Windows Analysis Report https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1

Overview

General Information

Sample URL:	https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1
Analysis ID:	452723
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Phishing site detected (based on logo template match)

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Submit button contains javascript call

Suspicious form URL found

Classification

Signatures

AV Detection:

Antivirus / Scanner detection for submitted sample

Source: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1

SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=

SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish10

Source: Yara match

File source: 60060.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Matcher: Found strong image similarity, brand: Microsoft image: 60060.img.1.gfk.csv EF884BDEDEF280DF97A4C5604058D8DB

Phishing site detected (based on logo template match)

Matcher: Template: microsoft matched

Found iframes

Source: https://www.paperturn.com/flipbook	HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Source: https://www.paperturn.com/flipbook	HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Source: https://www.paperturn.com/flipbook	HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Source: https://www.paperturn.com/flipbook	HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Source: https://www.paperturn.com/login	HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Source: https://www.paperturn.com/login	HTTP Parser: Iframe src: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html

HTML body contains low number of good links

Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: Number of links: 0
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://www.paperturn.com/flipbook	HTTP Parser: Title: Flipbook: 10 reasons to convert your PDF into a flipbook does not match URL
Source: https://www.paperturn.com/flipbook	HTTP Parser: Title: Flipbook: 10 reasons to convert your PDF into a flipbook does not match URL
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: Title: Sharing Link Validation does not match URL
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: Title: Sharing Link Validation does not match URL
Source: https://www.paperturn.com/flipbook	HTTP Parser: Title: Flipbook: 10 reasons to convert your PDF into a flipbook does not match URL
Source: https://www.paperturn.com/flipbook	HTTP Parser: Title: Flipbook: 10 reasons to convert your PDF into a flipbook does not match URL

Submit button contains javascript call

Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))

Suspicious form URL found

Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: Form action: securepassword.php?4K5CL816269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: Form action: securepassword.php?4K5CL816269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851

Source: https://www.paperturn.com/flipbook	HTTP Parser: No <meta name="author".. found
Source: https://www.paperturn.com/flipbook	HTTP Parser: No <meta name="author".. found
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: No <meta name="author".. found
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: No <meta name="author".. found
Source: https://www.paperturn.com/flipbook	HTTP Parser: No <meta name="author".. found
Source: https://www.paperturn.com/flipbook	HTTP Parser: No <meta name="author".. found
Source: https://www.paperturn.com/login	HTTP Parser: No <meta name="author".. found
Source: https://www.paperturn.com/login	HTTP Parser: No <meta name="author".. found

Source: https://www.paperturn.com/flipbook	HTTP Parser: No <meta name="copyright".. found
Source: https://www.paperturn.com/flipbook	HTTP Parser: No <meta name="copyright".. found
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: No <meta name="copyright".. found
Source: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc8510bcc1ac9819c9793d16548a8c40cc851&email=&error=	HTTP Parser: No <meta name="copyright".. found
Source: https://www.paperturn.com/flipbook	HTTP Parser: No <meta name="copyright".. found
Source: https://www.paperturn.com/flipbook	HTTP Parser: No <meta name="copyright".. found
Source: https://www.paperturn.com/login	HTTP Parser: No <meta name="copyright".. found
Source: https://www.paperturn.com/login	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 143.204.225.123:443 -> 192.168.2.5:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 143.204.225.93:443 -> 192.168.2.5:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.106.139:443 -> 192.168.2.5:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49842 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49841 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.106.139:443 -> 192.168.2.5:49863 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.89.225:443 -> 192.168.2.5:49865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.89.225:443 -> 192.168.2.5:49864 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:49871 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.204.90:443 -> 192.168.2.5:49872 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:49983 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49995 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49998 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50029 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50056 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50078 version: TLS 1.2

Source: 000003.log4.0.dr	String found in binary or memory: -_https://www.youtube.com equals www.youtube.com (Youtube)
Source: 000003.log4.0.dr	String found in binary or memory: ._https://www.youtube.com equals www.youtube.com (Youtube)
Source: 000003.log4.0.dr	String found in binary or memory: 0_https://www.youtube.com equals www.youtube.com (Youtube)
Source: 000003.log4.0.dr	String found in binary or memory: 5_https://www.youtube.com equals www.youtube.com (Youtube)
Source: 000003.log0.0.dr	String found in binary or memory: Gnamespace-79d3313a_90a9_4eca_bc4a_615fe95f4398-https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: 000003.log4.0.dr	String found in binary or memory: META:https://www.youtube.com equals www.youtube.com (Youtube)
Source: 75c880fe196c95da_0.0.dr	String found in binary or memory: T2_keyhttps://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/embed.js equals www.youtube.com (Youtube)
Source: Current Session.0.dr	String found in binary or memory: X(https://www.facebook.com/tr/ [id ev ] #0 equals www.facebook.com (Facebook)
Source: 000003.log4.0.dr	String found in binary or memory: _https://www.youtube.com equals www.youtube.com (Youtube)
Source: d2b8a8d9a2d95859_0.0.dr	String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/fetch-polyfill.vflset/fetch-polyfill.js equals www.youtube.com (Youtube)
Source: 95fee99bab72dc0f_0.0.dr	String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/base.js equals www.youtube.com (Youtube)
Source: 75c880fe196c95da_0.0.dr	String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/embed.js equals www.youtube.com (Youtube)
Source: 3ee3277df70d5d32_0.0.dr	String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/remote.js equals www.youtube.com (Youtube)
Source: 4a93ae2abbf51303_0.0.dr	String found in binary or memory: _keyhttps://www.youtube.com/s/player/3804dce2/www-embed-player.vflset/www-embed-player.js equals www.youtube.com (Youtube)
Source: Reporting and NEL.1.dr	String found in binary or memory: coop_reporthttps://www.facebook.com/browser_reporting/ equals www.facebook.com (Facebook)
Source: Current Session.0.dr	String found in binary or memory: f/https://www.youtube.com/embed/q0nkrcMDCmc?rel=0 equals www.youtube.com (Youtube)
Source: Current Session.0.dr	String found in binary or memory: https://www.facebook.com/tr/ equals www.facebook.com (Facebook)
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: {"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071232260245","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://redirector.gvt1.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071232279667","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://accounts.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071232549869","port":443,"protocol_str":"quic"},{"advertised_versions":[50],"expiration":"13274071232549872","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://r2---sn-h0jeener.gvt1.com"},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071232987782","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://www.googletagmanager.com","supports_spdy":true},{"isolation":[],"server":"https://d3euuwqpqlzvic.cloudfront.net","supports_spdy":true},{"isolation":[],"server":"https://assets.paperturn-view.com","supports_spdy":true},{"isolation":[],"server":"https://translations.paperturn.com","supports_spdy":true},{"isolation":[],"server":"https://www.paperturn-view.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071235537569","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://assets.calendly.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071239711465","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":69227},"server":"https://fonts.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://use.fontawesome.com","supports_spdy":true},{"isolation":[],"server":"https://consentcdn.cookiebot.com","supports_spdy":true},{"isolation":[],"server":"https://acsbapp.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071271542770","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://www.google-analytics.com","supports_spdy":true},{"isolation":[],"server":"https://connect.facebook.net","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071272739807","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://stats.g.doubleclick.net","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13274071274233590","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://www.google.com","supports_spdy":tr
Source: Current Session.0.dr	String found in binary or memory: {"og:site_name":"Paperturn","og:url":"https://www.paperturn.com/online-pdf-flip-book-features","og:title":"15 interactive features to supercharge your flipbooks","og:image":"https://images.paperturn.com/g/share-paperturn-en.jpg","og:image:width":"1176","og:image:height":"630","og:type":"website","og:description":"Unlike a normal PDF your online brochure can be easily shared on Facebook and be more dynamic using YouTube videos.\nAlso it can be inserted in your email signature and you can even integrate it with Google analytics and see advanced statistics."} equals www.facebook.com (Facebook)
Source: Current Session.0.dr	String found in binary or memory: {"og:site_name":"Paperturn","og:url":"https://www.paperturn.com/online-pdf-flip-book-features","og:title":"15 interactive features to supercharge your flipbooks","og:image":"https://images.paperturn.com/g/share-paperturn-en.jpg","og:image:width":"1176","og:image:height":"630","og:type":"website","og:description":"Unlike a normal PDF your online brochure can be easily shared on Facebook and be more dynamic using YouTube videos.\nAlso it can be inserted in your email signature and you can even integrate it with Google analytics and see advanced statistics."} equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: 77EC63BDA74BD0D0E0426DC8F8008506.1.dr	String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: EDC238BFF48A31D55A97E1E93892934B_33E8F98A524575FDD27708D6D61F97ED.1.dr	String found in binary or memory: http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1Jg
Source: Current Session.0.dr	String found in binary or memory: http://schema.org/AggregateRating
Source: Current Session.0.dr	String found in binary or memory: http://schema.org/WebPage
Source: Reporting and NEL.1.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=o1Y%2BBXwLiarvZW4%2FqS8c07Jm73mY8vPzze7jVSiGCG93tDB3p4BX3mR
Source: manifest.json0.0.dr, 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://acsbapp.com
Source: 8140b5c475fbdf1c_0.0.dr	String found in binary or memory: https://acsbapp.com/apps/app/dist/js/app.js
Source: manifest.json0.0.dr, 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://assets.calendly.com
Source: c693e56ec7dc32cf_0.0.dr	String found in binary or memory: https://assets.calendly.com/assets/external/widget.js
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://assets.paperturn-view.com
Source: 78ec281d449072c9_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/12.dc063ac5.js
Source: 878756e158c08974_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/12.dc063ac5.jsa
Source: 878756e158c08974_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/12.dc063ac5.jsaD
Source: f5e415729b027894_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/13.9cb813a3.js
Source: c7dbfff3f5d11b28_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/6.f4dbef67.js
Source: a07811dab2c1a983_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/7.0f628dc6.js
Source: 505f12502b0e1e8f_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/8.e31fc8b3.js
Source: 8d4436abab9cbffc_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-Alert.22553599.js
Source: f99d6da11388c29b_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-BottomBar.9060c6c1.js
Source: a6de80f86bf10fb4_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-EmbedFullscreenSwitch.b1cc3074.js
Source: 8421b1b3082ac36c_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-ErrorBoundary.3ef6552e.js
Source: 57849aa2afcf52a8_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-Newsflash.389922b8.js
Source: 9bec16c4529e250a_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-Pages.5c372095.js
Source: a3b9cf33e4506e9e_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-PoweredBy.81832c27.js
Source: ab2e7647897bb5a2_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-Preload.8e1d07ba.js
Source: e7eeab8bd5560049_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-SnackbarProvider.b1a734fc.js
Source: 859d57729f30e053_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-Styles.e7b2b5dd.js
Source: 5ae823d24fa20467_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-Toolbar.0413dfe3.js
Source: ab9b9b92e56d5efe_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-ToolbarButton.4ce3af8a.js
Source: 8936c0436506fed9_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-ToolbarIcon.687326a7.js
Source: 78971c5f3b10669d_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-Tooltip.d369b3de.js
Source: 236c9a70f6d402a3_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-TopBar.54d5964a.js
Source: bf709059c5fc7310_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-Viewer.775a1c39.js
Source: ed55c9f01fcca8ed_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/components-ViewerContainer.a8be06bc.js
Source: 75180a52d49873b5_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/index.js?20210723020032
Source: e41c3bf86352e7cd_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/index.js?20210723020133
Source: c968078420fe3f97_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/vendors~components-AddToBasket~components-Alert~components-Basket~
Source: 5c8938a5f2f8b277_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/vendors~components-Alert~components-BuyBasket~components-Dialog~co
Source: a2df7e764a389255_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/vendors~components-BottomBar.e724eb41.js
Source: b4191926631e1e0f_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/vendors~components-BuyBasket~components-SendBasket~components-Snac
Source: 3f84843334707219_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/vendors~components-Newsflash.b7b94969.js
Source: 98f7ac3352864cdd_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/vendors~components-Pages~components-Search.4fcb49bb.js
Source: 402f710388ce73f0_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/vendors~components-ToolbarButton.aafd698b.js
Source: 4b4ae9e2956257f4_0.0.dr	String found in binary or memory: https://assets.paperturn-view.com/vendors~components-Tooltip~components-TopBar.09a36c1b.js
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://connect.facebook.net
Source: f7733717fc9a9560_0.0.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: cb14d97ede8b4cfb_0.0.dr	String found in binary or memory: https://connect.facebook.net/signals/config/808672289198286?v=2.9.43&r=stable
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://consent.cookiebot.com
Source: 16d9c28137016842_0.0.dr	String found in binary or memory: https://consent.cookiebot.com/15dac99d-cb99-4df3-83c0-6e8c10ac66d8/cc.js?renew=false&referer=www.pap
Source: 0ae6b52f6e424e4e_0.0.dr	String found in binary or memory: https://consent.cookiebot.com/uc.js
Source: 000003.log4.0.dr	String found in binary or memory: https://consentcdn.cookiebot.com
Source: 000003.log4.0.dr	String found in binary or memory: https://consentcdn.cookiebot.com&_https://consentcdn.cookiebot.com
Source: 000003.log0.0.dr	String found in binary or memory: https://consentcdn.cookiebot.com/
Source: 8959e7f160a77ede_0.0.dr	String found in binary or memory: https://consentcdn.cookiebot.com/consentconfig/15dac99d-cb99-4df3-83c0-6e8c10ac66d8/paperturn.com/co
Source: Current Session.0.dr	String found in binary or memory: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Source: manifest.json0.0.dr	String found in binary or memory: https://content.googleapis.com
Source: Reporting and NEL.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/downloads-lorry
Source: Reporting and NEL.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/downloads-lorryY
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://d3euuwqpqlzvic.cloudfront.net
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 6a3aeedd-434b-43b2-b003-feca369dd65f.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr, b25feb06-4ffa-4707-a885-6016f837f55d.tmp.1.dr	String found in binary or memory: https://dns.google
Source: manifest.json0.0.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://fonts.googleapis.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://fonts.gstatic.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.dr	String found in binary or memory: https://hangouts.google.com/
Source: 878756e158c08974_0.0.dr	String found in binary or memory: https://i1.ytimg.com/vi/
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://images.paperturn.com/
Source: Favicons-journal.0.dr	String found in binary or memory: https://images.paperturn.com/g/favicon-new/favicon.ico
Source: Current Session.0.dr	String found in binary or memory: https://images.paperturn.com/g/share-paperturn-en.jpg
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: 8936c0436506fed9_0.0.dr, 98f7ac3352864cdd_0.0.dr, 7a24f279f3c8e97a_0.0.dr, 859d57729f30e053_0.0.dr, ab2e7647897bb5a2_0.0.dr, 78ec281d449072c9_0.0.dr, 57849aa2afcf52a8_0.0.dr	String found in binary or memory: https://paperturn-view.com/
Source: f99d6da11388c29b_0.0.dr	String found in binary or memory: https://paperturn-view.com/$Mt
Source: 505f12502b0e1e8f_0.0.dr	String found in binary or memory: https://paperturn-view.com/(
Source: d5ef84d81abcea8d_0.0.dr	String found in binary or memory: https://paperturn-view.com/.
Source: d5ef84d81abcea8d_0.0.dr	String found in binary or memory: https://paperturn-view.com/.?
Source: f4692d38da8f7d92_0.0.dr	String found in binary or memory: https://paperturn-view.com/8Xn
Source: 505f12502b0e1e8f_0.0.dr	String found in binary or memory: https://paperturn-view.com/9
Source: bf709059c5fc7310_0.0.dr	String found in binary or memory: https://paperturn-view.com/9r
Source: e7eeab8bd5560049_0.0.dr	String found in binary or memory: https://paperturn-view.com/A)
Source: c968078420fe3f97_0.0.dr	String found in binary or memory: https://paperturn-view.com/DWn
Source: c7dbfff3f5d11b28_0.0.dr	String found in binary or memory: https://paperturn-view.com/G
Source: 98f7ac3352864cdd_0.0.dr	String found in binary or memory: https://paperturn-view.com/OA
Source: 9bec16c4529e250a_0.0.dr	String found in binary or memory: https://paperturn-view.com/P
Source: a2df7e764a389255_0.0.dr	String found in binary or memory: https://paperturn-view.com/PEt
Source: 859d57729f30e053_0.0.dr	String found in binary or memory: https://paperturn-view.com/U
Source: 4b4ae9e2956257f4_0.0.dr	String found in binary or memory: https://paperturn-view.com/XAt
Source: 75180a52d49873b5_0.0.dr	String found in binary or memory: https://paperturn-view.com/coY
Source: e41c3bf86352e7cd_0.0.dr	String found in binary or memory: https://paperturn-view.com/d
Source: a3b9cf33e4506e9e_0.0.dr	String found in binary or memory: https://paperturn-view.com/uVn
Source: 16d9c28137016842_0.0.dr, 641fb3ab98d94d28_0.0.dr, c693e56ec7dc32cf_0.0.dr, e78a65cbed4dea02_0.0.dr	String found in binary or memory: https://paperturn.com/
Source: 16d9c28137016842_0.0.dr	String found in binary or memory: https://paperturn.com/8
Source: ddf29fd5d7ab777f_0.0.dr	String found in binary or memory: https://paperturn.com/9v
Source: 16d9c28137016842_0.0.dr	String found in binary or memory: https://paperturn.com/C#=
Source: f7733717fc9a9560_0.0.dr	String found in binary or memory: https://paperturn.com/HL
Source: 8959e7f160a77ede_0.0.dr	String found in binary or memory: https://paperturn.com/M&
Source: 8959e7f160a77ede_0.0.dr	String found in binary or memory: https://paperturn.com/O
Source: ca3cacf61e20435d_0.0.dr	String found in binary or memory: https://paperturn.com/U
Source: 8e8595a5d4720c28_0.0.dr	String found in binary or memory: https://paperturn.com/d3
Source: 8959e7f160a77ede_0.0.dr	String found in binary or memory: https://paperturn.com/e
Source: c693e56ec7dc32cf_0.0.dr	String found in binary or memory: https://paperturn.com/i2
Source: 8959e7f160a77ede_0.0.dr	String found in binary or memory: https://paperturn.com/id
Source: 0ae6b52f6e424e4e_0.0.dr	String found in binary or memory: https://paperturn.com/l
Source: 80d379f7f5b93e31_0.0.dr	String found in binary or memory: https://paperturn.com/s
Source: cb14d97ede8b4cfb_0.0.dr	String found in binary or memory: https://paperturn.com/u8
Source: manifest.json.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://r2---sn-h0jeener.gvt1.com
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: manifest.json.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/
Source: a2a9870c369aa42b_0.0.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-02-sts_20181108.001/require-a19851d1.js
Source: bbfcd0a0712d3aa4_0.0.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-11-02-sts_20181108.001/spoguestaccess-f1ac8
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: 80d379f7f5b93e31_0.0.dr	String found in binary or memory: https://static.zdassets.com/ekr/asset_composer.js
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://stats.g.doubleclick.net
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://translations.paperturn.com
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://use.fontawesome.com
Source: Network Action Predictor-journal.0.dr	String found in binary or memory: https://use.fontawesome.com/
Source: e65797cd70a56c3a_0.0.dr	String found in binary or memory: https://v2.zopim.com/bin/v/widget_v2.329.js
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://www.google-analytics.com
Source: ddf7e8582ef3dff7_0.0.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: manifest.json0.0.dr, 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.google.com/
Source: 105618d59203ef9a_0.0.dr	String found in binary or memory: https://www.google.com/js/th/rri_UWQ0J4KTeoiEc0uqeM0aau5ykYMkDZQXo2HoPhc.js
Source: manifest.json0.0.dr	String found in binary or memory: https://www.google.com;
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://www.google.de
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: d5ef84d81abcea8d_0.0.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-47719712-4
Source: 7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp.1.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://www.gstatic.com
Source: 335e69ddec2b9ac6_0.0.dr	String found in binary or memory: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Source: manifest.json0.0.dr	String found in binary or memory: https://www.gstatic.com;
Source: Current Session.0.dr, 75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp.1.dr	String found in binary or memory: https://www.paperturn-view.com
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn-view.com&
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn-view.com/paperturn-marketing/embed-features-page-country-heritage?pid=MzE31606
Source: Current Session.0.dr, History-journal.0.dr	String found in binary or memory: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1#Sharepoint
Source: History Provider Cache.0.dr	String found in binary or memory: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.12#Sharepoint
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.15-N
Source: History-journal.0.dr	String found in binary or memory: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1Sharepoint
Source: History-journal.0.dr	String found in binary or memory: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1e
Source: History-journal.0.dr	String found in binary or memory: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1j
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1m
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn-view.comh
Source: 000003.log4.0.dr	String found in binary or memory: https://www.paperturn.com
Source: 000003.log0.0.dr	String found in binary or memory: https://www.paperturn.com/
Source: History-journal.0.dr	String found in binary or memory: https://www.paperturn.com/Convert
Source: ddf29fd5d7ab777f_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-2c7001179082c8031f506f1a6a77ca2f.js
Source: 3aa07428c0e4d4b1_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-2c7001179082c8031f506f1a6a77ca2f.jsa
Source: 3aa07428c0e4d4b1_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-2c7001179082c8031f506f1a6a77ca2f.jsaD
Source: 823f8fc18e89de25_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-5a97efeeff018a0419f17b6689972674.js
Source: 641fb3ab98d94d28_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-8e659b93bd027876d82817aa95060866.js
Source: 8e8595a5d4720c28_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-af8546ccbc09deec7e6b7a04c8502a92.js
Source: 5e756fb02c040fa1_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-b6b0e1e2a9cc4a10cafe9a7b0396818b.js
Source: 9aeca2548873487f_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-b6b0e1e2a9cc4a10cafe9a7b0396818b.jsa
Source: 9aeca2548873487f_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-b6b0e1e2a9cc4a10cafe9a7b0396818b.jsaD
Source: e78a65cbed4dea02_0.0.dr	String found in binary or memory: https://www.paperturn.com/cache/v2.3.12/mini-d0f4fc79d4063f6d5171f399465f6cb6.js
Source: Current Session.0.dr, Favicons-journal.0.dr	String found in binary or memory: https://www.paperturn.com/flipbook
Source: History Provider Cache.0.dr	String found in binary or memory: https://www.paperturn.com/flipbook28Flipbook:
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn.com/flipbook8Flipbook:
Source: History-journal.0.dr	String found in binary or memory: https://www.paperturn.com/flipbookFlipbook:
Source: Current Session.0.dr, Favicons-journal.0.dr	String found in binary or memory: https://www.paperturn.com/login
Source: History-journal.0.dr	String found in binary or memory: https://www.paperturn.com/loginLogin
Source: d1d96ac840cd7ef0_0.0.dr, 91b9b5ff6833c0d7_0.0.dr	String found in binary or memory: https://www.paperturn.com/o3/resource/js/lib/angularjs/angularjs-lates.min.js
Source: 91b9b5ff6833c0d7_0.0.dr	String found in binary or memory: https://www.paperturn.com/o3/resource/js/lib/angularjs/angularjs-lates.min.jsaD
Source: Current Session.0.dr, History.0.dr	String found in binary or memory: https://www.paperturn.com/online-pdf-flip-book-features
Source: Favicons.0.dr	String found in binary or memory: https://www.paperturn.com/online-pdf-flip-book-features$
Source: History.0.dr	String found in binary or memory: https://www.paperturn.com/online-pdf-flip-book-features15
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn.com/online-pdf-flip-book-features515
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn.com/prices
Source: Favicons.0.dr	String found in binary or memory: https://www.paperturn.com/prices#
Source: History-journal.0.dr	String found in binary or memory: https://www.paperturn.com/prices/&W
Source: History.0.dr	String found in binary or memory: https://www.paperturn.com/pricesCheap
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn.com/pricesI
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn.com/pricesICheap
Source: Current Session.0.dr, Favicons-journal.0.dr	String found in binary or memory: https://www.paperturn.com/uk/
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn.com/uk/8Convert
Source: History-journal.0.dr	String found in binary or memory: https://www.paperturn.com/uk/Convert
Source: Current Session.0.dr	String found in binary or memory: https://www.paperturn.comh
Source: 000003.log4.0.dr	String found in binary or memory: https://www.youtube.com
Source: 000003.log0.0.dr	String found in binary or memory: https://www.youtube.com/
Source: Current Session.0.dr	String found in binary or memory: https://www.youtube.com/embed/q0nkrcMDCmc?rel=0
Source: d2b8a8d9a2d95859_0.0.dr	String found in binary or memory: https://www.youtube.com/s/player/3804dce2/fetch-polyfill.vflset/fetch-polyfill.js
Source: 95fee99bab72dc0f_0.0.dr	String found in binary or memory: https://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/base.js
Source: 75c880fe196c95da_0.0.dr	String found in binary or memory: https://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/embed.js
Source: 3ee3277df70d5d32_0.0.dr	String found in binary or memory: https://www.youtube.com/s/player/3804dce2/player_ias.vflset/en_US/remote.js
Source: 4a93ae2abbf51303_0.0.dr	String found in binary or memory: https://www.youtube.com/s/player/3804dce2/www-embed-player.vflset/www-embed-player.js
Source: Network Action Predictor-journal.0.dr, b868e2287919f738_0.0.dr	String found in binary or memory: https://xpans.in/
Source: fd410d0fcd87a62a_0.0.dr	String found in binary or memory: https://xpans.in/5
Source: d80a1cc1e7bfcfc1_0.0.dr	String found in binary or memory: https://xpans.in/F
Source: Current Session.0.dr	String found in binary or memory: https://xpans.in/document/Drive/
Source: History-journal.0.dr	String found in binary or memory: https://xpans.in/document/Drive/Sharing
Source: Current Session.0.dr	String found in binary or memory: https://xpans.in/document/Drive/_-
Source: e8a9b928233b277a_0.0.dr	String found in binary or memory: https://xpans.in/document/Drive/asd/ScriptResource.axd?d=KozZrTVT8ndoIojtkc7ps-zrkEG427bomy-mzEko1Qr
Source: b868e2287919f738_0.0.dr	String found in binary or memory: https://xpans.in/document/Drive/asd/ScriptResource.axd?d=P9Sp2kK_d4BNWXJEemNdILK9AkaZTG86MaHXVWE9ulL
Source: fd410d0fcd87a62a_0.0.dr	String found in binary or memory: https://xpans.in/document/Drive/asd/ScriptResource.axd?d=YfbPqEYj0W31Qd6b83PGlWON7nZi7y2471DNsdTWssE
Source: d80a1cc1e7bfcfc1_0.0.dr	String found in binary or memory: https://xpans.in/document/Drive/asd/WebResource.axd?d=Vseh0_O29CS6SASZGjJ5B50eCxofIEK9mDd5NZNa5k8Kti
Source: Favicons.0.dr	String found in binary or memory: https://xpans.in/document/Drive/images/favicon.ico?rev=45
Source: Favicons.0.dr	String found in binary or memory: https://xpans.in/document/Drive/images/favicon.ico?rev=45:
Source: Current Session.0.dr	String found in binary or memory: https://xpans.in/document/Drive/securepassword.php
Source: History-journal.0.dr	String found in binary or memory: https://xpans.in/document/Drive/vynii1ggv7u34dlblu2qibdn.php?89bi9G16269732590bcc1ac9819c9793d16548a
Source: 95fee99bab72dc0f_0.0.dr	String found in binary or memory: https://youtube.com/
Source: d2b8a8d9a2d95859_0.0.dr	String found in binary or memory: https://youtube.com/H&
Source: 3ee3277df70d5d32_0.0.dr	String found in binary or memory: https://youtube.com/L
Source: 335e69ddec2b9ac6_0.0.dr	String found in binary or memory: https://youtube.com/wJ

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869

Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 143.204.225.123:443 -> 192.168.2.5:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 143.204.225.93:443 -> 192.168.2.5:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.106.139:443 -> 192.168.2.5:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49842 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49841 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.106.139:443 -> 192.168.2.5:49863 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.89.225:443 -> 192.168.2.5:49865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.89.225:443 -> 192.168.2.5:49864 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:49871 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.18.204.90:443 -> 192.168.2.5:49872 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:49983 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49995 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 148.251.96.155:443 -> 192.168.2.5:49998 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50029 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50056 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.29.88.9:443 -> 192.168.2.5:50078 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@45/253@49/34

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-60FA22BB-DAC.pma

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\8c1e99c0-df59-4ed3-b323-36c067026dd9.tmp

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1572,7917042391378505505,9881702941299426833,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1572,7917042391378505505,9881702941299426833,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=4612 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1572,7917042391378505505,9881702941299426833,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=3848 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1572,7917042391378505505,9881702941299426833,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1572,7917042391378505505,9881702941299426833,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=4612 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1572,7917042391378505505,9881702941299426833,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=3848 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
216.58.215.238	www-google-analytics.l.google.com	United States	15169	GOOGLEUS	false
206.189.187.108	acsbapp.com	United States	14061	DIGITALOCEAN-ASNUS	false
172.217.168.45	accounts.google.com	United States	15169	GOOGLEUS	false
143.204.225.47	d2mvl3dkxvehny.cloudfront.net	United States	16509	AMAZON-02US	false
142.250.203.97	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
66.102.1.156	unknown	United States	15169	GOOGLEUS	false
104.16.106.139	v2.zopim.com	United States	13335	CLOUDFLARENETUS	false
52.29.88.9	widget-mediator.zopim.com	United States	16509	AMAZON-02US	false
143.204.225.93	assets.paperturn-view.com	United States	16509	AMAZON-02US	false
143.204.225.123	www.paperturn-view.com	United States	16509	AMAZON-02US	false
148.251.96.155	www.paperturn.com	Germany	24940	HETZNER-ASDE	false
172.217.168.1	photos-ugc.l.googleusercontent.com	United States	15169	GOOGLEUS	false
172.217.168.2	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
144.91.89.225	xpans.in	Germany	51167	CONTABODE	false
157.240.16.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.18.70.113	static.zdassets.com	United States	13335	CLOUDFLARENETUS	false
13.225.29.13	unknown	United States	16509	AMAZON-02US	false
64.233.167.157	stats.l.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.203.110	clients.l.google.com	United States	15169	GOOGLEUS	false
172.217.168.68	www.google.com	United States	15169	GOOGLEUS	false
157.240.17.15	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
172.217.168.8	www-googletagmanager.l.google.com	United States	15169	GOOGLEUS	false
143.204.225.69	translations.paperturn.com	United States	16509	AMAZON-02US	false
172.217.168.3	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false
143.204.225.4	d3jodor2jgify2.cloudfront.net	United States	16509	AMAZON-02US	false
216.58.215.246	i.ytimg.com	United States	15169	GOOGLEUS	false
172.217.168.70	static-doubleclick-net.l.google.com	United States	15169	GOOGLEUS	false
104.18.204.90	v2assets.zopim.io	United States	13335	CLOUDFLARENETUS	false
206.189.191.180	unknown	United States	14061	DIGITALOCEAN-ASNUS	false
13.225.29.76	d3euuwqpqlzvic.cloudfront.net	United States	16509	AMAZON-02US	false

Private

IP
192.168.2.1
127.0.0.1
192.168.2.255

Contacted Domains

Name	IP	Active
gstaticadssl.l.google.com	172.217.168.3	true
i.ytimg.com	216.58.215.246	true
d2mvl3dkxvehny.cloudfront.net	143.204.225.47	true
d3euuwqpqlzvic.cloudfront.net	13.225.29.76	true
scontent.xx.fbcdn.net	157.240.17.15	true
static.zdassets.com	104.18.70.113	true
www.paperturn-view.com	143.204.225.123	true
photos-ugc.l.googleusercontent.com	172.217.168.1	true
ekr.zdassets.com	104.18.70.113	true
www.google.com	172.217.168.68	true
v2.zopim.com	104.16.106.139	true
www.google.de	172.217.168.3	true
star-mini.c10r.facebook.com	157.240.16.35	true
v2assets.zopim.io	104.18.204.90	true
accounts.google.com	172.217.168.45	true
www-google-analytics.l.google.com	216.58.215.238	true
stats.l.doubleclick.net	64.233.167.157	true
www-googletagmanager.l.google.com	172.217.168.8	true
www.paperturn.com	148.251.96.155	true
static-doubleclick-net.l.google.com	172.217.168.70	true
youtube-ui.l.google.com	172.217.168.14	true
assets.paperturn-view.com	143.204.225.93	true
googleads.g.doubleclick.net	172.217.168.2	true
xpans.in	144.91.89.225	true
widget-mediator.zopim.com	52.29.88.9	true
acsbapp.com	206.189.187.108	true
clients.l.google.com	142.250.203.110	true
translations.paperturn.com	143.204.225.69	true
d3jodor2jgify2.cloudfront.net	143.204.225.4	true
googlehosted.l.googleusercontent.com	142.250.203.97	true
yt3.ggpht.com	unknown	unknown
stats.g.doubleclick.net	unknown	unknown
static.sharepointonline.com	unknown	unknown
use.fontawesome.com	unknown	unknown
clients2.googleusercontent.com	unknown	unknown
clients2.google.com	unknown	unknown
www.youtube.com	unknown	unknown
consentcdn.cookiebot.com	unknown	unknown
www.facebook.com	unknown	unknown
assets.calendly.com	unknown	unknown
consent.cookiebot.com	unknown	unknown
connect.facebook.net	unknown	unknown
static.doubleclick.net	unknown	unknown
cdn.acsbapp.com	unknown	unknown
images.paperturn.com	unknown	unknown
d8n9fts9ic943.cloudfront.net	unknown	unknown
spoprod-a.akamaihd.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.paperturn.com/prices	true		unknown
https://www.paperturn.com/flipbook	true		unknown

Name	Type	MD5	SHA1	SHA256
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic	data	A78AD14E77147E7DE3647E61964C0335	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506	Microsoft Cabinet archive data, 61020 bytes, 1 file	2902DE11E30DCC620B184E3BB0F0C1CB	5D11D14A2558801A2688DC2D6DFAD39AC294F222	E6A7F1F8810E46A736E80EE5AC6187690F28F4D5D35D130D410E20084B2C1544
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_33E8F98A524575FDD27708D6D61F97ED	data	51F89A3EAD171C099581D6FA7FC20050	39C9F05034A23680E7572FD19F4166EAFDD13E50	49ABDFD49D478D1EB231199F88AC7FD8476F71F4977A6530B48B2EDA95810642
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506	data	5F7022610D28099D8053D3DD4220766B	20BAFB97B231372268C6345738C3FC552B897176	8C3ED4CD9BB870B757446DA39001AF76FEA41FAF0E97379AA180C337A8665FEE
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_33E8F98A524575FDD27708D6D61F97ED	data	8D16F2BE30A07A55563325EADA586AD0	05ECD7358FE5D1FA4F43E116CAC068662531CAEF	36EB42CF57E349ACB9017B22F1FE565146B4FA01ABFE036522801BE47DC1F556
C:\Users\user\AppData\Local\Google\Chrome\User Data\0079b35c-f8fa-45a7-a8b7-bdf8eba80ff1.tmp	ASCII text, with very long lines, with no line terminators	DDC37B1394D8170271B8E953B9E44550	CF8A54F5434FA2A5496C7897C45725C88755B6BD	A4694446CF4B822446D23BF233671874009B460C4791C909A0DE1101DDD513B1
C:\Users\user\AppData\Local\Google\Chrome\User Data\0ef446f5-5daa-4ac3-b591-1c4784fc95ce.tmp	ASCII text, with very long lines, with no line terminators	8DA00429ECCA7B8F115ADBC40CF22513	9CB88E3508E59C79972823E9FB3D767802F97DC6	A0B107246388F873DDA12C41CF0BEB2D40968455C26A9E2301D4AB1C342B4BCB
C:\Users\user\AppData\Local\Google\Chrome\User Data\50907df1-3712-418e-9e91-0ec9028aa3d5.tmp	data	D534EA9DA5F31B5222BFE87AF2A87B6A	BF08A3A545ED125BB19B16CFF22C72340AAABE70	E92694DA6082826279A9336607F81EB3FFA6362B81A911065C71AF4C8A902B37
C:\Users\user\AppData\Local\Google\Chrome\User Data\72446f73-412e-4b09-a7fe-857f99e52227.tmp	ASCII text, with very long lines, with no line terminators	A434BAE75CDAC9A45FEB9C8490ADAAAD	D274178754FEC25B3F87AA24ADC98521940CB638	F769CF63C0BB78A7EC4A57BFEB0131434D6FB157AB571215860E6973710A5ED2
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	569FA64ACAA310B1DE1A6250CC7356B0	14251450C245F8612958BF94779E8B72AE6D6213	AEE20ADEBF2D35EB8A39BE2DC391B0E5966EFCB4AFDC971BB3A18115C929F563
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\09e8ef0e-a23e-42cb-a038-ed5f9c541cbc.tmp	ASCII text, with very long lines, with no line terminators	7D901AB2096BE1C7F4F6B7C3140D2C2A	A00C5C4B729A02FD744F9C9185B450DC5C2AA486	890840039E3D503906BD00AC4AF49F724BCE2A3F481B336AA9444A13E817438A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\466b524a-38ad-4c10-8896-c1e117ba52a5.tmp	ASCII text, with very long lines, with no line terminators	8EBCD08D073C42600AE6B7D561C58779	8F0B80B1860A766DD88409F24A0B909EFB0DF57B	014EE7C8AAFF7E1C2FC77081566CEDA0C9A4A8BE5902EED58C5656CFE8BF3F51
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59cd6bc6-4b72-4141-b0b2-a8c22489f2da.tmp	ASCII text, with very long lines, with no line terminators	698CB4E50535DD8678081FC41A6BE9A9	3B9540B2BD7A7A416558EC004C932A879F1A27B6	3B4485B2D521CF88E64938476573E77203E5C587CCF5D5A5DD00718A815E844B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6ee6eeaa-d560-48b5-a23e-bac9f35a5672.tmp	ASCII text, with very long lines, with no line terminators	8568C403C8B51136BDD84B3742BE37DC	9154FAA2DD22FED96B9ABD9C99AC1DC54BF7FE37	3F6C1AC8C16C56F0498D0466F9A981A4530A9B45A6C3F4A86F16824BFF3822DD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7335de3b-b54e-4977-89ad-d14efc34c441.tmp	ASCII text, with very long lines, with no line terminators	8C104952DA1160691A043D1246052937	5829B51BF755783F9E456108B5B5471B8B215F14	D848A345A3539DE5C29EC806D0155DBEC59256083626108D8E72AC4BC6414BB9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\75de2cc4-3143-4e6f-a0b4-1887dc1313b3.tmp	ASCII text, with very long lines, with no line terminators	CBED3F4E24B00D6FDEF5CFFD535ACF81	3FC617EC7787D659E3128CC68A6174DF8C2495F9	2618E87FC45AC78A90197AB5771F6F26D98DB98FE8F6434C68A9A0D5DD2E5225
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7a0401b1-ba1d-4486-bd77-cf1fa87cf2d8.tmp	ASCII text, with very long lines, with no line terminators	829D5654ADF098AD43036E24C47F2A94	506C8BA397509BA0357787950C538C1879047DF3	4D0B852D18FCA5C1A712904CF6DB3811FB905E86D8A7508A2D42F9C8D68E2211
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\907f1a37-8d8c-4587-acfa-f9d67eb86453.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG	ASCII text	F0AD8EE11238B60B963C5FF7023B3D5F	CCB95F6D57271A55D61A68AA4732FE7DBE06FE70	21F50DE6A6019DD3C37719CE64A09D1DA28FA066DC35429FD898C7456E6967DB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG	ASCII text	3A8B2989AA6780AB15B5CF6543E664F5	E6E7AC06EEDD9CD0ED7DB2379321C05A6920D8DE	BF603A382C98906F17C7E8AB6D53EBC63E8F0EA19A6E0543833D99DB1D2C54B7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0ae6b52f6e424e4e_0	data	AAF47CAAA2B306A88CD470B43EBAA058	6D4B8274C6EE8C6A8B8E130F3DFCF02A2339BA55	A420DE67B54E7F92E448F87B00E64A3189772A1DB3F35279A509C070D6B1C556
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\105618d59203ef9a_0	data	09C63BB72E759C8D4A35862A4FC035D3	0649193A1CADA600EF6995CA52359C0CEA390CD1	35A3D9F2EDB4E62D47B062483B48634559B8645C75879CAB182472195C8ABE86
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\16d9c28137016842_0	data	248E43BEA24A2BB21795FCE131C7F521	5C7009B9DF3D30E5679F773DE91A6AC01084C343	A8D78843C2F0565313C2CA016EB2371224761FAE1631B49374FEF1B2FBD84A96
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\236c9a70f6d402a3_0	data	AFF349F40939C94E43ADAC122961CBF4	44C47EF1C5445C67976539F64B9E77D6532AC589	0642415E6436A120C0772A201EFEC0EF1F31188F567FE89ED4BCBA01B84B1CCB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\335e69ddec2b9ac6_0	data	27DC5F0D3B49BC5198BF9B1A3AEA7612	A8CFC60C8B7B4AB3098DDAC5E389C8470B701EE0	6B5F11C606B548E5AB411B9B4F21FC922996A4F59B6B2F798AB6D9BB3C69E071
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3aa07428c0e4d4b1_0	data	64E167F2235FB642CE28B83B60D556FD	A9A20993A0DE130D0DFE1E8948CB167928F8DF83	F6137E70C63FCB4BAFA95C77058F19396D87DF364FE19CACEE4CCBBC94D31411
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3ee3277df70d5d32_0	data	489FF5F6404E029694DEB0C4D201ABAE	BEF14BF06EC79021FE7EB8236EE9AC5501FF46C8	23837E3E8312DC2D5218BDA0BB9A558E5D587980A96BAA9CB223C62ABA71103C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3f84843334707219_0	data	E5C3561CC34FBF79A910519D73D18F91	6E99B0E050FF0899159B40AFE8E87D050B05AF79	7EE1599F2A68D2CCF98A033C57645804000BA9BC6FF63597958F389B3BE9C8B5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\402f710388ce73f0_0	data	556008CF93B693F15A74A009C84D7497	3876183B13DFF6B4A8B5137EF3443434B9A48919	8DE27A1DEB0488437870E7C632C66122C35745C7EFCCF34B2EC33C557CE014F5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a93ae2abbf51303_0	data	516DEB4E5859928C602AE6CCE2B1431F	BF5229E9B3F7F52AFBA7EC14EF2BA14AC2E92835	2A06EBC089F6275A11906D838A3ED911EAF9E138A7F5DBDF92E23BC5D2CF6F67
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4b4ae9e2956257f4_0	data	0098A805BE93A3DD27B322A8B825C3F8	3835D397C3D573EF6D10E9DFE41FDEA2D1A3B8F7	C6905CF1B75684E45FFC2693A2A0CF8BB61D69AE95552029F2A4D13870E45E87
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\505f12502b0e1e8f_0	data	9507CCEC2048B94ACA593FC74FBE0389	37A1B3DDFD1CC61222E9BA805D3E922E777EDA65	4B56766F12A36DCFD5C3B2667D4A4861AC57A560DEEF8BDF66FF58EE769E6B4A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\57849aa2afcf52a8_0	data	9765D9A91E589048FA49E9203F3CEC44	547DADDE8FB8DE0CE4C1C846F50EFF9A54669169	6D4825A8F8BD57E928947D147FAAB6ADA32D3061221827BDABE5176462289570
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5ae823d24fa20467_0	data	5CE9304E6DFC12322B89F45EF2174246	D914B3CBE643715A65DFEBD66E879B30CAFBC0E8	4776E13DB1E6E7B14013569BD7D4E1627951BF56CE683B6F76924C00BECF4638
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5c8938a5f2f8b277_0	data	6C52963A967576B7FFD290386D6298FE	245D41CDFDC5DA1A99C5C9BB2C55B1554D968E97	7892142AE215555D84059CC6203E2C0A601473D1E7C091DA8D6CD295C4DFC0D6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5e756fb02c040fa1_0	data	9E08DC60334946906534D2E9AE10A408	02EC03425529664305D5B3BB604730F8FCD7514C	BB9F12B43F7A3076D923F11FF45BADC74F5D6B1DFC042F48FD842D8512709238
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\641fb3ab98d94d28_0	data	3816E65F2DBD6765C641BF712A6F827B	575CC4A7EE2E62019B4120CE7E8A251790825BE1	8825C41D44CAF08790BD161EF28E4828113BCED426AA2F5A3AF6515ADF014866
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\75180a52d49873b5_0	data	85E57A4ED2D9953690DA1F134836F48E	2FAC72AA8EC9E441252276919A8D58E5A9722E7A	1DFAB13BFD533275B6F82950D9134B32108EBDBAFC0CA0ED2424D541690126CC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\75c880fe196c95da_0	data	73AF076A872457C99407FB96D1C1A69A	0F386D137233C42F4E144C535431C5B6BCDF7B49	B1C868ACE553F3FA087D7142754E7ED30FD4185E13D77D96A52C397DA390F4E3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\78971c5f3b10669d_0	data	8A23AA6577A31C363ECDFB690D348194	8236E2B3D727BCE880167344024AE0028DF188FF	7437D0000AE1F3B2B4494E0AB47822E8B4C657E9BFEDF643F377AD7C1639C856
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\78ec281d449072c9_0	data	84C6F5CB554F45C2B637BB615E2994CA	04009A702317C4242E0DE20757A9F38327FBCB47	C7C6337393325C2CDFE0DA4E5E33F3AB7FF0C261F643CFA57F9C3444C775BF72
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7a24f279f3c8e97a_0	data	9404BFF386371657DA5423626768B82C	DA91C3670663CB6ACA57F7BFA36DC2AF9CB00619	B26886FDCCB4665B189E74B8055DBA59F2662441125B329DDD41BCECC9788D80
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\80d379f7f5b93e31_0	data	76FCF113E5087320F299D68D4E7C57D7	0F7474467C0378A4B7CAF94FD4206C65FFE86C38	FAE05E851FE4B443D29C96AC2410E999741F2FF0CA38443E59A8F2C9B2CEE6BC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8140b5c475fbdf1c_0	data	D812E1B250BFD3521961063343150BD0	32B884D46F91213B47C97D38A90527EB255F1F20	D74A3E071FF50CFF2892E3BC726FBE385DC01AC8F15BD6BD523A03CB406E07FA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\823f8fc18e89de25_0	data	5E6A064066501A6404A17A93EA1DF64C	59D0A5527B999A2A7DE578AF8CA11778CD2267D9	92E53743184BFD3B77A8D159723F9CD613E65B17F30CEA6A84648113AA31B199
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8421b1b3082ac36c_0	data	2EB48BFF929A07AF08EA44C1F1342E83	CC7DA02F6BD8A7104F32A5803AF425A014B23EB5	C60CBC3743E27100E54DD360653D4176FDF9B3627B7ADEFF51CF63B5DBE86EAC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\859d57729f30e053_0	data	834CE5A8A4B2BB9ED29D368FC8EDCA97	A4F91405EDB0469B1FB47272720AB9411EA19D0E	9BA3DEEBD3CFA9220091253824AFD62AB430F30046BEE16209D3A0B033F96679
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\878756e158c08974_0	data	AA80529BE26D226942F5E6D0756CD316	1D98423F0111CDABC7D0290513C2A842D0E3D2E0	6464700AEF9C08656C71A2369E16AF6C5C05CDDF42E9C568FAEDC741DC5ECFA0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8936c0436506fed9_0	data	53EA4D652233A19CBF0986981BD54C2E	78FA50229125B73D44F18AC516EE0C2670F70270	4BD773D866B51EB76C3697732A8EA26B8CD9F54C160715608AE265A56930E710
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8959e7f160a77ede_0	data	247BF292A331862DA1C1C6189285F218	ADDE55FDCC0D7E605A970A33923B5A7A9F520130	01A8FDF807719B8560129A13679BA0704B8E47FA32709E2B4A11B8BFF525FC3C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8d4436abab9cbffc_0	data	5FA5CBAC01EA6CE1A7DEBF8B40D57ECD	AD0A8BA43398CC9A660A64295A28AC58A01C61E2	04A6F38EAB4656FB40F70B68BB9A69D19A942A6F5A16199E6DD415CB36057B54
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e8595a5d4720c28_0	data	A5D81F18605593E4DC566CB14EB4578D	78BC98ABE21391D874B97B384CEE6DCFD3E91838	C1CE03853E6EAAAA9B65D72013D10602C8A267B57CC367AB99BA0BED3D0B290B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\91b9b5ff6833c0d7_0	data	9C808A9D225536F8D4BB6F7C644E5BA8	BBBAC35E1E8C9B4ECD92A7BE26C7FA2F61657CBF	FE093A51056C6513CE5EF1C7490F63D7D5966984BB45694EC5D86E4A50C77BB8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\95fee99bab72dc0f_0	data	340821E5AB3BDD4B9735C5B3A1A971EB	E8A502F73980090CEAF9260F3D2F3881EA0BFCCE	16804A94446A6E24D59F7E7B79432C8E72D7DF3174EABE59DB2EC746DEB77240
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\98f7ac3352864cdd_0	data	6209398C629A006D6EBD44777F66E8EA	B86EE0CA05A457377DE295E3B7E5E4FA9F3AF905	DF80806AAFAA37E902C86A208F08EFF3644075D65DE3EF4D4CBA713E5764F644
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9aeca2548873487f_0	data	78E233A563F1D56617D30E83BD60233F	82E9F1CCCA52FE9A3FE3173CD28099BB118C4449	3C209DC0507F8B8DAE36EBD79576F5C9CEEEA533C84E98B25490774C39A7E858
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9bec16c4529e250a_0	data	3EF19B8EAA74511294F841A18AD89C58	DABA9ED71609F7BA20DA40F6CC64451778799DFF	37F08BC67BC8FB878EA87E114A2651C3FAEEBFD86A0743E4E3200F482155603A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a07811dab2c1a983_0	data	E079C0A6786BEE30F511A972AE41BF7A	ED11C6B72AE2041B7588810ACB27AB95057685A6	51135D37656A0F1E8CD5A4CE2699A8C5F0146FF1C08B4DDEDDFEDA248A83AE65
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a2a9870c369aa42b_0	data	DF292C4865279697D7F067C261DA7898	455E111D4AEDC7C6274BC4D9E36146AB47992714	8F8EB144CEB6CE79669AD648BF798180674CA0D7B395957098FD4BF09390F2E0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a2df7e764a389255_0	data	4DC9F0F469C4B3C66A61ADF8C8A9AF11	38CBFDC52DFF79433423BEA58BD124CDE63B2FED	767ED770A1BE954AB817EC56E715BBFF649D0B23CE5039231F572BD4FA7CAC1E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a3b9cf33e4506e9e_0	data	8C3DBDB5C1181E478F6F3BFD4AD8FFEE	2A42803BBC60ECF4A1B7AD861701C2F3FB26F2C3	0A218717D96E048931262C2116BA8AD91BBD637F898FBBB3EAFA770B1F834E56
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a6de80f86bf10fb4_0	data	9B01A0DC8468E8CA6CB8F95D7D656EEA	6435D88CD163E10083BEBC1C4EB112046587E1CB	A8E15FCC4C5B68F02E23E266597E1AD5D8DE709E49759B88253FEECC0D1018B2
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ab2e7647897bb5a2_0	data	663DF95C003348D1B0366EC716957C3E	7323F6FBFB24B3BCC7E06292450D5E969DF12EB0	A4ABD3148B86A80FF8689574021630B88B5723B29225AE573DE26A9CCD533663
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ab9b9b92e56d5efe_0	data	C7D001491CDA1DB50E59CA967B5A9C45	3BF241BE8A4CE8B0B2C19F232C74B5F2C8AD67FD	F2917578E8F3BF6D031F9E4513E3726DB0093DAB87E57901653B77BCC9159377
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4191926631e1e0f_0	data	F81D94E1EDD077F53626F5D6C1DC0619	FB2049514BBDAEE4A855E7F1D6960B0B29B50C41	12A67270FD885E1F633A0B6D48A5F2237D6EBEA4C9D5730422EB63AFF4CE5FF9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b868e2287919f738_0	data	FDB338562A9845C548390C5C26B079FB	66F4F853BB70C91A2089B40BA966718698F604AA	138C370A12F2040DBC2A94DB488E60FE3437E882F275DE0C35F334C4D4246288
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bbfcd0a0712d3aa4_0	data	19E2D9DD2FD5ED18B346457A20CA8980	8582F3C8B2C615287409E39D7B20E03E4C2D4B26	DBF4AC83BD022DCF1B4B4574BE6E1A2282A64DC1AF1C8E203911BA8758755265
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bf709059c5fc7310_0	data	9480A5B015E3FDB668B47EC83E289F2C	B977199AFDF13570AEC5736E2163D8693847C951	35BD9F7432D76ECA74BB62EEF6DB3CA178CEF99CA02DB40E1D42C74E682BB5C7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c693e56ec7dc32cf_0	data	CE413CAA5F78CDE0A475D8DD009AC7A9	3A6B7F81B985AA9020F47DFD2DF69F268A3AF640	A962A40D7C50DC454F371804772DA153810DCF26413BCAB437097E6BB6CA28BB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c7dbfff3f5d11b28_0	data	7E00D779B7E59C412EEC50360490125F	7DDEAB34C7168971B926BCEC5988D036FA59656C	213D1916A834C75B66CFE242621ABF23ACE6B738FB72CB0921B7BDCDE20B93EC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c968078420fe3f97_0	data	21D97C685E676615EB6C1A18F0E2F44C	1C04E82F55CF1B1B3620BD4A591C7EF1812B5F83	72EF2303DE7674E9DA78F26D636CE7CCBD2E33B765BFB2DF00EB4EF8EEF7AD9A
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ca3cacf61e20435d_0	data	79CFA599D8AEDC11B77883FBFDF37E24	E1622938B129E8717ECD96A2777E616F107482D4	78E72469146AC63FF0331E940F292CECD76BE09156120469E0BB8DE2C8949E83
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cb14d97ede8b4cfb_0	data	A5C5E810FD57A6FA30040CF9CFF02498	4FA0BAD619B410CF26183268B5C2EE431BC5A27E	0855FDC6AF83218B5FE6FA498D6FE6A8A88234DAB22036C7FE38D92F4866BD34
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d1d96ac840cd7ef0_0	data	10AF160B3376A79633047ECB7C34A400	895B87856B76E9AEF9BEA0B7423CDA5A24EFCD3B	0563A5D9D3A3C960CCFAEF17A2FA8B60C5C645096C20536512FCA4497B299001
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d2b8a8d9a2d95859_0	data	2F6A3D1ABA20413216938D9BE8E44561	AAB14B42475D6C1DDF97F52C85AC0791646461E9	99D2E2E59C49C610B4F4E111DB25345B168DF1CB6BEB79EA1C41CF57DB9FCBB9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d5ef84d81abcea8d_0	data	6B5A6A904AE3A9786348666BA611B5DD	D60A221516BB4A474AAC914C550763051331FE6F	DD488B696FEE136A1CAFA00B259EAE6477B7D384BF734797426900E10B02A5FF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d80a1cc1e7bfcfc1_0	data	071031922354AAF101007464D61B1EA2	5161766A8377831A01D1B8AB7B0E85DBCDA5B6A9	665EDE2960A3FE2A407C6419D9614E9DF8F157AD9F1DFED2A7C4AEC82C9399E3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ddf29fd5d7ab777f_0	data	A91E42BD767B2F0AD2BCD233C2AD4EA2	71E36235B1E495E06257767994A4FFE87EDE2EAE	61101E718E6D4DA259E924BC0DEAD54785030EF338E68747D13B39C6A76DC278
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ddf7e8582ef3dff7_0	data	14029B1260CFABE9AA5C8BC13BC92E07	624FD6917C456AA685FBDF565EB05CC09274F292	C025FE2F4CFCBAF3478344B95ACED3EEEE741CB0E5745F349829EC3C006F8504
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e41c3bf86352e7cd_0	data	6F1B306DE23CEBD2C7C4DE5CEBDC86BF	2459E2646E1CD29E840EEE742D5DE64F4B3AB1F0	6B6E35A95D4A23204499287F918F7FDD2C70165DA4F472DBBD32518513878B50
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e65797cd70a56c3a_0	data	00E5DF6070ED6E14625A544A12025CC8	621159ACB26AA96EEEB5AAD81E6F01B6A59BDCB7	172B431581D0858BE9DEF0EE62C4192A1B1CFEFF7C980F44809BE58511CB0070
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e78a65cbed4dea02_0	data	1403038EC9FFD542E35BA74E6028C027	7D7950A1C3CE5632186F62CA1D3719DBE4F8E508	C2F67272FA7DB13384095F778C7E1630C6A9CAC9471392F2AF553AA8C52FB6C5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e7eeab8bd5560049_0	data	5A61AC31E29FBB0F651134605ACC6A7B	284408987DF33334CF35A71B34FFEA743C892D4F	59A596444E398ECE1C446217E00093E114FB7F23E7BC0BF5650A33CBD4E3A791
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e8a9b928233b277a_0	data	8F6F4AB12C5E151D09A121C6A56A5E1E	3A646F5B58AD8E638B558764B5106403FC66C7A0	9553EBF8F92705DE7C67DC23BA64D97425557174426F8A1F40D9474312D57425
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ed55c9f01fcca8ed_0	data	FE21CE46DE6F1B412664686E038D39B2	8769C378BDEC1C128587ADC929C730F15B8B8D48	118EB9E48DBC803E5645072C4CC4059C928ABB5ADA786FB21088ACFA7693F796
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f4692d38da8f7d92_0	data	89FCE1604A62273840A4C6CDCF6CC645	51761C3CE4755B475892BB5E69871445FDF6B876	EAD36D112729585BC2933A7AE27E270DB7F117D3286B09AF7E62B4AA1989F041
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f5e415729b027894_0	data	155AFF630B70D48796DA2561542EDCBE	227A6FC0ED591452793B21AB6EFCDE6489B899E2	81371976BAB8AE8234FDFD37A1942DB77D73D4342467166912FBB866594E7DEE
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7733717fc9a9560_0	data	D80757EF1EBD9C569AA22C6E6699C673	3A3FF97B27B06169D6C88493BF74E30D292BDD28	41832BB7AE7C64A95DCF0F80B7751C18D3EC55F2B09CE98F573E1854AA14A0B8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f99d6da11388c29b_0	data	A8729B6C74C6222CCC5093E537B02017	04DEF8997060DAB8A2D54EAA7F5B4F7B77A3235A	F6624E747D5FCB44B449EDB9EF00D9584C7D08383218580D084BA0654E04E150
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd410d0fcd87a62a_0	data	8CA8C4F837A6BE6C1B8D6F6F6B567A36	1738DA7E298BF5DA90DACA08946BBA03BC9749A6	5EF8ADACE12CA9EC14FAE096D39A2BCB752FC3CB512EAA603ED8A63AA1642B44
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index	data	4614BBAB23A47A09FAF1733D27A476B0	3D8B771E76494C1696121FDB4A6CC4071B947024	12E020281B8EA264F85BF4C01D8278089C3AA42789FA6919F977D2C6D97BDB05
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	SQLite 3.x database, last written using SQLite version 3032001	079A6353B1DE774B3D4E4E211608F5D7	1351279DFB3155F246A8207A8CBC91B73ED9CBA1	12476646EC6C84D14A0480867981E2B8220FEC6D3BFCF0874A03AA9B97F8C2A5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal	data	42BE930D04F9F24F1672B77513D6B8CB	1E72256701D6740C5BBB28120A392255E30C3153	795E8A021BCA87320D0DA724E5187981BB4F7B4C002211C01FAAD3D88A55A66E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session	data	918EEB30E6F50DCC3BBBFADBFF6D6F6F	6CB3C2F856CF6382F0941F758879169CA4C27671	CFA12DAC39E65ACF78396350DACA3A6B351165D6E43EEB06B22E97270FB155AD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs	data	0686D6159557E1162D04C44240103333	053E9DB58E20A67D1E158E407094359BF61D0639	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log	data	0A906A9A542CDF08FF50DAAF1D1E596E	B97D6274196F40874A368C265799F5FA78C52893	EB9CABBF5FDA1AD535300B0110EAA4068A083248BA928A631C9278545935426D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG	ASCII text	1C68BB0146DCC1D1A7D39A0A018FC728	0F101845CDEC9D7AF8A55A70411C96494AA126DB	0F77156A18ACA5EB4CA88CB0A73171935533D5B6EA0CBCE3EC1F81DC78889BC6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log	data	D4BA0AE0BB0B9FAFF3DA6F35FDBC3C8A	FB3E9DEC7F35A9B1D94E54A5659DD0DE484055E7	99DEF1B557F19F04C1AFFC6F247D0451F33FC10EC42E73792223C3215AC98BE6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG	ASCII text	3E9F5493CF6D107B8D197FA1CE7885C9	84F27EFE3863D46DEED6181408BEFF28FC34D096	2CEE483E4BFC056A280F76CCB827276FA02CD3CEEF2BF51CC6D70225C4BDAF4E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	90F880064A42B29CCFF51FE5425BF1A3	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	6AE2135EA4583C2F06CDEBEA4AE70FA4	DCEB26C7F02D53B5F214305F4C75B4A33A79CDC2	03AA1944CB3C4F39E20B6361571BC45DFBEBD3FFDA3D8F148CC6ECB29958F903
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3032001	BCE373F9FE7A78C978859F7A2F02C1D0	ED0D1FB1E0D03D6FB60DA92F74495BF8F8AED63C	DAAC9C72DAECD76EA0A1D91D456C1EDAC3028A81751841220B51243B0A94E1FF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal	data	C0BC556452C97DE38AE5877423EBB6BC	3A114A5F8596F5D46CFB985CC026391FC34F5A3A	1CE335FE0F55693AD183E23D2E2109261C7086420A7F758435A2BCABB70E3BD8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	0407B455F23E3655661BA46A574CFCA4	855CB7CC8EAC30458B4207614D046CB09EE3A591	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	E188801A4C0EB37637DD244DDBA4522F	63A8BF064B0287051136A3B4D8FA2DA21D8731A8	CB5BF3033EB8BB295C4DD17A5E29D7F684C3809F3FD1E46F5913787732E87AB9
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG	ASCII text	B9F1A859F6018CE2FBBB6992CC34E3F5	BE0990472112E893C4DB58B5CFCDD06A9E0588BB	4184E57B371E69FA685828AB8AFE3A7160A1CB5BB004563C210B5935658AF4F3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG	ASCII text	42FA041159BBE38D49226924F6930DA4	899E8C79B809D5956196E5BE91577AA13466230D	E1B8DDF9912A8F609619F34C70964CD3331F2B0812BAD1048470386A78816B7C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3032001	C8B341A9D698B9EAB8E36D9047DD6915	0E7F2BF9153E75FF19BF4F92568E5A9EDAA06863	BB47D1DB8DF1AD5220A44DCB32844BF8220895398414EE046C034757EC8EB4B8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	F01847FAE66C45553A5D9DDDE740E7FF	4A7C0EAD2FB1BFB71E29792F2B25365326BF7AD7	902626FE065E10C8D2E034D2A03E5B25335009521C0633EFD6B4FC1273835041
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal	data	EACEA3C309155DED902056706A59D978	C4882E290B1B701F4291C5EA4E7C24E48619D52D	59D47E6DC81837F105D8E70FF67BE67966707E27D5362ADE2BB4A68744D4DE8E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log	data	E53961667090DF39079E0DCEC9034872	AC6CB4229743D1FF5601C42BA27ED49920516951	CF0AB732E654803832A06E256ED45CF0333D274013F643C28D9466013E88AE50
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG	ASCII text	4106A08D2FD34A8EE2559F5DED7095E4	05E7EC44796A44FF9ED0F519F9E504B97D5DFC2D	BAF9711F764D6F8FF847BF104AD1B10812C9B46673D5FF8BBB1FAF16BDB46F49
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor	SQLite 3.x database, last written using SQLite version 3032001	0256E2E653B69813D13B8E00C8A1CFD7	FEA0FFB1E55ABB97342A6F21F7282BCCF0B49A65	FEAD0514B0BF1EA00E16FC523EA63F713441E3DCC22D0F6329B95B606D74AF37
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal	data	B0DE51F7C479FAB640DD0AF713903BE4	35B4934FB0177B8432DC00B058D0A4BD21C06BE7	BD38144B9205ED647BB6B9C1FDE18D59F160B9C809E535177B383AE13243D981
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG	ASCII text	581C42083C81EEF717DA20F1E94660DB	8BFEB4AD40627C6DEC42DF2389DA3CC821FB810A	275CD9AE6686A47D2911879B96178C44C40518443F98C32E4D400EDD5D07E250
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL	SQLite 3.x database, last written using SQLite version 3032001	1A7CCC13F330C2B5DDB7F9EE266F3A60	23758BA20CDCC522585F414AF0E5539790C42A62	F6A943C8408085EAA023367435082C05CB6D63ED716C74A8E4DCD95CC3926DC4
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal	data	1F2999032A7A2C10B13A77B96C94F902	C9301D6BD82193DE5DBA16CEDB5D661F31665B0B	C951E46068E3499B08980FCC32055CCFE46AC12C15D06E97865C67CA84C0487B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log	data	97730CFC290A0892C49FA53FBA7037EA	472EB449C11ADB6F7C23749D9CBBA6778D079316	A967C25CA16A341C6B50CB04D0E7A4EEFF6908A4F0115073E01CD1BC23EC95F8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG	ASCII text	756A1F754BE4A2C1FEB2B2FEAE6C6428	03DAC558D2854F0198A408E52F9E6C9AAA2B0D1F	676BA913D6C9BB6C887C84436CC6C0C13E3B1FAD48262B3F6F16FDCC2C1BFF02
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG	ASCII text	CEF9DF44F019967D4C5AEE2A26398027	91C4913C62311F2FCFD6237202538FE07D3CA20F	C7FEA3A434E007FBDF5CD91C2E632A5068C14415B7CAA05EB22938BF5025E94F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	C4DF0FB10C4332150B2C336396CE1B66	780A76E101DE3DE2E68D23E64AB1A44D47A73207	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG	ASCII text	64CA67726CDE51B82FE47985F468F8FF	B0A5A459213F6286DAA515778A488E4879FF1C50	D2072EE193C1A886BA7BEB7A4654FBAC21A915F9D179FE6209062215F46D3DF7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG	ASCII text	CD58B6B0B21BD070657E57853CC3E2A3	9CE0C5271C21840F3BFACF711F5EBA916D752B14	DBF24F2B9E864CEBC2115A7057640FCEBDB644A5565B416D00DF11680D1DD23F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log	data	E556F26DF3E95C19DBAECA8F5DF0C341	247A89F0557FC3666B5173833DB198B188F3AA2E	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG	ASCII text	716792C952DDBAB17F7ECA70CE9AFB49	12A83A37C5E2B4B1057E0CD7341DA72A33D67EEB	4E9F0A15C6C86C6734CEB3E8F12BFDB4F144B3D1718757E62F1D1847DDD4DA7F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\b25feb06-4ffa-4707-a885-6016f837f55d.tmp	ASCII text, with very long lines, with no line terminators	0C03D530AC97788D62D27B2802C34D83	20F78B6B32D98FA52846C70DF78E4E5CEF663E2D	7941FADA9867DAAE08EBC196BAFC6952DD506842C3E7D8FB14DF9D4E402D894B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\6a3aeedd-434b-43b2-b003-feca369dd65f.tmp	ASCII text, with very long lines, with no line terminators	5886A009EB58EE06A16EFD6D1BA9A046	A867B5052F3FBB811693DF8CE3FDAA794F2F2E40	9E3392126DE2D81D019E0AB3E17F20BADD0EC9FBD944BCB7C4DAF449D937D496
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1	data	C4DF0FB10C4332150B2C336396CE1B66	780A76E101DE3DE2E68D23E64AB1A44D47A73207	18FAB4D13CDA7E1DEE12DC091019A110A7304B6A65FC9A1F3E6173046BA38EF6
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG	ASCII text	AAFB027E636C924A42A1DBFD1B5631A1	A9EC6F0F270801EFFF08960008E7E7474D36D2BC	8B0DA08B441D016F9E02DA78A61922FD01D5C4029B95349F873C81C720E9757C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG	ASCII text	FF181B2D9F8A66190DC3D7A92B2F9659	90744314E76BD2F0AB6282C735A6900FE12EBFEB	42724903D32E40158E6E77C62497174F5465DB841959A565DF449C8F09309431
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log	data	E556F26DF3E95C19DBAECA8F5DF0C341	247A89F0557FC3666B5173833DB198B188F3AA2E	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG	ASCII text	167C95B9B59C45D11F7DD3A15565FBAB	BD339C53212682412C16B997F91D3077650697F5	664ECA3264E45D20FD7E017AEE1D6A58F6A03DE4FE60C09851CDA7E492EA2E71
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log	data	45A8ECA4E5C4A6B1395080C1B728B6C9	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG	ASCII text	3DE95DA49D21BC8CEFA00B49B8D66FBB	49271E694684652582B1C02D42E647DDD7394000	F8F529DB9395824CA97F45BC357C7406F86FA4B0FC1FD2D0E92B5415021A611F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG	ASCII text	EE00E9FA57AE56040AE523DAD7C87BFE	7AEEB68924C55F0A38E94BB9073FA8ABB852B6E7	D01E183F6D4BDF4496585129FD6FDC8999F0871A03BD7E7DC811BE49CA56E69D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links	data	F5EDD9939853D3F87D2116BC82ECDB47	77B05ED4A21ECE9DA179C707EEC9D83616E7B89D	A56AF2FF78B05067ACBB3B945ECCA18454AA7D3041CC1B1A399ABA7020E7FAB7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a3c50621-1f17-4c22-b525-b99227154586.tmp	ASCII text, with very long lines, with no line terminators	BC4D7E79DFA77D0AA67272C6E34B5289	A81A59267EF963A4396E778AB945276B045FDF59	B4C23608CC9BE5D5E29BAA611898B1565E02273254FD5B9B06CCC1E572B18D6D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b600a3ab-e0bc-458f-b487-c41f4aa8d8af.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	A990D78401B21B202B454764A17426B4	0EA7F014CD60DCE5BC816B3CBF7C563840EF4152	92BC990E31E9896E30E58934BE41896473F8705EFA563213B0E5E0143E02E5C3
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c6181ad3-c565-42cb-a876-1eeebefd2664.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	23A50852738C8C111F02F224EB8B72B1	32DC33E12303A1B78A4D1D5B2606360CA8B8AEB7	6DADDA9772B19CCEEDEB04046B982914073D1C50B618B386984167CE2D20D8DF
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cb77d826-e91f-42e2-b356-6cd627f9be6b.tmp	ASCII text, with very long lines, with no line terminators	D93448601152C02A124DA2F133CA7172	C62EF2BDA7142A834C0BEC63B25AAA0D2D0ED572	E6A2603325DDA6C2E5F3C639115E59B8612FFA410AA99642FA40768EA76DA1BD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d14e7f39-8ae0-473c-ba01-8be53d481be2.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	DB61C6F5F110DF00BE492C2B5CEAEE15	EC8FFDCB787FA49742FEB59A705DEEEEF3F43721	DF245B4FD6D56EC245472F06DDDD35B1A71E9E3427F20A114845FC3665F11F38
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG	ASCII text	BF7FBFC1CAD8046A019D7BD7600DAA52	F58EA19A96228C6E488E7897B0FEAD21C2B68D13	3BEDA46C3FE2FA4ED83BD8E78994FA4B94DDB03E94762CAE7C997AAEB2B45527
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004	MPEG-4 LOAS	031D6D1E28FE41A9BDCBD8A21DA92DF1	38CEE81CB035A60A23D6E045E5D72116F2A58683	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e96381a6-b3a0-45e6-960f-96710d782116.tmp	ASCII text, with very long lines, with no line terminators	23A935534B782A807EAF9416EB596134	F8759F5A22A6657D6ABBB763FB954A2D6D5B8993	1AECF8738C79F7C5CF0D82D1D17DCEFA8640C22881FD6D296E37DFF11A18902C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	9BB08D5561CF04D8B6736AF67F7F7D8A	5150FB1B51F2DFAB78A161BD176AD7699C7BE45D	4BC8500895D3B48C27A23F5945C22A64DD1F20CA8F149743413337C1BF7A4811
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	C422F72BA41F662A919ED0B70E5C3289	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
C:\Users\user\AppData\Local\Google\Chrome\User Data\b3688e6d-d579-470b-9441-4a333b487b55.tmp	ASCII text, with very long lines, with no line terminators	DCECB9A78445E3A03EE744D0DD360ED0	6D02CD1C9F1DABC7A7AA3120CDE4272C29CB5176	D4A729D4D6D2D56B694C00EFDDA7EBA8BEEB3A88C2AE5A458E4718CC4137B4FD
C:\Users\user\AppData\Local\Google\Chrome\User Data\b4d80e73-bd5b-4519-9582-53984924b09a.tmp	SysEx File -	2BAE3795ED79CED6F81B374AD7A38A30	F85F70464E0C596F625276A08FBBAC9C6566BD29	16918EFE4B8EEADD55C5FBA129D6DC4F8BAEEA4E4B6D9944FE2B9E27EA3B37DB
C:\Users\user\AppData\Local\Google\Chrome\User Data\d10f22f7-00bf-44e1-b120-25d151be923d.tmp	ASCII text, with very long lines, with no line terminators	50E8C8ED07E29F62AE1B59441DBFB888	D7C3D2CA1127637F9833BE427690963F3AB57C32	8024625F5CD09F93DCFD3D945341A8CE64E6EF49BF5CAE0C838BAD793077EACA
C:\Users\user\AppData\Local\Google\Chrome\User Data\d5e958e0-e349-4b83-8207-1fcb8af14b20.tmp	ASCII text, with very long lines, with no line terminators	A2FE9E80CDB664B60EF294F8A5EAE3C1	2CF16D9991AEDC9BEDADA09BF9D98F8F934D89C2	16C64CCA5FC2F144CC1A60B1F50334500CC44FF32056E6030D305D86214CA4B8
C:\Users\user\AppData\Local\Google\Chrome\User Data\e1ba98e8-9aa2-4445-9421-9fecb20ab9f3.tmp	data	805A807F170B26512124D82370E7C302	9C5BCCF3344DBA2CB58242C6773462927C26AF00	F7F85CE164DD6A6C36814E678E09A3F304B149406570DFB20161406AFD4596F8
C:\Users\user\AppData\Local\Google\Chrome\User Data\ee911bc3-12a7-4398-a431-6db9a5e91b4b.tmp	ASCII text, with very long lines, with no line terminators	08485117C7B11D2B0157D98E7B251634	D46534755C3145C71AD474A4A582654BF738BB27	36EF01CFE8C9E265E3FB44885BD953752BBD07554C419CD43CA74120C0999038
C:\Users\user\AppData\Local\Temp\8c1e99c0-df59-4ed3-b323-36c067026dd9.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\a835b5ea-4896-43e3-9ea7-5e07941833a2.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\ada9c210-eb36-44e7-8f52-3e054b9e54d5.tmp	Google Chrome extension, version 3	A11D5CAF6BF849AEB84B0C95B1C3B7CF	27F410CCBD75852C01C7464A1FD7EF8C29BE3916	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log	ASCII text	95FF27202FEEEB91FBC8DB2997C3AD4D	F1BC198590F29D7DB2A87B0DD5353A304C6DEFE9	0F7E18242339FC66C1A0831738210013010A476CBD6CB73207877A0ED318FAF1
C:\Users\user\AppData\Local\Temp\c004b8fc-8943-44e4-8b67-c82e0e0b8a9b.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\8c1e99c0-df59-4ed3-b323-36c067026dd9.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with CRLF line terminators	6F8E288A9AD5B1ED8633B430E2B4D4CA	F671D3D4BEFA431D1946D706F4192D44E29B6F08	A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with CRLF line terminators	1FDAFC926391BD580B655FBAF46ED260	C95743C3F43B2B099FEBEBC5BD850F0C20E820AC	C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with CRLF line terminators	76DEC64ED1556180B452A13C83171883	CFB1E56FD587BCDC459C1D9A683B71F9849058F9	32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with CRLF line terminators	238B97A36E411E42FF37CEFAF2927ED1	4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0	4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B3E916E8C1991AA0453CBA00FEDCAAA	D6366D15912E40CA107FD42BFE9579C3336A51F9	A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with CRLF line terminators	05C437A322C1148B5F78B2F341339147	AB53003A678E44A170E73711FBD9949833BBF3AA	A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\en\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\en_GB\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with CRLF line terminators	82719BD3999AD66193A9B0BB525F97CD	41194D511F1ACC16C1CA828AC81C18C8C6B47287	4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\es_419\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B2583D8D1C147E36A69A88009CBEBC7	4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937	6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with CRLF line terminators	CFF6CB76EC724B17C1BC920726CB35A7	14ED068251D65A840F00C05409D705259D329FFC	C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with CRLF line terminators	3A01FEE829445C482D1721FF63153D16	F3EAAADDC03F943FC88B30B67F534AA13E3336DD	0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with CRLF line terminators	57AF5B654270A945BDA8053A83353A06	EEEF7A4F869F97CF471A05D345E74F982D15E167	EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with CRLF line terminators	8D11C90F44A6585B57B933AB38D1FFF8	3F9D44EA8807069A32AACA2AAAD02FD892E6CC90	599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with CRLF line terminators	E376D757C8FD66AC70A7D2D49760B94E	1525C5B1312D409604F097768503298EC440CC4D	8106D98C4F8DA16DB698444409558E29CC96735E188BFA303C333A5D99231C1D
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with CRLF line terminators	8185D0490C86363602A137F9A261CC50	5BD933B874441CEACB9201CCC941FF67BAED6DC0	A2B2EC359A9DD9DCCCE02859CE1E738BD30FAA4A05F1DC522893FFDF722BBC15
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with CRLF line terminators	85609CF8623582A8376C206556ED2131	1E16EB70DB5E59BB684866FF3E3925C2DEF25A12	32A249749F12ADB6A220BF9ADC272C7E5D9AD5497A38B0086D961E3ABA17FBC6
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\id\messages.json	ASCII text, with CRLF line terminators	EAB2B946D1232AB98137E760954003AA	60BDC2937905B311D2C9844DF2D639D7AC9F7F67	C6E8800450602DE0F39FE9F6854472383813FB454B08ABAE7E25A9167CE004C3
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with CRLF line terminators	A328EEF5E841E0C72D3CD7366899C5C8	2851ED658385804E87911643F5A4200B1FB26E13	CD891C45F7586FB4A2514205A11F260E4A6D4482FA03D901909DD9F57BE0536D
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with CRLF line terminators	9B3A5D473C3F2BBFAEECE94A07A940B8	61BACA342CF766BBA15C7B4D892A0E7DAC9405AA	706312A4A2AEF3317223F141EB2B82685345B7EED444F16BB4DF3A272716DA1F
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	9F6B4D82A70C74CA751E2EAE70FAB5CF	0534F125FFCE8222277CF2BE3401C59DAF9217F8	D1467B8D037114403E8F4EFC52E88C4A7FEB96126BE4CFF883FEFF1084EF7E68
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with CRLF line terminators	4CA644F875606986A9898D04BDAE3EA5	722A10569E93975129D67FBDB75B537D9D622AD1	7C311AB751D840D750C11553C083785813E079C1D464FE568A98C9E3EF3DB96C
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with CRLF line terminators	C5CE2C51391EAFD3DA9E4C71549A3C28	1F67FF6EF6E90C0CE3AAF56ED543A3EFD381574D	1FA1DF2CA8516DEF490FB8484E9AA498ACFF80EEF5C9258FFE42D3678E6C7DED
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with CRLF line terminators	93C459A23BC6953FF744C35920CD2AF9	162F884972103A08ADB616A7EB3598431A2924C5	2CD700AEB57D89C2E73333D0702556EE3FF3863516170F85669BC680FCBDC4E0
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with CRLF line terminators	7A8F9D0249C680F64DEC7650A432BD57	53477198AEE389F6580921B4876719B400A23CA1	92BE7C2DC9CFBE5A65E9CE6488D364C8D7EC19E7B67A31E4D43C1CB2B169671C
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with CRLF line terminators	0E6194126AFCCD1E3098D276A7400175	E8127B905A640B1C46362FA6E1127BE172F4A40F	E2699F98C511B18A2AFB82EAE9A4804B646C4FF1077D80E77C17A3943A6373C2
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\pt_BR\messages.json	UTF-8 Unicode text, with CRLF line terminators	86A2B91FA18B867209024C522ED665D5	63DEC245637818C76655E01FCB6D59784BC7184E	6374880FDD1F8AF1EE8AEA6A06B73BE0AB265AFCEB4FE6F08BDE3B3989264B21
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\pt_PT\messages.json	UTF-8 Unicode text, with CRLF line terminators	750A4800EDB93FBE56495963F9FB3B94	8BFB915488A4EB3CB33D68E2E59F1F8447DB7D61	C1C94F65FABAF17DEF98A8587711A56D61B1E5607500E9B01F2824DB109F9E83
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with CRLF line terminators	98D43E4B1054A65DF3FA3CC40AB6FB6D	46E0A21C4DA2BB5D4D8F837AE211C1B6FA26E7E2	113A13900CBA62FE8AED06751971C23A80A99B47F9BE219CF884D57DB19611D9
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with CRLF line terminators	DB2EDF1465946C06BD95C71A1E13AE64	FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811	FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with CRLF line terminators	8DF215D1EFBDABB175CCDD68ED8DCB0A	2B374462137A38589A73FDD00A84CBDC7E50F9F4	7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with CRLF line terminators	3943FA2A647AECEDFD685408B27139EE	0129DD19D28373359530B3B477FE8A9279DABB7D	18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with CRLF line terminators	D485DF17F085B6A37125694F85646FD0	24D51D8642CDC6EFD5D8D7A4430232D8CDE25108	7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with CRLF line terminators	D372B8204EB743E16F45C7CBD3CAAF37	C96C57219D292B01016B37DCF82E7C79AD0DD1E8	B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with CRLF line terminators	83E2D1E97791A4B2C5C69926EFB629C9	429600425CB0F196DDD717F940E94DBD8BFF2837	2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with CRLF line terminators	2CEAE0567B6BB1D240BBAD690A98CA3B	5944346FBD4A0797B13223895995CAB58E9ECD23	A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with CRLF line terminators	AB0B56120E6B38C42CC3612BE948EF50	8B3F520E5713D9F116D68E71DAEED1F6E8D74629	68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with CRLF line terminators	7EBB677FEAD8557D3676505225A7249A	F161B4B6001AEAEAB246FF8987F4D992B48D47BE	051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\zh_CN\messages.json	UTF-8 Unicode text, with CRLF line terminators	BB73BF561BB79F89D9BF7C67C5AE5C65	2FADD3A1959B29C44830033A35C637D0311A8C9C	D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	5FF50C673CC0C661D615F0CFD0E6DCA0	60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85	C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	4DBC9F9E6F5A08D299BAC9E54DF07694	BB38F5DE34B1E0BE1109220BA55271087A4D9EA5	91C2718DD23B4356D71F88F6146868369033291086DF327534546DFA459BEB0E
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	FB9C46EA81AD3E456D90D58697C12C06	5FC450F7D73CCFAC8F0D818CB3392BA4D91B69DE	016CA659BA080E194FBFC0929602B16506ED60AA6019FAA51410C4FD93B583E8
C:\Users\user\AppData\Local\Temp\scoped_dir3500_769689143\CRX_INSTALL\manifest.json	ASCII text, with CRLF line terminators	01334FB9D092AF2AA46C4185E405C627	47AD3C0E82362FFE5B881DF8D71D6F79AB7F5796	F52714812D68C577A445169D11E84DF6751C2D6886BC429643072BB5D61C6C27
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\am\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	26330929DF0ED4E86F06C00C03F07CE3	478F3B7E7A7E007BEE182B89C2EF6FFE6045E92C	621B5139ED199022BB6529AF18ED4DC312AE9F3E90ECAF3B2C9E1D12114F5B22
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ar\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	44325A88063573A4C77F6EF943B0FC3E	78908D766F3E7A0E4545E7BD823C8ED47C7164EB	67A439A08804EF4BEF261BDBADD8F0FEFD51729167D01EDCA99DD4AF57D6108B
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	6911CE87E8C47223F33BEF9488272E40	980398F076BB7D451B18D7FDE2DE09041B1F55AD	273DEF0F67F0FA080802B85EF6F334DE50A19408F46BDF41F0F099B1F5501EEA
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\bn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F9DDF525C07251282A3BFFCEE9A09ABB	A343A078E804AF400A8F3E1891E3390DA754A5CD	C69C6C90F7EB8F10685CD815AF1F6F1B87CF30C4E8D95DF1D577DE1105AAD227
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	A90CF7930E7C3BEC61EE252DEFAD574A	F630CA01114A7BDD39607CB84B8280CCE218A5C6	A533740E17559E2ADF40B4555C60F21EEC84E92C09CDBC19EED033A0B4DD2474
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	17E753EE877FDED25886D5F7925CA652	8E4EC969777CC0CEB7C12D0C1B9D87EBBB9C4678	C562FCCFCE374D446BFAC30AC9B18FF17E7A3EF101C919FF857104917F300382
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F08A313C78454109B629B37521959B33	3D585D52EC8B4399F66D4BE88CED10F4A034FCCC	23BF7E5EDF70291CA6D8F4A64788C5B86379EECB628E3DFA7DD83344612F7564
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	980FB419ED6ED94AD75686AFFB4E4C2E	871BFBCA6BCBA9197811883A93C50C0716562D57	585C7814AFD2453232BC940252D4AE821D6E6CBCFD74A793F78E5DB8BA5342F1
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	40EB778339005A24FF9DA775D56E02B7	B00561CC7020F7FE717B5F692884253C689A7C61	F56BF7C171AA20038EE30B754478B69A98F3014C89362779B0A8788C7B9BEEE1
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\en\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8351AF4EA9BDD9C09019BC85D25B0016	F6EC1FFD291C8632758E01C9EE837B1AD18D4DCF	F41C82D8A4F0E9B645656D630C882BE94A0FB7F8CEC0FE864B57298F0312B212
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8A70C18BB1090AA4D500DE9E8E4A00EF	8AFC097FA956C1317DB0835348B2DA19F0789669	FF173D1CEF665B1234E02F11070ABD2B65230318150734579A03C7F31B4AE3F4
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	A62F12BCBA6D2C579212CA2FF90F8266	F7E964A2D9BBDA364252BCE5CFBA3FD34FDD825E	3EB3EB0B3B4A8E5A477D1B3C3A3891CCC7DC6B8879ECE243A7BD7C478068273D
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\fa\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	852BD3CFF960F1BC3A2AAB3CB3874EF9	C9F6F3C776542889FE3B67971D65ACFE048A3A0A	D87597B6C10364501B98AA42524843F109009CCEF022D8E0170440D7F144F4C6
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	3902581B6170D0CEA9B1ECF6CC82D669	C8208AC2B1DD6D4F8BDAAE01C8BD71FFFA5A732B	D2A8180225A83A423BB6E17343DFA8F636D517154944002ED9240411B8C0C5E1
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	9B416146FE4F1403C2AACAC4DCF1A5C3	616F055C9FAD4CE972DF82EC8A9B2F4EDA3E7FAD	7C7F5758F54008190ACCDDBD1761CBD980FB5FE0847E992874498228D2571DBC
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\gu\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	68B03519786F71A426BAC24DECA2DD52	B8E6608932EC5CEC4BC3C5475BFC3E312D2E2E7D	C77A4D27E9E6CA25B9290056D93A656E3EBE975957E4C2EE9F0FB11B133D5CD4
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	20C86E04B1833EA7F21C07361061420A	617C0D70E162CF380005E9780B61F650B7A39F9B	C2C27CA242DBDE600BA3AA7782156BC2B190A64D8A1B51EDC8007BDECA139553
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	3ED90E66789927D80B42346BB431431E	2B061E3271DF4255B1FFC47BDB207CDEC0D9724F	0B41E3C42414F72C9A12C05F8772597F9685115366A774C66018467AD4B71A74
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8E9FF7E49473C5734A2F6F0812E12EB3	A4F10DDD1580582533D5EB59EDF6D8048F887C81	6CDD2FB39ADECE00E88B989E464B05ED1414092D0492F6D0AE58D549BFD1A46A
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\id\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	7ADF9F2048944821F93879336EB61A78	C3DA74FB544684D5B250767BB0CB66FFB7C58963	3630947E1075E3663AD3E4824D0BE42CB47C0D615D8053E83B9595047C8BA9BE
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	BB3041A2B485B900F623E57459AE698A	502F5EA89F9FB0287E864B240EA39889D72053A4	025737EF8FA06706B3F26D0F52B4844244A6D33DAE1D82FEF2931A14C003D57E
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	6F2CC1A6B258DF45F519BA24149FABDC	8A58C7880C6D22765DCBB6BCE22A192C1B109AE1	42ECFEE727CFC4F2845FEFDACE5EDC2E0A40AFAD69973A3B950CE653A7633342
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\kn\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	2E3239FC277287810BC88D93A6691B09	FC5D585DA00ADC90BF79109C7377BD55E6653569	5FC705AD19761204D8604EA069936A23731B055D51E7836CAAF16AC7719FBEEA
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	E303CD63AD00EB3154431DED78E871C4	3B1E5B8E2CF5EBDF5D33656EF80A46563F751783	FDE602BFDB1AFD282682DA5338C4F91D8A2F6CB5411DB8F62F4583D629CE67A6
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	93BBBE82F024FBCB7FB18E203F253429	83F4D80F64FA2ADCE6C515C5F663BD38A76C51DB	E7A8570922CCC4F2CA3721C4E61F426158C4E7BC90274FBC8BE4040FF8B6CA9B
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	388590CE5E144AE5467FD6585073BD11	61228673A400A98D5834389C06127589F19D3A30	05CA14196CA5D90B228C0F03684E03EBE403A3E7B513AE0A059244AE12B51164
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ml\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	2AF93901DE80CA49DA869188BCDA9495	E60DF4F2FB12BD3F1CA869DAD9F6BDE0C17CEB11	329E80AEE1212F634E180DEF7E16D6E38D9C9FDA9AC9DB1D99B8AE1626EF304E
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\mr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	659F5B4ACA112D3ECBB6EC1613DDE824	5DEE35FCD260554999F8DDEC489FBA9F81FA8EEE	C8B765E7A07578BC078A952E151E3B866506959E15E79E9E5E1DBB98F9C4008F
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ms\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	09D75141E0D80FBD3E9E92CE843DA986	B24EAB4B1242C31B69514D77BC1DB36A3F648F40	8F1DBDEFD910AD88BEEC7956619CDB34391D6E69254C3A7497E8F87134AE8B5C
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	ED99169537909291BCC1ED1EA7BB63F0	5F72D51B6DBE8C622EF33D2B2AEBD7E9E20DAFB3	65B6598225ADA1E14EE9CB76CA863708E8F9EE0724B4EDC8F9508532BD631BAB
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\nl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	E9236F0B36764D22EEC86B717602241E	DE82B804B18933907095DEF3F2EF164C1BB5F9B6	300F4F7C45EBE39EAAF40776C28D0A399A710699AAB58E9A8D43A6FD2DD00376
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8254020C39A5F6C1716639CC530BB0D6	A97A70427581ADA902CA73C898825F7B4B4FAC8F	2F4E4FC6AEB4A8E7F0E0DCE220D66E763F4EBF1FA79985834D636C6692FEA3E8
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\pt\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	FABD5D64267F0E6D7BE6983AB8704F8C	D4DAAD0FF5C461C51E6C1FD22B86AFC5B13E123F	D82DCA262FF005668B252B478DEDAAC4A5C1E417AF9DE57C22F169A6680183AE
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	75E16A8FB75A9A168CFF86388F190C99	C27CE4C1DB3DF2D232925C73DC9AC1FA24DAD396	9C4716FF42A730F1E7725F0D9E703F311E79FDA31F85B4BB0B8863FC3C27AB9D
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	8EF94823972EA8D2FC9BB7EC09AB1846	4171DC9CE9D82FDA5A280517A1FE58C907D75CE3	1009DB9FFA64E411B31E0780EBA43B9C9F8B05B5AC8CCA9A38514650261ABB0A
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C314FAC15AFF6A2EE9C732C64AB5A66D	D51F3362B5FDD2F3756DE42D7D6227DC818C6344	8EE2A25A09D6D0F89063FAA34BA2BC4DB505DD31FE6D5064C5D6E1E153721484
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F60AB4E9A79FD6F32909AFAC226446B3	07C9E383D4488BEBE316CA86966FC728F55A2E32	CDE581E6E7CF0136B003B45549E3BBEE7B67B74ADD786A8D5607BFDAD1DE7B87
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	4E233461D805CA7E54B0B394FFF42CAB	77F30833FC73A4C02C652C9E5A6EAFE9C3988A30	E1E1C64213EBF2CFEB7BA83E51B697CEA449B3A8B279B1024B859228DE869879
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	897DAE6B0CF0FDE42648F0B47CB26E06	E1F5F5F65AF34FF9484AB2B01E571EAF19BA23D0	52656C24F6F6D0F3B3FC01E9504C4D5CEB85624F1B22E974CA675DD0E94EB82D
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\sw\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	EC233129047C1202D87DC140F7BA266D	537E4C887428081365D028F32C53E3C92F29AAA6	28EDBC5C4858217811D45CAA215710E452C8926E4DE99F810001AD664D08BE0D
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\ta\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C50C5D2EDFC79DBDCBD5A58A027A3231	14314D760A18C39F06CD072CF5843832AFB86689	EEB0E89D5AD92B80FF08F88533A111DB3416D7C3860C64227D1CC8B7C2B58298
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\te\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	F740F25488BE253FCF5355D5A7022CEE	203A8DF19BA5A602A43DE18E99A6615D950C450E	5B9C96CB5D62510836B321EB9CEEF23865BB9D4DC4DE7716E90A858E00701FDF
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	9F926FCB8BAEA23453B99EA162CCDEA1	04D1E45591C0435A39DCA00A81E83E68585E8B64	100463C587F549C964A4EB21EA38EA1B4ADEF11E927FAC8FF884623B77202C02
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	B0420F071E7C6C2DE11715A0BF026C63	F41CC696786B18805DB8DC9E1E476146C0D6BE90	309F946F753DF6AF5C255D772EA0D429462152F78ABA4A96A2E369707A2C6B67
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	FF06E78C06E8DFF4A422EA24F0AB3760	A434D1CE22DE0D2FD1842E94F5815F7B1972D1EE	E209FDEF12CCEC03B4E0D5B9464F90D527E62C5BC4DD565C680661D7F282AB02
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with very long lines, with CRLF line terminators	C3A40E8433D96D7E766C011D9EC7502B	EAB7BFAE48B1D29B95A8AE040DE94D3500824EE3	BD3D0F8CF100C96415B224011F550082D4516593CBD3631347748B7D6AD5B85A
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\zh\messages.json	UTF-8 Unicode text, with CRLF line terminators	D4513639FFC58664556B4607BF8A3F19	65629BC4CBBACA498F4082DD5884C8D3D7DDDC8A	C6D49997A9B4FF7FE701EC3644B1A523679A27778FB4BD39B7DBCA9F1ACCE595
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	494CE2ACB21A426E051C146E600E7564	D045ECC2A69C963D5D34A148FE4A7939DE6A1322	A1053F9496ED7FA3C625C94347F07A5E760F514FD8EE142EC9EE64E86B9C063D
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\CRX_INSTALL\manifest.json	ASCII text, with very long lines, with CRLF line terminators	F76238944C3D189174DD74989CF1C0C6	85CE141EC8867B699668A5F5A48F404C84FCEB04	2EF48A1CF322DE356E8844DD2FD3431E8E7ACD04770649B6507EACA5ABDB53A7
C:\Users\user\AppData\Local\Temp\scoped_dir3500_906741184\ada9c210-eb36-44e7-8f52-3e054b9e54d5.tmp	Google Chrome extension, version 3	A11D5CAF6BF849AEB84B0C95B1C3B7CF	27F410CCBD75852C01C7464A1FD7EF8C29BE3916	D0E62ACE64AFC334330A7AC3A2CC657914FEB321F1F89AEE11D2A6D0E7D81C31

ID:	452723
Product:	CloudBasic
Start time:	18:59:34
Start date:	22.07.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Windows Analysis Report https://www.paperturn-view.com/us/papterturnfiles/sharepoint-file?pid=MTc175036&v=1.1

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs