Windows Analysis Report
https://app.auditi.de/responder

Overview

General Information

Sample URL:	https://app.auditi.de/responder
Analysis ID:	1432060
Infos:

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

Found iframes

Source: https://app.auditi.de/responder

HTTP Parser: Iframe src: /webviewer/./ui/index.html#a=1&disabledElements=thumbnailControl%2CtoggleCompareModeButton%2CnoteState%2CtoolbarGroup-Insert%2CtoolbarGroup-Shapes%2CtoolbarGroup-Edit%2CtoolbarGroup-FillAndSign%2CtoolbarGroup-Forms%2CaddReplyAttachmentButton%2CdownloadButton&readonly=1&filepicker=0&pdfnet=0&enableRedaction=0&disableVirtualDisplayMode=0&enableMeasurement=0&notesInLeftPanel=0&autoExpandOutlines=0&enableAnnotationNumbering=0&enableOfficeEditing=0&singleServerMode=false&selectAnnotationOnCreation=0&autoFocusNoteOnAnnotationSelection=1&disableMultiViewerComparison=1&showInvalidBookmarks=1&id=1&basePath=%2Fresponder&webViewerJSVersion=10.6.0

HTML body contains low number of good links

Source: https://app.auditi.de/responder	HTTP Parser: Number of links: 1
Source: https://app.auditi.de/login	HTTP Parser: Number of links: 1

HTML title does not match URL

Source: https://app.auditi.de/login

HTTP Parser: Title: Login does not match URL

Source: https://app.auditi.de/responder	HTTP Parser: No <meta name="author".. found
Source: https://app.auditi.de/login	HTTP Parser: No <meta name="author".. found

Source: https://app.auditi.de/responder	HTTP Parser: No <meta name="copyright".. found
Source: https://app.auditi.de/login	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49724 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.5:49716 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49724 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /responder HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/responder-ed59852fad92e4a36d049eddcf2b8c441dfb0ee51b7e98542ebb4d2238253738.css HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/platform-be1cb63a6e38caa5878fb65df42e392f751b8be5560198b3cce3e081afca4cfa.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/index.html HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/auditi-84e52db785622fe9811dda94bfecf0cf2b452733fdc939a670c828facb1034b1.png HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/02c6bf4ed4d758d8d0091b14e4d6171c.png HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/6853e9ca4ec41821003d6cc691ec3a34.png HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/core/webviewer-core.min.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/webviewer-ui.min.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-Medium.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-SemiBold.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-Regular.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/auditi-84e52db785622fe9811dda94bfecf0cf2b452733fdc939a670c828facb1034b1.png HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/02c6bf4ed4d758d8d0091b14e4d6171c.png HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/6853e9ca4ec41821003d6cc691ec3a34.png HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/i18n/translation-en.json HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/core/pdf/PDFNetLean.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /login HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/chunks/100.chunk.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/Lato-Regular.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/Satisfy.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/gateway-b8fa75e5f6b7832922c121c60515d9f6813a03e701380c3426353f0b0950e032.css HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.auditi.de/loginAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/Nothing-You-Could-Do.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/La-Belle-Aurore.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/Whisper.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Arimo.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Caladea.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Carlito.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/i18n/translation-en.json HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Cousine.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/LiberationSerif.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/OpenSans.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-SemiBold-9090abc8aaa4deb330c04ab79cf1eb5f24bc3de76e3f637cc3593d4a1386e3d5.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/assets/gateway-b8fa75e5f6b7832922c121c60515d9f6813a03e701380c3426353f0b0950e032.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-Regular-b12cea9694b8b1d42c807f7b242b4fbdc386961780882583b9bdfe032b575c97.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/assets/gateway-b8fa75e5f6b7832922c121c60515d9f6813a03e701380c3426353f0b0950e032.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-Medium-6f8263021af5828111c8a50ea2876f5fd253c872985192999095db4096410cc0.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/assets/gateway-b8fa75e5f6b7832922c121c60515d9f6813a03e701380c3426353f0b0950e032.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Roboto.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/RobotoMono.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Tinos.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /aude-favicon.ico?v=xQd7xlkw7F HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.auditi.de/loginAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /aude-favicon.ico?v=xQd7xlkw7F HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f

Source: chromecache_84.2.dr	String found in binary or memory: * Demuxed talk: https://www.youtube.com/watch?v=cZSjDaGDmX8 equals www.youtube.com (Youtube)
Source: chromecache_98.2.dr	String found in binary or memory: this.linkRange?(this.quill.formatText(this.linkRange,"link",ua,f.default.sources.USER),delete this.linkRange):(this.restoreFocus(),this.quill.format("link",ua,f.default.sources.USER));this.quill.root.scrollTop=xa;break;case "video":xa=ua;var Ga=xa.match(/^(?:(https?):\/\/)?(?:(?:www\|m)\.)?youtube\.com\/watch.*v=([a-zA-Z0-9_-]+)/)\|\|xa.match(/^(?:(https?):\/\/)?(?:(?:www\|m)\.)?youtu\.be\/([a-zA-Z0-9_-]+)/);ua=Ga?(Ga[1]\|\|"https")+"://www.youtube.com/embed/"+Ga[2]+"?showinfo=0":(Ga=xa.match(/^(?:(https?):\/\/)?(?:www\.)?vimeo\.com\/(\d+)/))? equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: app.auditi.de
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_84.2.dr	String found in binary or memory: http://codereview.stackexchange.com/q/13338
Source: chromecache_84.2.dr	String found in binary or memory: http://dl.dropboxusercontent.com/u/35146/js/tests/isNumber.html
Source: chromecache_98.2.dr	String found in binary or memory: http://domain/file11243.php
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-object.keys)
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-object.prototype.tostring)
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-patterns).
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero)
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-tolength).
Source: chromecache_84.2.dr	String found in binary or memory: http://eev.ee/blog/2015/09/12/dark-corners-of-unicode/).
Source: chromecache_84.2.dr	String found in binary or memory: http://es5.github.io/#x15.9.1.1
Source: chromecache_86.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_84.2.dr	String found in binary or memory: http://getify.mit-license.org
Source: chromecache_84.2.dr	String found in binary or memory: http://github.com/requirejs/almond/LICENSE
Source: chromecache_84.2.dr	String found in binary or memory: http://jasonformat.com/wtf-is-jsx).
Source: chromecache_86.2.dr	String found in binary or memory: http://jaywcjlove.github.io/hotkeys
Source: chromecache_86.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_84.2.dr	String found in binary or memory: http://jsperf.com/diacritics/18
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_93.2.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_108.2.dr	String found in binary or memory: http://scripts.sil.org/OFL).http://scripts.sil.org/OFL
Source: chromecache_108.2.dr	String found in binary or memory: http://scripts.sil.org/OFL).http://scripts.sil.org/OFLCopyright
Source: chromecache_93.2.dr	String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
Source: chromecache_84.2.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_84.2.dr	String found in binary or memory: http://w3c.github.io/webcomponents/spec/custom/#creating-and-passing-registries)
Source: chromecache_93.2.dr	String found in binary or memory: http://www.ascendercorp.com/
Source: chromecache_93.2.dr	String found in binary or memory: http://www.ascendercorp.com/http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.ht
Source: chromecache_93.2.dr	String found in binary or memory: http://www.ascendercorp.com/typedesigners.html
Source: chromecache_84.2.dr	String found in binary or memory: http://www.ecma-international.org/ecma-262/7.0/#sec-ecmascript-language-types)
Source: chromecache_98.2.dr	String found in binary or memory: http://www.pdftron.com/pdfinfo
Source: chromecache_108.2.dr	String found in binary or memory: http://www.typoland.com/)
Source: chromecache_108.2.dr	String found in binary or memory: http://www.typoland.com/http://www.typoland.com/designers/Lukasz_Dziedzic/Copyright
Source: chromecache_84.2.dr	String found in binary or memory: http://www.unicode.org/reports/tr35/tr35-31/tr35-dates.html#Date_Format_Patterns
Source: chromecache_84.2.dr	String found in binary or memory: http://www.unicode.org/reports/tr35/tr35-31/tr35-dates.html#Date_Format_tokens
Source: chromecache_84.2.dr	String found in binary or memory: http://www.whatwg.org/specs/web-apps/current-work/multipage/timers.html#dom-windowtimers-settimeout:
Source: chromecache_84.2.dr	String found in binary or memory: https://0.30000000000000004.com/
Source: chromecache_109.2.dr	String found in binary or memory: https://app.auditi.de/assets/auditi-84e52db785622fe9811dda94bfecf0cf2b452733fdc939a670c828facb1034b1
Source: chromecache_84.2.dr	String found in binary or memory: https://appsignal-endpoint.net/collect
Source: chromecache_84.2.dr	String found in binary or memory: https://blog.izs.me/2013/08/designing-apis-for-asynchrony)
Source: chromecache_84.2.dr	String found in binary or memory: https://blog.ometer.com/2011/07/24/callbacks-synchronous-and-asynchronous/)
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=378607
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=449857
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=470258
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/12359
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13378
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13393
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/4833
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=137337
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=174980#c2
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_84.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_98.2.dr	String found in binary or memory: https://community.apryse.com/t/getting-exception-when-calling-pdfnet-initialize-a-second-time/3486.
Source: chromecache_84.2.dr	String found in binary or memory: https://css-tricks.com/debouncing-throttling-explained-examples/)
Source: chromecache_98.2.dr	String found in binary or memory: https://cutt.ly/xod-decompress
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/Locale
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/getISOWeekYear
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/getWeekYear
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/setISOWeekYear
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/setWeekYear
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/toDate
Source: chromecache_98.2.dr	String found in binary or memory: https://dev.apryse.com/.
Source: chromecache_84.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_84.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/CanvasRenderingContext2D.drawImage
Source: chromecache_84.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/CSS/Containing_block#identifying_the_containing_block
Source: chromecache_84.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Getter_only
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/faq/content-encoding/
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/faq/loading-errors/#not-allowed-to-load-local-resource:-fi
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/faq/mime-types/
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/faq/wasm-threads
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/guides/annotation/annotationmanager/display-authors/#map-a
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/guides/documentviewer/
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/guides/file-format-support/
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/guides/wv-server-deployment
Source: chromecache_84.2.dr	String found in binary or memory: https://docs.google.com/spreadsheets/d/e/2PACX-1vQOPU3xUhplll6dyoMmVUXHKl_8CRDs6_ueLmex3SoqwhuolkuN3
Source: chromecache_84.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_84.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#resolved-values
Source: chromecache_84.2.dr	String found in binary or memory: https://drafts.fxtf.org/geometry/#dictdef-domrectinit
Source: chromecache_84.2.dr	String found in binary or memory: https://drafts.fxtf.org/geometry/#domrectreadonly
Source: chromecache_84.2.dr	String found in binary or memory: https://esbench.com/bench/574c954bdb965b9a00965ac6
Source: chromecache_84.2.dr	String found in binary or memory: https://fengyuanchen.github.io/cropperjs
Source: chromecache_84.2.dr	String found in binary or memory: https://gist.github.com/JoviDeCroock/bec5f2ce93544d2e6070ef8e0036e4e8
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/Financial-Times/polyfill-library/pull/59#issuecomment-477558042
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/Flet/prettier-bytes/
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/Flet/prettier-bytes/blob/master/LICENSE
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/babel/babel/issues/3041
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/date-fns/date-fns/blob/master/docs/unicodeTokens.md
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/date-fns/date-fns/blob/master/docs/upgradeGuide.md#string-arguments
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/date-fns/date-fns/issues/376
Source: chromecache_98.2.dr	String found in binary or memory: https://github.com/davidbonnet/astring#installation
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/facebook/flow/issues/1414
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/facebook/regenerator/issues/274
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/fengyuanchen/cropper/issues/476
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/kossnocorp
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/leshakoss
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/nosir/cleave.js/issues/147
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/polygonplanet/weakmap-polyfill
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/popperjs/popper-core/issues/1078
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/popperjs/popper-core/issues/1223
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/popperjs/popper-core/issues/837
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/preactjs/preact/commit/4d339fb803bea09e9f198abf38ca1bf8ea4b7771#diff-54682ce38093
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/preactjs/preact/issues/3927
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/rails/rails/blob/master/actionview/app/assets/javascripts
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/select2/select2/blob/master/LICENSE.md
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/sindresorhus/validate-element-name
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/szimek/signature_pad
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/vimeo/player.js
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/vuejs/core/blob/main/packages/runtime-dom/src/modules/events.ts#L90-L101
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/whatwg/html/issues/2369
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#nonce-attributes
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/dom.html#embedding-custom-non-visible-data-with-the-data-
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#category-listed
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/infrastructure.html#xml-compatible
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
Source: chromecache_84.2.dr	String found in binary or memory: https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
Source: chromecache_84.2.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_84.2.dr	String found in binary or memory: https://jquery.org/
Source: chromecache_84.2.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_84.2.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_84.2.dr	String found in binary or memory: https://jsperf.com/getall-vs-sizzle/2
Source: chromecache_84.2.dr	String found in binary or memory: https://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_84.2.dr	String found in binary or memory: https://lodash.com/
Source: chromecache_84.2.dr	String found in binary or memory: https://lodash.com/license
Source: chromecache_84.2.dr	String found in binary or memory: https://mathiasbynens.be/notes/javascript-unicode).
Source: chromecache_84.2.dr	String found in binary or memory: https://mdn.io/Object/assign).
Source: chromecache_98.2.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_84.2.dr	String found in binary or memory: https://people.mozilla.org/~jorendorff/es6-draft.html#sec-generatorresume
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-48
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-54
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-57
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-59
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-61
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-64
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-75
Source: chromecache_84.2.dr	String found in binary or memory: https://push.appsignal.com
Source: chromecache_98.2.dr	String found in binary or memory: https://quilljs.com
Source: chromecache_84.2.dr	String found in binary or memory: https://reactjs.org/docs/context.html#contextdisplayname
Source: chromecache_86.2.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_84.2.dr	String found in binary or memory: https://select2.github.io
Source: chromecache_84.2.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_84.2.dr	String found in binary or memory: https://stackoverflow.com/questions/49875255
Source: chromecache_84.2.dr	String found in binary or memory: https://timingsrc.readthedocs.io/en/latest/
Source: chromecache_84.2.dr	String found in binary or memory: https://vimeo.com/
Source: chromecache_84.2.dr	String found in binary or memory: https://vimeo.com/api/oembed.json?url=
Source: chromecache_84.2.dr	String found in binary or memory: https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_84.2.dr	String found in binary or memory: https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-a
Source: chromecache_84.2.dr	String found in binary or memory: https://webtiming.github.io/timingobject/
Source: chromecache_84.2.dr	String found in binary or memory: https://webtiming.github.io/timingobject/)
Source: chromecache_84.2.dr	String found in binary or memory: https://www.auditi.de/
Source: chromecache_84.2.dr	String found in binary or memory: https://www.auditi.de/imprint
Source: chromecache_109.2.dr	String found in binary or memory: https://www.auditi.de/imprint/
Source: chromecache_84.2.dr	String found in binary or memory: https://www.auditi.de/privacy
Source: chromecache_109.2.dr	String found in binary or memory: https://www.auditi.de/privacy/
Source: chromecache_98.2.dr	String found in binary or memory: https://www.pdftron.com/webfonts/v2/
Source: chromecache_84.2.dr	String found in binary or memory: https://www.unicode.org/reports/tr35/tr35-dates.html#Date_Field_Symbol_Table
Source: chromecache_84.2.dr	String found in binary or memory: https://www.youtube.com/watch?v=cZSjDaGDmX8

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.5:49716 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@17/87@6/4

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2464 --field-trial-handle=2316,i,17975090354257941386,3941918294337709614,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.auditi.de/responder"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2464 --field-trial-handle=2316,i,17975090354257941386,3941918294337709614,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved	unknown	unknown	false
46.182.150.8	app.auditi.de	Germany	15451	DATEV-ASDE	false
142.250.64.132	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.5

Contacted Domains

Name	IP	Active
app.auditi.de	46.182.150.8	true
www.google.com	142.250.64.132	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/Tinos.ttf	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/aude-favicon.ico?v=xQd7xlkw7F	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/assets/auditi-84e52db785622fe9811dda94bfecf0cf2b452733fdc939a670c828facb1034b1.png	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/OpenSans.ttf	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/index.html	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/assets/fonts/Lato-Regular.woff	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/Cousine.ttf	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/Roboto.ttf	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/assets/inter/Inter-SemiBold-9090abc8aaa4deb330c04ab79cf1eb5f24bc3de76e3f637cc3593d4a1386e3d5.woff2	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/core/pdf/PDFNetLean.js	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/assets/fonts/Nothing-You-Could-Do.woff	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/assets/fonts/La-Belle-Aurore.woff	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/login	false		unknown
https://app.auditi.de/assets/inter/Inter-SemiBold.woff2	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/assets/inter/Inter-Medium.woff2	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/assets/fonts/webfonts/Carlito.ttf	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/webviewer/ui/i18n/translation-en.json	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/assets/responder-ed59852fad92e4a36d049eddcf2b8c441dfb0ee51b7e98542ebb4d2238253738.css	false	Avira URL Cloud: safe	unknown
https://app.auditi.de/responder	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	28D7C6E86882B9B2D4994B58B6AA6E10	F8D2987255B66C742DE6F44C4467726B6E0057B0	5A9FE85F656577A9F17306E58C393C3DFAA6A4E09FA9F46F238B837E497DEC9D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	31EE24614058F26C47DA0A94EF770D59	ABAE1D0AE451E50656E2F45D34A34AB0ACA98D2E	10F7BAE7C8F6DE50646D10F556453321FDAB9568C0D76907E4CA18AD70E77830
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	87C5A5C3DD0CB2C90A41DCD88DEE9EF8	E0DC26238FADBBB104C5F64B9EB4DA4D95C80941	CD5D7697E3869CE9E38A99DE240F7F21E739B8B62B2502CAF628F4E1E5568F4B
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	8748CEE64A553AD12FB5829B593AF01F	DC1586EBD5C526FF781ADB71E9E056F362ADC44D	8F7EE2366C0BD566A566F2441B9E5B0101AC1D04D9836F0C7290426211D12595
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	8293A4C34A5775EC55F3D6EDEF4C91F3	1BB43746A8D32ACE158C3D281ECD6BFE2F62B6FB	ADEEF6BA99CC16D7B0F4D9E62971D422B1B445D109E45FC38F5DB395E58AC171
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 08:16:27 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	44FB38F44868B9424D2C5EF0B7F51359	BAEB6A19EF8FB74987F9970D84A5F0A5AD83BAAD	53432E8D52E60518C733C89FD4F4F404BBC2D4825E5F770F762F6E394E1C66FB
Chrome Cache Entry: 100	TrueType Font data, 16 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2015 Google Inc. All Rights Reserved.Roboto MonoRegularGoogle:Roboto Mono:2015Roboto M	C155A7CC0C688BBA44DF82A041F5C3C7	DFB9794809FED502FB355E552A068163D83E86E8	AE85675AF9CB4560D8D02A9FFB00E3FEACDC41A502B4809459B4D5E4D66D4A3C
Chrome Cache Entry: 101	Web Open Font Format (Version 2), TrueType, length 106916, version 1.0	DD8A55EF7058CDAEB96EF9FC65344726	B274445ABF692417A215FA110127B11E2FFA9208	C7C3BEFE28A2FE45FB772F93CC52C828A71CCEBC4B9FA5C971DB452F712F3E78
Chrome Cache Entry: 102	Web Open Font Format (Version 2), TrueType, length 106916, version 1.0	DD8A55EF7058CDAEB96EF9FC65344726	B274445ABF692417A215FA110127B11E2FFA9208	C7C3BEFE28A2FE45FB772F93CC52C828A71CCEBC4B9FA5C971DB452F712F3E78
Chrome Cache Entry: 103	TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright (c) 2010 Google Corporation.CousineRegularAscender - CousineVersion 1.2	A0B3DA20049F57C0E19FB6B60E36E7AC	B31EE32D168CB18020DC6F4982660AD85410DB55	5EDFE3598B25A7598D2389D3F8136AA5D1556A1EF257E0DF951A215FA28DFA6E
Chrome Cache Entry: 104	PNG image data, 68 x 16, 8-bit/color RGBA, non-interlaced	6F3465929508D2EFF00C11707D6C2908	CC74080458E0ABB14EBFB92A1A8C7EC5796D4A88	547CDDA68E194EBC4C10B52762D49749DB64BECCD5B14238D35A054E754CFED0
Chrome Cache Entry: 105	Web Open Font Format (Version 2), TrueType, length 106484, version 1.0	F6CF0A0BC5FCE3307E2C426EB14EB752	3E35D45ED8F2F81BE40100E05A878D76EFFA039E	5D308F3DC654F14AF6A600482F41458EFE0667EB639EC7BF7DDD784502B8FD55
Chrome Cache Entry: 106	HTML document, Unicode text, UTF-8 text, with very long lines (850)	BFAC6E36620AD8B1CF3C795FC22D78B1	98E5C1A43446D87854E919FF948ADB7DEC5914E4	DC06DA68774F54D59E3E9C77686BDE6DDF18C5BBBCFE9973DB7B88C336A058D2
Chrome Cache Entry: 107	PNG image data, 68 x 16, 8-bit/color RGBA, non-interlaced	6F3465929508D2EFF00C11707D6C2908	CC74080458E0ABB14EBFB92A1A8C7EC5796D4A88	547CDDA68E194EBC4C10B52762D49749DB64BECCD5B14238D35A054E754CFED0
Chrome Cache Entry: 108	TrueType Font data, 17 tables, 1st "GDEF", 30 names, Macintosh, Copyright (c) 2010-2013 by tyPoland Lukasz Dziedzic with Reserved Font Name "Carlito". Licensed	E6BAE8D6E8E501872B512603233B2341	DAEFB74A06315435B0E1F9770E49C9E663E02F29	F48F2B0B1B8BDA540E9CEA0D32BDD786EADBB2D0FBA4EB2FC9F2AC4C3574D182
Chrome Cache Entry: 109	HTML document, ASCII text	E3D51CAEDF6E6B39F11047D139256C0F	8A1A7813F0E68DE3DA27EE434DE5D90B0D175725	9169DA931812AEA4346C297119B5C051BFFCB69CB528486C44F33F0A1593154C
Chrome Cache Entry: 110	PNG image data, 482 x 304, 8-bit colormap, non-interlaced	A4F8C3BFA94D44BBCAA5DDDC0E585D71	A9D8AE6BE8C799C24FB312D2BFB77756984A55F9	C3A07885123FD1F750C6A53EB8E4252B01CB18FDFCAF7EE2D116CAE219C46E4D
Chrome Cache Entry: 111	ASCII text, with very long lines (551)	31DE07168D5AE161D4771BF3CDFB1ED4	8CE3B39A3F589DB585114E2F4FC60C0651894C8C	D60A05354B908AB8DC82D8E2BCBB06243D8384DE29C7D2BF75646964419E594C
Chrome Cache Entry: 112	TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.001101; 2014Roboto-Regular	69918C64A92DB48F6BCDD1980D554A7F	7422DEDFE301D8067713E24E68473F84F9F06FD7	B2F06F2B984931114E0B5E94F44A44790997B9B6EEBE82F26485DF653021344C
Chrome Cache Entry: 113	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel	6EFDD26EE60D91F671AAFA1B7E109F6C	4FF91DA3F80813B877EE50C0DAB36E0C8D29D84A	F0A1CA06B574424A7D7AD8E92AD09688204ACE60AB6A9E41CAC5D6F505248605
Chrome Cache Entry: 114	ASCII text, with no line terminators	46DF3E5E2D15256CA16616EBFDA5427F	BE8F9B307E458075DA0D43585A05F1D451469182	AF3248D0B278571EFF9A22F8ED1CEB54B70D202B44FD70ECA4CA13A5771CECC3
Chrome Cache Entry: 115	PNG image data, 482 x 304, 8-bit colormap, non-interlaced	A4F8C3BFA94D44BBCAA5DDDC0E585D71	A9D8AE6BE8C799C24FB312D2BFB77756984A55F9	C3A07885123FD1F750C6A53EB8E4252B01CB18FDFCAF7EE2D116CAE219C46E4D
Chrome Cache Entry: 116	Web Open Font Format, TrueType, length 37588, version 1.104	2F56BCCF00E560C82073CEC341DE6D05	02E063A6A9596FBF94CE416DAA09902E13D8250B	6328A1260AE02B22599BB732B177709D7049D88F722429C6F3924459A0369B6A
Chrome Cache Entry: 117	Web Open Font Format (Version 2), TrueType, length 106484, version 1.0	F6CF0A0BC5FCE3307E2C426EB14EB752	3E35D45ED8F2F81BE40100E05A878D76EFFA039E	5D308F3DC654F14AF6A600482F41458EFE0667EB639EC7BF7DDD784502B8FD55
Chrome Cache Entry: 118	Web Open Font Format (Version 2), TrueType, length 100368, version 1.0	4DD66A113D54A7F9A1AE913049610617	A37427546C8EECF009CDCD739FF9B2958B0AAE7D	89D406B02758799CFF68155930829B69A9FB49C39DE3E264DE966466D8CC7814
Chrome Cache Entry: 119	TrueType Font data, 21 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright (c) 2010-2012 Google Corporation.TinosRegularMonotype Imaging - TinosVe	39B03096557EA1D4524ED01196471442	F3B8742A94DA125ECE73546100B856872C5D98F1	1461DFA6ABD64E3D72DA369FB5BED5EF7FB0A0D121DA711B79D873E3BD271E02
Chrome Cache Entry: 120	Web Open Font Format, TrueType, length 24600, version 1.0	E4136D5B3B07002B612A8E7970891E2C	387960474A8355650FCEC9A1A89E706EF42526C6	549B1A0BB12EE45E03E13A9F72A0E8609025E94B651BCDFFD9779835A516D23B
Chrome Cache Entry: 121	ASCII text, with very long lines (324)	AC752A8C2F652F180798729F06AE1B99	E3FF80CE4E77206C4651EC85720ADF64732E827B	A1EE69752C9950FF4B8766A0BA4A47E6F537BE756740819AB5E614F00FD12D9B
Chrome Cache Entry: 122	Web Open Font Format, TrueType, length 26436, version 4.1	7C6CE837E96CD10589F6B7EC2BCBE21B	E651E96B142B590B2FA66155A7594A3567E9E875	DD2449E7732936CA4EE3CD785C769FDD9F28EAF41F6ED39F821E7F3C4A47130D
Chrome Cache Entry: 123	PNG image data, 393 x 120, 8-bit/color RGBA, non-interlaced	F810470301193CFE489C16A60C205448	CD5E04F9A0CFDF2F10A609DA6F198AF4EC08ECD7	293FABDCE265A1273FAF22B170DF78951C0066649A68A974A3ECC85C3EFEF19D
Chrome Cache Entry: 124	ASCII text, with very long lines (4030)	6FA3CF236F4E6D32C4503B0FFD92910B	0F0B12939E595736799DA130D22FB9B3AC838276	B289F1EB2D48ED042AEEB69A6E2D05292123AC592798AD39CC062B42D2E68A93
Chrome Cache Entry: 125	Web Open Font Format, TrueType, length 18456, version 1.2	F809822E554D47F7CDB06EF4497062C2	746A767B650868695EC0E16B986CB0316FD9086C	0F33695691A858E0696DC1797E366A34BF1F25CC8BC39894AF3CD34410CE5334
Chrome Cache Entry: 83	ASCII text, with no line terminators	9DEDF1ECBCEF213E530FE785EA9B8C90	C379A6ECE4D5961CFE08571ADE401A0A96C3311A	9D9CEC65DE4176D80881AF5B6680F40D1AD9CCA169F846F7344792A8962C8A7D
Chrome Cache Entry: 84	ASCII text, with very long lines (1930)	84B3BE4D662FCAAD33EC0C73DCC3EA23	965C31F9B0DC96BF074BB22E4359076FF993D81A	5E9BFEF0E8A13B6988FD9BD994E3ED461BAF9FC6AA1D2E1136EC5EA48FB89AD0
Chrome Cache Entry: 85	TrueType Font data, digitally signed, 16 tables, 1st "DSIG", 32 names, Macintosh	EA354A09B8C0AD9B33ED7AF33D08BB96	D3FEF497DEE7CB9357E7E5047D706BC0AFEB86A6	CAEC5D74553E0F18B360479CDB13CC8B9C190B63BC8B9B098BBA018E4E877A37
Chrome Cache Entry: 86	ASCII text, with very long lines (61526)	9745A34EE7B497E980A03B364C8BB235	72591692A69E1B5177362BCB75D8F8BE7B8C54D2	27759DDC02EE6D9755FF0A27BB773F7B7F1313149F068AFEACE6CF8020DF0A5D
Chrome Cache Entry: 87	Web Open Font Format (Version 2), TrueType, length 100368, version 1.0	4DD66A113D54A7F9A1AE913049610617	A37427546C8EECF009CDCD739FF9B2958B0AAE7D	89D406B02758799CFF68155930829B69A9FB49C39DE3E264DE966466D8CC7814
Chrome Cache Entry: 88	ASCII text, with no line terminators	6C5B53F0C2C35784280EB861377FDB7D	FC2AFCA8B7EB4A764C4D5DB1497C0651364529D2	7AA3AA860A17C533C4F51ECF3C0DA5A8354A16607C557CF17D32700482854653
Chrome Cache Entry: 89	JSON data	5C8916019CAE41432C7600CC5F268595	1EE0799076AE6378E4B870FD97B245AD177C7D2A	0E898ADE9F7492D99C00A32975DEF29D6B62CF0986F8856002D93A2520FAB4DE
Chrome Cache Entry: 90	PNG image data, 393 x 120, 8-bit/color RGBA, non-interlaced	F810470301193CFE489C16A60C205448	CD5E04F9A0CFDF2F10A609DA6F198AF4EC08ECD7	293FABDCE265A1273FAF22B170DF78951C0066649A68A974A3ECC85C3EFEF19D
Chrome Cache Entry: 91	TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans	2620E520C97E435DABF8B10447020F4C	7E620E8D980DCCB0164B2F6533C32237A311E284	CA6A11EEDE24ED94BA77C90127AA6D6F64BAE289FC195903A07578DC428F5393
Chrome Cache Entry: 92	Web Open Font Format, TrueType, length 28512, version 1.0	770D7CCD973E28FD68D1D5AA716BF9BF	4075E6BEE6ED9679412E4DB71C9BA660975362C5	0B801796CA5300953BA415C914069F33642EF454BB60F676A55B0DF0EC917CD9
Chrome Cache Entry: 93	TrueType Font data, 19 tables, 1st "FFTM", 30 names, Macintosh	97A05D6D095BAFF3845E0160139B13B9	849C81F2ABFD3D47FECB7A2C6BA3392112063DCE	C5695C78F9CE4C617F42BAEFB8DF73D5F4C7035135C33E61A36566FDC50B3945
Chrome Cache Entry: 94	JSON data	5C8916019CAE41432C7600CC5F268595	1EE0799076AE6378E4B870FD97B245AD177C7D2A	0E898ADE9F7492D99C00A32975DEF29D6B62CF0986F8856002D93A2520FAB4DE
Chrome Cache Entry: 95	TrueType Font data, 21 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright (c) 2010-2012 Google Corporation.ArimoRegularMonotype Imaging - ArimoVe	1632B8BAE89963914EFD5776DEAE253D	CA84E1ED1568812B10651460735806F4B779146E	EC1E7D7193AC74F14E8EEA70074EEFFE4AEC094DB6E8108C8CC2A2426718ABC1
Chrome Cache Entry: 96	ASCII text, with very long lines (53422)	D5D978B73617582FC02DA97519C79394	47C2A162BA1DEBC36B5D07CADE09C450098D158B	5A1848CFA5A79882BD4B36958AAF677941DB83161D6D5EF925E8709BFE29456D
Chrome Cache Entry: 97	HTML document, ASCII text	6468440C0929B7FACEA196CEC4CE39B9	9E8FEC0097E607D057051724092E5FBEFCABC559	E884B0B54125B10F0AD8E87DE1C1915388334217F5318BAE0490F4CCF73D0973
Chrome Cache Entry: 98	ASCII text, with very long lines (2356)	96D82F830D95501A3797E8D2BE4A08A2	11DEC9F1396A010209341430C776EAABC1A4372A	2691E76FBD948CF29E5C6A903DDF560EE90D0057017B2A9827919249B7B97BFF
Chrome Cache Entry: 99	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel	6EFDD26EE60D91F671AAFA1B7E109F6C	4FF91DA3F80813B877EE50C0DAB36E0C8D29D84A	F0A1CA06B574424A7D7AD8E92AD09688204ACE60AB6A9E41CAC5D6F505248605

Found iframes

Source: https://app.auditi.de/responder

HTML body contains low number of good links

Source: https://app.auditi.de/responder	HTTP Parser: Number of links: 1
Source: https://app.auditi.de/login	HTTP Parser: Number of links: 1

HTML title does not match URL

Source: https://app.auditi.de/login

HTTP Parser: Title: Login does not match URL

Source: https://app.auditi.de/responder	HTTP Parser: No <meta name="author".. found
Source: https://app.auditi.de/login	HTTP Parser: No <meta name="author".. found

Source: https://app.auditi.de/responder	HTTP Parser: No <meta name="copyright".. found
Source: https://app.auditi.de/login	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49724 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.5:49716 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49724 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.193.120.112
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /responder HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/responder-ed59852fad92e4a36d049eddcf2b8c441dfb0ee51b7e98542ebb4d2238253738.css HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/platform-be1cb63a6e38caa5878fb65df42e392f751b8be5560198b3cce3e081afca4cfa.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/index.html HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/auditi-84e52db785622fe9811dda94bfecf0cf2b452733fdc939a670c828facb1034b1.png HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/02c6bf4ed4d758d8d0091b14e4d6171c.png HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/6853e9ca4ec41821003d6cc691ec3a34.png HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/core/webviewer-core.min.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/webviewer-ui.min.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-Medium.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-SemiBold.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-Regular.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/responderAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/auditi-84e52db785622fe9811dda94bfecf0cf2b452733fdc939a670c828facb1034b1.png HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/02c6bf4ed4d758d8d0091b14e4d6171c.png HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/6853e9ca4ec41821003d6cc691ec3a34.png HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/i18n/translation-en.json HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/core/pdf/PDFNetLean.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /login HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/chunks/100.chunk.js HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/Lato-Regular.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/Satisfy.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/gateway-b8fa75e5f6b7832922c121c60515d9f6813a03e701380c3426353f0b0950e032.css HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.auditi.de/loginAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/Nothing-You-Could-Do.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/La-Belle-Aurore.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/Whisper.woff HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Arimo.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Caladea.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Carlito.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/i18n/translation-en.json HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Cousine.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/LiberationSerif.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/OpenSans.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-SemiBold-9090abc8aaa4deb330c04ab79cf1eb5f24bc3de76e3f637cc3593d4a1386e3d5.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/assets/gateway-b8fa75e5f6b7832922c121c60515d9f6813a03e701380c3426353f0b0950e032.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-Regular-b12cea9694b8b1d42c807f7b242b4fbdc386961780882583b9bdfe032b575c97.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/assets/gateway-b8fa75e5f6b7832922c121c60515d9f6813a03e701380c3426353f0b0950e032.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /assets/inter/Inter-Medium-6f8263021af5828111c8a50ea2876f5fd253c872985192999095db4096410cc0.woff2 HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/assets/gateway-b8fa75e5f6b7832922c121c60515d9f6813a03e701380c3426353f0b0950e032.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Roboto.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/RobotoMono.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /webviewer/ui/assets/fonts/webfonts/Tinos.ttf HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.auditi.desec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://app.auditi.de/webviewer/ui/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /aude-favicon.ico?v=xQd7xlkw7F HTTP/1.1Host: app.auditi.deConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.auditi.de/loginAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f
Source: global traffic	HTTP traffic detected: GET /aude-favicon.ico?v=xQd7xlkw7F HTTP/1.1Host: app.auditi.deConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: locale=en; _app_db_session=99a4fbdbb9f48ce5ee0e89590e77691f

Source: chromecache_84.2.dr	String found in binary or memory: * Demuxed talk: https://www.youtube.com/watch?v=cZSjDaGDmX8 equals www.youtube.com (Youtube)
Source: chromecache_98.2.dr	String found in binary or memory: this.linkRange?(this.quill.formatText(this.linkRange,"link",ua,f.default.sources.USER),delete this.linkRange):(this.restoreFocus(),this.quill.format("link",ua,f.default.sources.USER));this.quill.root.scrollTop=xa;break;case "video":xa=ua;var Ga=xa.match(/^(?:(https?):\/\/)?(?:(?:www\|m)\.)?youtube\.com\/watch.*v=([a-zA-Z0-9_-]+)/)\|\|xa.match(/^(?:(https?):\/\/)?(?:(?:www\|m)\.)?youtu\.be\/([a-zA-Z0-9_-]+)/);ua=Ga?(Ga[1]\|\|"https")+"://www.youtube.com/embed/"+Ga[2]+"?showinfo=0":(Ga=xa.match(/^(?:(https?):\/\/)?(?:www\.)?vimeo\.com\/(\d+)/))? equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: app.auditi.de
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_84.2.dr	String found in binary or memory: http://codereview.stackexchange.com/q/13338
Source: chromecache_84.2.dr	String found in binary or memory: http://dl.dropboxusercontent.com/u/35146/js/tests/isNumber.html
Source: chromecache_98.2.dr	String found in binary or memory: http://domain/file11243.php
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-object.keys)
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-object.prototype.tostring)
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-patterns).
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-samevaluezero)
Source: chromecache_84.2.dr	String found in binary or memory: http://ecma-international.org/ecma-262/7.0/#sec-tolength).
Source: chromecache_84.2.dr	String found in binary or memory: http://eev.ee/blog/2015/09/12/dark-corners-of-unicode/).
Source: chromecache_84.2.dr	String found in binary or memory: http://es5.github.io/#x15.9.1.1
Source: chromecache_86.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_84.2.dr	String found in binary or memory: http://getify.mit-license.org
Source: chromecache_84.2.dr	String found in binary or memory: http://github.com/requirejs/almond/LICENSE
Source: chromecache_84.2.dr	String found in binary or memory: http://jasonformat.com/wtf-is-jsx).
Source: chromecache_86.2.dr	String found in binary or memory: http://jaywcjlove.github.io/hotkeys
Source: chromecache_86.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_84.2.dr	String found in binary or memory: http://jsperf.com/diacritics/18
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_98.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_93.2.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_108.2.dr	String found in binary or memory: http://scripts.sil.org/OFL).http://scripts.sil.org/OFL
Source: chromecache_108.2.dr	String found in binary or memory: http://scripts.sil.org/OFL).http://scripts.sil.org/OFLCopyright
Source: chromecache_93.2.dr	String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
Source: chromecache_84.2.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_84.2.dr	String found in binary or memory: http://w3c.github.io/webcomponents/spec/custom/#creating-and-passing-registries)
Source: chromecache_93.2.dr	String found in binary or memory: http://www.ascendercorp.com/
Source: chromecache_93.2.dr	String found in binary or memory: http://www.ascendercorp.com/http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.ht
Source: chromecache_93.2.dr	String found in binary or memory: http://www.ascendercorp.com/typedesigners.html
Source: chromecache_84.2.dr	String found in binary or memory: http://www.ecma-international.org/ecma-262/7.0/#sec-ecmascript-language-types)
Source: chromecache_98.2.dr	String found in binary or memory: http://www.pdftron.com/pdfinfo
Source: chromecache_108.2.dr	String found in binary or memory: http://www.typoland.com/)
Source: chromecache_108.2.dr	String found in binary or memory: http://www.typoland.com/http://www.typoland.com/designers/Lukasz_Dziedzic/Copyright
Source: chromecache_84.2.dr	String found in binary or memory: http://www.unicode.org/reports/tr35/tr35-31/tr35-dates.html#Date_Format_Patterns
Source: chromecache_84.2.dr	String found in binary or memory: http://www.unicode.org/reports/tr35/tr35-31/tr35-dates.html#Date_Format_tokens
Source: chromecache_84.2.dr	String found in binary or memory: http://www.whatwg.org/specs/web-apps/current-work/multipage/timers.html#dom-windowtimers-settimeout:
Source: chromecache_84.2.dr	String found in binary or memory: https://0.30000000000000004.com/
Source: chromecache_109.2.dr	String found in binary or memory: https://app.auditi.de/assets/auditi-84e52db785622fe9811dda94bfecf0cf2b452733fdc939a670c828facb1034b1
Source: chromecache_84.2.dr	String found in binary or memory: https://appsignal-endpoint.net/collect
Source: chromecache_84.2.dr	String found in binary or memory: https://blog.izs.me/2013/08/designing-apis-for-asynchrony)
Source: chromecache_84.2.dr	String found in binary or memory: https://blog.ometer.com/2011/07/24/callbacks-synchronous-and-asynchronous/)
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=378607
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=449857
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=470258
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.chromium.org/p/chromium/issues/detail?id=589347
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/12359
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13378
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/13393
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.jquery.com/ticket/4833
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=137337
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=174980#c2
Source: chromecache_84.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_84.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_98.2.dr	String found in binary or memory: https://community.apryse.com/t/getting-exception-when-calling-pdfnet-initialize-a-second-time/3486.
Source: chromecache_84.2.dr	String found in binary or memory: https://css-tricks.com/debouncing-throttling-explained-examples/)
Source: chromecache_98.2.dr	String found in binary or memory: https://cutt.ly/xod-decompress
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/Locale
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/getISOWeekYear
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/getWeekYear
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/setISOWeekYear
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/setWeekYear
Source: chromecache_84.2.dr	String found in binary or memory: https://date-fns.org/docs/toDate
Source: chromecache_98.2.dr	String found in binary or memory: https://dev.apryse.com/.
Source: chromecache_84.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_84.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/CanvasRenderingContext2D.drawImage
Source: chromecache_84.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/CSS/Containing_block#identifying_the_containing_block
Source: chromecache_84.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Getter_only
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/faq/content-encoding/
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/faq/loading-errors/#not-allowed-to-load-local-resource:-fi
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/faq/mime-types/
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/faq/wasm-threads
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/guides/annotation/annotationmanager/display-authors/#map-a
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/guides/documentviewer/
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/guides/file-format-support/
Source: chromecache_98.2.dr	String found in binary or memory: https://docs.apryse.com/documentation/web/guides/wv-server-deployment
Source: chromecache_84.2.dr	String found in binary or memory: https://docs.google.com/spreadsheets/d/e/2PACX-1vQOPU3xUhplll6dyoMmVUXHKl_8CRDs6_ueLmex3SoqwhuolkuN3
Source: chromecache_84.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_84.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#resolved-values
Source: chromecache_84.2.dr	String found in binary or memory: https://drafts.fxtf.org/geometry/#dictdef-domrectinit
Source: chromecache_84.2.dr	String found in binary or memory: https://drafts.fxtf.org/geometry/#domrectreadonly
Source: chromecache_84.2.dr	String found in binary or memory: https://esbench.com/bench/574c954bdb965b9a00965ac6
Source: chromecache_84.2.dr	String found in binary or memory: https://fengyuanchen.github.io/cropperjs
Source: chromecache_84.2.dr	String found in binary or memory: https://gist.github.com/JoviDeCroock/bec5f2ce93544d2e6070ef8e0036e4e8
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/Financial-Times/polyfill-library/pull/59#issuecomment-477558042
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/Flet/prettier-bytes/
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/Flet/prettier-bytes/blob/master/LICENSE
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/babel/babel/issues/3041
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/date-fns/date-fns/blob/master/docs/unicodeTokens.md
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/date-fns/date-fns/blob/master/docs/upgradeGuide.md#string-arguments
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/date-fns/date-fns/issues/376
Source: chromecache_98.2.dr	String found in binary or memory: https://github.com/davidbonnet/astring#installation
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/facebook/flow/issues/1414
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/facebook/regenerator/issues/274
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/fengyuanchen/cropper/issues/476
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/kossnocorp
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/leshakoss
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/nosir/cleave.js/issues/147
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/polygonplanet/weakmap-polyfill
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/popperjs/popper-core/issues/1078
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/popperjs/popper-core/issues/1223
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/popperjs/popper-core/issues/837
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/preactjs/preact/commit/4d339fb803bea09e9f198abf38ca1bf8ea4b7771#diff-54682ce38093
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/preactjs/preact/issues/3927
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/rails/rails/blob/master/actionview/app/assets/javascripts
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/select2/select2/blob/master/LICENSE.md
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/sindresorhus/validate-element-name
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/szimek/signature_pad
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/vimeo/player.js
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/vuejs/core/blob/main/packages/runtime-dom/src/modules/events.ts#L90-L101
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/whatwg/html/issues/2369
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#nonce-attributes
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/dom.html#embedding-custom-non-visible-data-with-the-data-
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#category-listed
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/infrastructure.html#xml-compatible
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled
Source: chromecache_84.2.dr	String found in binary or memory: https://html.spec.whatwg.org/multipage/syntax.html#attributes-2
Source: chromecache_84.2.dr	String found in binary or memory: https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace
Source: chromecache_84.2.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_84.2.dr	String found in binary or memory: https://jquery.org/
Source: chromecache_84.2.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_84.2.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_84.2.dr	String found in binary or memory: https://jsperf.com/getall-vs-sizzle/2
Source: chromecache_84.2.dr	String found in binary or memory: https://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_84.2.dr	String found in binary or memory: https://lodash.com/
Source: chromecache_84.2.dr	String found in binary or memory: https://lodash.com/license
Source: chromecache_84.2.dr	String found in binary or memory: https://mathiasbynens.be/notes/javascript-unicode).
Source: chromecache_84.2.dr	String found in binary or memory: https://mdn.io/Object/assign).
Source: chromecache_98.2.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_84.2.dr	String found in binary or memory: https://people.mozilla.org/~jorendorff/es6-draft.html#sec-generatorresume
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-48
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-54
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-57
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-59
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-61
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-64
Source: chromecache_84.2.dr	String found in binary or memory: https://promisesaplus.com/#point-75
Source: chromecache_84.2.dr	String found in binary or memory: https://push.appsignal.com
Source: chromecache_98.2.dr	String found in binary or memory: https://quilljs.com
Source: chromecache_84.2.dr	String found in binary or memory: https://reactjs.org/docs/context.html#contextdisplayname
Source: chromecache_86.2.dr	String found in binary or memory: https://reactjs.org/link/react-polyfills
Source: chromecache_84.2.dr	String found in binary or memory: https://select2.github.io
Source: chromecache_84.2.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_84.2.dr	String found in binary or memory: https://stackoverflow.com/questions/49875255
Source: chromecache_84.2.dr	String found in binary or memory: https://timingsrc.readthedocs.io/en/latest/
Source: chromecache_84.2.dr	String found in binary or memory: https://vimeo.com/
Source: chromecache_84.2.dr	String found in binary or memory: https://vimeo.com/api/oembed.json?url=
Source: chromecache_84.2.dr	String found in binary or memory: https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_84.2.dr	String found in binary or memory: https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-a
Source: chromecache_84.2.dr	String found in binary or memory: https://webtiming.github.io/timingobject/
Source: chromecache_84.2.dr	String found in binary or memory: https://webtiming.github.io/timingobject/)
Source: chromecache_84.2.dr	String found in binary or memory: https://www.auditi.de/
Source: chromecache_84.2.dr	String found in binary or memory: https://www.auditi.de/imprint
Source: chromecache_109.2.dr	String found in binary or memory: https://www.auditi.de/imprint/
Source: chromecache_84.2.dr	String found in binary or memory: https://www.auditi.de/privacy
Source: chromecache_109.2.dr	String found in binary or memory: https://www.auditi.de/privacy/
Source: chromecache_98.2.dr	String found in binary or memory: https://www.pdftron.com/webfonts/v2/
Source: chromecache_84.2.dr	String found in binary or memory: https://www.unicode.org/reports/tr35/tr35-dates.html#Date_Field_Symbol_Table
Source: chromecache_84.2.dr	String found in binary or memory: https://www.youtube.com/watch?v=cZSjDaGDmX8

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.193.120.112:443 -> 192.168.2.5:49716 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@17/87@6/4

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2464 --field-trial-handle=2316,i,17975090354257941386,3941918294337709614,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://app.auditi.de/responder"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2464 --field-trial-handle=2316,i,17975090354257941386,3941918294337709614,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1432060
Product:	CloudBasic
Start time:	11:15:32
Start date:	26.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://app.auditi.de/responder

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://app.auditi.de/responder

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://app.auditi.de/responder