD408114000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comp
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/m.
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/v1/issuetoken
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/v1/issuetokenH
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/v1/issuetokenl
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://ogs.google.com
Source: chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp	String found in binary or memory: https://payments.google.com/
Source: chrome.exe, 00000007.00000002.493978770.0000026681904000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp, craw_window.js.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.jsP
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://pinterest.com/
Source: chrome.exe, 00000009.00000002.527644463.00007773BE4E0000.00000004.00000001.sdmp	String found in binary or memory: https://pippio.com/api/sync?pid=1807&it=4&iv=
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://player.vimeo.com/api/player.js
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://plus.google.com/
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://policies.google.com/privacy
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://policies.google.com/terms
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://r4---sn-4g5ednsd.gvt1.com
Source: data_1.6.dr	String found in binary or memory: https://r4---sn-4g5ednsd.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic?cms_redirect=yes&mh=I2&mip=102.1
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://redirector.gvt1.com
Source: data_1.6.dr	String found in binary or memory: https://redirector.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic
Source: chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp	String found in binary or memory: https://sandbox.google.com/
Source: chrome.exe, 00000007.00000002.493978770.0000026681904000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp, craw_window.js.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js#O-
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.jsk
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://ssl.gstatic.com
Source: chrome.exe, 00000011.00000002.414780679.000008CC5C018000.00000004.00000001.sdmp	String found in binary or memory: https://support.goog
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://support.google.com/chrome/go/feedback_confirmation
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://support.google.com/legal/answer/3110420
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://support.google.com/pixelbook/answer/7659411
Source: chrome.exe, 00000009.00000002.527644463.00007773BE4E0000.00000004.00000001.sdmp	String found in binary or memory: https://tools.justuno.com/comp/detectedScripts/
Source: chrome.exe, 00000009.00000002.527644463.00007773BE4E0000.00000004.00000001.sdmp	String found in binary or memory: https://tools.justuno.com/comp/updateDetectedScripts
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://twitter.com/
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://twitter.com/share
Source: chrome.exe, 00000009.00000002.514193218.0000029331170000.00000004.00020000.sdmp	String found in binary or memory: https://use.typekit.net
Source: craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp, f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://www.google.com
Source: chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441597275.0000021408351000.00000004.00000020.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/
Source: chrome.exe, 00000009.00000002.504016629.00000293307D5000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com//
Source: chrome.exe, 0000001E.00000002.441597275.0000021408351000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/0
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: chrome.exe, 00000011.00000002.402188892.0000029EBB204000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/cloud
Source: chrome.exe, 00000019.00000002.494153237.000001DCB31D8000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/cloudprint
Source: chrome.exe, 00000019.00000002.500956706.000001DCB4B88000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint/enable_chrome_connector
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.504016629.00000293307D5000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.407360596.0000029EBCB19000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.408046953.0000024945F69000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint/enable_chrome_connectoraged
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.404239304.0000020E0A78A000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint/enable_chrome_connectorbut
Source: chrome.exe, 00000016.00000002.411432137.0000020E0AA80000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint/enable_chrome_connectorn
Source: chrome.exe, 00000017.00000002.436930859.0000023D81C10000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint89A473
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint89A473apps
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.410972385.000002B5AD740000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprintA473
Source: chrome.exe, 00000016.00000002.411432137.0000020E0AA80000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprintA4738
Source: chrome.exe, 00000011.00000002.410719927.0000029EBCD50000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprintA473Uv
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprintA473g
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/dot2.gif
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.0.dr	String found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: chrome.exe, 00000019.00000002.494153237.000001DCB31D8000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/o
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/ons
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/pt
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/search?q=
Source: chrome.exe, 00000013.00000002.420625242.00003CAE08240000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.414489917.00000A8FFB184000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/speech-api/v2/synthesize?
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com;
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr, craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://www.googleapis.com
Source: chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441597275.0000021408351000.00000004.00000020.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/
Source: chrome.exe, 00000013.00000002.412495199.0000024946276000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/(
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonlyD.
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonlytor.js
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messagingUt
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messagingderValidatorQu
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaginge
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.e
Source: chrome.exe, 00000007.00000002.493978770.0000026681904000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonlyhLj
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonlyn.l
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore0
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstoreA
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstorere0
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/clouddevices6d
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonlyFp
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonlya.js
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/meetingsj
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/meetingsse.
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite5u
Source: chrome.exe, 00000007.00000002.493978770.0000026681904000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierraF4p6
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierraFS
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierraFappsg
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierrak
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierrasandboxY
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/userinfo.emailC
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v1/userinfo
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v1/userinfoesent.
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfo
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfoF
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfoJb
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfoP
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfolatform.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfopresent.
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v4/token
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v4/tokenlu
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v4/tokennot
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/5
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/atform.M
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/rm.nt.
Source: chrome.exe, 00000007.00000002.514521392.00005CBD07030000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://www.goview.io
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://www.gstatic.com
Source: chrome.exe, 00000016.00000002.423185696.00003AF9082C0000.00000004.00000001.sdmp	String found in binary or memory: https://www.gstatic.com/securitykey/a/google.com/origins.json
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://www.gstatic.com;
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.gstatic.com;P3
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.gstatic.com;ed
Source: chrome.exe, 00000017.00000002.446169817.000079DFA61EC000.00000004.00000001.sdmp	String found in binary or memory: https://www.jsdelivr.com/using-sri-with-dynamic-files
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://www.justuno.com
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://www.justuno.com/channel.html
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\86cd7893-d8f2-486f-a4c0-7bb344184085.tmp

Jump to behavior

Source: classification engine

Classification label: mal48.win@21/141@8/10

Joe Sandbox Cloud Basic: Detection: clean Score: 0

Perma Link

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61739987-1234.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: Shell_TrayWnd
Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: Progman
Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: SProgram Managerl
Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: Shell_TrayWnd,
Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: Progmanlock

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
216.58.215.238	clients.l.google.com	United States	15169	GOOGLEUS	false
216.58.215.227	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.217.168.33	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
104.17.203.53	my.justuno.com	United States	13335	CLOUDFLARENETUS	false
104.17.202.53	graphics.justuno.com	United States	13335	CLOUDFLARENETUS	false
65.9.83.119	goview.com	United States	16509	AMAZON-02US	false
142.250.203.109	accounts.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name	IP	Active
gstaticadssl.l.google.com	216.58.215.227	true
graphics.justuno.com	104.17.202.53	true
cdn.justuno.com	104.17.202.53	true
accounts.google.com	142.250.203.109	true
my.justuno.com	104.17.203.53	true
aly.justuno.com	104.17.202.53	true
clients.l.google.com	216.58.215.238	true
googlehosted.l.googleusercontent.com	172.217.168.33	true
goview.com	65.9.83.119	true
clients2.googleusercontent.com	unknown	unknown
clients2.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://my.justuno.com/ifm_4.1.html?ju_num=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&p=1&d=my.justuno.com&iframe=false&preload=false&mobile=false&cmid=762519&eng=false&ex=0&host=justuno.com&cdn=https%3A%2F%2Fcdn.justuno.com%2F&customvar=	false	high
https://cdn.justuno.com/jquery.min.js	false	high
https://my.justuno.com/admin/pages/promotion/promo-partials/fetch-preview.html?mobile=false&address=https://goview.com&loadcm=762519	false	high
https://graphics.justuno.com/135910_1020202122920PM_0.5309107_.png	false	high
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1	false	high
https://graphics.justuno.com/135910_1020202123043PM_0.4000055_.jpeg	false	high
https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349	false	high
https://cdn.justuno.com/mwgt_4.1.js?v=1.6.68	false	high
https://my.justuno.com/favicon.ico	false	high
https://cdn.justuno.com/store_0.html?v=0	false	high

AV Detection:

Antivirus / Scanner detection for submitted sample

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: unknown

DNS traffic detected: queries for: my.justuno.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: global traffic	HTTP traffic detected: GET /admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349 HTTP/1.1Host: my.justuno.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mwgt_4.1.js?v=1.6.68 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520
Source: global traffic	HTTP traffic detected: GET /admin/pages/promotion/promo-partials/fetch-preview.html?mobile=false&address=https://goview.com&loadcm=762519 HTTP/1.1Host: my.justuno.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; __cflb=04dToS6decDvtn94xCdmQthrL5q991KTGxXhd67Xqw
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: goview.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.3.1.min.js HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: my.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; __cflb=04dToS6decDvtn94xCdmQthrL5q991KTGxXhd67Xqw; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /store_0.html?v=0 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&p=1&cm=762519&pl= HTTP/1.1Host: my.justuno.comConnection: keep-aliveAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Content-Type: application/jsonSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; __cflb=04dToS6decDvtn94xCdmQthrL5q991KTGxXhd67Xqw; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /api/session/findp?callback=jsonFindCallback&accid=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&genhash=&device_static_hash=&userid_hash=&pageId=fqpv53&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fmy.justuno.com%2Fadmin%2Fpages%2Fpromotion%2Fpreview-popup.html%3Fonboarding%3D%26step%3D%26display%3D%26guid%3D%257b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%257d%26cm%3D762519%26url%3Dhttps%253A%252F%252Fgoview%252Ecom%2523ju%255Fpreview%26mobile%3Dfalse%26rnd%3D0.63515904724349&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F85.0.4183.121%20Safari%2F537.36&sw=1280&sh=1024 HTTP/1.1Host: aly.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /store_0.html?v=0 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1
Source: global traffic	HTTP traffic detected: GET /ifm_4.1.html?ju_num=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&p=1&d=my.justuno.com&iframe=false&preload=false&mobile=false&cmid=762519&eng=false&ex=0&host=justuno.com&cdn=https%3A%2F%2Fcdn.justuno.com%2F&customvar= HTTP/1.1Host: my.justuno.comConnection: keep-aliveAccept: /X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Content-Type: application/x-www-form-urlencodedSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; __cflb=04dToS6decDvtn94xCdmQthrL5q991KTGxXhd67Xqw; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /ifm_4.1.css?v=1.6.68 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /jquery.min.js HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /ifm_4.1.js?v=1.6.68 HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /webfont.js HTTP/1.1Host: cdn.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /135910_1020202122920PM_0.5309107_.png HTTP/1.1Host: graphics.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /135910_1020202123043PM_0.4000055_.jpeg HTTP/1.1Host: graphics.justuno.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SID=D16B71C6-EB34-45AA-A3CB-3F2C3EB02CEDB8B97539-2548-4C2D-A8A8-624DB29FE520; _ju_dm=cookie; _ju_dn=1; _ju_dc=61e7fd1c-3374-11ec-8858-a325c728cb27; _ju_pn=1
Source: global traffic	HTTP traffic detected: GET /s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://my.justuno.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Raleway:400,700%7CRaleway:400i,700i%7CAbel:400,700%7CAbel:400i,700i&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://my.justuno.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Raleway:400,700%7CRaleway:400i,700i%7CAbel:400,700%7CAbel:400i,700i&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/raleway/v22/1Ptsg8zYS_SKggPNyCg4TYFq.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://my.justuno.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Raleway:400,700%7CRaleway:400i,700i%7CAbel:400,700%7CAbel:400i,700i&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chrome.exe, 00000009.00000002.527953708.00007773BE5A4000.00000004.00000001.sdmp	String found in binary or memory: <html xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml" lang="en" > equals www.facebook.com (Facebook)
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: function createnewlayer_facebook(obj){var zindex=obj['z-index'];var layercount=obj['layerid'];var layername=obj['layername'];var thiswidth=obj['layerwidth'];var thisheight=obj['layerheight'];var thisrotate=obj['layerrotate'];var thiseffect=obj['layereffect'];var thiseffect_delay=obj['layereffect-delay'];var thiseffect_speed=obj['layereffect-speed'];var x=obj['layerx'];var y=obj['layery'];obj.editable['facebook-connect']=obj.editable.hasOwnProperty("facebook-connect")?(obj.editable['facebook-connect']=="1"?"checked":obj.editable['facebook-connect']):'';obj.editable.access=obj.editable.hasOwnProperty("access")?obj.editable.access:"";obj.editable.tabindex=obj.editable.hasOwnProperty("tabindex")&&obj.editable.tabindex!=''?obj.editable.tabindex:parseInt(y);var layerinner='<div class="design-layer-editable" tabindex="'+obj.editable.tabindex+'" '+(obj.editable.access!=''?'aria-label="'+obj.editable.access+'"':'')+' data-facebook-id="'+obj['editable']['facebook-id']+'" data-facebook-link-shortened="'+obj['editable']['facebook-link-shortened']+'" data-facebook-language="'+obj['editable']['facebook-language']+'" data-facebook-layout="'+obj['editable']['facebook-layout']+'" data-facebook-url="'+obj['editable']['facebook-url']+'" data-facebook-connect="'+obj['editable']['facebook-connect']+'" data-facebook-liked-past="'+obj['editable']['facebook-liked-past']+'" data-facebook-notliked-past="'+obj['editable']['facebook-notliked-past']+'" data-facebook-title="'+obj['editable']['facebook-title']+'" data-facebook-description="'+obj['editable']['facebook-description']+'" data-facebook-photo="'+obj['editable']['facebook-photo']+'" data-facebook-link="'+obj['editable']['facebook-link']+'" data-sticky="'+obj['editable']['sticky']+'" data-offset-left="'+obj['editable']['offset-left']+'" data-offset-right="'+obj['editable']['offset-right']+'" data-offset-top="'+obj['editable']['offset-top']+'" data-offset-bottom="'+obj['editable']['offset-bottom']+'"><div class="fb-like" data-href="'+(obj['editable']['facebook-url']==''?'https://www.facebook.com/justunofans?ref=sample':obj['editable']['facebook-url'])+'" data-layout="'+obj['editable']['facebook-layout']+'" data-action="like" data-show-faces="false" data-share="false" data-ref="Justuno"></div></div>';addtolayers(layercount,layername,zindex,x,y,'facebook',thiswidth,thisheight,thisrotate,thiseffect,thiseffect_delay,thiseffect_speed,layerinner,true,true,true,obj['visible'],obj.scalex,obj.scaley,false);renderfacebookbutton(true,'');} equals www.facebook.com (Facebook)
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: function rendertwittertweetbutton(firsttime,local){var thislayereditable=$('.design-layer[data-layertype="twittertweet"] .design-layer-editable');thislayereditable.html('<a href="https://twitter.com/share" class="twitter-share-button" data-url="'+((thislayereditable.data('twittertweet-url')=='')?'https://www.justuno.com':thislayereditable.data('twittertweet-url'))+'" data-count="'+thislayereditable.data('twittertweet-layout')+'" data-text="'+thislayereditable.data('twittertweet-text')+'" data-via="'+thislayereditable.data('twittertweet-username')+'" data-hashtags="'+thislayereditable.data('twittertweet-hashtags')+'">Tweet</a>');setTimeout(function(){if(firsttime){window.twttr=(function(d,s,id){var t,js,fjs=d.getElementsByTagName(s)[0];if(d.getElementById(id))return;js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);return window.twttr\|\|(t={_e:[],ready:function(f){t._e.push(f)}});}(document,"script","twitter-wjs"));setTimeout(function(){twttr.ready(function(twttr){twttr.events.bind('tweet',function(event){getpromocode('3','',currentcp,1,1);});})},200)}else{twttr.widgets.load()}},700);} equals www.twitter.com (Twitter)
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: function startvideo(e){if(e.data('video-type')=='youtube'){if(!videoapiinitiated){$.getScript("https://www.youtube.com/iframe_api");}else{$('iframe#video_iframe').remove();player.destroy();player=new YT.Player('video_iframe',{height:'100%',width:'100%',videoId:e.data('video-id'),playerVars:{'autoplay':((e.data('video-start')=='yes')?1:0),'controls':((e.data('video-controls')=='yes')?1:0),'rel':0,'modestbranding':1,'showinfo':0},events:{'onStateChange':onPlayerStateChange}});}}else if(e.data('video-type')=='vimeo'){$.getScript("https://player.vimeo.com/api/player.js",function(){var options={id:e.data('video-id'),width:e.closest('.design-layer').data('layerwidth')-2,height:e.closest('.design-layer').data('layerheight')-2,autoplay:(e.data('video-start')=='yes'),byline:false,title:false};if(videoapiinitiated){player.unload();$('#video_iframe:has("iframe")').remove();} equals www.youtube.com (Youtube)
Source: chrome.exe, 00000009.00000002.526286200.00007773BE244000.00000004.00000001.sdmp	String found in binary or memory: http://www.facebook.com/2008/fbml equals www.facebook.com (Facebook)
Source: chrome.exe, 00000009.00000002.526286200.00007773BE244000.00000004.00000001.sdmp	String found in binary or memory: http://www.facebook.com/2008/fbmlh equals www.facebook.com (Facebook)

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Oct 2021 20:12:28 GMTContent-Type: application/xmlTransfer-Encoding: chunkedConnection: closex-amz-request-id: B29AF6FQE9KTK8T0x-amz-id-2: 6zmYTcddU+uyETDDGSLdAKQNC2lDVaNFv9N2h/QFXUeb9v2cFOl9XoKU/eOjM4W8ZM76U/Hhczw=X-77-NZT: AcO1ry+iPkOxX-77-NZT-Ray: O0kljriIUgo=X-Cache: MISSX-77-POP: frankfurtDEX-77-Cache: MISSCF-Cache-Status: DYNAMICExpect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"Server: cloudflareCF-RAY: 6a2561728b9b2c2e-FRAalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Oct 2021 20:12:29 GMTContent-Type: application/xmlTransfer-Encoding: chunkedConnection: closex-amz-request-id: 46B28J5EDJVN2S2Cx-amz-id-2: 3RIxdMJaURKWkr6LAXeNS7el867vOC9NsRt3cHS+uqoGEv30GP3IBMWH/b0LwYAJlL2zwx5rivA=X-77-NZT: AcO1ry+jgBfBX-77-NZT-Ray: +IN4AkMZdLo=X-Cache: MISSX-77-POP: frankfurtDEX-77-Cache: MISSCF-Cache-Status: DYNAMICExpect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"Server: cloudflareCF-RAY: 6a25617def751f35-FRAalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: http://accounts.google.com/
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: http://accounts.google.com/d
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: http://accounts.google.com/onds
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: http://accounts.google.com/paceeHit;
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/470411
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/473845
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/478929
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/510270
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/514696
Source: chrome.exe, 00000011.00000002.418561787.00006E8E35BCC000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/516527
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/541769
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/642141
Source: chrome.exe, 00000011.00000002.414491133.000008CC5BFD0000.00000004.00000001.sdmp	String found in binary or memory: http://crbug.com/908458
Source: chrome.exe, 0000001A.00000002.400748591.00000222A2B5A000.00000004.00000020.sdmp	String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwy
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp	String found in binary or memory: http://github.com/julianshapiro/velocity.
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.412175959.000002B5AD7C3000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.412333915.0000024946263000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.412294064.0000020E0AB03000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: http://google.com/
Source: chrome.exe, 00000009.00000002.527953708.00007773BE5A4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.526286200.00007773BE244000.00000004.00000001.sdmp	String found in binary or memory: http://opengraphprotocol.org/schema/
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.513582093.0000029330EBE000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.514724674.0000029331312000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFL
Source: chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFL8
Source: chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLPMe0
Source: chrome.exe, 00000009.00000002.513582093.0000029330EBE000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLWeightThin
Source: chrome.exe, 00000009.00000002.513582093.0000029330EBE000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLWeightThinExtraLightLightRegularMediumSemiBoldBoldExtraBoldBlackRalewayRom
Source: chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLaa
Source: chrome.exe, 00000009.00000002.507782013.0000029330B1F000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLi
Source: chrome.exe, 00000009.00000002.501592036.0000029330650000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLom
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: http://scripts.sil.org/OFLu_googl
Source: chrome.exe, 0000001A.00000002.400683521.00000222A2B51000.00000004.00000020.sdmp, chrome.exe, 0000001A.00000002.400748591.00000222A2B5A000.00000004.00000020.sdmp	String found in binary or memory: http://www.google.com/update2/response
Source: chrome.exe, 0000001A.00000002.399948782.00000222A2B11000.00000004.00000020.sdmp	String found in binary or memory: http://www.google.com/update2/response/
Source: chrome.exe, 00000009.00000002.507782013.0000029330B1F000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.513582093.0000029330EBE000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.514724674.0000029331312000.00000004.00000001.sdmp	String found in binary or memory: http://www.madtype.com
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp, f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://accounts.google.com
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AddSession
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AuthSubRevokeToken
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AuthSubRevokeTokenm.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AuthSubRevokeTokenm.t.
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/AuthSubRevokeTokenm.t.t.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/B
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ClientLogin
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ClientLoging
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ClientLoginx7
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo..
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo.Z
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo5
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetUserInfo
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetUserInfo$
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetUserInfoK
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/GetUserInfoc
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ListAccounts?json=standard
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ListAccounts?json=standard?
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ListAccounts?json=standardpp
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/Logout
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/Logout?
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/Logoutorm.S
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp, craw_window.js.0.dr	String found in binary or memory: https://accounts.google.com/MergeSession
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/MergeSessionP
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/MergeSessionk
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessToken
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessToken$
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessToken0
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessTokenent.)
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessTokenent.rm.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthGetAccessTokenresent.
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthLogin
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthLogink
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthLogin~
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthWrapBridge
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthWrapBridgeed
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthWrapBridgeu
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/OAuthWrapBridgextension
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLogin
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLogin;
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginAuth
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginAuthform.ion.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginAuthresent.rm.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginAutht
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginO1n
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginT
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/ServiceLoginX
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.402187568.000002494463A000.00000004.00000020.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/TokenAuth
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/TokenAuth.s
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/TokenAuthx
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/chrome/blank.html
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/chrome/blank.htmlplatform.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/chrome/blank.htmlplatform.(
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/chrome/blank.htmltform.
Source: chrome.exe, 00000016.00000002.412462749.0000020E0AB0E000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenu
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenuion.
Source: chrome.exe, 00000010.00000002.412175959.000002B5AD7C3000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenunsion.age
Source: chrome.exe, 00000013.00000002.402390769.0000024944651000.00000004.00000020.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenuon.xtesent.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenupresent.
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos.
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos.E
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos.Y
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windows
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windows.t.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windowsID.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windowsent.B
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/setup/windowsorm.F
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chrome
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chrome.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chromeD.P
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chromeV
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/embedded/xreauth/chromet.N
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktop
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktop&
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktop.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktopm.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/encryption/unlock/desktopm.j
Source: chrome.exe, 00000013.00000002.412495199.0000024946276000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/is
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth/GetOAuthToken/
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth/GetOAuthToken/.rm.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth/GetOAuthToken/n
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/authM
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/authlatform..
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/authplatform.
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/revoke
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/revokeap
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/revokeed
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/o/oauth2/revokepresent..
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/oauth/multilogin
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/oauth/multiloginnt.
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/oauth/multiloginresent.
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/oauth/multiloginresent.rm.K
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1.
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1:y
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1m.Q
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1rm.?
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/style6
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/thods:
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/w
Source: chrome.exe, 00000009.00000002.507460439.0000029330AED000.00000004.00000001.sdmp	String found in binary or memory: https://accounts.google.com/z
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.388582326.00000883085C0000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findp
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findp?callback=jsonFindCallback
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.388582326.00000883085C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://aly.justuno.com/api/session/findp?callback=jsonFindCallback&accid=1C0C9FA0-656D-4B45-85D3-9F
Source: chrome.exe, 00000017.00000002.440062202.00001DD408114000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findp?callback=jsonFindCallback&accid=1C0C9FA0-656D-4B45-85D
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findp?callback=jsonFindCallbackQ
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findpQ
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://aly.justuno.com/api/session/findpmsP
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp, f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://apis.google.com
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.387947061.0000088308600000.00000004.00000001.sdmp	String found in binary or memory: https://assets.justuno.com
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://assets.justuno.comQ
Source: chrome.exe, 00000009.00000003.381483357.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://assets.justuno.comX
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com
Source: chrome.exe, 00000009.00000003.361602139.00000883083C0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/
Source: chrome.exe, 00000009.00000002.520456128.0000088308380000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/A
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/Q
Source: chrome.exe, 00000009.00000002.527953708.00007773BE5A4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/ifm_4.1.css?v=1.6.68
Source: chrome.exe, 00000009.00000002.527953708.00007773BE5A4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/ifm_4.1.js?v=1.6.68
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/ifm_4.1.js?v=1.6.68P
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/ifm_4.1.js?v=1.6.68ll:
Source: chrome.exe, 00000017.00000002.441571856.00001DD408380000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.440168288.00001DD408149000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js8
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js8(
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js8((
Source: chrome.exe, 00000009.00000003.361521425.0000088308440000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.jsA
Source: chrome.exe, 00000009.00000003.367217008.0000029330B69000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.jsY
Source: chrome.exe, 00000009.00000003.369035385.0000029330B99000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.js_
Source: data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.jsc
Source: chrome.exe, 00000009.00000003.369035385.0000029330B99000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery-3.3.1.min.jsr
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/jquery.min.js
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jsCPPsP
Source: data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/jquery.min.jsW
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jscker8l
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jsdl
Source: chrome.exe, 00000009.00000003.378336873.0000029330C1D000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jsl
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/jquery.min.jssTo5msP
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/mwgt_4.1.js?v=1.6.68
Source: data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/store_0.html?v=0
Source: Current Session.0.dr	String found in binary or memory: https://cdn.justuno.com/store_0.html?v=0#1C0C9FA0-656D-4B45-85D3-9F4CFE984F19
Source: chrome.exe, 00000009.00000002.526369214.00007773BE270000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com/store_0.html?v=0.js
Source: chrome.exe, 00000009.00000002.526286200.00007773BE244000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/webfont.js
Source: data_1.6.dr	String found in binary or memory: https://cdn.justuno.com/webfont.jsO
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com682FD522F7DB512E9811437D7E0B76BE
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com682FD522F7DB512E9811437D7E0B76BE14
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com682FD522F7DB512E9811437D7E0B76BEchrome-extension://gdaefkejpgkiemlaofpalmlakk
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.justuno.com8
Source: chrome.exe, 00000009.00000002.520286918.0000088308240000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.527644463.00007773BE4E0000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.us8.co/
Source: chrome.exe, 00000019.00000002.494153237.000001DCB31D8000.00000004.00000020.sdmp	String found in binary or memory: https://chrome.google.com/webstore
Source: chrome.exe, 00000009.00000002.504016629.00000293307D5000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore-
Source: chrome.exe, 00000017.00000002.438767165.0000023D895CC000.00000004.00000020.sdmp	String found in binary or memory: https://chrome.google.com/webstore0
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.410972385.000002B5AD740000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.410719927.0000029EBCD50000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore206E5
Source: chrome.exe, 00000017.00000002.436930859.0000023D81C10000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore206E51
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore206E5d
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore279FAs
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore349F
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore6B6C
Source: chrome.exe, 00000016.00000002.404239304.0000020E0A78A000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstoreC
Source: chrome.exe, 00000013.00000002.403610211.0000024945EC0000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstoreIQc
Source: chrome.exe, 00000016.00000002.411432137.0000020E0AA80000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstoreT
Source: chrome.exe, 00000017.00000002.439375738.0000023D89696000.00000004.00000020.sdmp	String found in binary or memory: https://chrome.google.com/webstorej
Source: chrome.exe, 00000013.00000002.403610211.0000024945EC0000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstorep
Source: chrome.exe, 00000016.00000002.400990653.0000020E08E9C000.00000004.00000020.sdmp	String found in binary or memory: https://chrome.google.com/webstores
Source: chrome.exe, 00000013.00000002.403610211.0000024945EC0000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstoreuQg
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://chrome.google.com/webstore~5m
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://client.justuno.com
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://client.justuno.com-
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://client.y
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://clients2.google.com
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crx%
Source: chrome.exe, 00000013.00000002.401106845.000002494459F000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crx9&k
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxB
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxRd
Source: chrome.exe, 00000010.00000002.400682895.000002B5ABA8F000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxW
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxX
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxh
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crxn.
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: chrome.exe, 0000001A.00000002.400748591.00000222A2B5A000.00000004.00000020.sdmp, chrome.exe, 0000001A.00000002.400621988.00000222A2B41000.00000004.00000020.sdmp	String found in binary or memory: https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksB
Source: chrome.exe, 00000016.00000002.436598763.0000731B72A5C000.00000004.00000001.sdmp	String found in binary or memory: https://commondatastorage.googleapis.
Source: chrome.exe, 00000016.00000002.436396990.0000731B72A24000.00000004.00000001.sdmp	String found in binary or memory: https://commondatastorage.googleapis.com/chromium-boringssl-docs/bytestring.h.html
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://content.googleapis.com
Source: chrome.exe, 00000011.00000002.420514814.0000793A08080000.00000004.00000001.sdmp	String found in binary or memory: https://crbug.com/1014385
Source: chrome.exe, 00000010.00000002.417453599.000035BE3A3A4000.00000004.00000001.sdmp	String found in binary or memory: https://crbug.com/368855.)
Source: chrome.exe, 00000011.00000002.420514814.0000793A08080000.00000004.00000001.sdmp	String found in binary or memory: https://crbug.com/810012).
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://csp.withgoogle.com/csp/apps-themes
Source: chrome.exe, 00000009.00000002.526700401.00007773BE324000.00000004.00000001.sdmp	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: chrome.exe, 00000009.00000002.527401645.00007773BE45C000.00000004.00000001.sdmp	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU
Source: chrome.exe, 00000011.00000002.420514814.0000793A08080000.00000004.00000001.sdmp	String found in binary or memory: https://developer.mozilla.org/en/DOM/document.
Source: chrome.exe, 00000017.00000002.445916909.000079DFA60CC000.00000004.00000001.sdmp	String found in binary or memory: https://developers.google.com/web/updates/2016/08/removing-document-write
Source: chrome.exe, 00000017.00000002.445916909.000079DFA60CC000.00000004.00000001.sdmp	String found in binary or memory: https://developers.google.com/web/updates/2016/08/removing-document-writey
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://dns.google
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://feedback.googleusercontent.com
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://fonts.googleapis.com
Source: chrome.exe, 00000009.00000002.520719875.0000088308740000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.googleapis.com/css
Source: data_1.6.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Raleway:400
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.googleapis.com;
Source: chrome.exe, 00000009.00000002.526414676.00007773BE278000.00000004.00000001.sdmp, f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://fonts.gstatic.com
Source: data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2)
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2;;
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2;;ws
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2px;
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/abel/v12/MwQ5bhbm2POE2V9BPQ.woff2ws
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4Q4FqPfE.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4Q4FqPfE.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2w
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QoFqPfE.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4QoFqPfE.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4SYFqPfE.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4SYFqPfE.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4TYFq.woff2)
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptsg8zYS_SKggPNyCg4TYFq.woff2--dynamicFrameFB747673229AB42E
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2)
Source: chrome.exe, 00000009.00000002.526855104.00007773BE36C000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2ws
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCAIT5lu.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCAIT5lu.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCIIT5lu.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCIIT5lu.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCMIT5lu.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCMIT5lu.woff2)
Source: chrome.exe, 00000009.00000002.526548627.00007773BE2A4000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCkIT5lu.woff2
Source: chrome.exe, 00000009.00000002.528290962.00007773BE6BC000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyCkIT5lu.woff2)
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.gstatic.com;
Source: craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/
Source: chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/essedhreadO
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/lessedorm.
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/ntext_WebPage3
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/pecified
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://google.com/roundThread$
Source: chrome.exe, 00000009.00000003.362922964.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://goview.c
Source: chrome.exe, 00000007.00000002.514407080.00005CBD07020000.00000004.00000001.sdmp, chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com#ju_preview
Source: chrome.exe, 00000009.00000003.361521425.0000088308440000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com#ju_preview8
Source: chrome.exe, 00000009.00000003.375064702.00000883084C0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com#ju_previewQ
Source: chrome.exe, 00000017.00000002.439713030.00001DD408080000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com&loadcm=762519#ju_preview
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.526700401.00007773BE324000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com&loadcm=762519#ju_preview
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com&loadcm=762519#ju_preview&
Source: chrome.exe, 00000009.00000002.526700401.00007773BE324000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com&loadcm=762519#ju_preview)u
Source: data_1.6.dr	String found in binary or memory: https://goview.com/
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, Current Session.0.dr	String found in binary or memory: https://goview.com/#ju_preview
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview(
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview.
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview.ion.
Source: chrome.exe, 00000007.00000002.502549992.0000026681B2A000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview0Tg
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview7
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_preview8
Source: chrome.exe, 00000007.00000002.502549992.0000026681B2A000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_previewdg:
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_previewo
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com/#ju_previewr
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://goview.com8
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://goview.comX-Frame-Options:
Source: chrome.exe, 00000009.00000003.375322434.00000883085E9000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com
Source: data_1.6.dr	String found in binary or memory: https://graphics.justuno.com/135910_1020202122920PM_0.5309107_.png
Source: chrome.exe, 00000009.00000003.381318862.00000883086C0000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com/135910_1020202122920PM_0.5309107_.png);background-repeat:no-repeat;back
Source: chrome.exe, 00000009.00000003.381318862.00000883086C0000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com/135910_1020202122920pm_0.5309107_.png
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.386644803.00000883080C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.489741091.000000B32B7F2000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://graphics.justuno.com/135910_1020202123043PM_0.4000055_.jpeg
Source: chrome.exe, 00000009.00000002.526745422.00007773BE334000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.386644803.00000883080C0000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com/135910_1020202123043PM_0.4000055_.jpeg);background-repeat:no-repeat;bac
Source: data_1.6.dr	String found in binary or memory: https://graphics.justuno.com/135910_1020202123043PM_0.4000055_.jpeg9
Source: chrome.exe, 00000009.00000003.386644803.00000883080C0000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.com/135910_1020202123043pm_0.4000055_.jpeg
Source: chrome.exe, 00000009.00000003.379307633.0000088308708000.00000004.00000001.sdmp	String found in binary or memory: https://graphics.justuno.comQ
Source: chrome.exe, 00000019.00000002.494153237.000001DCB31D8000.00000004.00000020.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp	String found in binary or memory: https://hangouts.google.com/
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://instagram.com/oauth/authorize/?client_id=
Source: chrome.exe, 00000017.00000002.440062202.00001DD408114000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4D10/
Source: chrome.exe, 00000009.00000002.520719875.0000088308740000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.441571856.00001DD408380000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4D10/Q
Source: chrome.exe, 00000017.00000002.440379319.00001DD40815D000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.440202966.00001DD40814C000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.440168288.00001DD408149000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4D10/WX29sF8oMw06CBjR66XbZj7DAOi164RBGJM6ptpIWX29sF8
Source: chrome.exe, 00000009.00000002.526414676.00007773BE278000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4D10/st
Source: chrome.exe, 00000009.00000003.386699361.0000088308090000.00000004.00000001.sdmp	String found in binary or memory: https://masteraluminium.com.pk/wf-linkone/adobe-4d10/
Source: chrome.exe, 00000013.00000002.402390769.0000024944651000.00000004.00000020.sdmp	String found in binary or memory: https://me.g
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://my.j2
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.c
Source: 000003.log5.0.dr, Current Session.0.dr	String found in binary or memory: https://my.justuno.com
Source: chrome.exe, 00000009.00000002.507782013.0000029330B1F000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/
Source: chrome.exe, 00000007.00000002.514521392.00005CBD07030000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com//eFCP
Source: chrome.exe, 00000009.00000002.527401645.00007773BE45C000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&c
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&
Source: chrome.exe, 00000017.00000002.441571856.00001DD408380000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.439968299.00001DD408107000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.446323593.000079DFA62A8000.00000004.00000001.sdmp, data_1.6.dr, History Provider Cache.0.dr	String found in binary or memory: https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/admin/pages/promotion/promo-partials/fetch-preview.html?mobile=false&addrZq
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000007.00000002.514977593.00005CBD070B4000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.527247999.00007773BE404000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://my.justuno.com/admin/pages/promotion/promo-partials/fetch-preview.html?mobile=false&address=
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html
Source: chrome.exe, 00000009.00000002.526150872.00007773BE204000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html/
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallback
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.375257516.00000883085C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.527247999.00007773BE404000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=1C0C9FA0-656D-4B45-
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.html?callback=jsonCallbackQ
Source: chrome.exe, 00000009.00000003.375257516.00000883085C0000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ajax/account_config_4.1.htmlQ
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://my.justuno.com/ajax/instafollow-redirect-uri.html
Source: data_1.6.dr	String found in binary or memory: https://my.justuno.com/favicon.ico
Source: chrome.exe, 00000009.00000003.367217008.0000029330B69000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/favicon.icon
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ifm_4.1.html
Source: chrome.exe, 00000009.00000002.521391014.00000883088C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.388582326.00000883085C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000003.375257516.00000883085C0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.526228825.00007773BE21C000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/ifm_4.1.html?ju_num=1C0C9FA0-656D-4B45-85D3-9F4CFE984F19&p=1&d=my.justuno.com
Source: chrome.exe, 00000009.00000002.526228825.00007773BE21C000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/igin
Source: chrome.exe, 00000009.00000002.526150872.00007773BE204000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.520517696.0000088308480000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.508877245.0000029330B80000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/promocode/getcode_4.1.html
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/promocode/getcode_4.1.html.68
Source: chrome.exe, 00000009.00000002.520517696.0000088308480000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/promocode/getcode_4.1.htmlQ
Source: chrome.exe, 00000009.00000002.512989255.0000029330E5B000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com/promocode/getcode_4.1.htmllu
Source: chrome.exe, 00000009.00000003.374315596.0000088308100000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com9%(
Source: chrome.exe, 00000007.00000002.514521392.00005CBD07030000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.com:443//
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comAccess-Control-Allow-Credentials:
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comF
Source: chrome.exe, 00000009.00000002.520517696.0000088308480000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.441571856.00001DD408380000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comQ
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comW
Source: chrome.exe, 00000007.00000002.501296458.0000026681A71000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comdmesPy
Source: chrome.exe, 00000009.00000002.526228825.00007773BE21C000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comeom
Source: Current Session.0.dr	String found in binary or memory: https://my.justuno.comh
Source: chrome.exe, 00000017.00000002.440062202.00001DD408114000.00000004.00000001.sdmp	String found in binary or memory: https://my.justuno.comp
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/.
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437210040.0000023D81C43000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/m.
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/v1/issuetoken
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/v1/issuetokenH
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp	String found in binary or memory: https://oauthaccountmanager.googleapis.com/v1/issuetokenl
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://ogs.google.com
Source: chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp	String found in binary or memory: https://payments.google.com/
Source: chrome.exe, 00000007.00000002.493978770.0000026681904000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp, craw_window.js.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.jsP
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://pinterest.com/
Source: chrome.exe, 00000009.00000002.527644463.00007773BE4E0000.00000004.00000001.sdmp	String found in binary or memory: https://pippio.com/api/sync?pid=1807&it=4&iv=
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://player.vimeo.com/api/player.js
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://plus.google.com/
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://policies.google.com/privacy
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://policies.google.com/terms
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://r4---sn-4g5ednsd.gvt1.com
Source: data_1.6.dr	String found in binary or memory: https://r4---sn-4g5ednsd.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic?cms_redirect=yes&mh=I2&mip=102.1
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://redirector.gvt1.com
Source: data_1.6.dr	String found in binary or memory: https://redirector.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic
Source: chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp	String found in binary or memory: https://sandbox.google.com/
Source: chrome.exe, 00000007.00000002.493978770.0000026681904000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp, craw_window.js.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js#O-
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.jsk
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://ssl.gstatic.com
Source: chrome.exe, 00000011.00000002.414780679.000008CC5C018000.00000004.00000001.sdmp	String found in binary or memory: https://support.goog
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://support.google.com/chrome/go/feedback_confirmation
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://support.google.com/legal/answer/3110420
Source: chrome.exe, 00000011.00000002.423643942.0000793A082C0000.00000004.00000001.sdmp	String found in binary or memory: https://support.google.com/pixelbook/answer/7659411
Source: chrome.exe, 00000009.00000002.527644463.00007773BE4E0000.00000004.00000001.sdmp	String found in binary or memory: https://tools.justuno.com/comp/detectedScripts/
Source: chrome.exe, 00000009.00000002.527644463.00007773BE4E0000.00000004.00000001.sdmp	String found in binary or memory: https://tools.justuno.com/comp/updateDetectedScripts
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://twitter.com/
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://twitter.com/share
Source: chrome.exe, 00000009.00000002.514193218.0000029331170000.00000004.00020000.sdmp	String found in binary or memory: https://use.typekit.net
Source: craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp, f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://www.google.com
Source: chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441597275.0000021408351000.00000004.00000020.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/
Source: chrome.exe, 00000009.00000002.504016629.00000293307D5000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com//
Source: chrome.exe, 0000001E.00000002.441597275.0000021408351000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/0
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: chrome.exe, 00000011.00000002.402188892.0000029EBB204000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/cloud
Source: chrome.exe, 00000019.00000002.494153237.000001DCB31D8000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/cloudprint
Source: chrome.exe, 00000019.00000002.500956706.000001DCB4B88000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint/enable_chrome_connector
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.504016629.00000293307D5000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.407360596.0000029EBCB19000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.408046953.0000024945F69000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint/enable_chrome_connectoraged
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.404239304.0000020E0A78A000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint/enable_chrome_connectorbut
Source: chrome.exe, 00000016.00000002.411432137.0000020E0AA80000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint/enable_chrome_connectorn
Source: chrome.exe, 00000017.00000002.436930859.0000023D81C10000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint89A473
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprint89A473apps
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.410972385.000002B5AD740000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprintA473
Source: chrome.exe, 00000016.00000002.411432137.0000020E0AA80000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprintA4738
Source: chrome.exe, 00000011.00000002.410719927.0000029EBCD50000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprintA473Uv
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/cloudprintA473g
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/dot2.gif
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.0.dr	String found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: chrome.exe, 00000019.00000002.494153237.000001DCB31D8000.00000004.00000020.sdmp	String found in binary or memory: https://www.google.com/o
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/ons
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/pt
Source: chrome.exe, 00000009.00000002.505765752.0000029330A40000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/search?q=
Source: chrome.exe, 00000013.00000002.420625242.00003CAE08240000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.414489917.00000A8FFB184000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com/speech-api/v2/synthesize?
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://www.google.com;
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr, craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://www.googleapis.com
Source: chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441597275.0000021408351000.00000004.00000020.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/
Source: chrome.exe, 00000013.00000002.412495199.0000024946276000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/(
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonlyD.
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonlytor.js
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messagingUt
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messagingderValidatorQu
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaginge
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.e
Source: chrome.exe, 00000007.00000002.493978770.0000026681904000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonlyhLj
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonlyn.l
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore0
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstoreA
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/chromewebstorere0
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/clouddevices6d
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonlyFp
Source: chrome.exe, 00000019.00000002.502936468.000001DCB4DF0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonlya.js
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/meetingsj
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/meetingsse.
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite5u
Source: chrome.exe, 00000007.00000002.493978770.0000026681904000.00000004.00000001.sdmp, chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp, chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierraF4p6
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierraFS
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierraFappsg
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierrak
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: chrome.exe, 0000001E.00000002.441823901.0000021408381000.00000004.00000020.sdmp	String found in binary or memory: https://www.googleapis.com/auth/sierrasandboxY
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: chrome.exe, 00000019.00000002.502269207.000001DCB4BD9000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/auth/userinfo.emailC
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v1/userinfo
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v1/userinfoesent.
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfo
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfoF
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfoJb
Source: chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfoP
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfolatform.
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfopresent.
Source: chrome.exe, 00000009.00000002.507307298.0000029330AE1000.00000004.00000001.sdmp, chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v4/token
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v4/tokenlu
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/oauth2/v4/tokennot
Source: chrome.exe, 00000010.00000002.411577678.000002B5AD761000.00000004.00000001.sdmp, chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp, chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp, chrome.exe, 00000016.00000002.411995999.0000020E0AAB2000.00000004.00000001.sdmp, chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/
Source: chrome.exe, 00000013.00000002.411907989.0000024946201000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/5
Source: chrome.exe, 00000017.00000002.437606362.0000023D81C8C000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/atform.M
Source: chrome.exe, 00000011.00000002.411821783.0000029EBCD95000.00000004.00000001.sdmp	String found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/rm.nt.
Source: chrome.exe, 00000007.00000002.514521392.00005CBD07030000.00000004.00000001.sdmp, data_1.6.dr	String found in binary or memory: https://www.goview.io
Source: f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp.6.dr	String found in binary or memory: https://www.gstatic.com
Source: chrome.exe, 00000016.00000002.423185696.00003AF9082C0000.00000004.00000001.sdmp	String found in binary or memory: https://www.gstatic.com/securitykey/a/google.com/origins.json
Source: chrome.exe, 00000019.00000002.500198279.000001DCB4B5D000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503403318.000001DCB4E23000.00000004.00000001.sdmp, chrome.exe, 00000019.00000002.503350561.000001DCB4E13000.00000004.00000001.sdmp	String found in binary or memory: https://www.gstatic.com;
Source: chrome.exe, 00000007.00000002.498314292.00000266819E0000.00000004.00000001.sdmp	String found in binary or memory: https://www.gstatic.com;P3
Source: chrome.exe, 00000009.00000002.511266658.0000029330DB2000.00000004.00000001.sdmp	String found in binary or memory: https://www.gstatic.com;ed
Source: chrome.exe, 00000017.00000002.446169817.000079DFA61EC000.00000004.00000001.sdmp	String found in binary or memory: https://www.jsdelivr.com/using-sri-with-dynamic-files
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://www.justuno.com
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://www.justuno.com/channel.html
Source: chrome.exe, 00000009.00000002.514377101.0000029331270000.00000004.00020000.sdmp	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\86cd7893-d8f2-486f-a4c0-7bb344184085.tmp

Jump to behavior

Source: classification engine

Classification label: mal48.win@21/141@8/10

Joe Sandbox Cloud Basic: Detection: clean Score: 0

Perma Link

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61739987-1234.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: Shell_TrayWnd
Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: Progman
Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: SProgram Managerl
Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: Shell_TrayWnd,
Source: chrome.exe, 00000002.00000002.501210355.0000027691E10000.00000002.00020000.sdmp	Binary or memory string: Progmanlock

ID:	507885
Product:	CloudBasic
Start time:	22:10:30
Start date:	22.10.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Name	Type	MD5	SHA1	SHA256
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	A78AD14E77147E7DE3647E61964C0335	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
C:\Users\user\AppData\Local\Google\Chrome\User Data\475b63b4-8df2-458b-b109-cdc03c138b28.tmp	ASCII text, with very long lines, with no line terminators	8BCF58AF0620BD2401FCF95E50BDCF1E	6D76B0AF47148071D887EA092700DF8806720917	4247E1865278291CCC63C67A76A18E63608838F5F52C8672D6384981635AE556
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	7A9D405E9218ED86C7ED3BB729DAA896	E5BB69E833231B755B20E5A0C9B2392D8B923C66	D83D002DFE4F96C43A6FBF24FC7AA739945731ABDEC2AFB53EDDCE2D2D87D6AF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\111b3a8f-1379-4866-affa-1ee8fb6deeb7.tmp	ASCII text, with very long lines, with no line terminators	72380190CE51210CDDAFA4A5CCB3BBBB	E3E57B289F74101A733E0F71B20A663822225020	147C412CF4B34272FFC39F0BDA336C1F27B7785CE007FAE9EF449508926F5710
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\363b1077-7858-44cb-a336-28ae60895133.tmp	ASCII text, with very long lines, with no line terminators	E27D37A01378C96D2926D3AB3F6F327D	6A89F87FD091691CF04D58CD2A4EFD97015C47CF	C1B31BA58751093A13DAF1AD5BCBB7B25E86946894496B5D125DC5BB8CC4DE88
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\652ad3f6-8593-481a-8586-f618a18f46a7.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	96AB1E62FAC93EC50570179FE08820A6	2F9BD2782BC2E212BF94C3955B579A5127D35D11	97940C8CF4EC6DBB47F224D06A5725D3712E8685015A263EA401C452F95B2232
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8faf2f89-fdf7-4743-a216-8ead2b79a5ef.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\955c0055-11a7-497b-a941-1ccb8fa02247.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	CE669D2EEFC0FAD07501189F83AFFBE9	C212964ED5DB719E897DF7C0B02708F7DE289EAB	D1DD511052BE9F5C2B40F76201598D6CC772183488488C895AC56354E7AFAE2A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9976d0c7-4fe0-4a23-bbee-4894e9cc54d9.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	C7881D1E2F3DD32857978A227D43E4C0	B8CDFDF5B4B7B2F0FBC6FECF18E4ECDF4D3A41AE	38E94D20A094BB3F2111AAD841AA51DC52010E6916D0EF9B0FE0D664644FC073
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	6BE5B11FEA58774DA3BFB1C18FCE7E58	86B7CC2D0C732F115C38D084E14BC9EB697BC9F0	014415E2BAF44140D1C74CB48AD48EED06793383964036E3666A96B7168EA4E0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)	ASCII text	6BE5B11FEA58774DA3BFB1C18FCE7E58	86B7CC2D0C732F115C38D084E14BC9EB697BC9F0	014415E2BAF44140D1C74CB48AD48EED06793383964036E3666A96B7168EA4E0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	1F4C134DA3FDA8BD18693D0ED4CFD2FE	2C6D141DBCBF95334A1B585CC93EA41D7C28A7B3	AC52116CCE1ED46AC28654E31FD32FD6F4A16BC9B5C43139C89C752FD1937384
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldq (copy)	ASCII text	1F4C134DA3FDA8BD18693D0ED4CFD2FE	2C6D141DBCBF95334A1B585CC93EA41D7C28A7B3	AC52116CCE1ED46AC28654E31FD32FD6F4A16BC9B5C43139C89C752FD1937384
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0	data	30D3221E46D318EEC0D384BD604C4363	F77CD99BE3FF2C41D372FAD172D5DD06E40468E0	7AAD474D80A651B8BB68C68C22C9752AC36BB7132FFE6C5BD5CDC0176F546B87
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1	data	15852CF783494221502E988CF2B4635B	69391AD0FE5FDBF91FC599B9D825F601FCB5C3A7	678E86DEBA193E86B1C9487AE87E632ABF803C0DAAC7059BC955AD4002F5AE3F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2	data	157FC7C69ECD9A0FF32DDAEC2E42C6A7	FA6965C0DD7E35E04C7363F61E27D0B3CA017BF3	13255EF9F1E2EDFB76DC1974A9050A11C2C70E8B34DD37242E462A7722067EB9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3	data	FCE416D59E10E37BD9BE0C2359068B17	2921362EFD251B4397785D7B527E43CCF3357C82	F1CB481BACAF198C60F0FB068E77AB38C2F50BF2CC34D4EC922A88B6DB1D6373
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	5B8FBFD224494885546966EE70E80321	497B8453EF2F4B3E949DD64BE2062B48538356A2	1FE5130248195A60CDD1CD1CA57752275F4ED34121533C1A1C202F56F8E318C2
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	7157265937C8667FF9DEB4770D1C886B	68898F31359AC0785EEE04D69467DA05E9BFCD2F	68D1D4EF4294172EA40E461533D204CA86403DEB6F83CA905EB561BFBADADBAD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	0686D6159557E1162D04C44240103333	053E9DB58E20A67D1E158E407094359BF61D0639	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	746483D0FEBEDA6169B2CEB1EB3A0EF7	2304971D31B736FE61A32C0E3CF8B5CC5232E101	62CC0023396BC8E5DBB1B6C4AB4E46FD7CA314096BB07593033DF3DB7E869B77
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	FC871790662194CF95C9B7A445303F21	BC568F5EE64CE1D44E7618CFB7BFEDABC2015812	589FBF76FC0B7C02FEA068242386988FB60BC0AB53F65882F75BC8D8726773AB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)	ASCII text	FC871790662194CF95C9B7A445303F21	BC568F5EE64CE1D44E7618CFB7BFEDABC2015812	589FBF76FC0B7C02FEA068242386988FB60BC0AB53F65882F75BC8D8726773AB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	6C88FEEDEE47B405DCBB87ABEBC47027	C28B0EB68BAB44D7D6F514351A3BDFCD70A3941E	153DDD24CD5DBCA43DC2071DDF4BE156DCBF32FB3338A2815023358A9740F708
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	655E2C4FBE1CC46D4492A7D63D750274	C16D7C1DEF64EC6F43686D27FF5D74E061565A47	6F714A7F10EDECB96143991D05D3DC3AE9D3984AFCB3E8C2078340B62F733E87
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)	ASCII text	655E2C4FBE1CC46D4492A7D63D750274	C16D7C1DEF64EC6F43686D27FF5D74E061565A47	6F714A7F10EDECB96143991D05D3DC3AE9D3984AFCB3E8C2078340B62F733E87
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3032001	98AA5E3F700079EC8F685120C3C3084A	EF7DA28CC796ED96A29E5AAB0A69419E30874B2A	0CEB46936ACC8F6C0F2EC21C1C7A00B9810338B0AEB331D02868AD313945D049
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	51A2CBB807F5085530DEC18E45CB8569	7AD88CD3DE5844C7FC269C4500228A630016AB5B	1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	298FF48BB21B4165FA5FF78D46267825	0DFC3BD11B17DE95749C1BDFC18C9CA888F6EEC0	0D4B413220CDF89C5D03666E9DC8F40AFC11FDB8BFA966C48FFC5129451F41E1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)	ASCII text	298FF48BB21B4165FA5FF78D46267825	0DFC3BD11B17DE95749C1BDFC18C9CA888F6EEC0	0D4B413220CDF89C5D03666E9DC8F40AFC11FDB8BFA966C48FFC5129451F41E1
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	4B1F148B04B92FDBBFDDC89DBE281A62	48DD0DDA4B1C831A5990BBDF49E98AF3BF1E7068	1CF976FCE8D68AE1D0B13E14F90EB84D4AFFF0BA3465712DB8E83BF9D2D93157
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)	ASCII text	4B1F148B04B92FDBBFDDC89DBE281A62	48DD0DDA4B1C831A5990BBDF49E98AF3BF1E7068	1CF976FCE8D68AE1D0B13E14F90EB84D4AFFF0BA3465712DB8E83BF9D2D93157
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	9D2F72551A15780825A2A7C3980906FE	096DABF0913E358C1D54C66272632A4F501BA46C	17FF75D729C31F68A0D4A73A8FD736A82D5861C5D3994FE9FDF934EE86D1565C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)	ASCII text	9D2F72551A15780825A2A7C3980906FE	096DABF0913E358C1D54C66272632A4F501BA46C	17FF75D729C31F68A0D4A73A8FD736A82D5861C5D3994FE9FDF934EE86D1565C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	80469D2A47AD1561599B9EC417B2841A	C4CAE6798632465CA7060BE5F81FA79037AC2032	A23525B2861126FC5A44D4B73A465ED555CE56E13E59F6C6EA161E688F11AD8B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	387DE1A1FB798805CF21D556288B8D04	4EF8D0E297A3D982C1799E777575115FCDF6D8DB	E47426AEE44F4F55F2D226B0C6625AD89F97A40889374396CFB8814C0ED631FD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	2ECD6770D20731C5CCE227FB34BF5F8A	894325748E2C0217648A2D592373739347703BF7	4650C5E2E348D0D33700B6DB0F5153794419D4AF987B949F0CA402661DECDA28
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last SessionJs (copy)	data	7157265937C8667FF9DEB4770D1C886B	68898F31359AC0785EEE04D69467DA05E9BFCD2F	68D1D4EF4294172EA40E461533D204CA86403DEB6F83CA905EB561BFBADADBAD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs. (copy)	data	0686D6159557E1162D04C44240103333	053E9DB58E20A67D1E158E407094359BF61D0639	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log	data	F18CB7823E123E4824BAE25F4C45F1D6	B684166EA5E28BD67089893FD1A83BA3C8125DDF	A93AC4E2A0F285AB175F9B5BCC180890BC97A5A87FD0724F115516349CCE6319
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG	ASCII text	7B33DEDC9E962E7B805F30CA30DC6D64	8371E39CC33DE6E2E6271BBECFBD8DB08B4265C3	FDFE0402549B8EF0059746FE2BB92B089B48E514B6A599DC787BD8411AA60736
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)	ASCII text	7B33DEDC9E962E7B805F30CA30DC6D64	8371E39CC33DE6E2E6271BBECFBD8DB08B4265C3	FDFE0402549B8EF0059746FE2BB92B089B48E514B6A599DC787BD8411AA60736
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State.. (copy)	ASCII text, with very long lines, with no line terminators	829D5654ADF098AD43036E24C47F2A94	506C8BA397509BA0357787950C538C1879047DF3	4D0B852D18FCA5C1A712904CF6DB3811FB905E86D8A7508A2D42F9C8D68E2211
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG	ASCII text	D51710415DA0B62B3A58EE1C2A68BB32	596AD4B02EE934C22D1DF9C96234277AE9EFDED2	7150FB111538F596A3B98199BD43056E750B41FD7653957F1536FD42D957AEBD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)	ASCII text	D51710415DA0B62B3A58EE1C2A68BB32	596AD4B02EE934C22D1DF9C96234277AE9EFDED2	7150FB111538F596A3B98199BD43056E750B41FD7653957F1536FD42D957AEBD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences2 (copy)	ASCII text, with very long lines, with no line terminators	C5F9F2741592FCED89C40BDBDD9CA953	66A9FACFF9CF9E96245C3679A6C7B46398DC863F	ACEF04A7AA86CD376E080BF56D555E31ED58BAB1F5A5336A1CAC6BC0059780F0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)	ASCII text, with very long lines, with no line terminators	72380190CE51210CDDAFA4A5CCB3BBBB	E3E57B289F74101A733E0F71B20A663822225020	147C412CF4B34272FFC39F0BDA336C1F27B7785CE007FAE9EF449508926F5710
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesuI (copy)	ASCII text, with very long lines, with no line terminators	E27D37A01378C96D2926D3AB3F6F327D	6A89F87FD091691CF04D58CD2A4EFD97015C47CF	C1B31BA58751093A13DAF1AD5BCBB7B25E86946894496B5D125DC5BB8CC4DE88
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL	SQLite 3.x database, last written using SQLite version 3032001	D682506F2053C20097221D77BBB11E60	80EE8EE228B7AF42FB928F3377A82BD29B2A8C66	DC6494E09FEC67B03996909C68C6C308B6B71DB206BF8195D6693E51039CC6B4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	96AB1E62FAC93EC50570179FE08820A6	2F9BD2782BC2E212BF94C3955B579A5127D35D11	97940C8CF4EC6DBB47F224D06A5725D3712E8685015A263EA401C452F95B2232
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	240117018DBB5F0BA4771345813EFF0D	1B26FBD8AF3FDA841F7EBC0098C1C0FBD935AA4F	9301574F0420AE8C4E6365E9E46BECE4B12FC62AA17B394E20C365AA2B41E30D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferenceso (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	CE669D2EEFC0FAD07501189F83AFFBE9	C212964ED5DB719E897DF7C0B02708F7DE289EAB	D1DD511052BE9F5C2B40F76201598D6CC772183488488C895AC56354E7AFAE2A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log	data	D1A8974C557CD381165906D9FBDB7A43	87CD9438056AF4C0AD47E0AD6AE1E39F51CCCB3E	B7766465205BA1CEE428A4BF2A0432807ADE58EFF57012CB26E96E6EAA65EF95
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG	ASCII text	1963F794F68671A868966114B33907AA	9DF251D08514196EA57827880E63F33AF4CC8DE1	CB8B5A5B02CE0BAF3CBFEF752E32A0235ED1F6327A3115FB04A9D8C14A4F0EFB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)	ASCII text	1963F794F68671A868966114B33907AA	9DF251D08514196EA57827880E63F33AF4CC8DE1	CB8B5A5B02CE0BAF3CBFEF752E32A0235ED1F6327A3115FB04A9D8C14A4F0EFB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG	ASCII text	17E059EBE400CD85B98CE324B1200EE0	E39F2DDC9EF3F8F4CBEA6E1731DC045E18508141	2A6CCEAD1986EDDD593375AF82912FC69D8E47600F1551B2978919CC1783544A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)	ASCII text	17E059EBE400CD85B98CE324B1200EE0	E39F2DDC9EF3F8F4CBEA6E1731DC045E18508141	2A6CCEAD1986EDDD593375AF82912FC69D8E47600F1551B2978919CC1783544A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\25d47fa0-029a-454f-b65d-41fb934d3eca.tmp	ASCII text, with very long lines, with no line terminators	0C03D530AC97788D62D27B2802C34D83	20F78B6B32D98FA52846C70DF78E4E5CEF663E2D	7941FADA9867DAAE08EBC196BAFC6952DD506842C3E7D8FB14DF9D4E402D894B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	0B47216F9008AE0AF54678A9AC2E462E	8CDE2B20969018E2D82973DE452BCD9E7AEA5522	0515D50CC24267600CC4B566532A270495170394A4A6D78A9C217D775F496A27
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG	ASCII text	30CAA29E8CFBADBC7D1CE0FECFF8C4A2	B4018F572D801321AEE75FCB9D12DFED1D724841	0838EBA97C364B34A5D6A18A217DFE7A077AA00C393F3CEE0D2A54A28911568D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)	ASCII text	30CAA29E8CFBADBC7D1CE0FECFF8C4A2	B4018F572D801321AEE75FCB9D12DFED1D724841	0838EBA97C364B34A5D6A18A217DFE7A077AA00C393F3CEE0D2A54A28911568D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	0C03D530AC97788D62D27B2802C34D83	20F78B6B32D98FA52846C70DF78E4E5CEF663E2D	7941FADA9867DAAE08EBC196BAFC6952DD506842C3E7D8FB14DF9D4E402D894B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG	ASCII text	C679D734243326510DD12D89A987C400	2925544C1F6C0C5555EBE9888F461DFA314F4737	4D9A3D8E473A8D6D24413126346FFD9FA75828B7303026B738BA015600490500
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.oldun (copy)	ASCII text	C679D734243326510DD12D89A987C400	2925544C1F6C0C5555EBE9888F461DFA314F4737	4D9A3D8E473A8D6D24413126346FFD9FA75828B7303026B738BA015600490500
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log	data	69449520FD9C139C534E2970342C6BD8	230FE369A09DEF748F8CC23AD70FD19ED8D1B885	3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG	ASCII text	9EE03D64D60A406011CFD5648751E895	41D07AC7EA3B23B906A89BD222C1796D6F9CC868	63CEBB615EF0D9C68B118457073307B2987FD7AAA5742A4CB695AE643BF74A41
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old (copy)	ASCII text	9EE03D64D60A406011CFD5648751E895	41D07AC7EA3B23B906A89BD222C1796D6F9CC868	63CEBB615EF0D9C68B118457073307B2987FD7AAA5742A4CB695AE643BF74A41
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log	data	DE92AD90BE6D3364745B2F73F4C3CF73	9158681463BD30E5AF4DDA4BAAC81F93CEDBDA77	0025A3E0D3B834401B3B5F820E1991EF7E810D9A4B8B6B579E6301C94E7031A0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG	ASCII text	5CC6593225BD56331B61A8987FDAD28D	7F417185DDE83FC79A5E53EAFBE6EA08CF043BAE	5A7E4EA411B931144260A12955F9F084AEB62D5AF5A17EFA53305EE8F8D3F1F8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldg (copy)	ASCII text	5CC6593225BD56331B61A8987FDAD28D	7F417185DDE83FC79A5E53EAFBE6EA08CF043BAE	5A7E4EA411B931144260A12955F9F084AEB62D5AF5A17EFA53305EE8F8D3F1F8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links	data	520F0E68D485B2E269F055D4525BA4AA	815F91057852914C9E33C09650AB0992D8F2B620	5B2E17DFA93E68EF3291C44813F39C44CF04AB62582F6E0CB59318899B306249
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b3574f66-d6cb-4a41-96e8-aef938816bdd.tmp	ASCII text, with very long lines, with no line terminators	829D5654ADF098AD43036E24C47F2A94	506C8BA397509BA0357787950C538C1879047DF3	4D0B852D18FCA5C1A712904CF6DB3811FB905E86D8A7508A2D42F9C8D68E2211
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bdd36da5-1906-4db2-99c9-6ac23bf1e851.tmp	ASCII text, with very long lines, with no line terminators	C5F9F2741592FCED89C40BDBDD9CA953	66A9FACFF9CF9E96245C3679A6C7B46398DC863F	ACEF04A7AA86CD376E080BF56D555E31ED58BAB1F5A5336A1CAC6BC0059780F0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d1d33f67-6c4d-408c-9b94-84ae2b694437.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	240117018DBB5F0BA4771345813EFF0D	1B26FBD8AF3FDA841F7EBC0098C1C0FBD935AA4F	9301574F0420AE8C4E6365E9E46BECE4B12FC62AA17B394E20C365AA2B41E30D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d92f887b-0759-48dc-ad8e-6a3bf406a829.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	0A7461630160CDBD4EB0B66DD52299E9	850435A6DDAFD385CAC6AF70A6E9E8A5B66F3C9C	646538521994F03DFEACB2A171805B26AFFAE5A140DDE738B67BF443C9CF4FBC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG	ASCII text	6AB138AD544F70782457179DF581E7CC	4962577907591CB618CA7EF04D9ACF829B99F1FC	16F21298A9C3A84D508D1B6BFE9F2B5E0D7465B44F4B91E638B83942AA2AC9D9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)	ASCII text	6AB138AD544F70782457179DF581E7CC	4962577907591CB618CA7EF04D9ACF829B99F1FC	16F21298A9C3A84D508D1B6BFE9F2B5E0D7465B44F4B91E638B83942AA2AC9D9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004	MPEG-4 LOAS	031D6D1E28FE41A9BDCBD8A21DA92DF1	38CEE81CB035A60A23D6E045E5D72116F2A58683	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f3b25bdd-e1d8-4a2b-aa30-cdb86cdd8cc3.tmp	ASCII text, with very long lines, with no line terminators	F019004BD2F4A145B1C05DC856F7B27C	B7A645C9132981BAB473563E7609D0BE1B948F5B	3F1FD899092EAE547196D94488DC5C922DCD88334B5665507ABADE7AE4CA5C2C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	110DB6663F0DCDB3401978BB320D867B	721D7496923248D2DC3A83D2EADF1EA67D41C006	5192FDD7FDCC43524A6A0FAC1C40C11C104F2A38EDC0E4CD42A04DD856D20DB4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)	ASCII text	110DB6663F0DCDB3401978BB320D867B	721D7496923248D2DC3A83D2EADF1EA67D41C006	5192FDD7FDCC43524A6A0FAC1C40C11C104F2A38EDC0E4CD42A04DD856D20DB4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	C422F72BA41F662A919ED0B70E5C3289	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
C:\Users\user\AppData\Local\Google\Chrome\User Data\ef186244-0beb-46a1-b1dc-71e24fd440d1.tmp	data	1E39CA6323C5DB5B634B89D150B0AF23	D81F8178AA1223F80B5195D93B4549282B4AE3CF	BE62C129581D11609F675DBF23BEA12E4E8E80EFDE36BADDD790EA89158DA922
C:\Users\user\AppData\Local\Temp\1749c9a2-a04f-4732-bf1e-9249e9e45a1f.tmp	Google Chrome extension, version 3	A11D5CAF6BF849AEB84B0C95B1C3B7CF	27F410CCBD75852C01C7464A1FD7EF8C29BE3916	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
C:\Users\user\AppData\Local\Temp\4660_50762247\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	3FFCEDA47FF272479111605EB1CF2E13	94BAD756A9E11F2CE7E0829970C6B5130FCCC97B	7C5598280B9AA42FC25F0B69785A140682013D9D3CE7E0EBFAB36733AC29E46A
C:\Users\user\AppData\Local\Temp\4660_50762247\manifest.fingerprint	ASCII text, with no line terminators	749030B21BE048D27B4B19164D29675B	A12124894725A2015C077675C37580C32C8F8600	BA66E68B4543D06BDD4A67E5E5307844F9833FED3A2083567C27774638A4E325
C:\Users\user\AppData\Local\Temp\4660_50762247\manifest.json	ASCII text	888C93212CF7DB002AB870A463A43D2B	739755489EB84106C3C565E6BF563EA0CB49FDBE	D52AA8615A513198DC7215113BE8CB7266BDB83CA5899DB21717BFE562B6E1B0
C:\Users\user\AppData\Local\Temp\86cd7893-d8f2-486f-a4c0-7bb344184085.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log	ASCII text	BE9EDFE6723F0D90BA892150F07B6B5C	9276C48AA0D763B3909AAAB3830540E6424C7F5E	21C3384C0A64A96EBF6B42C9DB2D6798D478093A57CBD46C8093BEB3520BB4D7
C:\Users\user\AppData\Local\Temp\dcc00334-3182-4c80-b18f-4b50fc5c9201.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\86cd7893-d8f2-486f-a4c0-7bb344184085.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\bg\messages.json	ASCII text, with very long lines	D7A97183BCBD5FB677AA84D464F0C564	CDBB279B864E2C0A51E0892B8714131802586506	76EFAD74EB8256B942727C42261147EB9CCA48DA284DB3CDCE5DC6A3B4346F02
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\ca\messages.json	ASCII text, with very long lines	58BA5F65ED971591D1F9D81848EE31D0	BDA3C8B74653334FC8F060CAFBCEA58DF0113AB7	CDD91587F5AF2C865776B36A5E9A07B10D21B9D911DE0B814B7A1E94B14AE885
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\cs\messages.json	ASCII text, with very long lines	43161EFFA28A0DBFC67B8F7DBE1B5184	FE0A9235A59B51B7F564F14FF564344927F035B8	3A04421DF5218E8ABD3B0E2AFE11E8338D7BDCBCD1ADB122416944B102BC9696
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\da\messages.json	ASCII text, with very long lines	31264DDBF251A95DE82D0A67FA47DB3A	3A48DC7AF26A153594C7849E1D92AAC31296459B	EDB51898A6C73D0090D6916B7B72EBAC71E964EABB5BA7CD68E21966024F0D23
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\de\messages.json	ASCII text, with very long lines	7639B300B40DDAF95318D2177D3265F9	BF9EFDF073231CB3FCFCA5CCCA25B079ECFC45BD	356A9D4ADFEC484DA824E7A72059B724B1686FC90082F4A4B667630436D593B0
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\el\messages.json	ASCII text, with very long lines	3026E922B17DBEE2674FDAEE960DF584	76602B1E3449F1B67DE42FD31A581B0821BFEFF0	876845B5A061FAB3CF2A1466E01015DC40DF8449F1CB4205F575CEBED8717BAD
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\en\messages.json	ASCII text, with very long lines	DBEDF86FA9AFB3A23DBB126674F166D2	5628AFFBCF6F897B9D7FD9C17DEB9AA75036F1CC	C0945DD5FDECAB40C45361BEC068D1996E6AE01196DCE524266D740808F753FE
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\en_GB\messages.json	ASCII text, with very long lines	DBEDF86FA9AFB3A23DBB126674F166D2	5628AFFBCF6F897B9D7FD9C17DEB9AA75036F1CC	C0945DD5FDECAB40C45361BEC068D1996E6AE01196DCE524266D740808F753FE
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\es\messages.json	ASCII text, with very long lines	3F4B0F56C2839839FC3E3270ED4CB7B6	0D74EA655EAE3990E95BD26F6E1467EDF3EB3478	1912EA5E0A62BBC669DC14AB5A5BD5514B0502C483EE1F27C3F8834384187079
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\es_419\messages.json	ASCII text, with very long lines	1FD5DAF46C4D7C4F571C263EC37B943B	A57EE5EF6861F88005C2230EA3D633A1B4CA105A	BCC2CF06F66E9E3BB4B7887D0EE0AE4A72A6C49F4B2A578A7733B78208984417
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\et\messages.json	ASCII text, with very long lines	0293A7BAE6EEE62C4067A80E262D6A2D	E76B07BD49FFBBFB6841B7335CBE7A9620714402	D06F20D4D68D1DBB89EF7D8E405D9499CB2EB2560217CD5B4A51AB1DD50CAB44
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\fi\messages.json	ASCII text, with very long lines	E5BBE7DBBE75F45BDCD49DB8C797106E	0F069D7D19768180945F0D8B67DC71262FD586A2	BFFB2248B4C66306133FA6ECBB1541F44B3BE22CC8D9A338D690E0B1D0C85532
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with very long lines	658DAD2AF2DC3AC1567D84E8B95F68B0	EE1121215960EC5ED5F7B6BDB8E4680731EBF83D	978BA6D814CF290016833BBAC22DC7C05C2C575B1D6429B9BB14F8C2156BCF29
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\fr\messages.json	ASCII text, with very long lines	1E32A78526E3AC8108E73D384F17450B	BFE2E47D888BA530A27DD1BDE25C46433C2A545C	80F6EE69F1E022812BCCC1DE1CDC53772CDF90F4E93224161B23FA607D45136A
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\hi\messages.json	ASCII text, with very long lines	B739E3B798D3EEB8AFB3E368455A8E97	56E206DD0AC7EB7B179911BE3F7DD78059CBD4F3	BA7A53A1398168719F2ACD58CC5FE06AB0B769ECA896D70E7208B18085B42FFA
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\hr\messages.json	ASCII text, with very long lines	9CF848209FF50DBF68F5292B3421831C	D29880B7B15102469123D8747BF645706CE8595B	EA1744C3CFBAA684A31A00067E8493ED114EFF3E878C797C9C55A7B122D855CD
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\hu\messages.json	ASCII text, with very long lines	4AD92AFDE3408FBBE43B0C3C71677650	3488901077F336A3196F9AE116E36DF1674E1ACA	61258FE04C23AE14FDC99EE846CEA71CC703990CC0F80C3934299646E86C475E
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\id\messages.json	ASCII text, with very long lines	9008516AA1D8F8C2B8ECE70B7E4963AD	EA7AD4BE77A80A4B9FB1E59A340010830E494747	89CAB0AF2B53C6ABEB93C8C628DDCBDD286A7A2672FE03440411BB654E3A0675
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\it\messages.json	ASCII text, with very long lines	BB9C32BA62DDA02F9471C64B5F9CF916	9825037D5D9185C58456CDD887C77B10A41D8C84	43A0B113D3773BA78F82BB9E42DDC46F6892D0FBBB351F94A7C105E4A146E9C1
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\ja\messages.json	ASCII text, with very long lines	96C8CBD161D3CE9CB1A46CB2CD0C6583	78BBFCF035B5B620E353C8E520653ADD3F4E7DB8	81D8F1D9F72B3139BC5D9845BCF82990308FB6175D07514D8238B1E6D5D02E8A
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\ko\messages.json	ASCII text, with very long lines	3CAF23A8EA2332D78B725B6C99EC3202	95C3504F55A929449EF2E3AB92014562AACD39AD	BFE72BBC492B9018A599CB6575366696E431E6A38400E4B2ED06EAE3340D3AE5
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\lt\messages.json	ASCII text, with very long lines	41F2D63952202E528DBBB683B480F99C	9DD998542DBE6609299D4A5A25364A32FA7D7865	FF7C083CD1E6134DD8263C634336EB852274BAD1BFAD18762814C42BC65309D8
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\lv\messages.json	ASCII text, with very long lines	1D21ED2D46338636E24401F6E56E326F	24497EDB25724BC4A57823C5CD06F50DB9647DD4	434A375C32B8A21C435511C551F740FD4D170EC528A8F4EFC3D798EA4A07B606
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\nb\messages.json	ASCII text, with very long lines	8F0168B9A546D5A99FD8A262C975C80E	B0718071BD0B7251D4459E9C87DF50C14622FBD6	F03FA7384DF79EBA6E0274D570996030F595A3BF6B781929DD9DB6593262E41F
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with very long lines	E7F74DCE7B6411E4E0D95E9252CF74FA	33CC6C73C5F8D0144C0260C2E5A9BD0DB3EF6477	3564AEF46C01602B19CC29FD8A79676C543427EDE98206D0C91B33AF0CCF3977
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\pl\messages.json	ASCII text, with very long lines	E16649D87E4CA6462192CF78EBE543EC	53097D592B13F3C1370366B25024EA72208B136A	EB435F7460A63576CA1ECB51948E7A3AD5168D2F175AE2B5836D469672923D84
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\pt_BR\messages.json	ASCII text, with very long lines	1F4BC8A5EFD59D61127ABEECD4B6CAE3	8647B4D2D643AE4F784ABDDC50D87A39AD02971A	E1950CBBF056F068EA56160DDB318F3E6232BFBBE096D221C7CA6FCAACE2A8B9
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\pt_PT\messages.json	ASCII text, with very long lines	D80ECE7E4B3741CD9CD29B89D006B864	8F0D587B78E36861ED00524ABF886FA20E14CAE4	C8FF9ACAEA1D3B6F8483339CB40F66BC563CCA8DD87F2337F813C492B20F451B
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\ro\messages.json	ASCII text, with very long lines	D63E66B94A4EA2085D80E76209582FB1	4ECAC3EB64DD6253310A0776E6D42257FC290D77	91A5AAD210C3E0241106E8821B3897EDEFEC9D85033C94DB2324FF3A5FDE5AC7
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\ru\messages.json	ASCII text, with very long lines	22F9E62ABAD82C2190A839851245A495	E7F79BD875918F0D0799DB5F45FAC6297FB66AF7	9FC1167626C97BCBFDAFF23C6033A44252F89A501AF1DF41C43CB3A994FEB09F
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\sk\messages.json	ASCII text, with very long lines	4BBAA10FD00AADBBA3EF6E805E8E1A62	1991901BD6A20C4A7977F09DF30C0CFF0524C504	906C4F7FDDE15DE4C841E7910BBF14D9175E894BCB244B56E8447A5ADFA5B7AB
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\sl\messages.json	ASCII text, with very long lines	F45DE58765A37FD095319D7DEB0F2FB6	B585A485C9BC1982EDF7AE0B9AC73A8E91D41CB5	8366774AA582035BC7D949F4E28FAEC371C305D01404DF56FFF5A78B4F6ECDB7
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\sr\messages.json	ASCII text, with very long lines	92C1FAC62EB7F92EC3794D4A141BEF32	2AFA41BF51BF9A1089B0B92A9D2DC74299B79813	9DF154C93B02695AF1CC39F085D9D178EC6AF131A62C2AFC65F125F8F9A5B7AC
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\sv\messages.json	ASCII text, with very long lines	6E1BE9CEE29818E54E3D1C7D483DD6F7	B9DD926B60E225C5BE8A1DBB7EF3ACE422A204A9	E348583D8C53F4A5DEC4551DA93785C17108466E427E06F84708AA383EA0E326
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\th\messages.json	ASCII text, with very long lines	283D5177FB2FC7082967988E2683EC7C	DEDE43967F3CEF9D9325F140872A63BFCE2AA8C5	E8D5820BDE31B66A7641068FDEDD1A5F20C1A783460B98887A670F38422099CF
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\tr\messages.json	ASCII text, with very long lines	1BF2AA4BB904B406C9C2B7DF769BB540	8D29C4B7A79AB0657747CA194D1934292A46D2A8	0F2E8285BA3E2BDBA6B16435FB941B07159AACFAC80196AD5941B79AB52B712A
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\uk\messages.json	ASCII text, with very long lines	FD1C9890679036E1AD914218753B1E8E	58160F7A0FC94110A2876223E406A517C8E2660B	39D19CC3387FFCE13A8F11DAD72E2FCBB7CD1A4367EC699AD7C40D6F52ECE717
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\vi\messages.json	ASCII text, with very long lines	7D52E9357AB847B4CC8DBC8CC4DA93F5	AF877F3992D8056C8F08462BD575595BF79FE5B0	313F71F3FFDCEFC76FC746FF2029FBF8FBE38BD83DCF952FC3DDCD8AA96D5CFB
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\zh_CN\messages.json	ASCII text, with very long lines	393680A09DEE0CB9046A62BDC0750B74	54E7F8215061A4AB241B87AE4E81C8F860EB2C2B	D5FB52C2897FD5C294784DB63C933AC77C609D10AC91431CCB295D87452CBEE6
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\_locales\zh_TW\messages.json	ASCII text, with very long lines	CD30D132A7213FC1B7E03C6D0A49CCF7	1141DED39023B821FE9BB4682E0D1EB5469DAF76	5717F13D10E63255947F750C79CBB6BD04A6D97A08261E8D5764AF5EB0561A28
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\craw_background.js	ASCII text, with very long lines	6EEBED29E6A6301E92A9B8B347807F5F	65DFB69B650560551110B33DCBA50B25E5B876DE	04CD9494B0ED83924DAD12202630B20D053D9E2819C8E826A386C814CC0A1697
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\craw_window.js	ASCII text, with very long lines	1709B6F00A136241185161AA3DF46A06	33DA7D262FFED1A5C2D85B7390E9DBC830CBE494	5721A4B3F8E09C869A629EFFD350B51C9D46F0AC136717D4DB6265C0EE6F9AC8
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\css\craw_window.css	ASCII text	67BF9AABE17541852F9DDFF8245096CD	A4AC74DD258E8E0689034FAA1B15A5C7C56DC3BB	10DFBD2D98950B79EE12F6B8E3885AABE31543048DE56AD4FC0A5E34D0D9D4EC
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\html\craw_window.html	HTML document, ASCII text	34A839BC40DEBC746BBD181D9EF9310C	8B4EAA74D31EED5B0BABA3CA5460201F6B10DA46	BB8742615E4CD996AE5D0200E443AE6A6F0B473255F03AFFDB8FB4660DE4554D
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\images\flapper.gif	GIF image data, version 89a, 30 x 30	398ABB308EEBC355DA70BCE907B22E29	CFFB77B8A1724B8F81D98C6D6AD0071D10162252	2B73533F47A99FFEA9CC405FFAFA9C4C53623F62487AEBFBA415945120B22040
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	30899B6C4E4A757B8EC6DD2208ACDFB4	F2C5880A724C6D75CCE1B5191E0D82C3BC7DE768	4F17EFBD974A41D88CB36567AAB6BF4586579E78780F00B1826676819E14BFF4
C:\Users\user\AppData\Local\Temp\scoped_dir4660_691928881\CRX_INSTALL\manifest.json	ASCII text	6CA25F3EF585B63F01BCDF8635120704	00C063811E31EA5F9A00F175A71EA25E7821F621	49D9DE983F7436BA786E6E04A5A20C10F41687AE06B266B1B6553F696719563D

Windows Analysis Report https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Compliance:

Networking:

System Summary:

HIPS / PFW / Operating System Protection Evasion:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://my.justuno.com/admin/pages/promotion/preview-popup.html?onboarding=&step=&display=&guid=%7b1C0C9FA0-656D-4B45-85D3-9F4CFE984F19%7d&cm=762519&url=https%3A%2F%2Fgoview%2Ecom%23ju%5Fpreview&mobile=false&rnd=0.63515904724349'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1836 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=gpu-process --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1564 /prefetch:2	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1836 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=renderer --enable-automation --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2724 /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=renderer --enable-automation --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2740 /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=renderer --enable-automation --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --disable-gpu-compositing --lang=en-US --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=renderer --enable-automation --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --disable-gpu-compositing --lang=en-US --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=renderer --enable-automation --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --disable-gpu-compositing --lang=en-US --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3752 /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --service-sandbox-type=utility --enable-audio-service-sandbox --mojo-platform-channel-handle=3896 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=renderer --enable-automation --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --disable-gpu-compositing --lang=en-US --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4004 /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=renderer --enable-automation --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --disable-gpu-compositing --lang=en-US --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4488 /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=renderer --enable-automation --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --disable-gpu-compositing --lang=en-US --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --service-sandbox-type=utility --enable-audio-service-sandbox --mojo-platform-channel-handle=1416 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --service-sandbox-type=utility --enable-audio-service-sandbox --mojo-platform-channel-handle=2144 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --service-sandbox-type=utility --enable-audio-service-sandbox --mojo-platform-channel-handle=5752 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1568,3188449050432279557,2304162068375706944,131072 --lang=en-US --service-sandbox-type=utility --enable-audio-service-sandbox --mojo-platform-channel-handle=4952 /prefetch:8	Jump to behavior