Windows Analysis Report
A095176990000.pdf

Overview

General Information

Sample name:	A095176990000.pdf
Analysis ID:	1562771
MD5:	3d8e08628ed78c9ae836a6385ec6912e
SHA1:	64fc4953015dc07be9d3d402d05c597325e1977e
SHA256:	0af49a42d46a13b5f6d88b33f6565392c67de0bf3188e83d6cc8e14a25aaf2a9
Infos:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish44

Yara detected Phisher

AI detected landing page (webpage, office document or email)

Suspicious PDF detected (based on various text indicators)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

HTML title does not match URL

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

Yara detected HtmlPhish44

Source: Yara match

File source: dropped/chromecache_322, type: DROPPED

Yara detected Phisher

Source: Yara match

File source: dropped/chromecache_237, type: DROPPED

AI detected landing page (webpage, office document or email)

Source: PDF document	Joe Sandbox AI: Page contains button: 'VIEW DOCUMENT' Source: 'PDF document'
Source: PDF document	Joe Sandbox AI: PDF document contains prominent button: 'view document'
Source: https://form.jotform.com/243286712359059	Joe Sandbox AI: Page contains button: 'VIEW DOCUMENT' Source: '1.0.pages.csv'

Suspicious PDF detected (based on various text indicators)

Source: Adobe Acrobat PDF

OCR Text: docusign You have received an EFT Remittance document. VIEW DOCUMENT Fwd: Completed: Please DocuSign: AutomaticTransferOrPaymentAuthorization.pdf Do Not Share This Email This email contains a secure link to DocuSign . Please do not share this email, link, or access code with others

HTML body contains low number of good links

Source: https://form.jotform.com/243286712359059

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden javascript code

Source: https://cjx.gwckpfsj.ru/MdmjiH0/

HTTP Parser: Base64 decoded: https://nCoYZFb8LZKXezPaBqsRamfzYQWsVyiqGlNfXTUb2PUU0ySzL0rgRD.diblethe.com/PGLujjPaqRMUNsJWxexszhFlvIvYDIEOYIWBNRNJMNMUGKJCDNBEWSYGISULTGXQYBDNZSRTLHQ

HTML title does not match URL

Source: https://form.jotform.com/243286712359059

HTTP Parser: Title: Documents with docusign Inc. does not match URL

Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1862711348&timestamp=1732579429674
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: Iframe src: /_/bscframe
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1862711348&timestamp=1732579429674
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: Iframe src: /_/bscframe

HTTP Parser: <input type="password" .../> found

Source: https://cjx.gwckpfsj.ru/MdmjiH0/	HTTP Parser: No favicon
Source: https://cjx.gwckpfsj.ru/MdmjiH0/	HTTP Parser: No favicon
Source: https://cjx.gwckpfsj.ru/MdmjiH0/	HTTP Parser: No favicon
Source: https://support.google.com/	HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No favicon

Source: https://form.jotform.com/243286712359059	HTTP Parser: No <meta name="author".. found
Source: https://form.jotform.com/243286712359059	HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="author".. found

Source: https://form.jotform.com/243286712359059	HTTP Parser: No <meta name="copyright".. found
Source: https://form.jotform.com/243286712359059	HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:49763 version: TLS 1.2

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 104.19.129.105 104.19.129.105
Source: Joe Sandbox View	IP Address: 151.101.130.137 151.101.130.137
Source: Joe Sandbox View	IP Address: 151.101.130.137 151.101.130.137
Source: Joe Sandbox View	IP Address: 104.19.128.105 104.19.128.105
Source: Joe Sandbox View	IP Address: 151.101.194.137 151.101.194.137
Source: Joe Sandbox View	IP Address: 151.101.194.137 151.101.194.137

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58

Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=RAXdgZtKuMBBeS8&MD=bR5ktDOh HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /243286712359059 HTTP/1.1Host: form.jotform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylebuilder/static/form-common.css?v=63b8091 HTTP/1.1Host: cdn01.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/styles/payment/payment_styles.css?3.3.58827 HTTP/1.1Host: cdn03.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/prototype.forms.js?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/jotform.forms.js?v=3.3.58827 HTTP/1.1Host: cdn03.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/errorNavigation.js?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/styles/payment/payment_feature.css?3.3.58827 HTTP/1.1Host: cdn01.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/vendor/smoothscroll.min.js?v=3.3.58827 HTTP/1.1Host: cdn01.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/errorNavigation.js?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/vendor/smoothscroll.min.js?v=3.3.58827 HTTP/1.1Host: cdn01.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/prototype.forms.js?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/?family=Inter&display=swap HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cdn02.jotfor.ms/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/jotform.forms.js?v=3.3.58827 HTTP/1.1Host: cdn03.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/inter/fonts/Inter-SemiBold.woff2 HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://form.jotform.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.jotfor.ms/fonts/?family=Inter&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/inter/fonts/Inter-Medium.woff2 HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://form.jotform.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.jotfor.ms/fonts/?family=Inter&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/inter/fonts/Inter-Regular.woff2 HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://form.jotform.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.jotfor.ms/fonts/?family=Inter&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png HTTP/1.1Host: www.jotform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /form/243286712359059/?ref=&res=1280x1024&eventID=1732579361105_243286712359059_z2tuO2q&loc=https%253A%252F%252Fform.jotform.com%252F243286712359059 HTTP/1.1Host: events.jotform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jufs/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png?md5=5lPW7aZ9Os4z0Vg8LgaHVg&expires=1732579373 HTTP/1.1Host: files.jotform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/favicons/favicon-2021-light%402x.png HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jufs/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png?md5=5lPW7aZ9Os4z0Vg8LgaHVg&expires=1732579373 HTTP/1.1Host: files.jotform.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/favicons/favicon-2021-light%402x.png HTTP/1.1Host: cdn.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /formInitCatchLogger/243286712359059 HTTP/1.1Host: api.jotform.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /MdmjiH0/ HTTP/1.1Host: cjx.gwckpfsj.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://submit.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=RAXdgZtKuMBBeS8&MD=bR5ktDOh HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /MdmjiH0/ HTTP/1.1Host: cjx.gwckpfsj.ruConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://submit.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cjx.gwckpfsj.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgdrhY6zM7txEf61nPO67_Cl7rOyCGsyEb9GaIEqe3M-p-yN2nJeBUGCXkDygK7t8xYVcKwSgu4v0_u6EZF5srUh16p0vNl1K8hBeBV8dg-KcOpt7y8vrkamMOU2HxW0STp0JDEp21FWuCWxDXZX0EtxoLPSBWR6WwhXZglXIvWXbh24ojuyofD6htY8D4/s3396/userinter.png HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cjx.gwckpfsj.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cjx.gwckpfsj.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cjx.gwckpfsj.ru/MdmjiH0/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IitYbEdkY3U5ZXpxLy8xV1Z4blRUSFE9PSIsInZhbHVlIjoiZTJFazNmbS9qaUhlMWFIWUljN0Z2RjVLUmx1WUFGSjd6MFBoZGtrRW9Sakk1VVBTR3FaSDlkd0xvK3pXWUltVWF6K3JncUlvRURaMEtaZDV0U0wwNEw3RkxDbE15OGdLcnpNWTN6Y0hKSlJkdnRMcWwzSzRPbmthVExoeUhiWG4iLCJtYWMiOiIzNWU3M2U0NjQ1MDk5OWJlZTMwNjI3NWYyZGIwNTVjNTRkOTQyOTY2MzBjMGZiNGNjYjE2MTRkYWEzYTQ5MzIxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InNIMVpQQ1ZEQU91SjlscFcrY0ZJM3c9PSIsInZhbHVlIjoiSGYxWlR2MDFkN2FVNXhNbHVmbGFqMGVSM1lPYjlkRkozQUtsUGgxeWFBZW1YWVhZQk9LYkhudWpoT09UMElWdnk3UDIyRTVqODhSaW5vN29rNVJBV09SeVFweFRHWUR4YTRjQlE2aXVDVTRFWHpWSmpFT1FzVzU2VXpBOEhiYnkiLCJtYWMiOiJkMTE1ZDAwODJjMzU2NGMzOThiNjUyNGQyYWRiMWEwYzRjYzQ4ZjI2NDk4NTE5ZDBiNDJiZjA1N2RhMDE4YzU0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: /Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: fp.msedge.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgdrhY6zM7txEf61nPO67_Cl7rOyCGsyEb9GaIEqe3M-p-yN2nJeBUGCXkDygK7t8xYVcKwSgu4v0_u6EZF5srUh16p0vNl1K8hBeBV8dg-KcOpt7y8vrkamMOU2HxW0STp0JDEp21FWuCWxDXZX0EtxoLPSBWR6WwhXZglXIvWXbh24ojuyofD6htY8D4/s3396/userinter.png HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /PGLujjPaqRMUNsJWxexszhFlvIvYDIEOYIWBNRNJMNMUGKJCDNBEWSYGISULTGXQYBDNZSRTLHQ HTTP/1.1Host: ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://cjx.gwckpfsj.ruSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cjx.gwckpfsj.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /PGLujjPaqRMUNsJWxexszhFlvIvYDIEOYIWBNRNJMNMUGKJCDNBEWSYGISULTGXQYBDNZSRTLHQ HTTP/1.1Host: ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /o9U8AvPuX9gkIYtYfNmH-_wBdTfOJ7jb0VwbLWWbERzml7oTPngODhKv2Br7A64=w64 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /o9U8AvPuX9gkIYtYfNmH-_wBdTfOJ7jb0VwbLWWbERzml7oTPngODhKv2Br7A64=w64 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /generate_204 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=4&q=y&callback=google.sbox.p50&gs_gbg=16mvOo3h8luQ7m HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=8&q=yo&callback=google.sbox.p50&gs_gbg=y9Ls5VA0g7B0u1kbNm HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=3&gs_id=c&q=you&callback=google.sbox.p50&gs_gbg=bqnCvCUj HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=4&gs_id=g&q=youe&callback=google.sbox.p50&gs_gbg=SW6YDciouY HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=4&q=y&callback=google.sbox.p50&gs_gbg=16mvOo3h8luQ7m HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=3&gs_id=c&q=you&callback=google.sbox.p50&gs_gbg=bqnCvCUj HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=3&gs_id=j&q=you&callback=google.sbox.p50&gs_gbg=757BnKhN2O HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=8&q=yo&callback=google.sbox.p50&gs_gbg=y9Ls5VA0g7B0u1kbNm HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=4&gs_id=g&q=youe&callback=google.sbox.p50&gs_gbg=SW6YDciouY HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=3&gs_id=j&q=you&callback=google.sbox.p50&gs_gbg=757BnKhN2O HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=m&q=yo&callback=google.sbox.p50&gs_gbg=xgl4KxlY2 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=p&q=y&callback=google.sbox.p50&gs_gbg=08rffX6hFD HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=m&q=yo&callback=google.sbox.p50&gs_gbg=xgl4KxlY2 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.x7CxCIZpks8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo8czmnaLIncRgBQP7N2THncpDJ9mQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=p&q=y&callback=google.sbox.p50&gs_gbg=08rffX6hFD HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=11&q=M&callback=google.sbox.p50&gs_gbg=WdzN2B76gJp7oy1125C2f HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=11&q=M&callback=google.sbox.p50&gs_gbg=WdzN2B76gJp7oy1125C2f HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.x7CxCIZpks8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo8czmnaLIncRgBQP7N2THncpDJ9mQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI

Source: chromecache_273.14.dr	String found in binary or memory: ;function Jr(){this.part="snippet,id,contentDetails,louserzations,statistics";this.Jk=new tr({serverUrl:"https://www.googleapis.com/youtube/v3",serviceName:"youtubeDataApi"})} equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: ;var cga=Ga(["//www.youtube.com/player_api"]),dga=ko(cga),Kr=[],ega=!1;function Lr(){if(!ega){window.onYouTubeIframeAPIReady=fga;var a=xp("SCRIPT");Sn(a,dga);document.head.appendChild(a);ega=!0}} equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: ;var nra=Ga(["//www.youtube.com/player_api"]),EA=4/3,ora=16/9,FA={autoplay:1,cc_load_policy:1,controls:2,hl:"en",rel:0,playsinline:0};function GA(a){var b=a.Gb;var c=a.Vl===void 0?!1:a.Vl;a=a.playerVars===void 0?FA:a.playerVars;A.call(this,"sc.tailwind.shared.video.VideoPlayer");this.o=!1;this.ma=0;this.Gb=b;this.Vl=c;this.id=this.Gb.getId();this.playerVars=a;b=this.Gb.mediumThumbnail.width;c=this.Gb.mediumThumbnail.height;this.aspectRatio=b&&c?b/c===EA?EA:ora:EA;this.watch(this.Gb)} equals www.youtube.com (Youtube)
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: Cf=y(["https://sandbox.google.com/tools/feedback/"]),Df=y(["https://www.google.cn/tools/feedback/"]),Ef=y(["https://help.youtube.com/tools/feedback/"]),Ff=y(["https://asx-frontend-staging.corp.google.com/inapp/"]),Gf=y(["https://asx-frontend-staging.corp.google.com/tools/feedback/"]),Hf=y(["https://localhost.corp.google.com/inapp/"]),If=y(["https://localhost.proxy.googlers.com/inapp/"]),Jf=U(lf),Kf=[U(mf),U(nf)],Lf=[U(of),U(pf),U(qf),U(rf),U(sf),U(tf),U(uf),U(vf),U(wf),U(xf)],Mf=[U(yf),U(zf)],Nf= equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: Va=Va.split("-")[0].toLowerCase();if(Ra===Va\|\|e.louserzations&&e.louserzations[a.ua])a.ma=!0;e="https://www.youtube.com/embed/"+encodeURIComponent(a.id);a.embedUrl=e}a.state=2;a.Ea(0);$o("youtube_video_model/load/success");return Qa(c,0)}Sa(c);a.state=3;a.Ea(0);$o("youtube_video_model/load/failure");Oa(c)})} equals www.youtube.com (Youtube)
Source: chromecache_293.14.dr	String found in binary or memory: _.Dq(p)+"/familylink/privacy/notice/embedded?langCountry="+_.Dq(p);break;case "PuZJUb":a+="https://www.youtube.com/t/terms?chromeless=1&hl="+_.Dq(m);break;case "fxTQxb":a+="https://youtube.com/t/terms?gl="+_.Dq(_.Mq(c))+"&hl="+_.Dq(d)+"&override_hl=1"+(f?"&linkless=1":"");break;case "prAmvd":a+="https://www.google.com/intl/"+_.Dq(m)+"/chromebook/termsofservice.html?languageCode="+_.Dq(d)+"&regionCode="+_.Dq(c);break;case "NfnTze":a+="https://policies.google.com/privacy/google-partners"+(f?"/embedded": equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: b.open("GET","https://www.googleapis.com/youtube/v3/videos?part=snippet%2C+id&key=AIzaSyD-4tE5aKFZYIS_IrfpCDRsgQZbv5VCJZM&id="+a.ma);b.send()} equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: function KA(a){if(Ho())z().rs==2?window.YT&&window.YT.Player?MA(a,a.o):(Kr.push(function(f){MA(this,f)}.bind(a,a.o)),Lr()):Oo("//www.youtube.com/embed/"+a.ma+"/?rel=0&cc_load_policy=1&autoplay=1&hl="+window.sc_pageModel.lang); equals www.youtube.com (Youtube)
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: return b}GD.F="internal.enableAutoEventOnTimer";var Zb=wa(["data-gtm-yt-inspected-"]),ID=["www.youtube.com","www.youtube-nocookie.com"],JD,KD=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: x1.i.lencr.org
Source: global traffic	DNS traffic detected: DNS query: cdn01.jotfor.ms
Source: global traffic	DNS traffic detected: DNS query: cdn02.jotfor.ms
Source: global traffic	DNS traffic detected: DNS query: cdn03.jotfor.ms
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jotfor.ms
Source: global traffic	DNS traffic detected: DNS query: www.jotform.com
Source: global traffic	DNS traffic detected: DNS query: events.jotform.com
Source: global traffic	DNS traffic detected: DNS query: files.jotform.com
Source: global traffic	DNS traffic detected: DNS query: api.jotform.com
Source: global traffic	DNS traffic detected: DNS query: submit.jotform.com
Source: global traffic	DNS traffic detected: DNS query: cjx.gwckpfsj.ru
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: blogger.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.com
Source: global traffic	DNS traffic detected: DNS query: support.google.com
Source: global traffic	DNS traffic detected: DNS query: lh3.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: accounts.youtube.com

Source: unknown

HTTP traffic detected: POST /submit/243286712359059 HTTP/1.1Host: submit.jotform.comConnection: keep-aliveContent-Length: 721Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1Origin: https://form.jotform.comContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Nov 2024 00:02:48 GMTContent-Type: application/jsonTransfer-Encoding: chunkedConnection: closevary: Accept-Encodingp3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"expires: Tue, 03 Jul 1970 06:00:00 GMTlast-modified: Tue, 26 Nov 2024 00:02:48 GMTCache-Control: no-store, no-cache, must-revalidate, max-age=0Cache-Control: post-check=0, pre-check=0pragma: no-cachejf-trace-id: 084c558490a624f4Set-Cookie: guest=guest_ad5f326836175de4; expires=Thu, 26 Dec 2024 00:02:48 GMT; Max-Age=2592000; path=/; domain=.jotform.com; secure; HttpOnly; SameSite=NoneSet-Cookie: guest=guest_ad5f326836175de4; expires=Thu, 26 Dec 2024 00:02:48 GMT; Max-Age=2592000; path=/; domain=.jotform.com; secure; HttpOnly; SameSite=Noneaccess-control-allow-origin: *access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETEvia: 1.1 googleCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 8e859c9a6b2e8c15-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Nov 2024 00:02:50 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBt9vvJsm9sh3pEonp8y6HHpaBej7ai8XjrOhKqbCwmrGzrtLTHkDcMSn0DtNPkzNsjvZ1bv%2Bt3uc1SJrG6kQwWz5feyz8TSKvT4xdOuvGD5%2FE3Ss9sU2IWt5PhNcw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=11284&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2827&recv_bytes=1604&delivery_rate=253245&cwnd=32&unsent_bytes=0&cid=cd8149a0cf0f25a8&ts=111&x=0"Server: cloudflareCF-RAY: 8e859ca51a655e86-EWRserver-timing: cfL4;desc="?proto=TCP&rtt=1726&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1268&delivery_rate=1627647&cwnd=238&unsent_bytes=0&cid=4c42e9053328bc1b&ts=738&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Nov 2024 00:03:02 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSu8JhoTXSBGuz6%2Fef25WPFqWhmkKjFLCL3%2F0GyMP%2FjqWIBrZ4qvHOGHeMchwxajCTeTYQONKxlgz6mDSzmpdkeWDVvL7zGqbSqi4%2BnDkndL%2BhfGhwSHLU8WIGaNOg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=11341&sent=27&recv=18&lost=0&retrans=0&sent_bytes=24555&recv_bytes=4280&delivery_rate=1438942&cwnd=51&unsent_bytes=0&cid=cd8149a0cf0f25a8&ts=12090&x=0"CF-Cache-Status: EXPIREDServer: cloudflareCF-RAY: 8e859cf01dda425c-EWRserver-timing: cfL4;desc="?proto=TCP&rtt=1818&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2824&recv_bytes=1895&delivery_rate=1539272&cwnd=226&unsent_bytes=0&cid=840362e5610427fe&ts=5022&x=0"

Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: http://loading.retry.widdit.com/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: http://localhost.corp.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: http://localhost.proxy.googlers.com/inapp/
Source: chromecache_326.14.dr, chromecache_292.14.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: http://tt.epicplay.com
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_273.14.dr	String found in binary or memory: http://www.google.com/appsstatus
Source: 2D85F72862B55C4EADD9E66E06947F3D0.2.dr	String found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_273.14.dr	String found in binary or memory: https://about.google/products/
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://accounts.google.com
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://accounts.google.com/TOS?loc=
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_350.14.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_255.14.dr	String found in binary or memory: https://api.jotform.com
Source: chromecache_228.14.dr, chromecache_303.14.dr, chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://apis.google.com/js/rpc:shindig_random.js?onload=credentialservice.postMessage
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://browser.sentry-cdn.com/5.19.0/bundle.min.js
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms
Source: chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms/
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/builder/search_icon.png
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/favicons/favicon-2021-light%402x.png
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/landing/opengraph.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/alert_blue.svg
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/close_white.svg
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/collapse_icon.svg
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/expand_icon.svg
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/image_zoom.svg
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/product_delete.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/product_drag.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/product_settings.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/product_upload.svg
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/shopping_bag.svg
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/sort_icon.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/sp_back_icon.svg
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/stripeACH_plaid.svg);
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/trash_btn.svg
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/uncategorized/access-image.png
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/uncategorized/encrypted-form-badge.png
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/uncategorized/hipaa-badge-compliance.png
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Black.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Black.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Bold.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Bold.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-ExtraBold.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-ExtraBold.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-ExtraLight.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-ExtraLight.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Light.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Light.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Medium.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Medium.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-SemiBold.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-SemiBold.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Thin.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Thin.woff2)
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/images/exclamation-octagon.png
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn01.jotfor.ms/css/styles/payment/payment_feature.css?3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn01.jotfor.ms/js/vendor/smoothscroll.min.js?v=3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn01.jotfor.ms/stylebuilder/static/form-common.css?v=63b8091
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn02.jotfor.ms/js/errorNavigation.js?v=3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn02.jotfor.ms/static/prototype.forms.js?v=3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn02.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn03.jotfor.ms/css/styles/payment/payment_styles.css?3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn03.jotfor.ms/static/jotform.forms.js?v=3.3.58827
Source: cd87eee3-811b-410b-a8d6-3b7b5f523201.tmp.3.dr	String found in binary or memory: https://chrome.cloudflare-dns.com
Source: chromecache_237.14.dr	String found in binary or memory: https://cjx.gwckpfsj.ru/MdmjiH0/
Source: chromecache_346.14.dr, chromecache_273.14.dr, chromecache_245.14.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_255.14.dr	String found in binary or memory: https://eu-api.jotform.com
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://events.jotform.com/
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://families.google.com/intl/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback-pa.clients6.google.com
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/annotator.css
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/render_frame2.html
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback2-test.corp.google.com/inapp/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback2-test.corp.google.com/tools/feedback/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/inapp/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmZjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmdjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmhjtg.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmtjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmxjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmZjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmdjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmtjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmxjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qE52i1dC.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qER2i1dC.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEV2i1dC.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEl2i1dC.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2)
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_232.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/productlogos/drive_2020q4/v10/192px.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/productlogos/gmail_2020q4/v10/web-48dp/logo_gmail_2020q4_color_2x_web_
Source: chromecache_232.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/productlogos/maps/v7/192px.svg
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.0.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.1.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.10.w
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.11.w
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.2.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.3.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.4.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.5.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.6.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.7.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.8.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.9.wo
Source: chromecache_301.14.dr	String found in binary or memory: https://form.jotform.com/243286712359059
Source: A095176990000.pdf	String found in binary or memory: https://form.jotform.com/243286712359059)
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://g.co/recover
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://gstatic.com/uservoice/surveys/resources/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://help.youtube.com/tools/feedback/
Source: chromecache_255.14.dr	String found in binary or memory: https://hipaa-api.jotform.com
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://hipaa.jotform.com/
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://js.stripe.com/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://localhost.corp.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://localhost.proxy.googlers.com/inapp/
Source: chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_273.14.dr	String found in binary or memory: https://payments.google.com/manage/
Source: chromecache_303.14.dr, chromecache_273.14.dr, chromecache_293.14.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://play.google.com/work/enroll?identifier=
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://play.google/intl/
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/privacy/additional
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/privacy/google-partners
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/technologies/cookies
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/technologies/location-data
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/terms
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/terms/location
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/terms/service-specific
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://sandbox.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://sandbox.google.com/inapp/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/%
Source: chromecache_273.14.dr	String found in binary or memory: https://schema.org
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://scone-pa.clients6.google.com
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://screenshots.jotform.com/opt/templates/screen_editor.html?shot=
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://screenshots.jotform.com/queue/
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://screenshots.jotform.com/wishbox-server.php
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://screenshots.jotform.com/wishbox-server.php?callback=?
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-email-pin.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-password.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-sms-or-voice-pin.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-sms-pin.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-stop-go-landing-page_1x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/animation/
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/ble_device.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/ble_pin.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/contacts_backup_sync.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/contacts_backup_sync_1x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/contacts_backup_sync_2x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/contacts_backup_sync_darkmode_1x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/continue_on_your_phone.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/device_phone_number_verification.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/device_prompt_silent_tap_yes_darkmode.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/device_prompt_tap_yes.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/device_prompt_tap_yes_darkmode.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kid_success.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kid_success_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidfork_who_will_use_dark_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidfork_who_will_use_updated.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidfork_who_will_use_updated_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidfork_who_will_use_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignin_not_ready.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignin_stick_around_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignin_stick_around_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_child_account_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_child_account_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_child_privacy_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_child_privacy_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_created.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_double_device.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_double_device_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_full_house.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_link_accounts_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_link_accounts_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_parent_app_decision.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_parent_app_decision_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_parent_supervision_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_parent_supervision_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_respect_others_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_respect_others_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_single_device.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_single_device_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_stop.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/personalization_reminders.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/personalization_reminders_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/personalization_reminders_2_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/phone_number_sign_in_2x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/return_to_desktop.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/return_to_desktop_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_ios_center.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_laptop.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_nfc_discovered.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_nfc_discovered_darkmode.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_phone.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/signin_googleapp_ios.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/signin_googleapp_pulldown.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/signin_tapyes.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/smart_lock_2x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/usb_key.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/web_and_app_activity.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/web_and_app_activity_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/web_and_app_activity_2_darkmode.svg
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/who_will_be_using_this_device.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/you_tube_history.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/you_tube_history_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/you_tube_history_2_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/feature_not_available.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/feature_not_available_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/gmail_ios_authzen.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/paaskey.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_challenge.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_challenge_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_cross_device.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_cross_device_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_error.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_error_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_reauth.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_reauth_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_success.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_success_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkeyerror.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkeyerror_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/red_globe_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/red_globe_light.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/screenlock.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_ipad.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_iphone.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_iphone_nfc.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_iphone_usb.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_phone.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_keys.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/success_checkmark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/success_checkmark_2_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/speedbump/take_selfie.svg
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/speedbump/take_selfie_dark_mode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/ui/loading_spinner_gm.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/ui/progress_spinner_color_20dp_4x.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/ui/success-gm-default_2x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/apps/signup/resources/custom-email-address.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/images/hpp/shield_security_checkup_green_2x_web_96dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/account_setup_chapter_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/account_setup_chapter_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/device_setup_chapter_dark_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/device_setup_chapter_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/parental_control_chapter_dark_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/parental_control_chapter_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_accountslinked.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_accountslinked_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_childneedshelp.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_childneedshelp_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_nextstepsforparents.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_nextstepsforparents_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_allset.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_allset_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_apps_devices.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_apps_devices_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_areyousurekid.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_areyousurekid_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_birthdayemail.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_birthdayemail_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_choose_apps.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_choose_apps_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_confirmation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_exploremore.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_exploremore_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_intro.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_intro_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_privacy_terms_a18.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_privacy_terms_a18_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_privacyterms.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_privacyterms_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_review_settings.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_review_settings_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_safe_search.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_safe_search_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_success_unchanged_a18.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_success_unchanged_a18_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_success_update_a18.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_success_update_a18_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervision_choice.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervision_choice_a18.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervision_choice_a18_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervision_choice_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervisiongrad.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervisiongrad_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/guardianlinking/linking_complete_0.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/guardianlinking/linking_complete_dark_0.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/ads_personalization.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/ads_personalization_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/confirmation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/confirmation_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/eligibility_error.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/eligibility_error_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/fork.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/fork_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/intro.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/intro_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/personal_results.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/personal_results_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/safe_search.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/safe_search_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/check_notifications.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/check_notifications_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_installing_family_link_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_installing_family_link_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_location_sharing_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_location_sharing_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_parental_controls_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_parental_controls_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_school_time_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_school_time_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/location_sharing_enabled_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/location_sharing_enabled_dark_3.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/parent_sign_in_prologue_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/parent_sign_in_prologue_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_complete_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_complete_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_contacts_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_contacts_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_family_link_boy_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_family_link_boy_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_family_link_girl_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_family_link_girl_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/ulp_continue_without_gmail_dark_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/ulp_continue_without_gmail_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/all_set.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/all_set_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/are_you_sure_parent.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/are_you_sure_parent_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/content_restriction.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/content_restriction_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/error.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/error_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/how_controls_work.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/how_controls_work_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/next_steps.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/next_steps_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/setup_controls.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/setup_controls_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/who_parent.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/who_parent_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/who_teen.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/who_teen_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teentoadultgraduation/supervision_choice.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teentoadultgraduation/supervision_choice_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/kid_setup_parent_escalation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/kid_setup_parent_escalation_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/send_email_confirmation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/send_email_confirmation_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/success_sent_email.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/success_sent_email_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulpupgrade/kidprofileupgrade_all_set.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulpupgrade/kidprofileupgrade_all_set_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/all_set.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/all_set_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/almost_done_kids_space_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/almost_done_kids_space_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/devices_connected_tablet_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/devices_connected_tablet_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/devices_connected_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/devices_connected_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/emailinstallfamilylink.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/emailinstallfamilylink_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/familylinkinstalling.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/familylinkinstalling_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/hand_over_device_dark_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/hand_over_device_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/linking_accounts_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/linking_accounts_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/locationsetup.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/locationsetup_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_email.svg
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_email_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_email_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/open_family_link_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/open_family_link_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/parents_help.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/parents_help_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/set_up_kids_space.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/set_up_kids_space_dark.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setupcontrol.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setupcontrol_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setuplocation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setuplocation_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setuptimelimits.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setuptimelimits_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/supervision_ready_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/supervision_ready_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/youtubeaccess.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/youtubeaccess_dark.svg
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://stagingqual-feedback-pa-googleapis.sandbox.google.com
Source: chromecache_332.14.dr, chromecache_350.14.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_340.14.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_301.14.dr	String found in binary or memory: https://submit.jotform.com/submit/243286712359059
Source: chromecache_316.14.dr, chromecache_273.14.dr, chromecache_307.14.dr	String found in binary or memory: https://support.google.com/
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://support.google.com/accounts?hl=
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://support.google.com/accounts?p=new-si-ui
Source: chromecache_265.14.dr, chromecache_263.14.dr	String found in binary or memory: https://support.google.com/admanager/community?hl
Source: chromecache_273.14.dr	String found in binary or memory: https://support.google.com/embed/tagging/install
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://support.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://support.google.com/inapp/%
Source: chromecache_265.14.dr, chromecache_263.14.dr	String found in binary or memory: https://support.google.com/messages/community?hl
Source: chromecache_265.14.dr, chromecache_263.14.dr	String found in binary or memory: https://support.google.com/tagmanager/community?hl
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://support.google.com/websearch/answer/4358949?hl=ko&ref_topic=3285072
Source: chromecache_353.14.dr, chromecache_335.14.dr, chromecache_338.14.dr, chromecache_236.14.dr, chromecache_294.14.dr, chromecache_223.14.dr, chromecache_319.14.dr, chromecache_279.14.dr, chromecache_250.14.dr, chromecache_288.14.dr, chromecache_280.14.dr, chromecache_271.14.dr	String found in binary or memory: https://support.google.com/youtube/community?hl
Source: chromecache_353.14.dr, chromecache_335.14.dr, chromecache_338.14.dr, chromecache_236.14.dr, chromecache_294.14.dr, chromecache_223.14.dr, chromecache_319.14.dr, chromecache_279.14.dr, chromecache_250.14.dr, chromecache_288.14.dr, chromecache_280.14.dr, chromecache_271.14.dr	String found in binary or memory: https://support.google.com/youtubemusic/community?hl
Source: chromecache_353.14.dr, chromecache_335.14.dr, chromecache_338.14.dr, chromecache_236.14.dr, chromecache_294.14.dr, chromecache_223.14.dr, chromecache_319.14.dr, chromecache_279.14.dr, chromecache_250.14.dr, chromecache_288.14.dr, chromecache_280.14.dr, chromecache_271.14.dr	String found in binary or memory: https://support.google.com/youtubetv/community?hl
Source: chromecache_273.14.dr	String found in binary or memory: https://supporttagging-autopush.sandbox.google.com/embed/tagging/install
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://test-scone-pa-googleapis.sandbox.google.com
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_301.14.dr	String found in binary or memory: https://upload.jotform.com/upload
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://widgets.jotform.io/mobileResponsive/mobile.responsive.min.css
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_352.14.dr, chromecache_297.14.dr, chromecache_273.14.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.cn/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.cn/tools/feedback/%
Source: chromecache_350.14.dr, chromecache_283.14.dr, chromecache_297.14.dr, chromecache_273.14.dr, chromecache_293.14.dr	String found in binary or memory: https://www.google.com
Source: chromecache_273.14.dr	String found in binary or memory: https://www.google.com/accounts/TOS
Source: chromecache_273.14.dr	String found in binary or memory: https://www.google.com/accounts/recovery
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://www.google.com/intl/
Source: chromecache_316.14.dr, chromecache_273.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.com/tools/feedback/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.com/tools/feedback/help_panel_binary.js
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_273.14.dr	String found in binary or memory: https://www.googleapis.com/youtube/v3
Source: chromecache_297.14.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_273.14.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-H30R9PNQFN
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/accounts/speedbump/authzen_optin_illustration.gif
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/chrome_48dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/googleg_48dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/gsa_48dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/play_prism_48dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/youtube_48dp.png
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/productlogos/googleg/v6/36px.svg
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_273.14.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/system/1x/broken_image_grey600_18dp.png
Source: chromecache_273.14.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/system/2x/broken_image_grey600_18dp.png
Source: chromecache_316.14.dr, chromecache_273.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.gstatic.com/uservoice/feedback/client/web/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.gstatic.com/uservoice/surveys/resources/
Source: chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/?utm_source=powered_by_jotform&utm_medium=banner&utm_term=
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/accessible-forms/?utm_source=formfooter&utm_medium=banner&utm_term=
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/encrypted-forms
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/hipaa
Source: chromecache_301.14.dr	String found in binary or memory: https://www.jotform.com/oembed/?format=json&url=https%3A%2F%2Fform.jotform.com%2F243286712359059
Source: chromecache_301.14.dr	String found in binary or memory: https://www.jotform.com/oembed/?format=xml&url=https%3A%2F%2Fform.jotform.com%2F243286712359059
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/server.php
Source: chromecache_301.14.dr	String found in binary or memory: https://www.jotform.com/uploads/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png
Source: chromecache_332.14.dr, chromecache_350.14.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://www.youtube.com/t/terms?chromeless=1&hl=
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://youtube.com/t/terms?gl=

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:49763 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.winPDF@40/277@69/19

Source: A095176990000.pdf

Initial sample: https://form.jotform.com/243286712359059

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-11-25 19-02-03-053.log

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA

Jump to behavior

Source: unknown	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\A095176990000.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1632 --field-trial-handle=1604,i,1248562312438072360,7697734308317955672,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://form.jotform.com/243286712359059
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4296 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://form.jotform.com/243286712359059	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1632 --field-trial-handle=1604,i,1248562312438072360,7697734308317955672,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4296 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior

Source: Google Drive.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: A095176990000.pdf	Initial sample: PDF keyword /JS count = 0
Source: A095176990000.pdf	Initial sample: PDF keyword /JavaScript count = 0

Source: A095176990000.pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe

Process information queried: ProcessInformation

Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.19.129.105	unknown	United States	13335	CLOUDFLARENETUS	false
172.217.19.225	unknown	United States	15169	GOOGLEUS	false
142.250.181.110	plus.l.google.com	United States	15169	GOOGLEUS	false
151.101.130.137	code.jquery.com	United States	54113	FASTLYUS	false
104.19.128.105	www.jotform.com	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
151.101.194.137	unknown	United States	54113	FASTLYUS	false
172.217.21.36	unknown	United States	15169	GOOGLEUS	false
104.22.73.81	cdn03.jotfor.ms	United States	13335	CLOUDFLARENETUS	false
172.67.162.191	ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.com	United States	13335	CLOUDFLARENETUS	false
35.201.118.58	unknown	United States	15169	GOOGLEUS	false
34.54.32.121	files.jotform.com	United States	2686	ATGS-MMD-ASUS	false
172.67.7.107	cdn.jotfor.ms	United States	13335	CLOUDFLARENETUS	false
142.250.181.100	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
172.67.149.185	cjx.gwckpfsj.ru	United States	13335	CLOUDFLARENETUS	false
142.250.181.97	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
104.22.72.81	cdn01.jotfor.ms	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
cdn01.jotfor.ms	104.22.72.81	true
a.nel.cloudflare.com	35.190.80.1	true
plus.l.google.com	142.250.181.110	true
cdn.jotfor.ms	172.67.7.107	true
support.google.com	172.217.17.78	true
www.jotform.com	104.19.128.105	true
ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.com	172.67.162.191	true
code.jquery.com	151.101.130.137	true
play.google.com	172.217.19.238	true
www3.l.google.com	172.217.19.238	true
submit.jotform.com	104.19.128.105	true
cdn03.jotfor.ms	104.22.73.81	true
www.google.com	142.250.181.100	true
api.jotform.com	104.19.128.105	true
cdn02.jotfor.ms	104.22.72.81	true
events.jotform.com	104.19.128.105	true
files.jotform.com	34.54.32.121	true
googlehosted.l.googleusercontent.com	142.250.181.97	true
cjx.gwckpfsj.ru	172.67.149.185	true
x1.i.lencr.org	unknown	unknown
lh3.googleusercontent.com	unknown	unknown
accounts.youtube.com	unknown	unknown
blogger.googleusercontent.com	unknown	unknown
apis.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=4&gs_id=g&q=youe&callback=google.sbox.p50&gs_gbg=SW6YDciouY	false		high
https://www.google.com/complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=11&q=M&callback=google.sbox.p50&gs_gbg=WdzN2B76gJp7oy1125C2f	false		high
https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff2	false		high
https://cdn.jotfor.ms/fonts/inter/fonts/Inter-SemiBold.woff2	false		high
https://www.jotform.com/uploads/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png	false		high
https://cdn02.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.58827	false		high
https://form.jotform.com/243286712359059	false		high
https://www.google.com/favicon.ico	false		high
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdrhY6zM7txEf61nPO67_Cl7rOyCGsyEb9GaIEqe3M-p-yN2nJeBUGCXkDygK7t8xYVcKwSgu4v0_u6EZF5srUh16p0vNl1K8hBeBV8dg-KcOpt7y8vrkamMOU2HxW0STp0JDEp21FWuCWxDXZX0EtxoLPSBWR6WwhXZglXIvWXbh24ojuyofD6htY8D4/s3396/userinter.png	false		high
https://cdn03.jotfor.ms/css/styles/payment/payment_styles.css?3.3.58827	false		high
https://ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.com/PGLujjPaqRMUNsJWxexszhFlvIvYDIEOYIWBNRNJMNMUGKJCDNBEWSYGISULTGXQYBDNZSRTLHQ	false	Avira URL Cloud: safe	unknown
https://cdn01.jotfor.ms/stylebuilder/static/form-common.css?v=63b8091	false		high
https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Medium.woff2	false		high
https://a.nel.cloudflare.com/report/v4?s=PBt9vvJsm9sh3pEonp8y6HHpaBej7ai8XjrOhKqbCwmrGzrtLTHkDcMSn0DtNPkzNsjvZ1bv%2Bt3uc1SJrG6kQwWz5feyz8TSKvT4xdOuvGD5%2FE3Ss9sU2IWt5PhNcw%3D%3D	false		high
https://www.google.com/complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=m&q=yo&callback=google.sbox.p50&gs_gbg=xgl4KxlY2	false		high
https://cdn.jotfor.ms/fonts/?family=Inter&display=swap	false		high

Phishing

Yara detected HtmlPhish44

Source: Yara match

File source: dropped/chromecache_322, type: DROPPED

Yara detected Phisher

Source: Yara match

File source: dropped/chromecache_237, type: DROPPED

AI detected landing page (webpage, office document or email)

Source: PDF document	Joe Sandbox AI: Page contains button: 'VIEW DOCUMENT' Source: 'PDF document'
Source: PDF document	Joe Sandbox AI: PDF document contains prominent button: 'view document'
Source: https://form.jotform.com/243286712359059	Joe Sandbox AI: Page contains button: 'VIEW DOCUMENT' Source: '1.0.pages.csv'

Suspicious PDF detected (based on various text indicators)

Source: Adobe Acrobat PDF

HTML body contains low number of good links

Source: https://form.jotform.com/243286712359059

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden javascript code

Source: https://cjx.gwckpfsj.ru/MdmjiH0/

HTTP Parser: Base64 decoded: https://nCoYZFb8LZKXezPaBqsRamfzYQWsVyiqGlNfXTUb2PUU0ySzL0rgRD.diblethe.com/PGLujjPaqRMUNsJWxexszhFlvIvYDIEOYIWBNRNJMNMUGKJCDNBEWSYGISULTGXQYBDNZSRTLHQ

HTML title does not match URL

Source: https://form.jotform.com/243286712359059

HTTP Parser: Title: Documents with docusign Inc. does not match URL

Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1862711348&timestamp=1732579429674
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: Iframe src: /_/bscframe
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: Iframe src: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1862711348&timestamp=1732579429674
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: Iframe src: /_/bscframe

HTTP Parser: <input type="password" .../> found

Source: https://cjx.gwckpfsj.ru/MdmjiH0/	HTTP Parser: No favicon
Source: https://cjx.gwckpfsj.ru/MdmjiH0/	HTTP Parser: No favicon
Source: https://cjx.gwckpfsj.ru/MdmjiH0/	HTTP Parser: No favicon
Source: https://support.google.com/	HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No favicon
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No favicon

Source: https://form.jotform.com/243286712359059	HTTP Parser: No <meta name="author".. found
Source: https://form.jotform.com/243286712359059	HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="author".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="author".. found

Source: https://form.jotform.com/243286712359059	HTTP Parser: No <meta name="copyright".. found
Source: https://form.jotform.com/243286712359059	HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="copyright".. found
Source: https://accounts.google.com/v3/signin/identifier?continue=http%3A%2F%2Fsupport.google.com%2F&ec=GAZAdQ&hl=en&ifkv=AcMMx-dnaTRnZH3JS1paDObZYr2_HMbT5tKdkSeQIw8DhTO6QkOOnU6Z_t-SdDGmcmUgFrOo3GtWOg&passive=true&sjid=972810085590062350-EU&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1711175648%3A1732579418294812&ddm=1	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:49763 version: TLS 1.2

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 104.19.129.105 104.19.129.105
Source: Joe Sandbox View	IP Address: 151.101.130.137 151.101.130.137
Source: Joe Sandbox View	IP Address: 151.101.130.137 151.101.130.137
Source: Joe Sandbox View	IP Address: 104.19.128.105 104.19.128.105
Source: Joe Sandbox View	IP Address: 151.101.194.137 151.101.194.137
Source: Joe Sandbox View	IP Address: 151.101.194.137 151.101.194.137

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 23.218.208.109
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58
Source: unknown	TCP traffic detected without corresponding DNS query: 35.201.118.58

Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=RAXdgZtKuMBBeS8&MD=bR5ktDOh HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /243286712359059 HTTP/1.1Host: form.jotform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /stylebuilder/static/form-common.css?v=63b8091 HTTP/1.1Host: cdn01.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/styles/payment/payment_styles.css?3.3.58827 HTTP/1.1Host: cdn03.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/prototype.forms.js?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/jotform.forms.js?v=3.3.58827 HTTP/1.1Host: cdn03.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/errorNavigation.js?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/styles/payment/payment_feature.css?3.3.58827 HTTP/1.1Host: cdn01.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/vendor/smoothscroll.min.js?v=3.3.58827 HTTP/1.1Host: cdn01.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/errorNavigation.js?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/vendor/smoothscroll.min.js?v=3.3.58827 HTTP/1.1Host: cdn01.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/prototype.forms.js?v=3.3.58827 HTTP/1.1Host: cdn02.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/?family=Inter&display=swap HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cdn02.jotfor.ms/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/jotform.forms.js?v=3.3.58827 HTTP/1.1Host: cdn03.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/inter/fonts/Inter-SemiBold.woff2 HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://form.jotform.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.jotfor.ms/fonts/?family=Inter&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/inter/fonts/Inter-Medium.woff2 HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://form.jotform.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.jotfor.ms/fonts/?family=Inter&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/inter/fonts/Inter-Regular.woff2 HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://form.jotform.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdn.jotfor.ms/fonts/?family=Inter&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uploads/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png HTTP/1.1Host: www.jotform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /form/243286712359059/?ref=&res=1280x1024&eventID=1732579361105_243286712359059_z2tuO2q&loc=https%253A%252F%252Fform.jotform.com%252F243286712359059 HTTP/1.1Host: events.jotform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jufs/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png?md5=5lPW7aZ9Os4z0Vg8LgaHVg&expires=1732579373 HTTP/1.1Host: files.jotform.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/favicons/favicon-2021-light%402x.png HTTP/1.1Host: cdn.jotfor.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://form.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jufs/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png?md5=5lPW7aZ9Os4z0Vg8LgaHVg&expires=1732579373 HTTP/1.1Host: files.jotform.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/img/favicons/favicon-2021-light%402x.png HTTP/1.1Host: cdn.jotfor.msConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /formInitCatchLogger/243286712359059 HTTP/1.1Host: api.jotform.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /MdmjiH0/ HTTP/1.1Host: cjx.gwckpfsj.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://submit.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=RAXdgZtKuMBBeS8&MD=bR5ktDOh HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /MdmjiH0/ HTTP/1.1Host: cjx.gwckpfsj.ruConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://submit.jotform.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cjx.gwckpfsj.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgdrhY6zM7txEf61nPO67_Cl7rOyCGsyEb9GaIEqe3M-p-yN2nJeBUGCXkDygK7t8xYVcKwSgu4v0_u6EZF5srUh16p0vNl1K8hBeBV8dg-KcOpt7y8vrkamMOU2HxW0STp0JDEp21FWuCWxDXZX0EtxoLPSBWR6WwhXZglXIvWXbh24ojuyofD6htY8D4/s3396/userinter.png HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cjx.gwckpfsj.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cjx.gwckpfsj.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cjx.gwckpfsj.ru/MdmjiH0/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IitYbEdkY3U5ZXpxLy8xV1Z4blRUSFE9PSIsInZhbHVlIjoiZTJFazNmbS9qaUhlMWFIWUljN0Z2RjVLUmx1WUFGSjd6MFBoZGtrRW9Sakk1VVBTR3FaSDlkd0xvK3pXWUltVWF6K3JncUlvRURaMEtaZDV0U0wwNEw3RkxDbE15OGdLcnpNWTN6Y0hKSlJkdnRMcWwzSzRPbmthVExoeUhiWG4iLCJtYWMiOiIzNWU3M2U0NjQ1MDk5OWJlZTMwNjI3NWYyZGIwNTVjNTRkOTQyOTY2MzBjMGZiNGNjYjE2MTRkYWEzYTQ5MzIxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InNIMVpQQ1ZEQU91SjlscFcrY0ZJM3c9PSIsInZhbHVlIjoiSGYxWlR2MDFkN2FVNXhNbHVmbGFqMGVSM1lPYjlkRkozQUtsUGgxeWFBZW1YWVhZQk9LYkhudWpoT09UMElWdnk3UDIyRTVqODhSaW5vN29rNVJBV09SeVFweFRHWUR4YTRjQlE2aXVDVTRFWHpWSmpFT1FzVzU2VXpBOEhiYnkiLCJtYWMiOiJkMTE1ZDAwODJjMzU2NGMzOThiNjUyNGQyYWRiMWEwYzRjYzQ4ZjI2NDk4NTE5ZDBiNDJiZjA1N2RhMDE4YzU0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: /Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: fp.msedge.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /img/b/R29vZ2xl/AVvXsEgdrhY6zM7txEf61nPO67_Cl7rOyCGsyEb9GaIEqe3M-p-yN2nJeBUGCXkDygK7t8xYVcKwSgu4v0_u6EZF5srUh16p0vNl1K8hBeBV8dg-KcOpt7y8vrkamMOU2HxW0STp0JDEp21FWuCWxDXZX0EtxoLPSBWR6WwhXZglXIvWXbh24ojuyofD6htY8D4/s3396/userinter.png HTTP/1.1Host: blogger.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /PGLujjPaqRMUNsJWxexszhFlvIvYDIEOYIWBNRNJMNMUGKJCDNBEWSYGISULTGXQYBDNZSRTLHQ HTTP/1.1Host: ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://cjx.gwckpfsj.ruSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://cjx.gwckpfsj.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /PGLujjPaqRMUNsJWxexszhFlvIvYDIEOYIWBNRNJMNMUGKJCDNBEWSYGISULTGXQYBDNZSRTLHQ HTTP/1.1Host: ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /o9U8AvPuX9gkIYtYfNmH-_wBdTfOJ7jb0VwbLWWbERzml7oTPngODhKv2Br7A64=w64 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /o9U8AvPuX9gkIYtYfNmH-_wBdTfOJ7jb0VwbLWWbERzml7oTPngODhKv2Br7A64=w64 HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /generate_204 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=4&q=y&callback=google.sbox.p50&gs_gbg=16mvOo3h8luQ7m HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=8&q=yo&callback=google.sbox.p50&gs_gbg=y9Ls5VA0g7B0u1kbNm HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=3&gs_id=c&q=you&callback=google.sbox.p50&gs_gbg=bqnCvCUj HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=4&gs_id=g&q=youe&callback=google.sbox.p50&gs_gbg=SW6YDciouY HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=4&q=y&callback=google.sbox.p50&gs_gbg=16mvOo3h8luQ7m HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=3&gs_id=c&q=you&callback=google.sbox.p50&gs_gbg=bqnCvCUj HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=3&gs_id=j&q=you&callback=google.sbox.p50&gs_gbg=757BnKhN2O HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=8&q=yo&callback=google.sbox.p50&gs_gbg=y9Ls5VA0g7B0u1kbNm HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=4&gs_id=g&q=youe&callback=google.sbox.p50&gs_gbg=SW6YDciouY HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=3&gs_id=j&q=you&callback=google.sbox.p50&gs_gbg=757BnKhN2O HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=m&q=yo&callback=google.sbox.p50&gs_gbg=xgl4KxlY2 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=p&q=y&callback=google.sbox.p50&gs_gbg=08rffX6hFD HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=2&gs_id=m&q=yo&callback=google.sbox.p50&gs_gbg=xgl4KxlY2 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.x7CxCIZpks8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo8czmnaLIncRgBQP7N2THncpDJ9mQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=p&q=y&callback=google.sbox.p50&gs_gbg=08rffX6hFD HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=11&q=M&callback=google.sbox.p50&gs_gbg=WdzN2B76gJp7oy1125C2f HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /complete/search?client=help&hl=en&gs_rn=55&gs_ri=help&requiredfields=productId%3A102095&ds=help&cp=1&gs_id=11&q=M&callback=google.sbox.p50&gs_gbg=WdzN2B76gJp7oy1125C2f HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.x7CxCIZpks8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo8czmnaLIncRgBQP7N2THncpDJ9mQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEI3L3NAQi5ys0BCMfRzQEIidPNAQjc080BCMvWzQEI9NbNAQiK180BCKfYzQEI+cDUFRi60s0BGMvYzQEY642lFw==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=519=uuPrUEM_4YRRh1ZEOsKEm4ObtaGYEjaKQC_7y7voLOxAQB505ETjTdy4kNDM5zd-Ye5VVCZusJ8-77eBnCbjvrFuAK2sY7MwVfwbR-CFDr_4shEjNtW04A-jBu-oZ0scPYeXmYwTzUKaYGU7jt2gXcP9oxOjG_BjZu-gTh8WG-S19uAu_FivC51dJXEFkDvI

Source: chromecache_273.14.dr	String found in binary or memory: ;function Jr(){this.part="snippet,id,contentDetails,louserzations,statistics";this.Jk=new tr({serverUrl:"https://www.googleapis.com/youtube/v3",serviceName:"youtubeDataApi"})} equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: ;var cga=Ga(["//www.youtube.com/player_api"]),dga=ko(cga),Kr=[],ega=!1;function Lr(){if(!ega){window.onYouTubeIframeAPIReady=fga;var a=xp("SCRIPT");Sn(a,dga);document.head.appendChild(a);ega=!0}} equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: ;var nra=Ga(["//www.youtube.com/player_api"]),EA=4/3,ora=16/9,FA={autoplay:1,cc_load_policy:1,controls:2,hl:"en",rel:0,playsinline:0};function GA(a){var b=a.Gb;var c=a.Vl===void 0?!1:a.Vl;a=a.playerVars===void 0?FA:a.playerVars;A.call(this,"sc.tailwind.shared.video.VideoPlayer");this.o=!1;this.ma=0;this.Gb=b;this.Vl=c;this.id=this.Gb.getId();this.playerVars=a;b=this.Gb.mediumThumbnail.width;c=this.Gb.mediumThumbnail.height;this.aspectRatio=b&&c?b/c===EA?EA:ora:EA;this.watch(this.Gb)} equals www.youtube.com (Youtube)
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: Cf=y(["https://sandbox.google.com/tools/feedback/"]),Df=y(["https://www.google.cn/tools/feedback/"]),Ef=y(["https://help.youtube.com/tools/feedback/"]),Ff=y(["https://asx-frontend-staging.corp.google.com/inapp/"]),Gf=y(["https://asx-frontend-staging.corp.google.com/tools/feedback/"]),Hf=y(["https://localhost.corp.google.com/inapp/"]),If=y(["https://localhost.proxy.googlers.com/inapp/"]),Jf=U(lf),Kf=[U(mf),U(nf)],Lf=[U(of),U(pf),U(qf),U(rf),U(sf),U(tf),U(uf),U(vf),U(wf),U(xf)],Mf=[U(yf),U(zf)],Nf= equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: Va=Va.split("-")[0].toLowerCase();if(Ra===Va\|\|e.louserzations&&e.louserzations[a.ua])a.ma=!0;e="https://www.youtube.com/embed/"+encodeURIComponent(a.id);a.embedUrl=e}a.state=2;a.Ea(0);$o("youtube_video_model/load/success");return Qa(c,0)}Sa(c);a.state=3;a.Ea(0);$o("youtube_video_model/load/failure");Oa(c)})} equals www.youtube.com (Youtube)
Source: chromecache_293.14.dr	String found in binary or memory: _.Dq(p)+"/familylink/privacy/notice/embedded?langCountry="+_.Dq(p);break;case "PuZJUb":a+="https://www.youtube.com/t/terms?chromeless=1&hl="+_.Dq(m);break;case "fxTQxb":a+="https://youtube.com/t/terms?gl="+_.Dq(_.Mq(c))+"&hl="+_.Dq(d)+"&override_hl=1"+(f?"&linkless=1":"");break;case "prAmvd":a+="https://www.google.com/intl/"+_.Dq(m)+"/chromebook/termsofservice.html?languageCode="+_.Dq(d)+"&regionCode="+_.Dq(c);break;case "NfnTze":a+="https://policies.google.com/privacy/google-partners"+(f?"/embedded": equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: b.open("GET","https://www.googleapis.com/youtube/v3/videos?part=snippet%2C+id&key=AIzaSyD-4tE5aKFZYIS_IrfpCDRsgQZbv5VCJZM&id="+a.ma);b.send()} equals www.youtube.com (Youtube)
Source: chromecache_273.14.dr	String found in binary or memory: function KA(a){if(Ho())z().rs==2?window.YT&&window.YT.Player?MA(a,a.o):(Kr.push(function(f){MA(this,f)}.bind(a,a.o)),Lr()):Oo("//www.youtube.com/embed/"+a.ma+"/?rel=0&cc_load_policy=1&autoplay=1&hl="+window.sc_pageModel.lang); equals www.youtube.com (Youtube)
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: return b}GD.F="internal.enableAutoEventOnTimer";var Zb=wa(["data-gtm-yt-inspected-"]),ID=["www.youtube.com","www.youtube-nocookie.com"],JD,KD=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: x1.i.lencr.org
Source: global traffic	DNS traffic detected: DNS query: cdn01.jotfor.ms
Source: global traffic	DNS traffic detected: DNS query: cdn02.jotfor.ms
Source: global traffic	DNS traffic detected: DNS query: cdn03.jotfor.ms
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.jotfor.ms
Source: global traffic	DNS traffic detected: DNS query: www.jotform.com
Source: global traffic	DNS traffic detected: DNS query: events.jotform.com
Source: global traffic	DNS traffic detected: DNS query: files.jotform.com
Source: global traffic	DNS traffic detected: DNS query: api.jotform.com
Source: global traffic	DNS traffic detected: DNS query: submit.jotform.com
Source: global traffic	DNS traffic detected: DNS query: cjx.gwckpfsj.ru
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: blogger.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: ncoyzfb8lzkxezpabqsramfzyqwsvyiqglnfxtub2puu0yszl0rgrd.diblethe.com
Source: global traffic	DNS traffic detected: DNS query: support.google.com
Source: global traffic	DNS traffic detected: DNS query: lh3.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: accounts.youtube.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Nov 2024 00:02:48 GMTContent-Type: application/jsonTransfer-Encoding: chunkedConnection: closevary: Accept-Encodingp3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"expires: Tue, 03 Jul 1970 06:00:00 GMTlast-modified: Tue, 26 Nov 2024 00:02:48 GMTCache-Control: no-store, no-cache, must-revalidate, max-age=0Cache-Control: post-check=0, pre-check=0pragma: no-cachejf-trace-id: 084c558490a624f4Set-Cookie: guest=guest_ad5f326836175de4; expires=Thu, 26 Dec 2024 00:02:48 GMT; Max-Age=2592000; path=/; domain=.jotform.com; secure; HttpOnly; SameSite=NoneSet-Cookie: guest=guest_ad5f326836175de4; expires=Thu, 26 Dec 2024 00:02:48 GMT; Max-Age=2592000; path=/; domain=.jotform.com; secure; HttpOnly; SameSite=Noneaccess-control-allow-origin: *access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETEvia: 1.1 googleCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 8e859c9a6b2e8c15-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Nov 2024 00:02:50 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closecf-cache-status: DYNAMICvary: accept-encodingReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBt9vvJsm9sh3pEonp8y6HHpaBej7ai8XjrOhKqbCwmrGzrtLTHkDcMSn0DtNPkzNsjvZ1bv%2Bt3uc1SJrG6kQwWz5feyz8TSKvT4xdOuvGD5%2FE3Ss9sU2IWt5PhNcw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=11284&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2827&recv_bytes=1604&delivery_rate=253245&cwnd=32&unsent_bytes=0&cid=cd8149a0cf0f25a8&ts=111&x=0"Server: cloudflareCF-RAY: 8e859ca51a655e86-EWRserver-timing: cfL4;desc="?proto=TCP&rtt=1726&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1268&delivery_rate=1627647&cwnd=238&unsent_bytes=0&cid=4c42e9053328bc1b&ts=738&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Nov 2024 00:03:02 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSu8JhoTXSBGuz6%2Fef25WPFqWhmkKjFLCL3%2F0GyMP%2FjqWIBrZ4qvHOGHeMchwxajCTeTYQONKxlgz6mDSzmpdkeWDVvL7zGqbSqi4%2BnDkndL%2BhfGhwSHLU8WIGaNOg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=11341&sent=27&recv=18&lost=0&retrans=0&sent_bytes=24555&recv_bytes=4280&delivery_rate=1438942&cwnd=51&unsent_bytes=0&cid=cd8149a0cf0f25a8&ts=12090&x=0"CF-Cache-Status: EXPIREDServer: cloudflareCF-RAY: 8e859cf01dda425c-EWRserver-timing: cfL4;desc="?proto=TCP&rtt=1818&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2824&recv_bytes=1895&delivery_rate=1539272&cwnd=226&unsent_bytes=0&cid=840362e5610427fe&ts=5022&x=0"

Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: http://loading.retry.widdit.com/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: http://localhost.corp.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: http://localhost.proxy.googlers.com/inapp/
Source: chromecache_326.14.dr, chromecache_292.14.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: http://tt.epicplay.com
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_273.14.dr	String found in binary or memory: http://www.google.com/appsstatus
Source: 2D85F72862B55C4EADD9E66E06947F3D0.2.dr	String found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_273.14.dr	String found in binary or memory: https://about.google/products/
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://accounts.google.com
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://accounts.google.com/TOS?loc=
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_350.14.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_255.14.dr	String found in binary or memory: https://api.jotform.com
Source: chromecache_228.14.dr, chromecache_303.14.dr, chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://apis.google.com/js/rpc:shindig_random.js?onload=credentialservice.postMessage
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.co.uk/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.google.de/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-frontend-staging.corp.google.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://asx-help-frontend-autopush.corp.youtube.com/tools/feedback/
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://browser.sentry-cdn.com/5.19.0/bundle.min.js
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms
Source: chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms/
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/builder/search_icon.png
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/favicons/favicon-2021-light%402x.png
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/landing/opengraph.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/alert_blue.svg
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/close_white.svg
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/collapse_icon.svg
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/expand_icon.svg
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/image_zoom.svg
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/product_delete.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/product_drag.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/product_settings.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/product_upload.svg
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/shopping_bag.svg
Source: chromecache_343.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/sort_icon.png
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/sp_back_icon.svg
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/stripeACH_plaid.svg);
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/payments/trash_btn.svg
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/uncategorized/access-image.png
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/uncategorized/encrypted-form-badge.png
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://cdn.jotfor.ms/assets/img/uncategorized/hipaa-badge-compliance.png
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Black.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Black.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Bold.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Bold.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-ExtraBold.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-ExtraBold.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-ExtraLight.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-ExtraLight.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Light.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Light.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Medium.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Medium.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-SemiBold.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-SemiBold.woff2)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Thin.woff)
Source: chromecache_234.14.dr	String found in binary or memory: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Thin.woff2)
Source: chromecache_348.14.dr	String found in binary or memory: https://cdn.jotfor.ms/images/exclamation-octagon.png
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn01.jotfor.ms/css/styles/payment/payment_feature.css?3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn01.jotfor.ms/js/vendor/smoothscroll.min.js?v=3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn01.jotfor.ms/stylebuilder/static/form-common.css?v=63b8091
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn02.jotfor.ms/js/errorNavigation.js?v=3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn02.jotfor.ms/static/prototype.forms.js?v=3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn02.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn03.jotfor.ms/css/styles/payment/payment_styles.css?3.3.58827
Source: chromecache_301.14.dr	String found in binary or memory: https://cdn03.jotfor.ms/static/jotform.forms.js?v=3.3.58827
Source: cd87eee3-811b-410b-a8d6-3b7b5f523201.tmp.3.dr	String found in binary or memory: https://chrome.cloudflare-dns.com
Source: chromecache_237.14.dr	String found in binary or memory: https://cjx.gwckpfsj.ru/MdmjiH0/
Source: chromecache_346.14.dr, chromecache_273.14.dr, chromecache_245.14.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_255.14.dr	String found in binary or memory: https://eu-api.jotform.com
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://events.jotform.com/
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://families.google.com/intl/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback-pa.clients6.google.com
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/annotator.css
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback.googleusercontent.com/resources/render_frame2.html
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback2-test.corp.google.com/inapp/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback2-test.corp.google.com/tools/feedback/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/inapp/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://feedback2-test.corp.googleusercontent.com/tools/feedback/%
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmZjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmdjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmhjtg.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmtjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmxjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmZjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmdjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmhjtg.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmtjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oPFTnmxjtiu7.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qE52i1dC.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qER2i1dC.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEV2i1dC.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEl2i1dC.woff2)
Source: chromecache_355.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2)
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_232.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/productlogos/drive_2020q4/v10/192px.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/productlogos/gmail_2020q4/v10/web-48dp/logo_gmail_2020q4_color_2x_web_
Source: chromecache_232.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/productlogos/maps/v7/192px.svg
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.0.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.1.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.10.w
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.11.w
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.2.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.3.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.4.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.5.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.6.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.7.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.8.wo
Source: chromecache_231.14.dr	String found in binary or memory: https://fonts.gstatic.com/s/notocoloremoji/v32/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.9.wo
Source: chromecache_301.14.dr	String found in binary or memory: https://form.jotform.com/243286712359059
Source: A095176990000.pdf	String found in binary or memory: https://form.jotform.com/243286712359059)
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://g.co/recover
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://gstatic.com/uservoice/surveys/resources/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://help.youtube.com/tools/feedback/
Source: chromecache_255.14.dr	String found in binary or memory: https://hipaa-api.jotform.com
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://hipaa.jotform.com/
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://js.stripe.com/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://localhost.corp.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://localhost.proxy.googlers.com/inapp/
Source: chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_273.14.dr	String found in binary or memory: https://payments.google.com/manage/
Source: chromecache_303.14.dr, chromecache_273.14.dr, chromecache_293.14.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://play.google.com/work/enroll?identifier=
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://play.google/intl/
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/privacy/additional
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/privacy/google-partners
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/technologies/cookies
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/technologies/location-data
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/terms
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/terms/location
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://policies.google.com/terms/service-specific
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://sandbox.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://sandbox.google.com/inapp/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://sandbox.google.com/tools/feedback/%
Source: chromecache_273.14.dr	String found in binary or memory: https://schema.org
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://scone-pa.clients6.google.com
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://screenshots.jotform.com/opt/templates/screen_editor.html?shot=
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://screenshots.jotform.com/queue/
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://screenshots.jotform.com/wishbox-server.php
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://screenshots.jotform.com/wishbox-server.php?callback=?
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-email-pin.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-password.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-sms-or-voice-pin.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-sms-pin.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/account-recovery-stop-go-landing-page_1x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/animation/
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/ble_device.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/ble_pin.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/contacts_backup_sync.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/contacts_backup_sync_1x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/contacts_backup_sync_2x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/contacts_backup_sync_darkmode_1x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/continue_on_your_phone.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/device_phone_number_verification.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/device_prompt_silent_tap_yes_darkmode.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/device_prompt_tap_yes.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/device_prompt_tap_yes_darkmode.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kid_success.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kid_success_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidfork_who_will_use_dark_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidfork_who_will_use_updated.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidfork_who_will_use_updated_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidfork_who_will_use_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignin_not_ready.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignin_stick_around_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignin_stick_around_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_child_account_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_child_account_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_child_privacy_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_child_privacy_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_created.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_double_device.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_double_device_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_full_house.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_link_accounts_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_link_accounts_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_parent_app_decision.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_parent_app_decision_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_parent_supervision_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_parent_supervision_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_respect_others_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_respect_others_darkmode_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_single_device.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_single_device_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/kidsignup_stop.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/personalization_reminders.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/personalization_reminders_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/personalization_reminders_2_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/phone_number_sign_in_2x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/return_to_desktop.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/return_to_desktop_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_ios_center.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_laptop.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_nfc_discovered.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_nfc_discovered_darkmode.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/security_key_phone.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/signin_googleapp_ios.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/signin_googleapp_pulldown.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/signin_tapyes.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/smart_lock_2x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/usb_key.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/web_and_app_activity.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/web_and_app_activity_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/web_and_app_activity_2_darkmode.svg
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/who_will_be_using_this_device.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/you_tube_history.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/you_tube_history_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/embedded/you_tube_history_2_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/feature_not_available.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/feature_not_available_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/gmail_ios_authzen.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/paaskey.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_challenge.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_challenge_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_cross_device.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_cross_device_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_error.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_error_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_reauth.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_enrollment_reauth_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_success.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkey_success_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkeyerror.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/passkeyerror_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/red_globe_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/red_globe_light.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/screenlock.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_ipad.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_iphone.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_iphone_nfc.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_iphone_usb.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_key_phone.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/security_keys.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/success_checkmark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/marc/success_checkmark_2_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/speedbump/take_selfie.svg
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/speedbump/take_selfie_dark_mode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/ui/loading_spinner_gm.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/ui/progress_spinner_color_20dp_4x.gif
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/accounts/ui/success-gm-default_2x.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/apps/signup/resources/custom-email-address.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/images/hpp/shield_security_checkup_green_2x_web_96dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/account_setup_chapter_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/account_setup_chapter_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/device_setup_chapter_dark_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/device_setup_chapter_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/parental_control_chapter_dark_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/chaptering/parental_control_chapter_v1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_accountslinked.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_accountslinked_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_childneedshelp.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_childneedshelp_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_nextstepsforparents.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/conversion/conversion_nextstepsforparents_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_allset.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_allset_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_apps_devices.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_apps_devices_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_areyousurekid.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_areyousurekid_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_birthdayemail.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_birthdayemail_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_choose_apps.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_choose_apps_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_confirmation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_exploremore.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_exploremore_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_intro.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_intro_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_privacy_terms_a18.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_privacy_terms_a18_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_privacyterms.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_privacyterms_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_review_settings.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_review_settings_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_safe_search.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_safe_search_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_success_unchanged_a18.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_success_unchanged_a18_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_success_update_a18.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_success_update_a18_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervision_choice.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervision_choice_a18.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervision_choice_a18_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervision_choice_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervisiongrad.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/graduation/graduation_supervisiongrad_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/guardianlinking/linking_complete_0.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/guardianlinking/linking_complete_dark_0.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/ads_personalization.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/ads_personalization_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/confirmation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/confirmation_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/eligibility_error.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/eligibility_error_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/fork.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/fork_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/intro.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/intro_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/personal_results.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/personal_results_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/safe_search.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/minormodeexit/safe_search_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/check_notifications.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/check_notifications_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_installing_family_link_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_installing_family_link_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_location_sharing_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_location_sharing_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_parental_controls_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_parental_controls_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_school_time_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/kid_watch_set_up_school_time_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/location_sharing_enabled_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/location_sharing_enabled_dark_3.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/parent_sign_in_prologue_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/parent_sign_in_prologue_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_complete_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_complete_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_contacts_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_contacts_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_family_link_boy_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_family_link_boy_dark_1.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_family_link_girl_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/set_up_family_link_girl_dark_2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/ulp_continue_without_gmail_dark_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/onboarding/ulp_continue_without_gmail_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/all_set.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/all_set_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/are_you_sure_parent.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/are_you_sure_parent_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/content_restriction.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/content_restriction_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/error.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/error_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/how_controls_work.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/how_controls_work_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/next_steps.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/next_steps_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/setup_controls.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/setup_controls_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/who_parent.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/who_parent_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/who_teen.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teensupervisionreview/who_teen_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teentoadultgraduation/supervision_choice.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/teentoadultgraduation/supervision_choice_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/kid_setup_parent_escalation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/kid_setup_parent_escalation_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/send_email_confirmation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/send_email_confirmation_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/success_sent_email.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulp_appblock/success_sent_email_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulpupgrade/kidprofileupgrade_all_set.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/images/ulpupgrade/kidprofileupgrade_all_set_darkmode.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/all_set.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/all_set_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/almost_done_kids_space_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/almost_done_kids_space_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/devices_connected_tablet_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/devices_connected_tablet_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/devices_connected_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/devices_connected_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/emailinstallfamilylink.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/emailinstallfamilylink_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/familylinkinstalling.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/familylinkinstalling_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/hand_over_device_dark_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/hand_over_device_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/linking_accounts_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/linking_accounts_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/locationsetup.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/locationsetup_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_email.svg
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_email_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_email_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/manage_parental_controls_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/open_family_link_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/open_family_link_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/parents_help.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/parents_help_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/set_up_kids_space.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/set_up_kids_space_dark.png
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setupcontrol.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setupcontrol_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setuplocation.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setuplocation_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setuptimelimits.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/setuptimelimits_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/supervision_ready_v2.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/supervision_ready_v2_dark.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/youtubeaccess.svg
Source: chromecache_232.14.dr	String found in binary or memory: https://ssl.gstatic.com/kids/onboarding/illustrations/youtubeaccess_dark.svg
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://stagingqual-feedback-pa-googleapis.sandbox.google.com
Source: chromecache_332.14.dr, chromecache_350.14.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_340.14.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_301.14.dr	String found in binary or memory: https://submit.jotform.com/submit/243286712359059
Source: chromecache_316.14.dr, chromecache_273.14.dr, chromecache_307.14.dr	String found in binary or memory: https://support.google.com/
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://support.google.com/accounts?hl=
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://support.google.com/accounts?p=new-si-ui
Source: chromecache_265.14.dr, chromecache_263.14.dr	String found in binary or memory: https://support.google.com/admanager/community?hl
Source: chromecache_273.14.dr	String found in binary or memory: https://support.google.com/embed/tagging/install
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://support.google.com/inapp/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://support.google.com/inapp/%
Source: chromecache_265.14.dr, chromecache_263.14.dr	String found in binary or memory: https://support.google.com/messages/community?hl
Source: chromecache_265.14.dr, chromecache_263.14.dr	String found in binary or memory: https://support.google.com/tagmanager/community?hl
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://support.google.com/websearch/answer/4358949?hl=ko&ref_topic=3285072
Source: chromecache_353.14.dr, chromecache_335.14.dr, chromecache_338.14.dr, chromecache_236.14.dr, chromecache_294.14.dr, chromecache_223.14.dr, chromecache_319.14.dr, chromecache_279.14.dr, chromecache_250.14.dr, chromecache_288.14.dr, chromecache_280.14.dr, chromecache_271.14.dr	String found in binary or memory: https://support.google.com/youtube/community?hl
Source: chromecache_353.14.dr, chromecache_335.14.dr, chromecache_338.14.dr, chromecache_236.14.dr, chromecache_294.14.dr, chromecache_223.14.dr, chromecache_319.14.dr, chromecache_279.14.dr, chromecache_250.14.dr, chromecache_288.14.dr, chromecache_280.14.dr, chromecache_271.14.dr	String found in binary or memory: https://support.google.com/youtubemusic/community?hl
Source: chromecache_353.14.dr, chromecache_335.14.dr, chromecache_338.14.dr, chromecache_236.14.dr, chromecache_294.14.dr, chromecache_223.14.dr, chromecache_319.14.dr, chromecache_279.14.dr, chromecache_250.14.dr, chromecache_288.14.dr, chromecache_280.14.dr, chromecache_271.14.dr	String found in binary or memory: https://support.google.com/youtubetv/community?hl
Source: chromecache_273.14.dr	String found in binary or memory: https://supporttagging-autopush.sandbox.google.com/embed/tagging/install
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://test-scone-pa-googleapis.sandbox.google.com
Source: chromecache_276.14.dr, chromecache_232.14.dr	String found in binary or memory: https://uberproxy-pen-redirect.corp.google.com/uberproxy/pen?url=
Source: chromecache_301.14.dr	String found in binary or memory: https://upload.jotform.com/upload
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://widgets.jotform.io/mobileResponsive/mobile.responsive.min.css
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_352.14.dr, chromecache_297.14.dr, chromecache_273.14.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.cn/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.cn/tools/feedback/%
Source: chromecache_350.14.dr, chromecache_283.14.dr, chromecache_297.14.dr, chromecache_273.14.dr, chromecache_293.14.dr	String found in binary or memory: https://www.google.com
Source: chromecache_273.14.dr	String found in binary or memory: https://www.google.com/accounts/TOS
Source: chromecache_273.14.dr	String found in binary or memory: https://www.google.com/accounts/recovery
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://www.google.com/intl/
Source: chromecache_316.14.dr, chromecache_273.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.com/tools/feedback/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.com/tools/feedback/%
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.google.com/tools/feedback/help_panel_binary.js
Source: chromecache_352.14.dr, chromecache_332.14.dr, chromecache_350.14.dr, chromecache_297.14.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_346.14.dr, chromecache_245.14.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_273.14.dr	String found in binary or memory: https://www.googleapis.com/youtube/v3
Source: chromecache_297.14.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_282.14.dr, chromecache_340.14.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_273.14.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-H30R9PNQFN
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/accounts/speedbump/authzen_optin_illustration.gif
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/chrome_48dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/googleg_48dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/gsa_48dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/play_prism_48dp.png
Source: chromecache_232.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/product/2x/youtube_48dp.png
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://www.gstatic.com/images/branding/productlogos/googleg/v6/36px.svg
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_228.14.dr, chromecache_303.14.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_273.14.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/system/1x/broken_image_grey600_18dp.png
Source: chromecache_273.14.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/system/2x/broken_image_grey600_18dp.png
Source: chromecache_316.14.dr, chromecache_273.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.gstatic.com/uservoice/feedback/client/web/
Source: chromecache_316.14.dr, chromecache_307.14.dr	String found in binary or memory: https://www.gstatic.com/uservoice/surveys/resources/
Source: chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/?utm_source=powered_by_jotform&utm_medium=banner&utm_term=
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/accessible-forms/?utm_source=formfooter&utm_medium=banner&utm_term=
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/encrypted-forms
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/hipaa
Source: chromecache_301.14.dr	String found in binary or memory: https://www.jotform.com/oembed/?format=json&url=https%3A%2F%2Fform.jotform.com%2F243286712359059
Source: chromecache_301.14.dr	String found in binary or memory: https://www.jotform.com/oembed/?format=xml&url=https%3A%2F%2Fform.jotform.com%2F243286712359059
Source: chromecache_296.14.dr, chromecache_255.14.dr	String found in binary or memory: https://www.jotform.com/server.php
Source: chromecache_301.14.dr	String found in binary or memory: https://www.jotform.com/uploads/amali_teressa/form_files/dicna7me.6743af5433ac69.67148542.png
Source: chromecache_332.14.dr, chromecache_350.14.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://www.youtube.com/t/terms?chromeless=1&hl=
Source: chromecache_283.14.dr, chromecache_293.14.dr	String found in binary or memory: https://youtube.com/t/terms?gl=

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.218.208.109:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:49763 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.winPDF@40/277@69/19

Source: A095176990000.pdf

Initial sample: https://form.jotform.com/243286712359059

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-11-25 19-02-03-053.log

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA

Jump to behavior

Source: unknown	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\A095176990000.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1632 --field-trial-handle=1604,i,1248562312438072360,7697734308317955672,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://form.jotform.com/243286712359059
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4296 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://form.jotform.com/243286712359059	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1632 --field-trial-handle=1604,i,1248562312438072360,7697734308317955672,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4296 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1884,i,5779858317564637218,7785217387025978699,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior

Source: Google Drive.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.13.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: A095176990000.pdf	Initial sample: PDF keyword /JS count = 0
Source: A095176990000.pdf	Initial sample: PDF keyword /JavaScript count = 0

Source: A095176990000.pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe

Process information queried: ProcessInformation

Jump to behavior

ID:	1562771
Product:	CloudBasic
Start time:	01:01:31
Start date:	26.11.2024
Sample:	A095176990000.pdf
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	3d8e08628ed78c9ae836a6385ec6912e
SHA1:	64fc4953015dc07be9d3d402d05c597325e1977e
SHA256:	0af49a42d46a13b5f6d88b33f6565392c67de0bf3188e83d6cc8e14a25aaf2a9
Filetype:	Adobe Portable Document Format (5005/1) 100.00%

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG	ASCII text	915E90F990CEFF5D199D4291F8B432BE	A21738FB66B1EA32747573D847AE53F42BB6190B	8AFAFCC0D877B3EE27AB776106FA61E8BD6A4F17007025684D22872A8E4C92A3
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)	ASCII text	915E90F990CEFF5D199D4291F8B432BE	A21738FB66B1EA32747573D847AE53F42BB6190B	8AFAFCC0D877B3EE27AB776106FA61E8BD6A4F17007025684D22872A8E4C92A3
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG	ASCII text	3D600663A0935DC1841D7D5E95FDC36C	BBB28B60AB123D0E1F41265A661E85CF96FB8F74	EFE32F1E77EBE89885E3CCA87D9E7DB2FBD447352F11A31E3D466AAA7BF1969D
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)	ASCII text	3D600663A0935DC1841D7D5E95FDC36C	BBB28B60AB123D0E1F41265A661E85CF96FB8F74	EFE32F1E77EBE89885E3CCA87D9E7DB2FBD447352F11A31E3D466AAA7BF1969D
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)	JSON data	0742AEEBCD1106C82E97A9BD2D3B79AA	A2DCBE50AB87A8086098DB88A2F750A196216A92	0CAD54DA1834C3153B49DA5AC39EBEB5FC5EFC957AFC60A730FFF3FFD75D8E88
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\cd87eee3-811b-410b-a8d6-3b7b5f523201.tmp	JSON data	0742AEEBCD1106C82E97A9BD2D3B79AA	A2DCBE50AB87A8086098DB88A2F750A196216A92	0CAD54DA1834C3153B49DA5AC39EBEB5FC5EFC957AFC60A730FFF3FFD75D8E88
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log	data	3ACF08AF64EBB1E5AC6D65424FCC22D0	E24F040FA75D115887EABA200B6088D4C7A98900	ADAEBAE5B24232EC035771F6C8E53668978A9A25065C2DC8DABA77E35D75FE7D
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG	ASCII text	B9C9E61B37589B685D3AADB2D7FC89DC	7B9C494B0680A5B3CEBF4FEBD57CD4AFEFB800A6	9930E81E2964B40737889AAEE6C17FAEA359BA84183808633BB3CDAFCAE68CBA
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)	ASCII text	B9C9E61B37589B685D3AADB2D7FC89DC	7B9C494B0680A5B3CEBF4FEBD57CD4AFEFB800A6	9930E81E2964B40737889AAEE6C17FAEA359BA84183808633BB3CDAFCAE68CBA
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-241126000205Z-157.bmp	PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54	825749A5A99F5EBB4C04F2419D0F3008	2FF21F22B6AE5762AE3F03A370883171E91639DA	1A949226FD2D458360CB24DD67748714D9BF379E1A7F4717279C4B03F0F1A813
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages	SQLite 3.x database, last written using SQLite version 3040000, file counter 2, database pages 14, cookie 0x5, schema 4, UTF-8, version-valid-for 2	A4D5FECEFE05F21D6F81ACF4D9A788CF	1A9AC236C80F2A2809F7DE374072E2FCCA5A775C	83BE4623D80FFB402FBDEC4125671DF532845A3828A1B378D99BD243A4FD8FF2
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal	SQLite Rollback Journal	7C16344D252EF1BB88FAC27BD9338435	A8F72C4257B7B7BEE2177C67D0CB05B7B9A1B8DA	00B27F50D0F88704010E8803B6C3501E78563C0A29FDE4C6D1B0D3D99637F391
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D	Certificate, Version=3	0CD2F9E0DA1773E9ED864DA5E370E74E	CABD2A79A1076A31F21D253635CB039D4329A5E8	96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression	49AEBF8CBD62D92AC215B2923FB1B9F5	1723BE06719828DDA65AD804298D0431F6AFF976	B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D	data	0C8D8D7B3BE23F5CE43915DACA783ABF	68CAFB1EC8482DAB3049527C0270F92D04687A22	51DA6D298617F2F396F50B2212061D170BC13761BB57243FD15AD1C16955E1BA
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	17BDC710CF5986F36C30794D65800C76	97CDC77398529CE7674037975A77EADD05104665	1B81DBBAB602CA7CAE0E6CF0516E1E15FBBF0FFEAA02FEA7D9C2941BEBF5A078
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt23.lst (copy)	PostScript document text	8BA9D8BEBA42C23A5DB405994B54903F	FC1B1646EC8A7015F492AA17ADF9712B54858361	862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.6152	PostScript document text	8BA9D8BEBA42C23A5DB405994B54903F	FC1B1646EC8A7015F492AA17ADF9712B54858361	862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)	PostScript document text	8BA9D8BEBA42C23A5DB405994B54903F	FC1B1646EC8A7015F492AA17ADF9712B54858361	862DE2165B9D44422E84E25FFE267A5E1ADE23F46F04FC6F584C4943F76EB75C
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt23.lst (copy)	PostScript document text	B60EE534029885BD6DECA42D1263BDC0	4E801BA6CA503BDAE7E54B7DB65BE641F7C23375	B5F094EFF25215E6C35C46253BA4BB375BC29D055A3E90E08F66A6FDA1C35856
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt23.lst.6152	PostScript document text	B60EE534029885BD6DECA42D1263BDC0	4E801BA6CA503BDAE7E54B7DB65BE641F7C23375	B5F094EFF25215E6C35C46253BA4BB375BC29D055A3E90E08F66A6FDA1C35856
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID	JSON data	87213032FAC2284D106C24C821E24318	B019613C85BF1B6B0D08886304A54EFCBA857E0F	BFDE2A891399C7BE9E6616B3FE8D8C5728ED19AEF1020DEFB079150ACEE7619B
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface	JSON data	8169E2B076EEA4E0B84B0AA08F8DCB8E	7E54B1BA28148869CC439F0D676615E73621A754	D6E5C616F86AF7DBE0C70CF99A41A68BF640C79491DF4B9D9954F5ED116A364F
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface	JSON data	5A0C9BA2D7B687B09754442B445C04D7	1FD886F89F768F265B6B760AAB746E3064098068	DE81B8141823A8024533A36270B68B18681896627F4EFEC012CED16CD889E9EF
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD	JSON data	D548E0772A690955C5B10DD9AF1A0FE5	CF6086C27810AC8F2CE55263668765118E022BE3	5DA5B323189BCED2593669D11720494EA810E9EE98B864759CE55A9DE8F908B0
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner	JSON data	A57042625FA81D3B6444A581F45D58DD	B7C7948C2DF6711CC75F1A6C7067AFB1EFAC5D5C	3BAAE212505A4F332526E7C2C5530998BD6D44D791B623953F34286CD7C47376
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner	JSON data	2DAA710D428D21E89E384E86BFE510FD	D18165C425F7FDFD1D1593D2BA1926C48975CD64	B1FEAE0A2CE06113A58A3F42242E98490BFFD4A9CE0DE3A1D1E4D6E60AD1073A
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention	JSON data	A7AC7A40D8196A1D95577203EA6C8ECD	8F08E04031BA1EA8B68CDBBB34F13B883FC2D728	F6CF0B23254DDCCCF5C1F074CC1722401C5862AB8DBBB3291650C9C712222AE0
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner	JSON data	E4DBEC84AC032A53C75E8AF948047FFA	131A2CF04ACE35D17D6D9E3F4D7BE59FD01EC989	A2591440518F5D86F9FB906D4CBF05EAF5CBD1B149A60B962DD7B5D7DE1E9FE1
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner	JSON data	1F29F9FE95C86E96E46535448751D93F	E96B08BF94108314ACC3CCB8100C162BA97AD686	B4ED1BB58CD72C06CC6F23300E09B9E2CEA37FF88FFC7A5F7AB7E03D5DB6C396
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner	JSON data	185DC43A8239D64351FE6391720CCD94	F24480C955BA3A34B265F0A110A456785446F406	9576839967B6BF0660A7E485FB0EE015F4FBB85F4B38E7E625DB1A2A9497548F
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner	JSON data	7CE7CDF50B4A2C772625FCC5D8062CA1	55569764BD38F2E1F2EBD9D8C28A3BBA10B9590A	6E5BD2E76C7F0BB20762F29E90E94BF6ACBC891D4F6FE0ED65EE10C2F3D4248B
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner	JSON data	6C82CBD0B8954B0C811C3F58282A978F	F67654CC0A9F062A81DF9C6A1C14207B529D2C0F	53365624C11DAFAC94A4A35D7CCB19F5F02F5E91499E0E73B8E345A40882D8DC
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention	JSON data	20794C087CDD6966AAF682AF277AA4C6	6F1D267F88DCB23B7D4744543BBA674849A8A94E	8988481BF6943EFFB21E14C5E3BA38ECE2EAEC312FD4370C7C70F649F5D25559
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner	JSON data	D3B71B8244202C3EFE76C9A2A8DCCAE8	2CC009ACC2E186D6C405591A175C674238697A34	310D79DDA8DE82FDAF4F3B725EDC3B8A30067000B2F60B4F47899A5E80CFE9AA
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards	JSON data	EF555446EDD36EE0F28308FC6C807CF9	0A26660A6FFC06333EC9BF8CE2877FDA16F057E2	3C8CEEF3EA2838BCCAF4B7670B1CB9A5D65A23B345F019DFB4091C2BC1C4AC59
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020	JSON data	F8D81A064D17B5621CE211115F7838A3	0EAE07618EEC517791CBAEB617F556BA026C8602	FC62C756F079B1EC1E8982F015363647BD9E5AD94091F9266A64E4A2E8C9FDE0
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING	data	DC84B0D741E5BEAE8070013ADDCC8C28	802F4A6A20CBF157AAF6C4E07E4301578D5936A2	81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json	JSON data	8610B90D91491323C16959D21FD17D04	C80426F2AA5DB254A466C643FBCA8CF2407FDF19	C1D559E459A8ED357ADD9940AD03CB16E7C0567B0604E13AB4A1B80C3D4337D1
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents	SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19	63375D102A43DDE39408875A97DE6DB9	241E1D001A2B7B4498081CA7EAAD6F1BCFF99AEC	53BC78F28DCEF2E01F5B26D92E223E2FC5BFFB6A6FB8F5B72A1D0A22CFB92DB2
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal	SQLite Rollback Journal	7422CB05C0125F1053465E5D68DBCF38	33949C428E451F98497F016C32BB27DD16B1AB5C	310A51F19C661BC47971EE6F7D608478498240614D3E3E592FD27BE757067320
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin	data	E4DD05BC132E20C4CD10A331BAB91F1B	A8444E994E2DA3E6D144007A30F07B6719102531	0F4F97EC715D7A7822385E52248619C32C8524385AFAF983A51CF51F2FDBAFA7
C:\Users\user\AppData\Local\Temp\MSI916d.LOG	Unicode text, UTF-16, little-endian text, with CRLF line terminators	1DF84FF5A2820147766F5A577E6C39E2	C727FD581852BE817AF35BDE423DFFB463A94EA9	CC652C302159A350CEB594BE721CCFD158E4D92A8F76BCCCA47565DE3C969C46
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-11-25 19-02-03-053.log	ASCII text, with very long lines (393)	91F06491552FC977E9E8AF47786EE7C1	8FEB27904897FFCC2BE1A985D479D7F75F11CEFC	06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log	ASCII text, with very long lines (393), with CRLF line terminators	641C2E31B05B1F4DA77C89D54C03FAAB	087BD26816AA1B96C92BA9BE6ADBC6A47672F8F3	7EEF5E202E6BAB32654F58BA3F20E8AF89BBD3767D23E61546C46AB61A6D223F
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt	ASCII text, with CRLF line terminators	51261E9FAFC3BD3A19144ED410419283	563BCC34D244D2B1CF196DD0B7FF825A5134381A	79DDC274B05D077375649452E077E1D06F0D7759308B1979BD7BEB91E2B5EA8C
C:\Users\user\AppData\Local\Temp\acrocef_low\1de47f2f-aae6-4c78-9eef-79ce395f5fa5.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538	59EE5E2FB56A099CAA8EDFD7AF821ED6	F5DC4F876768D57B69EC894ADE0A66E813BFED92	E100AAAA4FB2B3D78E3B6475C3B48BE189C5A39F73CFC2D22423F2CE928D3E75
C:\Users\user\AppData\Local\Temp\acrocef_low\3e71351b-e150-4c98-a8de-e83a4ff8ae41.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081	1D64D25345DD73F100517644279994E6	DE807F82098D469302955DCBE1A963CD6E887737	0A05C4CE0C4D8527D79A3C9CEE2A8B73475F53E18544622E4656C598BC814DFC
C:\Users\user\AppData\Local\Temp\acrocef_low\a5096bf5-0473-4d0b-a20e-cfaf9abcc7ed.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142	1A39CAAE4C5F8AD2A98F0756FFCBA562	279F2B503A0B10E257674D31532B01EA7DE0473F	57D198C7BDB9B002B8C9C1E1CCFABFE81C00FE0A1E30A237196A7C133237AA95
C:\Users\user\AppData\Local\Temp\acrocef_low\d52f25e8-183b-45d9-8167-07e81d141ff1.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022	5C48B0AD2FEF800949466AE872E1F1E2	337D617AE142815EDDACB48484628C1F16692A2F	F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 23:02:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	3A99413DC75932AC4D527A998684DCE0	3F014BBB1BC62259A0A0DF9FAB774C48C952F227	35C76FE0665E4137FF7F1B234E366D4B65FEDD90BF53B2745076612CED954904
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 23:02:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	07D54D956C06676641BF3FC081CB1F69	C19E14FBA53E2657DFB301E568AFCC414C9B3BF3	A298DF53461E9A2E879CABB8F25437F00AED5FD3BC88C6830DB314131E4A3EC7
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	FFE3E9E047527DF23B3CE4E7F61FE714	A24EEE0E233D8F0805DB4141AADCCC82A19204EA	F6F93EE3EC70FBC346AC0D83FD0594707883F9CAAE65FA019EE4B1287AC03792
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 23:02:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	221F3D3ECA2F2B11AF2CA125CE0F9771	D3FDCED3E3C0584FD0339372BCCBE154C1F32B62	B5FC302D7387AD71BDF9C10B7B3A6011C009F2DF549D270D33F65D5ED5CFB5D5
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 23:02:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	33FDB8FC99C2653D4AF6A8A83C8143D4	799ADED14DCC546AE32EE19FCE45AADE9BBEC7F9	95F076F9A57481F5F465C242A996A211145ACF514FA05F871D1965848E57235B
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 25 23:02:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	7B024B3880368F26F9F68279428F5844	3431891F79CB267674377782C759034C186D4FB8	9AD450D0197C4CFBAEED3C9518A530B08FA407ECC5F313B81A7DCB06A85B9BDC
Chrome Cache Entry: 220	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	95407664D6777D92E63257DF5814C794	E89791C12CA3E4F09B87BAB4E147A397940CCBA6	300E7BF53911658D3E6FEA6C70F64DC681881D7E28563FFA03DD43553AFB295C
Chrome Cache Entry: 221	ASCII text, with very long lines (391)	40F6233D2814AD4CB8BB8833EF7B15DD	C7DD3CD5FF22143FE10EACA93A93B62AC60C9334	C1F698FAE45B9A95567B373A08C08E05418123FC2D7E5BA0F0E4CAA5AA26CB21
Chrome Cache Entry: 222	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	CE10C5E13C148627ACE62AD7542395D6	4863E2FD9A15018BCE372C339B0C7D1B0F5FE98F	B07084658EB737DDBA1BC0B3DA4EFC0331009FF3968E4C6AF683F95C17E6368F
Chrome Cache Entry: 223	ASCII text, with very long lines (905), with no line terminators	C210FF81DE7E0052638F5B2B79B90884	FCE691B0414AB7AA9D9B3F0938780DEFF3227BB2	98D6020A5A99D43F0E628FC89D02825AD76A879D388EA5CB99366A5BC8526166
Chrome Cache Entry: 224	ASCII text, with no line terminators	7C75EAA17B37BC1FB911C80DBC99E4EB	447C43B1F1801D3923E154C8745100ED0B915012	0105D84E88CE0378E75A047F73F4B7845054BE0440FC588428B0A15F4ADE3C05
Chrome Cache Entry: 225	ASCII text, with no line terminators	F1C9C44E663E7E62582E3F5B236C1C72	E142F3A0C2D1CDF175A5C3AF43AD66FEFE208B1F	D843E67FBFA1F5CB0024062861EE26860C5A866F80755CF39B3465459A8538B9
Chrome Cache Entry: 226	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	0EAA75E84E3B5D76E26B5BDEF873465E	79DAEA62FA0952E79644B23305210D61B6CBB631	D375701BEED766135440CC65BD4CEDE9CC455C0116A362E124C3C2158EDCEFF4
Chrome Cache Entry: 227	Web Open Font Format (Version 2), TrueType, length 103152, version 3.1245	5891E05821CBF2402B6DD3F4A84CFE12	43371FC7DD74393CB3F1DE7F500164B4156A7A50	F536BAE011685CDEB84A3EC10450FD024D62536949D870582F4651CD47404067
Chrome Cache Entry: 228	ASCII text, with very long lines (2586)	E506518CB9EEE62FCE821CDFCF103A04	95789C5DA8D8A697C7E5F547D412D472C37B62DC	5E1F4CF12DFC323A1C780BD5F2FCEC73312B6A5EBDB3F7DD21F2FE4DD43D9D82
Chrome Cache Entry: 229	ASCII text, with very long lines (1694)	CDB8BB08C137773A94091E5E85ACFFE9	CE9A25B4017A830D6B805D2C342FA984B12E7745	159AB93A67F4BA67C744D860C854B66A111900D9DB152FFF313B18731F70DF26
Chrome Cache Entry: 230	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	A1485FAD16EDF8FA9F0863128AF0A1CE	4A6C9239C2594861C0E7D3A156954740208275CC	89DFD715B8E1150CE83F876DF83361B38A11F24FC0BD0922B39CA4CBC701B45F
Chrome Cache Entry: 231	ASCII text, with very long lines (1203)	D0A7B8CC43AA9D9BC37980573186F668	67262D9435233DD70B6713ABE6DAC956ADFAE617	F94934A2AB404905A25CAF02219F22337610B659D73A72C82EE8287D698BFD0B
Chrome Cache Entry: 232	ASCII text, with very long lines (557)	A63BA597DB629CC7ADDBF6C56D909653	E39D8B1BCCFF58A98C6F720B9C1D1E9390449A0A	9C3FBE8B962900D4467E7C9A9EF9A70C67F8774ED6508160B77F532C3DA294D2
Chrome Cache Entry: 233	ASCII text, with very long lines (764)	CBEE0CCFF203907FADBD4CC69AA64666	DC4DB3EFA298D0E1CDE9F325F2FF50F959AB3705	B6E268AD998935C1CACFFBC50EFE550C2D7D2D4CB85979C6EDEAD5C9D859D130
Chrome Cache Entry: 234	ASCII text	B1C9F2907832D28E4146E9BD0EA94FE5	163CC7729917A90E1674A1F252C80B147A5ED051	C8DCA6EAEF71BEE988E6332CC042BAE4ECECBD4F284E8DDBFE1A1FD2C9EBB709
Chrome Cache Entry: 235	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 236	ASCII text, with very long lines (917), with no line terminators	1C198DB4E52CA0F0EC5C4E89D0DB69FD	1C0079ACB0D7654CD2EB8756E0010E40472A44D0	976337360896BE6181ABC9ACF41660D0DFB5BE58B0EC191F5B672090AED58B1D
Chrome Cache Entry: 237	HTML document, ASCII text, with no line terminators	1B7523253D91A7354BA7160449294A88	D91D626058B9BEAA0B61F3BC907EDA84D6AFE494	1EFA8B6AAFD95E18AC036DC88AF3360ED634C36D94C3D246F46066ED82A7FCB6
Chrome Cache Entry: 238	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	4CA44276900C09211C7F8D543CDCBD46	7726D58BEADE37D5A4699B0AD36988307F9200C4	DF97EA9E90D84C23DB7338BDCF8DD7A112C79A2F6C73C2B45B99AF80E4176828
Chrome Cache Entry: 239	ASCII text, with very long lines (764)	CBEE0CCFF203907FADBD4CC69AA64666	DC4DB3EFA298D0E1CDE9F325F2FF50F959AB3705	B6E268AD998935C1CACFFBC50EFE550C2D7D2D4CB85979C6EDEAD5C9D859D130
Chrome Cache Entry: 240	ASCII text, with very long lines (570)	549610E92A799D6DCA63777F49A2C274	37FE6C3BD9A7B71B020751AECA4CF18E11A9B0AB	30FEA7F5C990065189C2E22B04B07E201591355052C970D524F15B948A48EFBD
Chrome Cache Entry: 241	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	DDECDC14E76B9EE9DF4726E7C12D1776	8682F56C2772AEF2D148F40E146BF853B13FF1BF	3A61245F7AC1C41ABDC7EB7B95FEBECB7D6A9E88E4D564F21833E3BA88EF8847
Chrome Cache Entry: 242	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	F3418A443E7D841097C714D69EC4BCB8	49263695F6B0CDD72F45CF1B775E660FDC36C606	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
Chrome Cache Entry: 243	ASCII text, with very long lines (5162), with no line terminators	7977D5A9F0D7D67DE08DECF635B4B519	4A66E5FC1143241897F407CEB5C08C36767726C1	FE8B69B644EDDE569DD7D7BC194434C57BCDF60280078E9F96EEAA5489C01F9D
Chrome Cache Entry: 244	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	DDECDC14E76B9EE9DF4726E7C12D1776	8682F56C2772AEF2D148F40E146BF853B13FF1BF	3A61245F7AC1C41ABDC7EB7B95FEBECB7D6A9E88E4D564F21833E3BA88EF8847
Chrome Cache Entry: 245	ASCII text, with very long lines (1302)	DF907C9E6BC048EA1505930FAB9010A9	51FF7084F44C713E30335C5D30CFC1AAC8F34774	B3B7340EE6C9240EE8FCFEDA03C6EF4CE7DB0DD0DC213B19C8D4C87ADDC15105
Chrome Cache Entry: 246	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	86179E7A662998687290621B26C17DB5	3940655C86D6CB6A903AF2A11BE6841332E58CED	B58FAAC0139AD2B90A3ABE54C7515FBEB0B1CF8F5CA88BEC064706B8E3A981E7
Chrome Cache Entry: 247	Web Open Font Format (Version 2), TrueType, length 15996, version 1.0	CC536892EABDE0EAEB81493BDA8E189A	15C0180AD7BDF9D0F963747447BC9446FC42D2DC	97399A2914C593DA2895D9729AA0170A1956E91EE54CF7550696691949558A37
Chrome Cache Entry: 248	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	AC0988CF6F19732322A917C3C3D7288D	20421058057542F50B38DF143F1EC48B671E0677	BA32E274A78AFB8194B5CD13B7513292249455806D12B4905FA0923EE814C78E
Chrome Cache Entry: 249	SVG Scalable Vector Graphics image	A371D1ADD8D95D9A5AC0222DBFC707DA	B273236FC088B58AEC5BE2E7CD642E290C31CBF3	0A11003900B5593A71CFAB463C2A5E7D2588B251F697EAE8B64946F4D178FE54
Chrome Cache Entry: 250	ASCII text, with very long lines (915), with no line terminators	EE02F87B39F3803C92B3217918020D4E	E184BC16CDA6FA82C222341579514639E0F289D0	8DB75F26868AB3251B090B4C090DC344F2481006E6DACE8F825280208BAED935
Chrome Cache Entry: 251	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	CE23C4CB379C32AE54DF13CA22DE161C	A8532339309E8572140F4CE343CAFF7B187029E6	1F00BF732DFC5A8C7885885117D9C3A44F25EA1F31E92C52237C76D7BF908525
Chrome Cache Entry: 252	ASCII text, with very long lines (2768)	04D1F5F13943B51E038E02C5C71DD89E	01FE871093776CE07473F5FBE9CB554D7589CD5C	92110863BEFFBB09C6313CEFF62EE3B56B51E2BB2B04E7AE029EB7FF288E8F27
Chrome Cache Entry: 253	PNG image data, 120 x 26, 8-bit/color RGBA, non-interlaced	E7F93D3CBA7BEE6C156EDE0ADEFECB7D	386AEDAAB7E0F0193F98B8EA215E52D1658AF74F	AE4F8BA0AE391774145C88B44327756778982AB63F722A4F38F8F0319ED5466B
Chrome Cache Entry: 254	ASCII text, with very long lines (522)	CB6AE28110B58D1B9F1CDA63A880654D	0267F1BBC81DE05E2F3A33F5AA1B0D624C93DF8E	C99D1EA69DADFEDA8AF7A835271791CAFB34BF58D1A477A2CC022E2938DB403F
Chrome Cache Entry: 255	Unicode text, UTF-8 text, with very long lines (6048)	C35F9C7919080A107D698E37E97FE258	71FFE8E90A2EACAE8631207D4C0751A86B15235F	B997583456FE8B520E3077654A0066ED14330D053765EFB003BB64E83B9C6B02
Chrome Cache Entry: 256	PNG image data, 288 x 288, 8-bit colormap, non-interlaced	58C4DDE30BC77AB9E25A470AB8C139CB	79C931CB38C0E381FBBAFDE56BD6A792F0D126F5	974B447701E8F339AE789E6712573F09DDD9006522E26A9C1F193B1202640AD3
Chrome Cache Entry: 257	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	A1485FAD16EDF8FA9F0863128AF0A1CE	4A6C9239C2594861C0E7D3A156954740208275CC	89DFD715B8E1150CE83F876DF83361B38A11F24FC0BD0922B39CA4CBC701B45F
Chrome Cache Entry: 258	ASCII text, with very long lines (533)	2F3196E4FD1F65418F22902FF5B79318	3A27E4785AC3325D21307ACC736D1180889819BB	F5390743638AC795C6656BE835E71DECB27DD654B6C683802246F8243FCFED68
Chrome Cache Entry: 259	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	8ED6586A85FE477ABA437425280266AC	5EF1C567E0E7AE2C389FC20C3AE9C98A3BF2CA8C	A0A4F406ACB9922E59B71E763754893819403D585404C1B0C9B917293FA99CB8
Chrome Cache Entry: 260	Web Open Font Format (Version 2), TrueType, length 52280, version 1.0	F61F0D4D0F968D5BBA39A84C76277E1A	AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2	57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC
Chrome Cache Entry: 261	PNG image data, 3396 x 1920, 8-bit/color RGB, non-interlaced	A4D9107960AE4E4F79E6A36DF931EF5D	35704C698FCCD795B8F19DA76672A72C00422857	FBBBC78E85DFA4F2B390E6DC2F3850D0F5247D16B5FD525093331572AA79AE84
Chrome Cache Entry: 262	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	CE10C5E13C148627ACE62AD7542395D6	4863E2FD9A15018BCE372C339B0C7D1B0F5FE98F	B07084658EB737DDBA1BC0B3DA4EFC0331009FF3968E4C6AF683F95C17E6368F
Chrome Cache Entry: 263	ASCII text, with very long lines (1307), with no line terminators	91BF5EFA9001BEA121FA9F51ED6DFC8E	C72B41A3D9F745AFD00AC0C49A1F5AC58F523613	280BBAD3EF51ECB1FC3F09669709140A5B6442B6BFBD5D95A10537E9D3479163
Chrome Cache Entry: 264	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	048844E6D7C74FB25F495EADED1C91B7	E8C464A491D9D03138BE2E5719DAE03A86E7B343	0A44F98D5ADEC463FA3FDDCA7163E694BC1D93DF57C916F3771602193899BB7C
Chrome Cache Entry: 265	ASCII text, with very long lines (1307), with no line terminators	B174841A2C7D524A0F7DB1135FF43CC4	D9FBE8DD3EB3C7B28613805605714ACC4D6C5AD1	541118431FD77EB5EDBABC836DC4D156EFF47531BCAA82A853C60B80127E1208
Chrome Cache Entry: 266	ASCII text, with no line terminators	10B28537D95E3ED37E55E1DD785470A3	F2A7BA38BD4CFE305B998AD3F0D35707307AE124	2FAE6002B76646AE16E8A40363DFA9E3D58A1975D285A59183CE65C918152043
Chrome Cache Entry: 267	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	A67B837E46BB187D5DC9E5A2C77E82CB	683EBB2C0AF4CB080E1D904AEB7015858959924F	703D3FC191D5F8A9835EA55596EF58A85D66E54C4303B96CEB8E185C2C922B53
Chrome Cache Entry: 268	very short file (no magic)	C4CA4238A0B923820DCC509A6F75849B	356A192B7913B04C54574D18C28D46E6395428AB	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
Chrome Cache Entry: 269	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	F3418A443E7D841097C714D69EC4BCB8	49263695F6B0CDD72F45CF1B775E660FDC36C606	6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
Chrome Cache Entry: 270	ASCII text, with very long lines (2768)	04D1F5F13943B51E038E02C5C71DD89E	01FE871093776CE07473F5FBE9CB554D7589CD5C	92110863BEFFBB09C6313CEFF62EE3B56B51E2BB2B04E7AE029EB7FF288E8F27
Chrome Cache Entry: 271	ASCII text, with very long lines (916), with no line terminators	6F549AAA1BD4D44A4500C16B50B674DC	E1BBE705EF83700FE5C82EF3613780B702D19B83	3873641EFD21FF13E686A0BBC7717BC57E6385B9CBDE2E8C907C64E9A428D7D0
Chrome Cache Entry: 272	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	B34FCCBD0C8711ECD008A6EFF2CFD66C	1240231C36A07A0F052B45C6E6499E10C883A036	F1DF3320F78ADD53E1D29BEC727FA105CACFC7DCDBA203955AC34313C9E34606
Chrome Cache Entry: 273	HTML document, ASCII text, with very long lines (54631)	4DD2869E1132D8E89FD2F0824E2692CE	3868BBD7E0AF1E6CAD51EFDE328C2EC990634AF0	2CCAC7E12C2593A7C2C80FA443B171001099B4C5149199135D0EF20880C5CB62
Chrome Cache Entry: 274	ASCII text, with no line terminators	90FFA64841C8FC1778F60620FB7C9E0F	6CD0D3B3152F09BA439302A282E703C734CF10A1	D6CDD58A26D95153147EFD5CB07AADAE324BD25C0A0A33648087E295C610382B
Chrome Cache Entry: 275	ASCII text, with very long lines (1104)	C921860077EF44529017768CABAB6375	8BEC170B733D7B903EEBA33088C9D7D20CCF2F41	01F0C6AD519D503B526BCBF47255A5DA73A758F2CE9BEFE7CEB4FDCBC4EC8B40
Chrome Cache Entry: 276	ASCII text, with very long lines (557)	A63BA597DB629CC7ADDBF6C56D909653	E39D8B1BCCFF58A98C6F720B9C1D1E9390449A0A	9C3FBE8B962900D4467E7C9A9EF9A70C67F8774ED6508160B77F532C3DA294D2
Chrome Cache Entry: 277	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	8ED6586A85FE477ABA437425280266AC	5EF1C567E0E7AE2C389FC20C3AE9C98A3BF2CA8C	A0A4F406ACB9922E59B71E763754893819403D585404C1B0C9B917293FA99CB8
Chrome Cache Entry: 278	ASCII text, with very long lines (570)	549610E92A799D6DCA63777F49A2C274	37FE6C3BD9A7B71B020751AECA4CF18E11A9B0AB	30FEA7F5C990065189C2E22B04B07E201591355052C970D524F15B948A48EFBD
Chrome Cache Entry: 279	ASCII text, with very long lines (907), with no line terminators	7918200D6703828AA575AEE16325FF1A	1911CAD6CB1732A181461D6F644FA2063792DBB8	E6838B05C6E3EF1FDC908B93697400F39CAB6BF52685BBBCFFA79C9412D5B470
Chrome Cache Entry: 280	ASCII text, with very long lines (906), with no line terminators	465001085E864C68C832FD1FD64650F8	62C63AF215748B411FC02D622FEA0B0D2502A8D7	0A282ECD1DBE532F8B94C01DECDE3FA1486217B535ECED9A841713BEBCF66C9A
Chrome Cache Entry: 281	ASCII text, with very long lines (3968)	FBAA5350EA1E35997F589FC49947ACCC	FC9253EC0B5DEA916B9255FB0445E99C733164C8	49176B244DE4B07D2A8A79CD8663A2FCED053ACC22B1807929521665D09F3E3A
Chrome Cache Entry: 282	ASCII text, with very long lines (2343)	575B5480531DA4D14E7453E2016FE0BC	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
Chrome Cache Entry: 283	ASCII text, with very long lines (5693)	16A58A614C1A7FDFD4F1612E501DC026	4B3F6D2D4F36D0595AF9F499A24E7C73E0389078	9A4CBCBA7E48500E5061F8052739CC7ECA3DE6209294CA5F186FFCFE736B79DC
Chrome Cache Entry: 284	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	7F6EB4EC32BE7A2D55850375C4FA6358	B6B2D97AC3F3EB6FA9F5B4B365605CC196A3CEDF	61C965D927840A8A4857C6D4A0B098B48A9B3EFC5F81656E81343B7FBC17E4E2
Chrome Cache Entry: 285	ASCII text, with very long lines (683)	9F0C7A347DC37CA3118F4B65598C226E	50FC1B6D82BC2991BF06F07DDCE8CFD540D2B5AA	2E97BF41C7C4C1708292E4FD91E03BC7B74FD0CED3A3DCA7C0AE77400D49060C
Chrome Cache Entry: 286	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	B34FCCBD0C8711ECD008A6EFF2CFD66C	1240231C36A07A0F052B45C6E6499E10C883A036	F1DF3320F78ADD53E1D29BEC727FA105CACFC7DCDBA203955AC34313C9E34606
Chrome Cache Entry: 287	PNG image data, 120 x 26, 8-bit/color RGBA, non-interlaced	E7F93D3CBA7BEE6C156EDE0ADEFECB7D	386AEDAAB7E0F0193F98B8EA215E52D1658AF74F	AE4F8BA0AE391774145C88B44327756778982AB63F722A4F38F8F0319ED5466B
Chrome Cache Entry: 288	ASCII text, with very long lines (907), with no line terminators	359925115EC9501ACA90636CFBBF2674	38DF70E0F9680969B93F9D042BFC7AD389959FB1	D1BD827179713E735AA084FBF4691A14C86D8B8172F9A1BE0CF042F157C72516
Chrome Cache Entry: 289	ASCII text, with very long lines (1694)	CDB8BB08C137773A94091E5E85ACFFE9	CE9A25B4017A830D6B805D2C342FA984B12E7745	159AB93A67F4BA67C744D860C854B66A111900D9DB152FFF313B18731F70DF26
Chrome Cache Entry: 290	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	7189438B65FFFABAEC412E3521A50F49	568D4132EE91FA14DEFFA2E3925F50B99A50065D	FA52B3F8386F0370B37531601A6137BFBE39A4C2BEC8E724CB7E0E328FD8D7ED
Chrome Cache Entry: 291	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	4FBE61206A7C12DDDD6EFEB3C348E9D5	E73A1B9ECCA51A70DDA864D63EE24D4BB7348CA1	17FD5A15FF2D0FFB050224CA1D81E01B8088E5ED6F07A4BE28292E89682C4048
Chrome Cache Entry: 292	ASCII text, with very long lines (2199)	F804F62127E351B24C131D521B73A657	5287AFCBBBDD5C62506EAE2BCFF359C5A7907812	FFACE13AE112A253E99FB74EB69FB02CF6698EEE1D8EF55F03FAE545680B128E
Chrome Cache Entry: 293	ASCII text, with very long lines (5693)	16A58A614C1A7FDFD4F1612E501DC026	4B3F6D2D4F36D0595AF9F499A24E7C73E0389078	9A4CBCBA7E48500E5061F8052739CC7ECA3DE6209294CA5F186FFCFE736B79DC
Chrome Cache Entry: 294	ASCII text, with very long lines (909), with no line terminators	CDF719E6C93FA8D0794F7B22D9318762	1CA062BFF6E2B52D195011316AAD997225DEC7B9	87E7D6121D242977EA3E746F2576E061648BD7AC3ADCEF7A77F97ACD8F1C5593
Chrome Cache Entry: 295	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	86179E7A662998687290621B26C17DB5	3940655C86D6CB6A903AF2A11BE6841332E58CED	B58FAAC0139AD2B90A3ABE54C7515FBEB0B1CF8F5CA88BEC064706B8E3A981E7
Chrome Cache Entry: 296	Unicode text, UTF-8 text, with very long lines (6048)	C35F9C7919080A107D698E37E97FE258	71FFE8E90A2EACAE8631207D4C0751A86B15235F	B997583456FE8B520E3077654A0066ED14330D053765EFB003BB64E83B9C6B02
Chrome Cache Entry: 297	ASCII text, with very long lines (2310)	F4277AEC3C0E231ABB454A9068C513D4	E110BC8C8F5A393C799F6B0D9D7889C83506F4BB	DC4E82EEEC0EBA051EBD04C08CFF72862EC39B3FF9B55B0C093F15B758F81C7A
Chrome Cache Entry: 298	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 299	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	24A07BB6C54E9FDD7569B317F24B26FB	046FCD8D47CC7CCF81947A4A5AC7F8BA7BA13A93	02CE36EBFE4CC68CB527B50BFE706F9D3A679A0A6E8D42E7A7B890C66951990C
Chrome Cache Entry: 300	PNG image data, 155 x 155, 8-bit/color RGBA, non-interlaced	1DBF72BB19B804BBE3DBEBA082928F79	96AFB1E7F50755E2D8F0E75AA248258ABC94B004	72108F86CAE18712175896CF55EDAC220103E1ED1D825B79EA364CC6E98933F7
Chrome Cache Entry: 301	HTML document, ASCII text, with very long lines (5642)	F88ECB4EA3D0FFDB65F4C5A12AD173CF	5F367DE7980991B790EAB4D28E293F883720FF87	6F6D6DD6C3FD4B0F59C1BBB61857EF8D5B2DEE34E49793AC7C9B4EFF442C777D
Chrome Cache Entry: 302	ASCII text, with very long lines (469)	F54DECFE5159D6A3E54A1E904B9E4E8D	9A8C7690580D3C026CF5334A85554B97EAC127ED	29BF215462714C08E95464FE2182AE8BF8A0231CEBB58A1E3376024A45608F66
Chrome Cache Entry: 303	ASCII text, with very long lines (2586)	E506518CB9EEE62FCE821CDFCF103A04	95789C5DA8D8A697C7E5F547D412D472C37B62DC	5E1F4CF12DFC323A1C780BD5F2FCEC73312B6A5EBDB3F7DD21F2FE4DD43D9D82
Chrome Cache Entry: 304	PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced	1B1F39C8352254F34FAF2D93BAA4B0CE	575957AFE30E2C60C91AC76019C58A3EC1AC6A44	9CEA119E265DB3CB32F59FD8211FDDCA7DFCD9ACB76BB229853F133305CF43CF
Chrome Cache Entry: 305	ASCII text	27F180956774D0ED52C65CEA8E0D4F09	1DB68F34D1D0279D1364261A1DF7790DE6439110	B4686D1F9905BA4CA42EB7B9E8E595D8CF6E9823EE3079E38791884626365730
Chrome Cache Entry: 306	Web Open Font Format (Version 2), TrueType, length 111740, version 3.1245	9D29F1486DD481BF7C46269CE654AEFC	F3570B6E8BD08DEE3F1F3F99926BC44ACCE45653	38970BA98BAC697CCCB7B119CC7474F832398B8B0366740ED89219B6588A6517
Chrome Cache Entry: 307	ASCII text, with very long lines (4005)	F10030C11ADD315E043B65E41AA7254A	286D8F55E81CD13AC68B87E321B93A4DFB71EC44	B0DF1F414593AECA0C09A22E6F6C0C5D0AC5280D16D064DD5FF46F0E0902B476
Chrome Cache Entry: 308	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	CE23C4CB379C32AE54DF13CA22DE161C	A8532339309E8572140F4CE343CAFF7B187029E6	1F00BF732DFC5A8C7885885117D9C3A44F25EA1F31E92C52237C76D7BF908525
Chrome Cache Entry: 309	HTML document, ASCII text, with very long lines (724)	D7447B2D8E7EA81C4D672DA1A3674A4F	25BBD995A0601CF56CCEFB069890F4CA3BF95E4C	DA5859707D9DB2A1475231FC10BA7C6FFA4726DCB81215D840B1C03D082892F3
Chrome Cache Entry: 310	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	048844E6D7C74FB25F495EADED1C91B7	E8C464A491D9D03138BE2E5719DAE03A86E7B343	0A44F98D5ADEC463FA3FDDCA7163E694BC1D93DF57C916F3771602193899BB7C
Chrome Cache Entry: 311	Web Open Font Format (Version 2), TrueType, length 111192, version 3.1245	823F35A845A9DFBF9800C8A37B635269	C3064C7E34213E30493C6A972F3D66F4D145885B	AAA02AA09B0BC5BC5C57095AAA6E15BEA07480136E9AAB705F69886DAA213325
Chrome Cache Entry: 312	ASCII text, with very long lines (522)	CB6AE28110B58D1B9F1CDA63A880654D	0267F1BBC81DE05E2F3A33F5AA1B0D624C93DF8E	C99D1EA69DADFEDA8AF7A835271791CAFB34BF58D1A477A2CC022E2938DB403F
Chrome Cache Entry: 313	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	FBE36EB2EECF1B90451A3A72701E49D2	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
Chrome Cache Entry: 314	ASCII text	27F180956774D0ED52C65CEA8E0D4F09	1DB68F34D1D0279D1364261A1DF7790DE6439110	B4686D1F9905BA4CA42EB7B9E8E595D8CF6E9823EE3079E38791884626365730
Chrome Cache Entry: 315	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	4CA44276900C09211C7F8D543CDCBD46	7726D58BEADE37D5A4699B0AD36988307F9200C4	DF97EA9E90D84C23DB7338BDCF8DD7A112C79A2F6C73C2B45B99AF80E4176828
Chrome Cache Entry: 316	ASCII text, with very long lines (4005)	F10030C11ADD315E043B65E41AA7254A	286D8F55E81CD13AC68B87E321B93A4DFB71EC44	B0DF1F414593AECA0C09A22E6F6C0C5D0AC5280D16D064DD5FF46F0E0902B476
Chrome Cache Entry: 317	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	4FBE61206A7C12DDDD6EFEB3C348E9D5	E73A1B9ECCA51A70DDA864D63EE24D4BB7348CA1	17FD5A15FF2D0FFB050224CA1D81E01B8088E5ED6F07A4BE28292E89682C4048
Chrome Cache Entry: 318	ASCII text, with very long lines (391)	40F6233D2814AD4CB8BB8833EF7B15DD	C7DD3CD5FF22143FE10EACA93A93B62AC60C9334	C1F698FAE45B9A95567B373A08C08E05418123FC2D7E5BA0F0E4CAA5AA26CB21
Chrome Cache Entry: 319	ASCII text, with very long lines (908), with no line terminators	DBDB9E3D88FC9B7D49E6C81881479EF1	C65DE78EED6722A7A49268868EB45106C138DC92	493B7E72488553EEBE5A8F9DB16646D02C278C6A0AF197160DB4A2E15BC22681
Chrome Cache Entry: 320	ASCII text, with very long lines (3968)	FBAA5350EA1E35997F589FC49947ACCC	FC9253EC0B5DEA916B9255FB0445E99C733164C8	49176B244DE4B07D2A8A79CD8663A2FCED053ACC22B1807929521665D09F3E3A
Chrome Cache Entry: 321	ASCII text, with no line terminators	BEEDCB4EB0A559E6CE2D1E20D38CB330	A04EE9801770C0E81B170D7992EC3735E878AA58	6E9D99B87595B07B10676B68EBE9AA8B63DF7D9A74F59CC91EED60EA1FBDC6EF
Chrome Cache Entry: 322	HTML document, ASCII text, with very long lines (31781), with CRLF line terminators	28862166F70B65D19D97C6F57AB48DFC	842667923397FFD10A32D31441CC8F47104882AF	76B1802F763ACF81E3A2AD5342D970982B0DAC0E09DE1E1961ED3746ECE110BC
Chrome Cache Entry: 323	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	95407664D6777D92E63257DF5814C794	E89791C12CA3E4F09B87BAB4E147A397940CCBA6	300E7BF53911658D3E6FEA6C70F64DC681881D7E28563FFA03DD43553AFB295C
Chrome Cache Entry: 324	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	0EAA75E84E3B5D76E26B5BDEF873465E	79DAEA62FA0952E79644B23305210D61B6CBB631	D375701BEED766135440CC65BD4CEDE9CC455C0116A362E124C3C2158EDCEFF4
Chrome Cache Entry: 325	ASCII text, with very long lines (65536), with no line terminators	3D0909E3F2988A21B95C0386C1B297C5	39C6108F6F6D09430365257F815C45C480C7D635	CF32EA39593EEBEB56423778558D006C1DD17BB06E4D93D5520C4C2E224EF24D
Chrome Cache Entry: 326	ASCII text, with very long lines (2199)	F804F62127E351B24C131D521B73A657	5287AFCBBBDD5C62506EAE2BCFF359C5A7907812	FFACE13AE112A253E99FB74EB69FB02CF6698EEE1D8EF55F03FAE545680B128E
Chrome Cache Entry: 327	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	7189438B65FFFABAEC412E3521A50F49	568D4132EE91FA14DEFFA2E3925F50B99A50065D	FA52B3F8386F0370B37531601A6137BFBE39A4C2BEC8E724CB7E0E328FD8D7ED
Chrome Cache Entry: 328	very short file (no magic)	C4CA4238A0B923820DCC509A6F75849B	356A192B7913B04C54574D18C28D46E6395428AB	6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
Chrome Cache Entry: 329	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	24A07BB6C54E9FDD7569B317F24B26FB	046FCD8D47CC7CCF81947A4A5AC7F8BA7BA13A93	02CE36EBFE4CC68CB527B50BFE706F9D3A679A0A6E8D42E7A7B890C66951990C
Chrome Cache Entry: 330	ASCII text, with no line terminators	4B847D6DC110194217A51F82A5511798	960C63FB35EBE8A299DDAD613C773B886FC90340	3DDE3794451C01C0B9349D87A4D6E74057A0502279EB8EE20E0F1306B27CE9EE
Chrome Cache Entry: 331	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	77C8483BC6A16664E5622E7D4ABAAEF6	7EEB5C99555FFC07827D5A47941296823A6A919C	F5B90101A8103328FA19749E8E05CE5B235CBEECD070B0DB3A63A37D5587CA7C
Chrome Cache Entry: 332	ASCII text, with very long lines (5945)	CD3AE1048CDB4AF80D6E0311E1EE874D	339D57C0D3A5063A082FC127FCD62324F67D1957	CFBF7B5B651CD00801E336A1C125D244E906903E4E271AA56511340B0D45DAC1
Chrome Cache Entry: 333	PNG image data, 155 x 155, 8-bit/color RGBA, non-interlaced	1DBF72BB19B804BBE3DBEBA082928F79	96AFB1E7F50755E2D8F0E75AA248258ABC94B004	72108F86CAE18712175896CF55EDAC220103E1ED1D825B79EA364CC6E98933F7
Chrome Cache Entry: 334	ASCII text, with no line terminators	90FFA64841C8FC1778F60620FB7C9E0F	6CD0D3B3152F09BA439302A282E703C734CF10A1	D6CDD58A26D95153147EFD5CB07AADAE324BD25C0A0A33648087E295C610382B
Chrome Cache Entry: 335	ASCII text, with very long lines (919), with no line terminators	710B7E3B485D3BBD6F96EF693182F0EF	4A0BC32A4480D1CF07B8157A89685E5EE6774AC2	EB117E0AC646ECFFAB3D3CA217D4ABB3B81700B34C43DE9BF3B7F58485987FA4
Chrome Cache Entry: 336	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	A67B837E46BB187D5DC9E5A2C77E82CB	683EBB2C0AF4CB080E1D904AEB7015858959924F	703D3FC191D5F8A9835EA55596EF58A85D66E54C4303B96CEB8E185C2C922B53
Chrome Cache Entry: 337	ASCII text, with very long lines (1104)	C921860077EF44529017768CABAB6375	8BEC170B733D7B903EEBA33088C9D7D20CCF2F41	01F0C6AD519D503B526BCBF47255A5DA73A758F2CE9BEFE7CEB4FDCBC4EC8B40
Chrome Cache Entry: 338	ASCII text, with very long lines (917), with no line terminators	912BFF9F6FD68AFAB5C8EE00883C8C79	A2C627928C3AE2036EC01F547999D8766E6AF64C	DAC188C78FFD0E9ABF3698F40B3FAB8624F30CAF81FDCB91582D802EA04E7A71
Chrome Cache Entry: 339	ASCII text, with very long lines (469)	F54DECFE5159D6A3E54A1E904B9E4E8D	9A8C7690580D3C026CF5334A85554B97EAC127ED	29BF215462714C08E95464FE2182AE8BF8A0231CEBB58A1E3376024A45608F66
Chrome Cache Entry: 340	ASCII text, with very long lines (2343)	575B5480531DA4D14E7453E2016FE0BC	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
Chrome Cache Entry: 341	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	2AAC7F580EE8C66ACF54DAC0ACC95DAA	23A7F3ADDB13338BEAEE158512E612FB6587567B	52C68BC25C43D062CF949A60EA05D08B27F96BCA68C23164018BC62FC9B87491
Chrome Cache Entry: 342	SVG Scalable Vector Graphics image	A371D1ADD8D95D9A5AC0222DBFC707DA	B273236FC088B58AEC5BE2E7CD642E290C31CBF3	0A11003900B5593A71CFAB463C2A5E7D2588B251F697EAE8B64946F4D178FE54
Chrome Cache Entry: 343	ASCII text	C6E903971EA447C3F93C6CA50E53F720	62CAE431C169858655C5C402C6D407232BECFF25	ADA4D0A561DDCD8909FA775BB11E32327C27D1B688C7251F46BB3304ACF43F7B
Chrome Cache Entry: 344	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	7F6EB4EC32BE7A2D55850375C4FA6358	B6B2D97AC3F3EB6FA9F5B4B365605CC196A3CEDF	61C965D927840A8A4857C6D4A0B098B48A9B3EFC5F81656E81343B7FBC17E4E2
Chrome Cache Entry: 345	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	AC0988CF6F19732322A917C3C3D7288D	20421058057542F50B38DF143F1EC48B671E0677	BA32E274A78AFB8194B5CD13B7513292249455806D12B4905FA0923EE814C78E
Chrome Cache Entry: 346	ASCII text, with very long lines (1302)	DF907C9E6BC048EA1505930FAB9010A9	51FF7084F44C713E30335C5D30CFC1AAC8F34774	B3B7340EE6C9240EE8FCFEDA03C6EF4CE7DB0DD0DC213B19C8D4C87ADDC15105
Chrome Cache Entry: 347	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	77C8483BC6A16664E5622E7D4ABAAEF6	7EEB5C99555FFC07827D5A47941296823A6A919C	F5B90101A8103328FA19749E8E05CE5B235CBEECD070B0DB3A63A37D5587CA7C
Chrome Cache Entry: 348	ASCII text, with very long lines (404)	562AF5C904D400C7D4673BA875F569BB	B964B17220167F72804A83E73CAD17D2FB3E27C3	A7DD4DF79B8BC77FAFD8E5ED631E4CD3C5A6556F97F038A8D54FD2916EF509F3
Chrome Cache Entry: 349	PNG image data, 3396 x 1920, 8-bit/color RGB, non-interlaced	A4D9107960AE4E4F79E6A36DF931EF5D	35704C698FCCD795B8F19DA76672A72C00422857	FBBBC78E85DFA4F2B390E6DC2F3850D0F5247D16B5FD525093331572AA79AE84
Chrome Cache Entry: 350	ASCII text, with very long lines (5945)	6DAC011FF220BBF887FFE6D56959F916	6952F01989F98BE9E3E7A869A4200683867C040D	BA50C4CD3265D9550E1A37BA9AC7FF6E84C4BA03882394314D5807DE9997C8CC
Chrome Cache Entry: 351	PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced	2AAC7F580EE8C66ACF54DAC0ACC95DAA	23A7F3ADDB13338BEAEE158512E612FB6587567B	52C68BC25C43D062CF949A60EA05D08B27F96BCA68C23164018BC62FC9B87491
Chrome Cache Entry: 352	ASCII text, with very long lines (2310)	CD3B57BBEDF374D2332DC92640591997	739F79CDEEB115044D4B0C1E01322E1575890E74	21A28E7F00617A69F9F130300FD7E114AA883D0A887F83FC92720B45A8C0E064
Chrome Cache Entry: 353	ASCII text, with very long lines (906), with no line terminators	B5C500E5CE265F8DD0D08A2C75FD51F2	F4F566E29B5A5810EDF368DB24436B31195F1E7A	94CE52CD13A8A2AA607C6EF681D7E6BDD847EB6D631932DB7CECA67B3EC21FFA
Chrome Cache Entry: 354	PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced	1B1F39C8352254F34FAF2D93BAA4B0CE	575957AFE30E2C60C91AC76019C58A3EC1AC6A44	9CEA119E265DB3CB32F59FD8211FDDCA7DFCD9ACB76BB229853F133305CF43CF
Chrome Cache Entry: 355	ASCII text	0B414B7DB9A539E8EE336BCDCA5F8FDD	CB596295697D8D7CBAB3FE7C9FEAC1AC35FF384B	40760A00D5366341EFF02BFD114E8FB328DD3926295073397F0CAA00B7E3B070
Chrome Cache Entry: 356	ASCII text, with very long lines (533)	2F3196E4FD1F65418F22902FF5B79318	3A27E4785AC3325D21307ACC736D1180889819BB	F5390743638AC795C6656BE835E71DECB27DD654B6C683802246F8243FCFED68
Chrome Cache Entry: 357	HTML document, ASCII text, with very long lines (724)	D7447B2D8E7EA81C4D672DA1A3674A4F	25BBD995A0601CF56CCEFB069890F4CA3BF95E4C	DA5859707D9DB2A1475231FC10BA7C6FFA4726DCB81215D840B1C03D082892F3
Chrome Cache Entry: 358	ASCII text, with very long lines (3168), with no line terminators	4821AF91EA69D4B12822A1B7FD116EE1	CF453003E8727081FCF75A1A0E683FB1534E5240	D4E193083A57FFD9E7CE23B7347A2DD1F63F8D36961301E48F74B52889599C1C
Chrome Cache Entry: 359	PNG image data, 288 x 288, 8-bit colormap, non-interlaced	58C4DDE30BC77AB9E25A470AB8C139CB	79C931CB38C0E381FBBAFDE56BD6A792F0D126F5	974B447701E8F339AE789E6712573F09DDD9006522E26A9C1F193B1202640AD3
Chrome Cache Entry: 360	ASCII text, with very long lines (683)	9F0C7A347DC37CA3118F4B65598C226E	50FC1B6D82BC2991BF06F07DDCE8CFD540D2B5AA	2E97BF41C7C4C1708292E4FD91E03BC7B74FD0CED3A3DCA7C0AE77400D49060C

Windows Analysis Report
A095176990000.pdf

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report A095176990000.pdf

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
A095176990000.pdf