Windows Analysis Report
http://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?

General Information

Sample URL:	http://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?
Analysis ID:	1711282
Infos:

Detection

Score:	0
Range:	0 - 100
Confidence:	80%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.7:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.7:49737 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 6MB later: 48MB

Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	HTTP traffic detected: GET /workspace/bk3hvlunuo62wlgcjole?origin=share? HTTP/1.1host: app.eraser.ioupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/nimbus-sans.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/virgil-v2.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/national-2-font.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/jetbrains-font.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/inter.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/NimbusSanL-Reg.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/JetBrainsMono-Regular.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/virgil-v2.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/NimbusSanLFerrule-Reg.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/css/9d336443a8f0e5b4.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/national-2-condensed-bold.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/css/e64b0ae1a46a6efc.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/uPUuCcIJgnJYhM5TRgVUn/_buildManifest.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/pages/workspace/%5BworkspaceId%5D-99971a3a5871f064.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/uPUuCcIJgnJYhM5TRgVUn/_ssgManifest.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/Inter.var.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/main-7f3eda944b2e127f.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/pages/_app-71be2f4c53eb056b.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/7804.0fc9efccf78263f4.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4581.4d1c955a4442ec19.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4526.6929ef61fbb84f35.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/optimizely/datafile HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: emptyreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/8546.2721f13e58fa16a0.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/2498.7f0caaf74a931889.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}
Source: global traffic	HTTP traffic detected: GET /.ws?v=5 HTTP/1.1Host: second-petal-295822-default-rtdb.firebaseio.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://app.eraser.ioSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: +8F4w2KLceTCl4QMbkz6qw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/6851.153c297dc5f790b7.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1
Source: global traffic	HTTP traffic detected: GET /favicon.svg HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: manifestreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=2
Source: global traffic	HTTP traffic detected: GET /widget/fqp3uy63 HTTP/1.1host: widget.intercom.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://app.eraser.io/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /favicon.svg HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /api/workspace/bk3hvlunuo62wlgcjole/notes HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImE0YTEwZGVjZTk4MzY2ZDZmNjNlMTY3Mjg2YWU5YjYxMWQyYmFhMjciLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9zZWNvbmQtcGV0YWwtMjk1ODIyIiwiYXVkIjoic2Vjb25kLXBldGFsLTI5NTgyMiIsImF1dGhfdGltZSI6MTc0OTU3NDc1NSwidXNlcl9pZCI6InVxaldSRTNHU1NXSVQ1UVdOWHNLUnVUMm44QjMiLCJzdWIiOiJ1cWpXUkUzR1NTV0lUNVFXTlhzS1J1VDJuOEIzIiwiaWF0IjoxNzQ5NTc0NzU1LCJleHAiOjE3NDk1NzgzNTUsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.la0iW2lzI5W7wbEZpwq2GGzFcn_DctyUyj_SuiNo1HY79a0XcjC9mGu0oPl-4jZmmoegu-G_NgLoTNlvfiI1D3ZuxD6-sTwAG_ZYGUiMRNJM5VYQbbA3dkkuDfALmm_tykyPj-Nk661HglRCkXV2HZ1PSATE-cLGgVz6kEWJHthsX2SsPiuLvJcrXso0MsKHEZiduowIYrKCS8QFt_Egx0_rvm_5GrqLS4iQNZsrqRRQNmwZdGUmVZcgNRPq7xjMi2VUe1PsF9ty-yvgxT3gRA-IrbjVGCzNNgeHe1urDCgglU0BnW-5y5LuWZfW3Lksgg3INknfYRI4JUWI0oRVHwuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: application/json; charset=UTF-8sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: emptyreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-U
Source: global traffic	HTTP traffic detected: GET /api/optimizely/datafile HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /api/report/amped HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /vendor-modern.353a08a0.js HTTP/1.1host: js.intercomcdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frame-modern.812e80a5.js HTTP/1.1host: js.intercomcdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /user-createAnonymousToken HTTP/1.1host: us-central1-second-petal-295822.cloudfunctions.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /api/report/amped HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: analyticsId=uqjWRE3GSSWIT5QWNXsKRuT2n8B3cookie: userSessionToken=eyJhbGciOiJSUzI1NiIsImtpZCI6ImE0YTEwZGVjZTk4MzY2ZDZmNjNlMTY3Mjg2YWU5YjYxMWQyYmFhMjciLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9zZWNvbmQtcGV0YWwtMjk1ODIyIiwiYXVkIjoic2Vjb25kLXBldGFsLTI5NTgyMiIsImF1dGhfdGltZSI6MTc0OTU3NDc1NSwidXNlcl9pZCI6InVxaldSRTNHU1NXSVQ1UVdOWHNLUnVUMm44QjMiLCJzdWIiOiJ1cWpXUkUzR1NTV0lUNVFXTlhzS1J1VDJuOEIzIiwiaWF0IjoxNzQ5NTc0NzU1LCJleHAiOjE3NDk1NzgzNTUsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.la0iW2lzI5W7wbEZpwq2GGzFcn_DctyUyj_SuiNo1HY79a0XcjC9mGu0oPl-4jZmmoegu-G_NgLoTNlvfiI1D3ZuxD6-sTwAG_ZYGUiMRNJM5VYQbbA3dkkuDfALmm_tykyPj-Nk661HglRCkXV2HZ1PSATE-cLGgVz6kEWJHthsX2SsPiuLvJcrXso0MsKHEZiduowIYrKCS8QFt_Egx0_rvm_5GrqLS4iQNZsrqRRQNmwZdGUmVZcgNRPq7xjMi2VUe1PsF9ty-yvgxT3gRA-IrbjVGCzNNgeHe1urDCgglU0BnW-5y5LuWZfW3Lksgg3INknfYRI4JUWI0oRVHwcookie: __session={%22eraserTheme%22:%22light%22%2C%22userSessionToken%22:%22eyJhbGciOiJSUzI1NiIsImtpZCI6ImE0YTEwZGVjZTk4MzY2ZDZmNjNlMTY3Mjg2YWU5YjYxMWQyYmFhMjciLCJ0eXAiOiJK
Source: global traffic	HTTP traffic detected: GET /messenger/web/launcher_settings HTTP/1.1host: api-iam.intercom.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /messenger/web/ping HTTP/1.1host: api-iam.intercom.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /pubsub/5-M2Q37P2RtcPov2JVKoX3ebDCs8MDJ9PQFEMLWhspSiTEqcD9jk8DE0_f11CjBLKfok0HVNQjGNl_Ldgv_hitn--7cyn5ZIlByPmi?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor HTTP/1.1Host: nexus-websocket-a.intercom.ioConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://app.eraser.ioSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Eg3w+TETQp5OjhGEWoL3Ug==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /messenger/web/ping HTTP/1.1host: api-iam.intercom.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=DH6Byfv5LD4FMMn&MD=8oFZYg5L HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /messenger/web/metrics HTTP/1.1host: api-iam.intercom.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=DH6Byfv5LD4FMMn&MD=8oFZYg5L HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog

Source: chromecache_88.1.dr	String found in binary or memory: gp(b)\|\|$m(a,b)},b)},Tu=function(){return[K.m.V,K.m.W]},Xu=/^gad_source[_=](\d+)$/;function bv(){return rp("dedupe_gclid",function(){return is()})};var cv=/^(www\.)?google(\.com?)?(\.[a-z]{2}t?)?$/,dv=/^www.googleadservices.com$/;function ev(a){a\|\|(a=fv());return a.Gq?!1:a.Gp\|\|a.Hp\|\|a.Kp\|\|a.Ip\|\|a.Zf\|\|a.qp\|\|a.Jp\|\|a.wp?!0:!1}function fv(){var a={},b=Ns(!0);a.Gq=!!b._up;var c=pu();a.Gp=c.aw!==void 0;a.Hp=c.dc!==void 0;a.Kp=c.wbraid!==void 0;a.Ip=c.gbraid!==void 0;a.Jp=c.gclsrc==="aw.ds";a.Zf=Ru().Zf;var d=y.referrer?uk(Ak(y.referrer),"host"):"";a.wp=cv.test(d);a.qp=dv.test(d);return a};function gv(a){var b=window,c=b.webkit;delete b.webkit;a(b.webkit);b.webkit=c}function hv(a){var b={action:"gcl_setup"};if("CWVWebViewMessage"in a.messageHandlers)return a.messageHandlers.CWVWebViewMessage.postMessage({command:"awb",payload:b}),!0;var c=a.messageHandlers.awb;return c?(c.postMessage(b),!0):!1};function iv(){return["ad_storage","ad_user_data"]}function jv(a){if(E(38)&&!Tn(On.aa.Dl)&&"webkit"in window&&window.webkit.messageHandlers){var b=function(){try{gv(function(c){c&&("CWVWebViewMessage"in c.messageHandlers\|\|"awb"in c.messageHandlers)&&(Sn(On.aa.Dl,function(d){d.gclid&&vu(d.gclid,a)}),hv(c)\|\|N(178))})}catch(c){N(177)}};Zm(function(){St(iv())?b():$m(b,iv())},iv())}};var kv=["https://www.google.com","https://www.youtube.com","https://m.youtube.com"]; equals www.youtube.com (Youtube)
Source: chromecache_88.1.dr	String found in binary or memory: return f}UI.N="internal.enableAutoEventOnTimer";var dc=wa(["data-gtm-yt-inspected-"]),WI=["www.youtube.com","www.youtube-nocookie.com"],XI,YI=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: app.eraser.io
Source: global traffic	DNS traffic detected: DNS query: second-petal-295822-default-rtdb.firebaseio.com
Source: global traffic	DNS traffic detected: DNS query: widget.intercom.io
Source: global traffic	DNS traffic detected: DNS query: js.intercomcdn.com
Source: global traffic	DNS traffic detected: DNS query: us-central1-second-petal-295822.cloudfunctions.net
Source: global traffic	DNS traffic detected: DNS query: api-iam.intercom.io
Source: global traffic	DNS traffic detected: DNS query: nexus-websocket-a.intercom.io
Source: global traffic	DNS traffic detected: DNS query: e2c83.gcp.gvt2.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gvt2.com

Source: unknown

HTTP traffic detected: POST /api/report/amped HTTP/1.1host: app.eraser.iocontent-length: 1399sec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: application/x-www-form-urlencoded; charset=UTF-8sec-ch-ua-mobile: ?0accept: */*origin: https://app.eraser.iosec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: emptyreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: application/json; charset=utf-8etag: "bxk7yrrbye3f"vary: Accept-Encodingx-cloud-trace-context: d1646654653f89025efe0201d3610c63date: Tue, 10 Jun 2025 16:59:15 GMTserver: Google Frontendcontent-length: 123via: 1.1 googlex-content-type-options: nosniffreferrer-policy: strict-origin-when-cross-originpermissions-policy: camera=(), usb=(), geolocation=(), microphone=(), display-capture=()cache-control: no-cache, no-storestrict-transport-security: max-age=31536000; includeSubDomains; preloadcontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://.firebaseio.com https://.firebase.com https://.algolia.net https://.algolianet.com https://.intercom.io https://.intercomcdn.com https://.googleapis.com https://apis.google.com https://www.googletagmanager.com https://connect-cdn.atl-paas.net; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self' https://.googleapis.com; connect-src 'self' https://.cloudfunctions.net https://.firebaseio.com wss://.firebaseio.com https://.firebase.com https://.algolia.net https://.algolianet.com https://.intercom.io https://.intercomcdn.com wss://.intercom.io https://.googleapis.com https://firebaselogging-pa.googleapis.com https://www.google-analytics.com https://github.com https://*.github.com https://gitlab.com
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: application/json; charset=utf-8etag: "bxk7yrrbye3f"vary: Accept-Encodingx-cloud-trace-context: 8514fe9620db49135efe0201d36104e9date: Tue, 10 Jun 2025 16:59:15 GMTserver: Google Frontendcontent-length: 123via: 1.1 googlex-content-type-options: nosniffreferrer-policy: strict-origin-when-cross-originpermissions-policy: camera=(), usb=(), geolocation=(), microphone=(), display-capture=()cache-control: no-cache, no-storestrict-transport-security: max-age=31536000; includeSubDomains; preloadcontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://.firebaseio.com https://.firebase.com https://.algolia.net https://.algolianet.com https://.intercom.io https://.intercomcdn.com https://.googleapis.com https://apis.google.com https://www.googletagmanager.com https://connect-cdn.atl-paas.net; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self' https://.googleapis.com; connect-src 'self' https://.cloudfunctions.net https://.firebaseio.com wss://.firebaseio.com https://.firebase.com https://.algolia.net https://.algolianet.com https://.intercom.io https://.intercomcdn.com wss://.intercom.io https://.googleapis.com https://firebaselogging-pa.googleapis.com https://www.google-analytics.com https://github.com https://*.github.com https://gitlab.com

Source: chromecache_78.1.dr	String found in binary or memory: http://jed.is/
Source: chromecache_78.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_88.1.dr	String found in binary or memory: https://ad.doubleclick.net/activity;
Source: chromecache_88.1.dr	String found in binary or memory: https://ad.doubleclick.net/activity;register_conversion=1;
Source: chromecache_88.1.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity/
Source: chromecache_88.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_88.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_78.1.dr	String found in binary or memory: https://eraser.io
Source: chromecache_78.1.dr	String found in binary or memory: https://feross.org
Source: chromecache_78.1.dr	String found in binary or memory: https://firebase.google.com/pricing/.
Source: chromecache_78.1.dr	String found in binary or memory: https://firebaseinstallations.googleapis.com/v1/projects/
Source: chromecache_78.1.dr	String found in binary or memory: https://firebaselogging.googleapis.com/v0cc/log?format=json_proto
Source: chromecache_120.1.dr	String found in binary or memory: https://github.com/faisalman/ua-parser-js
Source: chromecache_78.1.dr	String found in binary or memory: https://github.com/jonschlinkert/is-plain-object
Source: chromecache_92.1.dr	String found in binary or memory: https://github.com/primer/github-syntax-light
Source: chromecache_88.1.dr	String found in binary or memory: https://google.com/ccm/form-data
Source: chromecache_88.1.dr	String found in binary or memory: https://google.com/pagead/form-data
Source: chromecache_88.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion
Source: chromecache_88.1.dr	String found in binary or memory: https://m.youtube.com
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/ccm/collect
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/ccm/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_92.1.dr	String found in binary or memory: https://quilljs.com/
Source: chromecache_114.1.dr	String found in binary or memory: https://second-petal-295822-default-rtdb.firebaseio.com
Source: chromecache_78.1.dr	String found in binary or memory: https://securetoken.google.com/
Source: chromecache_88.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_88.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_93.1.dr	String found in binary or memory: https://widget.intercom.io/widget/
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/ccm/collect
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/ccm/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/ccm/form-data
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/pagead/1p-conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/pagead/form-data
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/travel/flights/click/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googleadservices.com/ccm/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_78.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_88.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_88.1.dr	String found in binary or memory: https://www.youtube.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.7:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.7:49737 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@22/86@51/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1956,i,12885240125386627005,11813151431592858060,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2080 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1956,i,12885240125386627005,11813151431592858060,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2080 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
54.198.3.158	api-iam.intercom.io	United States	14618	AMAZON-AESUS	false
18.208.47.123	unknown	United States	14618	AMAZON-AESUS	false
35.174.127.31	nexus-websocket-a.intercom.io	United States	14618	AMAZON-AESUS	false
35.190.39.113	second-petal-295822-default-rtdb.firebaseio.com	United States	15169	GOOGLEUS	false
13.249.91.16	widget.intercom.io	United States	16509	AMAZON-02US	false
34.8.177.196	app.eraser.io	United States	2686	ATGS-MMD-ASUS	false
142.251.40.164	www.google.com	United States	15169	GOOGLEUS	false
108.139.47.21	js.intercomcdn.com	United States	16509	AMAZON-02US	false
216.239.36.54	us-central1-second-petal-295822.cloudfunctions.net	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.7
192.168.2.5

Contacted Domains

Name	IP	Active
e2c83.gcp.gvt2.com	34.51.131.60	true
us-central1-second-petal-295822.cloudfunctions.net	216.239.36.54	true
widget.intercom.io	13.249.91.16	true
beacons-handoff.gcp.gvt2.com	142.250.75.163	true
second-petal-295822-default-rtdb.firebaseio.com	35.190.39.113	true
www.google.com	142.251.40.164	true
app.eraser.io	34.8.177.196	true
api-iam.intercom.io	54.198.3.158	true
nexus-websocket-a.intercom.io	35.174.127.31	true
beacons.gvt2.com	142.250.75.67	true
js.intercomcdn.com	108.139.47.21	true
beacons.gcp.gvt2.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
http://c.pki.goog/r/r4.crl	false	high
https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole	false	high
https://second-petal-295822-default-rtdb.firebaseio.com/.ws?v=5	false	unknown
https://nexus-websocket-a.intercom.io/pubsub/5-M2Q37P2RtcPov2JVKoX3ebDCs8MDJ9PQFEMLWhspSiTEqcD9jk8DE0_f11CjBLKfok0HVNQjGNl_Ldgv_hitn--7cyn5ZIlByPmi?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor	false	high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with no line terminators	AA7A9432593DAE836FBBF35BCFF4638B	89BEF209653F9EC2C11EDD51905A52F1045C811D	8F03C69248F1EB543E3EB566E336BB84FBADFD1454292C5A75A7036C5D55D300
Chrome Cache Entry: 101	JSON data	B02FA468FA9C460839FE7AC286F7D755	AEDBE0096441EE602D032175A9E6FDD76A2EF0C0	04B9FA6ADFA63CF33514A3619FE815ACBA6A3DC6020ED6B56657320DBF968DAC
Chrome Cache Entry: 102	gzip compressed data, from Unix, original size modulo 2^32 518427	60DCCBA9C6FB85FCDE8209A1DD806530	1DD81020916258DE5481756EC83CA88E3963A0FA	241D1B048E7677CA838BFBE93315C47C5352842F01994C69C917CAB6D90A759C
Chrome Cache Entry: 103	ASCII text, with very long lines (65536), with no line terminators	F4D9AD06E334562D859D888264ADF6D2	4ECA7899116CF068CE6AEF5FFB67E30B991D3F4D	40E818DCFE8A5D6BBBD70EA6BAEC6C8105B17A4A81B5D71149C0816E7FC9B2EB
Chrome Cache Entry: 104	ASCII text, with very long lines (1363), with no line terminators	86EE02165B379C48408961443AC352CA	B5FE7971A76FB04D834693E15848A2432345078C	8F7719D6D1629C6DEE82A3414B1057A6CF356F9039CBF1ECFC40FB21393A0711
Chrome Cache Entry: 105	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	90FBA15F85654BEB963D66CF6788FA46	E062B36BAB3022A99FDF8AC13199A4E3490CC826	046F4A44111341FA57748B7A865F5B8E9220851578AED66EDF473D9464A0E72F
Chrome Cache Entry: 106	ASCII text	FD3A57AD7CBC28C4867CBECA0BCF48F4	F2F464E41720932DF2205C66C2A8BEB3A592B391	B5CDD0C380343A484645C7215380D906311A17906B687F2C3F70AB7371FBBF0B
Chrome Cache Entry: 107	Web Open Font Format (Version 2), TrueType, length 69168, version 1.0	B9D78F57E801508D13A486BAD77DF5CD	191E5BA5A87AAC801CD5D9F6CF4099C1E510E4F7	A6935C6D7F38E4E120D2846EFA402CEE59F69A0784756F73953F083E1E3611BB
Chrome Cache Entry: 108	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	34530786C322FF907CB60C3C4B429230	A69209235D6BE6424754C998639BB7A30CC24E6E	B856AD63DB9628496178220C3316E1F6A61AD2C61FD8F33A20527D193FE5D93C
Chrome Cache Entry: 109	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	90FBA15F85654BEB963D66CF6788FA46	E062B36BAB3022A99FDF8AC13199A4E3490CC826	046F4A44111341FA57748B7A865F5B8E9220851578AED66EDF473D9464A0E72F
Chrome Cache Entry: 110	ASCII text	11B3432D20BDC0058E437448D2434D1D	BBE36E3A60A7747CF8D33B225886FC829150FDA5	EBB415EB633D112304AC918087BEB375438C7C67279A241C19BE98B3DD9F92A0
Chrome Cache Entry: 111	JSON data	8C4C7804C239ACEA89A1A11804589CE5	3E4D60649634D333E02695BB657B05E6A0BFF121	DA4B1CE0A6833588F4A9BD24350C9F16C31426D439F92B3342B43BFFEC6667C2
Chrome Cache Entry: 112	Unicode text, UTF-8 text, with very long lines (18213), with no line terminators	16C4DF8D2ADA33138164E8F638C637AB	5BA3DA5BD5B4D9C3ABCB52237FE897FD97927F65	8C2E88D0EB1FD65F1BE42B091467B0E7FBECFE0C3D420459004C752AAB8D1977
Chrome Cache Entry: 113	JSON data	F447C440ABF2B8AF203938329FE494F8	3E071AE6400D84FB2EBE38EAEE60E1161D9F4556	11BBA994684E05187E8CB291F03254CE7810FB3EABBC900299F078F2E584550F
Chrome Cache Entry: 114	JSON data	8BA0484966D826204941A2936D9DF68F	A7983D2BA552B6D4A0EA19E417CE3973352BBF5D	7535289C570B2E7B113C8E6A74701E8E89BCD0F8630199C5B2958519C0839D46
Chrome Cache Entry: 115	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	20345954ACDC866DD94128F184E1DAEF	988B137C9E45EC51E1B3D5A6D123AA71B14EC9A0	54D50A7078B80D98E3D4115336A2C4EFC6E9E3A38B5DD98C4B1F66ED301B205E
Chrome Cache Entry: 116	ASCII text	FD3A57AD7CBC28C4867CBECA0BCF48F4	F2F464E41720932DF2205C66C2A8BEB3A592B391	B5CDD0C380343A484645C7215380D906311A17906B687F2C3F70AB7371FBBF0B
Chrome Cache Entry: 117	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	90FBA15F85654BEB963D66CF6788FA46	E062B36BAB3022A99FDF8AC13199A4E3490CC826	046F4A44111341FA57748B7A865F5B8E9220851578AED66EDF473D9464A0E72F
Chrome Cache Entry: 118	ASCII text, with very long lines (829), with no line terminators	1431AC17B2699CB9568044C94E55E362	2AE0FF75195A3D71E827CFBD300C7CC0B22ECB4C	A591FF80E1AF3DFABFA80685ABE0DD8B7A774B4169569ECB5B5C26D1B4B10F97
Chrome Cache Entry: 119	gzip compressed data, from Unix, original size modulo 2^32 541929	1CEBD0B493582D7C0E90A6340579C53E	DCB699C387FBEA3F84AA2881DA558C60DEE0FBEE	7AF420044A06DBCA8D9449F954AB7810413E87E8801616CE0584A4BAEB9AA545
Chrome Cache Entry: 120	Unicode text, UTF-8 text, with very long lines (36993)	E6C891A8383B7FE71DF4664787F46C3E	38E3C47D5CB3F15076C0CE145961B25D32F7D39E	D1F5A7C595C872AB5383D791FBE5D07178B8860F9B70BB6229D294181A09DBFD
Chrome Cache Entry: 121	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	90FBA15F85654BEB963D66CF6788FA46	E062B36BAB3022A99FDF8AC13199A4E3490CC826	046F4A44111341FA57748B7A865F5B8E9220851578AED66EDF473D9464A0E72F
Chrome Cache Entry: 122	ASCII text	CEE268A931E1ACE209F3555932A5880F	0B183179ABE41078E22818F708A272EE35CFE007	780044026DA09E54858EA6280F3002A24B8E22FBC706A75E528EBF2D8630AA91
Chrome Cache Entry: 123	ASCII text	B706D004AD6C50891D262A2E909CF187	6C136A3AD1095C4F6FF17726E1738A44CFBFCE6B	58349B8F97A56A5F67CEE399F48D84BAEDA1799A8ABE76F858F243F2FFCE484B
Chrome Cache Entry: 124	gzip compressed data, from Unix, original size modulo 2^32 6742	774422F64C13DE500AA4DE821BC99E17	86F42F4E75D65DFF9706D32A26F6A6BB2BBB3845	C02E4BB5D15197E3B8A298107512DB277885C3ED450E4571B08787640A190344
Chrome Cache Entry: 125	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	A51F588D713C8017B1283459754328FB	92CF5DAF535B363E002923C5D5A1E58808E67C05	B38509C9C15034FB39CE14F2915358886F354A649E686CB2FD60A1C1C354F4A9
Chrome Cache Entry: 126	JSON data	F447C440ABF2B8AF203938329FE494F8	3E071AE6400D84FB2EBE38EAEE60E1161D9F4556	11BBA994684E05187E8CB291F03254CE7810FB3EABBC900299F078F2E584550F
Chrome Cache Entry: 127	Web Open Font Format (Version 2), CFF, length 108952, version 1.0	7CE5CA2868922CBC7EB47E1E7479976D	D6E8AE110E54BAB9B2D0C57CCD6A01D83A8016DB	0FE260C79288B520E12A42FE797417981F253BC5B1F242D9A7DB38C43971E69C
Chrome Cache Entry: 128	ASCII text	7C8CD485C5791A05652E6514E408C827	4F423ADF5CFE38B30A426B4825190693CC772D4B	52F6A2AB3D59526AD4551262854795EE6B6DB3DD1542AC231C7359DED2393FEC
Chrome Cache Entry: 129	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	BC6BB3C9C893ADB652CF14E29B8E80BC	F45E0FC50584A4E85974137B5B6800C18B9DFE2E	9BE0B0CC7BD2EF1EE1417ED4C0136EC4372D1995527CFEBB71F33CDE9D7C75F0
Chrome Cache Entry: 77	Web Open Font Format (Version 2), TrueType, length 41073, version 1.327	5B0B04784AB616AB52A2284F8EB77AAD	FE3CA92CABADF80D9324C42B3BBB17871652C9E5	02042790A4DC66E42E12F87563F179794E0C74D14A3173D87DB5CDFFBB8E1212
Chrome Cache Entry: 78	ASCII text, with very long lines (21317), with CRLF line terminators	A210D51A7F3A4289BEDEB6DDA54AC365	247503B96B89C5D59FF0E252E4E7654B93349E49	F7494B5335D31701F0BD5D897AEDBA41D01062B1A04114DDC9C53E8CE7CE87ED
Chrome Cache Entry: 79	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	90FBA15F85654BEB963D66CF6788FA46	E062B36BAB3022A99FDF8AC13199A4E3490CC826	046F4A44111341FA57748B7A865F5B8E9220851578AED66EDF473D9464A0E72F
Chrome Cache Entry: 80	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	FBE36EB2EECF1B90451A3A72701E49D2	AE56EA57C52D1153CEC33CEF91CF935D2D3AF14D	E8F2DED5D74C0EE5F427A20B6715E65BC79ED5C4FC67FB00D89005515C8EFE63
Chrome Cache Entry: 81	ASCII text	CE770C4F93A8F718320FB9B6F5F7D23B	673B72425C2DCFA5108A96D74FEFB371D57FFBA8	1BFFD2C9070F0DF80EE3A344EFB921C28A1263930D13686BEC72DE3882B91D7B
Chrome Cache Entry: 82	ASCII text, with very long lines (6299), with no line terminators	F6D18CDCA8364E562BFCB713BAC5EA15	C4AD1F13B41037C57DBBB97658F11EA0A77E7DB6	0402C68B55B41F1A2E107BEF981BECEE4FA59029A273A34BAC15DA0DAE2BD4DD
Chrome Cache Entry: 83	Web Open Font Format (Version 2), CFF, length 61248, version 3.0	93D97D9A02AD4B93FA40366A2B97D8FC	FFFD42D50F6571A6CDD990137C396B96636602CC	9976295BFE709BDEA64839A4D4E9A1D436DD6EB67538399A5A0E8B8FADBCF1CF
Chrome Cache Entry: 84	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	7E43A30676073E298230F9B4AD43B1A6	5B9E61840FD8D2FDAABC169AC8F807F50E19E200	F5108E827B4413804EA0641FC603A28A76A748E85545A974566BF48315EDF84E
Chrome Cache Entry: 85	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	90FBA15F85654BEB963D66CF6788FA46	E062B36BAB3022A99FDF8AC13199A4E3490CC826	046F4A44111341FA57748B7A865F5B8E9220851578AED66EDF473D9464A0E72F
Chrome Cache Entry: 86	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	5DAC3EF515CF05A9DE638C525EC9C32D	EC38384179B7AEEEB56211E8679C29F5692F4785	C7571DBA8FC9A78AA102219A8EEB5165B0150718408E4E10FE1F65218ADE1530
Chrome Cache Entry: 87	Web Open Font Format (Version 2), CFF, length 48240, version 1.0	CB23B28BEA12102E11098D7D5C467F21	3B2947BE8C9111D147393B9E8D52DCCF23092DCB	BDE2DA3351A7DF4F0F3A36C91FBCD37D2DE72E3B689FB0B8E554FA693F639A39
Chrome Cache Entry: 88	ASCII text, with very long lines (5359)	C0A07D2366D3F8ED9F9C58D6E55AC957	20FE61535D05E89B6EA7DDE6FDEB2901A3369D0E	B2DFED83802B140942AB9B46C1A4269E4815CA67F5C5B10B61899F35BF00CD51
Chrome Cache Entry: 89	ASCII text, with very long lines (8101), with no line terminators	D5FDB0EAB4FA003540597A0C88E15D0D	E3EE81D0120D05518463008C0D6B226AEC54A7BC	6BE7DFF248895810C97F9F219C3892522D005D75C116EB054F1E14473C39F4C1
Chrome Cache Entry: 90	ASCII text	FA511B1232CC536759A854CA03A054D1	1A70CED954CA7B255E3817AB627255C8E97723B4	B618C91406FA00C57F037F521277C2F2FAE4A7C5E80868EA017A9D97423256AA
Chrome Cache Entry: 91	HTML document, ASCII text, with very long lines (5259), with no line terminators	CD7A1BC7989E31F6E4DC485463CC90A8	D73DD828C1A1FBFE96A063C1F25D025C650FB083	3FF94E19C80FC8DD18D80C874A432A88E5196C6C970D1030E23E625E9994B4EC
Chrome Cache Entry: 92	ASCII text, with very long lines (10280)	91CC82BC66FBEC2C84B7619AF94F6BE5	93CA422CA141706F673536F4912EDF9C51DF5097	FB7F6BE7748846AE5E953FB6152DD637512B59504A60BACB213B380A02669689
Chrome Cache Entry: 93	ASCII text, with very long lines (1142), with no line terminators	3623877109DB36AC9BFE21579DAE68BD	01E966018C54071D6F0963DCBD5229761724B935	10B41818540829DBFA7B3A76946006A52AFA9A34AF8044126D4AA88E137FA399
Chrome Cache Entry: 94	Web Open Font Format (Version 2), TrueType, length 324864, version 1.0	8DD26C3DD0125FB16CE19B8F5E8273FB	F919DA7384706D6924F10D56CE258129ED498845	85F08B5F51E36CA7E961A033C6BB61D7F0E44AA0984646383ECAC648E98FDCC8
Chrome Cache Entry: 95	ASCII text	731CFC6451C4C983A1D9E4EB5E9B0E4A	912BC5B43C63B3DA665F123E34D7C21CE5BB84B1	70A445507D51D6898C1200DAB3BF45DDD3865EB0456DE331F365E6AAEC62D9C3
Chrome Cache Entry: 96	ASCII text	D05CCBD837C1160C03645C20AFB12A92	034322CB4B79FBD39CD86BF1B7C22BBA04D8C09C	A34B286C0009E50121EDAB73AE7CD92462D521CB392FC1F5591EF1DEE8DC57A6
Chrome Cache Entry: 97	JSON data	F447C440ABF2B8AF203938329FE494F8	3E071AE6400D84FB2EBE38EAEE60E1161D9F4556	11BBA994684E05187E8CB291F03254CE7810FB3EABBC900299F078F2E584550F
Chrome Cache Entry: 98	ASCII text, with very long lines (417)	B4FAA472C0A83BA671872FF84F332733	810DA75ECEB17E69F3EF860201395B91B6388B36	5E13C108803781F50E8D3813455732E66117C37917708FD35A1C20EB7011874A
Chrome Cache Entry: 99	HTML document, Unicode text, UTF-8 text, with very long lines (1136)	90FBA15F85654BEB963D66CF6788FA46	E062B36BAB3022A99FDF8AC13199A4E3490CC826	046F4A44111341FA57748B7A865F5B8E9220851578AED66EDF473D9464A0E72F

There are no high impact signatures.

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.7:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.7:49737 version: TLS 1.2

Source: chrome.exe

Memory has grown: Private usage: 6MB later: 48MB

Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.72.99
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	HTTP traffic detected: GET /workspace/bk3hvlunuo62wlgcjole?origin=share? HTTP/1.1host: app.eraser.ioupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/nimbus-sans.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/virgil-v2.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/national-2-font.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/jetbrains-font.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/inter.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/NimbusSanL-Reg.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/JetBrainsMono-Regular.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/virgil-v2.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/NimbusSanLFerrule-Reg.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/css/9d336443a8f0e5b4.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/national-2-condensed-bold.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/css/e64b0ae1a46a6efc.css HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_next/static/uPUuCcIJgnJYhM5TRgVUn/_buildManifest.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/pages/workspace/%5BworkspaceId%5D-99971a3a5871f064.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/uPUuCcIJgnJYhM5TRgVUn/_ssgManifest.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/fonts/Inter.var.woff2 HTTP/1.1host: app.eraser.ioorigin: https://app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: fontreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/main-7f3eda944b2e127f.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/pages/_app-71be2f4c53eb056b.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/7804.0fc9efccf78263f4.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4581.4d1c955a4442ec19.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/4526.6929ef61fbb84f35.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/optimizely/datafile HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: emptyreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/8546.2721f13e58fa16a0.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/2498.7f0caaf74a931889.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}
Source: global traffic	HTTP traffic detected: GET /.ws?v=5 HTTP/1.1Host: second-petal-295822-default-rtdb.firebaseio.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://app.eraser.ioSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: +8F4w2KLceTCl4QMbkz6qw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_next/static/chunks/6851.153c297dc5f790b7.js HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1
Source: global traffic	HTTP traffic detected: GET /favicon.svg HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: manifestreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=2
Source: global traffic	HTTP traffic detected: GET /widget/fqp3uy63 HTTP/1.1host: widget.intercom.iosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://app.eraser.io/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /favicon.svg HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /api/workspace/bk3hvlunuo62wlgcjole/notes HTTP/1.1host: app.eraser.iosec-ch-ua-platform: "Windows"authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImE0YTEwZGVjZTk4MzY2ZDZmNjNlMTY3Mjg2YWU5YjYxMWQyYmFhMjciLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9zZWNvbmQtcGV0YWwtMjk1ODIyIiwiYXVkIjoic2Vjb25kLXBldGFsLTI5NTgyMiIsImF1dGhfdGltZSI6MTc0OTU3NDc1NSwidXNlcl9pZCI6InVxaldSRTNHU1NXSVQ1UVdOWHNLUnVUMm44QjMiLCJzdWIiOiJ1cWpXUkUzR1NTV0lUNVFXTlhzS1J1VDJuOEIzIiwiaWF0IjoxNzQ5NTc0NzU1LCJleHAiOjE3NDk1NzgzNTUsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.la0iW2lzI5W7wbEZpwq2GGzFcn_DctyUyj_SuiNo1HY79a0XcjC9mGu0oPl-4jZmmoegu-G_NgLoTNlvfiI1D3ZuxD6-sTwAG_ZYGUiMRNJM5VYQbbA3dkkuDfALmm_tykyPj-Nk661HglRCkXV2HZ1PSATE-cLGgVz6kEWJHthsX2SsPiuLvJcrXso0MsKHEZiduowIYrKCS8QFt_Egx0_rvm_5GrqLS4iQNZsrqRRQNmwZdGUmVZcgNRPq7xjMi2VUe1PsF9ty-yvgxT3gRA-IrbjVGCzNNgeHe1urDCgglU0BnW-5y5LuWZfW3Lksgg3INknfYRI4JUWI0oRVHwuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: application/json; charset=UTF-8sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: emptyreferer: https://app.eraser.io/workspace/bk3hvlunuo62wlgcjoleaccept-encoding: identityaccept-language: en-U
Source: global traffic	HTTP traffic detected: GET /api/optimizely/datafile HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /api/report/amped HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __session={%22eraserTheme%22:%22system%22}cookie: amp_f168e1=_qTmtIIT7nLhM1tpP_DIuB...1itdcg6ub.1itdcg6uc.1.0.1priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /vendor-modern.353a08a0.js HTTP/1.1host: js.intercomcdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /frame-modern.812e80a5.js HTTP/1.1host: js.intercomcdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /user-createAnonymousToken HTTP/1.1host: us-central1-second-petal-295822.cloudfunctions.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /api/report/amped HTTP/1.1host: app.eraser.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: analyticsId=uqjWRE3GSSWIT5QWNXsKRuT2n8B3cookie: userSessionToken=eyJhbGciOiJSUzI1NiIsImtpZCI6ImE0YTEwZGVjZTk4MzY2ZDZmNjNlMTY3Mjg2YWU5YjYxMWQyYmFhMjciLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9zZWNvbmQtcGV0YWwtMjk1ODIyIiwiYXVkIjoic2Vjb25kLXBldGFsLTI5NTgyMiIsImF1dGhfdGltZSI6MTc0OTU3NDc1NSwidXNlcl9pZCI6InVxaldSRTNHU1NXSVQ1UVdOWHNLUnVUMm44QjMiLCJzdWIiOiJ1cWpXUkUzR1NTV0lUNVFXTlhzS1J1VDJuOEIzIiwiaWF0IjoxNzQ5NTc0NzU1LCJleHAiOjE3NDk1NzgzNTUsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.la0iW2lzI5W7wbEZpwq2GGzFcn_DctyUyj_SuiNo1HY79a0XcjC9mGu0oPl-4jZmmoegu-G_NgLoTNlvfiI1D3ZuxD6-sTwAG_ZYGUiMRNJM5VYQbbA3dkkuDfALmm_tykyPj-Nk661HglRCkXV2HZ1PSATE-cLGgVz6kEWJHthsX2SsPiuLvJcrXso0MsKHEZiduowIYrKCS8QFt_Egx0_rvm_5GrqLS4iQNZsrqRRQNmwZdGUmVZcgNRPq7xjMi2VUe1PsF9ty-yvgxT3gRA-IrbjVGCzNNgeHe1urDCgglU0BnW-5y5LuWZfW3Lksgg3INknfYRI4JUWI0oRVHwcookie: __session={%22eraserTheme%22:%22light%22%2C%22userSessionToken%22:%22eyJhbGciOiJSUzI1NiIsImtpZCI6ImE0YTEwZGVjZTk4MzY2ZDZmNjNlMTY3Mjg2YWU5YjYxMWQyYmFhMjciLCJ0eXAiOiJK
Source: global traffic	HTTP traffic detected: GET /messenger/web/launcher_settings HTTP/1.1host: api-iam.intercom.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /messenger/web/ping HTTP/1.1host: api-iam.intercom.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /pubsub/5-M2Q37P2RtcPov2JVKoX3ebDCs8MDJ9PQFEMLWhspSiTEqcD9jk8DE0_f11CjBLKfok0HVNQjGNl_Ldgv_hitn--7cyn5ZIlByPmi?X-Nexus-New-Client=true&X-Nexus-Version=0.14.0&user_role=visitor HTTP/1.1Host: nexus-websocket-a.intercom.ioConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://app.eraser.ioSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Eg3w+TETQp5OjhGEWoL3Ug==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /messenger/web/ping HTTP/1.1host: api-iam.intercom.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=DH6Byfv5LD4FMMn&MD=8oFZYg5L HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /messenger/web/metrics HTTP/1.1host: api-iam.intercom.iouser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=DH6Byfv5LD4FMMn&MD=8oFZYg5L HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog

Source: chromecache_88.1.dr	String found in binary or memory: gp(b)\|\|$m(a,b)},b)},Tu=function(){return[K.m.V,K.m.W]},Xu=/^gad_source[_=](\d+)$/;function bv(){return rp("dedupe_gclid",function(){return is()})};var cv=/^(www\.)?google(\.com?)?(\.[a-z]{2}t?)?$/,dv=/^www.googleadservices.com$/;function ev(a){a\|\|(a=fv());return a.Gq?!1:a.Gp\|\|a.Hp\|\|a.Kp\|\|a.Ip\|\|a.Zf\|\|a.qp\|\|a.Jp\|\|a.wp?!0:!1}function fv(){var a={},b=Ns(!0);a.Gq=!!b._up;var c=pu();a.Gp=c.aw!==void 0;a.Hp=c.dc!==void 0;a.Kp=c.wbraid!==void 0;a.Ip=c.gbraid!==void 0;a.Jp=c.gclsrc==="aw.ds";a.Zf=Ru().Zf;var d=y.referrer?uk(Ak(y.referrer),"host"):"";a.wp=cv.test(d);a.qp=dv.test(d);return a};function gv(a){var b=window,c=b.webkit;delete b.webkit;a(b.webkit);b.webkit=c}function hv(a){var b={action:"gcl_setup"};if("CWVWebViewMessage"in a.messageHandlers)return a.messageHandlers.CWVWebViewMessage.postMessage({command:"awb",payload:b}),!0;var c=a.messageHandlers.awb;return c?(c.postMessage(b),!0):!1};function iv(){return["ad_storage","ad_user_data"]}function jv(a){if(E(38)&&!Tn(On.aa.Dl)&&"webkit"in window&&window.webkit.messageHandlers){var b=function(){try{gv(function(c){c&&("CWVWebViewMessage"in c.messageHandlers\|\|"awb"in c.messageHandlers)&&(Sn(On.aa.Dl,function(d){d.gclid&&vu(d.gclid,a)}),hv(c)\|\|N(178))})}catch(c){N(177)}};Zm(function(){St(iv())?b():$m(b,iv())},iv())}};var kv=["https://www.google.com","https://www.youtube.com","https://m.youtube.com"]; equals www.youtube.com (Youtube)
Source: chromecache_88.1.dr	String found in binary or memory: return f}UI.N="internal.enableAutoEventOnTimer";var dc=wa(["data-gtm-yt-inspected-"]),WI=["www.youtube.com","www.youtube-nocookie.com"],XI,YI=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: app.eraser.io
Source: global traffic	DNS traffic detected: DNS query: second-petal-295822-default-rtdb.firebaseio.com
Source: global traffic	DNS traffic detected: DNS query: widget.intercom.io
Source: global traffic	DNS traffic detected: DNS query: js.intercomcdn.com
Source: global traffic	DNS traffic detected: DNS query: us-central1-second-petal-295822.cloudfunctions.net
Source: global traffic	DNS traffic detected: DNS query: api-iam.intercom.io
Source: global traffic	DNS traffic detected: DNS query: nexus-websocket-a.intercom.io
Source: global traffic	DNS traffic detected: DNS query: e2c83.gcp.gvt2.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gvt2.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: application/json; charset=utf-8etag: "bxk7yrrbye3f"vary: Accept-Encodingx-cloud-trace-context: d1646654653f89025efe0201d3610c63date: Tue, 10 Jun 2025 16:59:15 GMTserver: Google Frontendcontent-length: 123via: 1.1 googlex-content-type-options: nosniffreferrer-policy: strict-origin-when-cross-originpermissions-policy: camera=(), usb=(), geolocation=(), microphone=(), display-capture=()cache-control: no-cache, no-storestrict-transport-security: max-age=31536000; includeSubDomains; preloadcontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://.firebaseio.com https://.firebase.com https://.algolia.net https://.algolianet.com https://.intercom.io https://.intercomcdn.com https://.googleapis.com https://apis.google.com https://www.googletagmanager.com https://connect-cdn.atl-paas.net; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self' https://.googleapis.com; connect-src 'self' https://.cloudfunctions.net https://.firebaseio.com wss://.firebaseio.com https://.firebase.com https://.algolia.net https://.algolianet.com https://.intercom.io https://.intercomcdn.com wss://.intercom.io https://.googleapis.com https://firebaselogging-pa.googleapis.com https://www.google-analytics.com https://github.com https://*.github.com https://gitlab.com
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: application/json; charset=utf-8etag: "bxk7yrrbye3f"vary: Accept-Encodingx-cloud-trace-context: 8514fe9620db49135efe0201d36104e9date: Tue, 10 Jun 2025 16:59:15 GMTserver: Google Frontendcontent-length: 123via: 1.1 googlex-content-type-options: nosniffreferrer-policy: strict-origin-when-cross-originpermissions-policy: camera=(), usb=(), geolocation=(), microphone=(), display-capture=()cache-control: no-cache, no-storestrict-transport-security: max-age=31536000; includeSubDomains; preloadcontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://.firebaseio.com https://.firebase.com https://.algolia.net https://.algolianet.com https://.intercom.io https://.intercomcdn.com https://.googleapis.com https://apis.google.com https://www.googletagmanager.com https://connect-cdn.atl-paas.net; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self' https://.googleapis.com; connect-src 'self' https://.cloudfunctions.net https://.firebaseio.com wss://.firebaseio.com https://.firebase.com https://.algolia.net https://.algolianet.com https://.intercom.io https://.intercomcdn.com wss://.intercom.io https://.googleapis.com https://firebaselogging-pa.googleapis.com https://www.google-analytics.com https://github.com https://*.github.com https://gitlab.com

Source: chromecache_78.1.dr	String found in binary or memory: http://jed.is/
Source: chromecache_78.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_88.1.dr	String found in binary or memory: https://ad.doubleclick.net/activity;
Source: chromecache_88.1.dr	String found in binary or memory: https://ad.doubleclick.net/activity;register_conversion=1;
Source: chromecache_88.1.dr	String found in binary or memory: https://ade.googlesyndication.com/ddm/activity/
Source: chromecache_88.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_88.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_78.1.dr	String found in binary or memory: https://eraser.io
Source: chromecache_78.1.dr	String found in binary or memory: https://feross.org
Source: chromecache_78.1.dr	String found in binary or memory: https://firebase.google.com/pricing/.
Source: chromecache_78.1.dr	String found in binary or memory: https://firebaseinstallations.googleapis.com/v1/projects/
Source: chromecache_78.1.dr	String found in binary or memory: https://firebaselogging.googleapis.com/v0cc/log?format=json_proto
Source: chromecache_120.1.dr	String found in binary or memory: https://github.com/faisalman/ua-parser-js
Source: chromecache_78.1.dr	String found in binary or memory: https://github.com/jonschlinkert/is-plain-object
Source: chromecache_92.1.dr	String found in binary or memory: https://github.com/primer/github-syntax-light
Source: chromecache_88.1.dr	String found in binary or memory: https://google.com/ccm/form-data
Source: chromecache_88.1.dr	String found in binary or memory: https://google.com/pagead/form-data
Source: chromecache_88.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion
Source: chromecache_88.1.dr	String found in binary or memory: https://m.youtube.com
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/ccm/collect
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/ccm/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_92.1.dr	String found in binary or memory: https://quilljs.com/
Source: chromecache_114.1.dr	String found in binary or memory: https://second-petal-295822-default-rtdb.firebaseio.com
Source: chromecache_78.1.dr	String found in binary or memory: https://securetoken.google.com/
Source: chromecache_88.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_88.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_93.1.dr	String found in binary or memory: https://widget.intercom.io/widget/
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/ccm/collect
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/ccm/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/ccm/form-data
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/pagead/1p-conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/pagead/form-data
Source: chromecache_88.1.dr	String found in binary or memory: https://www.google.com/travel/flights/click/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googleadservices.com/ccm/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googleadservices.com/pagead/conversion
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_78.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js
Source: chromecache_88.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_88.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_88.1.dr	String found in binary or memory: https://www.youtube.com

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.7:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.7:49737 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@22/86@51/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1956,i,12885240125386627005,11813151431592858060,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2080 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1956,i,12885240125386627005,11813151431592858060,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2080 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1711282
Product:	CloudBasic
Start time:	18:58:07
Start date:	10.06.2025
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?

General Information

Detection

Signatures

Classification

Signatures

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?

General Information

Detection

Signatures

Classification

Signatures

Compliance

Software Vulnerabilities

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://app.eraser.io/workspace/bk3hvlunuo62wlgcjole?origin=share?