Play interactive tour

Edit tour

Windows Analysis Report 26222021 114007 a.m. Owa Outlook App.html

Overview

General Information

Sample Name:	26222021 114007 a.m. Owa Outlook App.html
Analysis ID:	491437
MD5:	efa08de227c06d13162b994472142102
SHA1:	195d8bd6d84fd8da5208ed91ee578fd8feab7f5c
SHA256:	21e1b3843d882911bc6fc1ba3b991060562d0ab228ff298d4c8c87ae582bf333
Infos:
Most interesting Screenshot:

Detection

Outlook Phishing HTMLPhisher

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected HtmlPhish10

Yara detected Outlook Phishing page

IP address seen in connection with other malware

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3560 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\26222021 114007 a.m. Owa Outlook App.html' MD5: C139654B5C1438A95B321BB01AD63EF6)

chrome.exe (PID: 1188 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1648,11094347611715134829,13990568648629289274,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)

cleanup

Malware Configuration

No configs have been found

Yara Overview

Initial Sample

Source	Rule	Description	Author	Strings
26222021 114007 a.m. Owa Outlook App.html	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
26222021 114007 a.m. Owa Outlook App.html	JoeSecurity_OutlookPhishing	Yara detected Outlook Phishing page	Joe Security

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

Phishing:

Yara detected HtmlPhish10

Show sources

Source: Yara match

File source: 26222021 114007 a.m. Owa Outlook App.html, type: SAMPLE

Yara detected Outlook Phishing page

Show sources

Source: Yara match

File source: 26222021 114007 a.m. Owa Outlook App.html, type: SAMPLE

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: Joe Sandbox View

IP Address: 104.18.11.207 104.18.11.207

Source: unknown

DNS traffic detected: queries for: accounts.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443

Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveOrigin: nullUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveOrigin: nullUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /slageris.lv HTTP/1.1Host: logo.clearbit.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /owa/auth/15.0.1497/themes/resources/favicon.ico HTTP/1.1Host: mail.borets.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8Content-Length: 1Connection: closeDate: Mon, 27 Sep 2021 13:37:59 GMTx-content-type-options: nosniffServer: envoyX-Cache: Error from cloudfrontVia: 1.1 240ebea27618238384903016b8e84169.cloudfront.net (CloudFront)X-Amz-Cf-Pop: MXP63-P1X-Amz-Cf-Id: htvAx_nwdIX-i7MEi-8xETDTFGiCzgrjvV47ETf0gXu7ajAAUUlD8Q==

Source: Reporting and NEL.1.dr	String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=Sii3wCioA2UnbNBFXBnWznYP62RcZaAY30C1%2B95RV3ihxEDo%2FxTh9mh
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr	String found in binary or memory: https://ajax.googleapis.com
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://bigmonkey.xyz/aruba2/processor.php
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://code.jquery.com/jquery-3.2.1.slim.min.js
Source: Reporting and NEL.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
Source: Reporting and NEL.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
Source: 5421334c-1056-4c48-b50f-719b716521d0.tmp.1.dr, 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://dns.google
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://logo.clearbit.com/slageris.lv
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://mail.borets.com/owa/
Source: 26222021 114007 a.m. Owa Outlook App.html, Favicons.0.dr	String found in binary or memory: https://mail.borets.com/owa/auth/15.0.1497/themes/resources/favicon.ico
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.eot?#iefix
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semibold.eot?#iefix
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semibold.ttf
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.eot?#iefix
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr	String found in binary or memory: https://r1---sn-1gi7znes.gvt1.com
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: 26222021 114007 a.m. Owa Outlook App.html	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	String found in binary or memory: https://www.gstatic.com

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\chrome_BITS_3560_1941343343

Jump to behavior

Source: classification engine

Classification label: mal52.phis.winHTML@8/78@8/10

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\26222021 114007 a.m. Owa Outlook App.html'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1648,11094347611715134829,13990568648629289274,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1648,11094347611715134829,13990568648629289274,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-615247C5-DE8.pma

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading3	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel1	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol4	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol5	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	Ingress Tool Transfer3	SIM Card Swap		Carrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
26222021 114007 a.m. Owa Outlook App.html	0%	Virustotal		Browse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://dns.google	0%	URL Reputation	safe
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf	0%	Virustotal		Browse
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf	0%	Avira URL Cloud	safe
https://bigmonkey.xyz/aruba2/processor.php	0%	Avira URL Cloud	safe
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semibold.ttf	0%	Avira URL Cloud	safe
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.eot?#iefix	0%	Avira URL Cloud	safe
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.eot?#iefix	0%	Avira URL Cloud	safe
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/favicon.ico	0%	Avira URL Cloud	safe
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external	0%	URL Reputation	safe
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semibold.eot?#iefix	0%	Avira URL Cloud	safe
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf	0%	Avira URL Cloud	safe
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers	0%	URL Reputation	safe
https://mail.borets.com/owa/	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
stackpath.bootstrapcdn.com	104.18.11.207	true	false	high
d26p066pn2w0s0.cloudfront.net	18.66.196.75	true	false	high
accounts.google.com	172.217.168.13	true	false	high
cdnjs.cloudflare.com	104.16.19.94	true	false	high
mail.borets.com	98.164.36.69	true	false	unknown
maxcdn.bootstrapcdn.com	104.18.11.207	true	false	high
clients.l.google.com	172.217.168.78	true	false	high
clients2.google.com	unknown	unknown	false	high
code.jquery.com	unknown	unknown	false	high
logo.clearbit.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high
https://logo.clearbit.com/slageris.lv	false		high
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	false		high
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	false		high
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/favicon.ico	false	Avira URL Cloud: safe	unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://dns.google	5421334c-1056-4c48-b50f-719b716521d0.tmp.1.dr, 0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	false	URL Reputation: safe	unknown
https://ogs.google.com	0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	false		high
https://code.jquery.com/jquery-3.2.1.slim.min.js	26222021 114007 a.m. Owa Outlook App.html	false		high
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf	26222021 114007 a.m. Owa Outlook App.html	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v3?s=Sii3wCioA2UnbNBFXBnWznYP62RcZaAY30C1%2B95RV3ihxEDo%2FxTh9mh	Reporting and NEL.1.dr	false		high
https://bigmonkey.xyz/aruba2/processor.php	26222021 114007 a.m. Owa Outlook App.html	false	Avira URL Cloud: safe	unknown
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semibold.ttf	26222021 114007 a.m. Owa Outlook App.html	false	Avira URL Cloud: safe	unknown
https://www.google.com	0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	false		high
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.eot?#iefix	26222021 114007 a.m. Owa Outlook App.html	false	Avira URL Cloud: safe	unknown
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.eot?#iefix	26222021 114007 a.m. Owa Outlook App.html	false	Avira URL Cloud: safe	unknown
https://accounts.google.com	0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	false		high
https://clients2.googleusercontent.com	0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	false		high
https://apis.google.com	0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	false		high
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external	Reporting and NEL.1.dr	false	URL Reputation: safe	unknown
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-semibold.eot?#iefix	26222021 114007 a.m. Owa Outlook App.html	false	Avira URL Cloud: safe	unknown
https://mail.borets.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf	26222021 114007 a.m. Owa Outlook App.html	false	Avira URL Cloud: safe	unknown
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers	Reporting and NEL.1.dr	false	URL Reputation: safe	unknown
https://clients2.google.com	0ef202ba-9601-451a-bbb7-b36c9773b379.tmp.1.dr, 25abaca1-f42a-4692-96cb-088faeb5696f.tmp.1.dr	false		high
https://mail.borets.com/owa/	26222021 114007 a.m. Owa Outlook App.html	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
18.66.196.75	d26p066pn2w0s0.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
98.164.36.69	mail.borets.com	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
172.217.168.13	accounts.google.com	United States	15169	GOOGLEUS	false
104.18.11.207	stackpath.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.16.19.94	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.1
192.168.2.7
192.168.2.22
192.168.2.23

General Information

Joe Sandbox Version:	33.0.0 White Diamond
Analysis ID:	491437
Start date:	27.09.2021
Start time:	15:37:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 7m 13s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	26222021 114007 a.m. Owa Outlook App.html
Cookbook file name:	defaultwindowshtmlcookbook.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	28
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal52.phis.winHTML@8/78@8/10
Cookbook Comments:	Adjust boot time Enable AMSI Found application associated with file extension: .html
Warnings:	Show All Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, WMIADAP.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, wuapihost.exe Excluded IPs from analysis (whitelisted): 69.16.175.42, 69.16.175.10, 172.217.168.78, 142.250.203.106, 173.194.160.70, 216.58.215.227, 95.100.54.203, 20.82.210.154, 40.112.88.60, 23.0.174.200, 23.0.174.185, 2.18.107.211, 20.50.102.62, 172.217.168.3, 34.104.35.123, 172.217.168.67, 23.10.249.26, 23.10.249.43, 20.82.209.183, 20.54.110.249 Excluded domains from analysis (whitelisted): cds.s5x3j6q5.hwcdn.net, clientservices.googleapis.com, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, a767.dspw65.akamai.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, e15275.g.akamaiedge.net, a1449.dscg2.akamai.net, arc.msn.com, r1---sn-1gi7znes.gvt1.com, redirector.gvt1.com, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, wildcard.weather.microsoft.com.edgekey.net, update.googleapis.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, www.gstatic.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, fs.microsoft.com, ajax.googleapis.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, wu-shim.trafficmanager.net, neu-displaycatalogrp.frontdoor.bigcatalog.commerce.microsoft.com, asf-ris-prod-neu.northeurope.cloudapp.azure.com, tile-service.weather.microsoft.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, r1.sn-1gi7znes.gvt1.com, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, download.windowsupdate.com.edgesuite.net, ris.api.iris.microsoft.com, edgedl.me.gvt1.com, displaycatalog-rp.md.mp.microsoft.com.akadns.net Not all processes where analyzed, report is missing behavior information Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link
104.18.11.207	IN_200462860196.htm	Get hash	malicious	Browse
	INVITATION_Cross-Asset_Credit Conf_September-22-2021.docx	Get hash	malicious	Browse
	fax_86579_86579_86579.html	Get hash	malicious	Browse
	Paymntstub_INV#04893.htm	Get hash	malicious	Browse
	#Ud83d#Udd0a VM 13438059210.wav.html	Get hash	malicious	Browse
	janne.roven-wirepayment398.htm	Get hash	malicious	Browse
	message.html	Get hash	malicious	Browse
	TMCPHRY8FB.htm	Get hash	malicious	Browse
	test.html	Get hash	malicious	Browse
	RFQ_830356 _2021-09-16.html	Get hash	malicious	Browse
	AP Remittance for michelle.looi@globalfoundries.com .html	Get hash	malicious	Browse
	Elon Musk Club - 024705 .htm	Get hash	malicious	Browse
	Bonus Bitcoin - 065540 .htm	Get hash	malicious	Browse
	Doc-Confidentiel-pdf (3).html	Get hash	malicious	Browse
	message.html	Get hash	malicious	Browse
	AP.7.html	Get hash	malicious	Browse
	ATT0002644.htm	Get hash	malicious	Browse
	Hess - RemittanceAdvice_15095_992021_1053.htm	Get hash	malicious	Browse
	michael.iuliucci_33990Application.HTML	Get hash	malicious	Browse
	EFT-Yaharasoftware.htm	Get hash	malicious	Browse
18.66.196.75	Palliser Furniture - SupplierEFTPayment Notification.htm	Get hash	malicious	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
stackpath.bootstrapcdn.com	Paymntstub_INV#04893.htm	Get hash	malicious	Browse	104.18.11.207
	#Ud83d#Udd0a VM 13438059210.wav.html	Get hash	malicious	Browse	104.18.11.207
	#Ud83d#Udd0a VM 13438059210.wav.html	Get hash	malicious	Browse	104.18.10.207
	AP Remittance for michelle.looi@globalfoundries.com .html	Get hash	malicious	Browse	104.18.11.207
	Inv-#4402Michael.HTM	Get hash	malicious	Browse	104.18.10.207
	AP.7.html	Get hash	malicious	Browse	104.18.11.207
	ATT0002644.htm	Get hash	malicious	Browse	104.18.11.207
	michael.iuliucci_33990Application.HTML	Get hash	malicious	Browse	104.18.11.207
	EFT-Yaharasoftware.htm	Get hash	malicious	Browse	104.18.10.207
	qB6P2WfUjb.exe	Get hash	malicious	Browse	104.18.10.207
	+01-348 9288.htm	Get hash	malicious	Browse	104.18.11.207
	ovolohotels-PayroLL-565726-pdf.HtmL	Get hash	malicious	Browse	104.18.10.207
	+01-348 9288.htm	Get hash	malicious	Browse	104.18.10.207
	AP Remittance for bill.coleman@tetratech.com .html	Get hash	malicious	Browse	104.18.11.207
	Scanned-Doc[_028DocAt.html	Get hash	malicious	Browse	104.18.11.207
	AP Remittance for tschlegelmilch@fmne.com .html	Get hash	malicious	Browse	104.18.10.207
	App#7.html	Get hash	malicious	Browse	104.18.10.207
	ATT12149.htm	Get hash	malicious	Browse	104.18.11.207
	htm.html	Get hash	malicious	Browse	104.18.11.207
	Evopayments.mx--77Fax.HTML	Get hash	malicious	Browse	104.18.10.207
d26p066pn2w0s0.cloudfront.net	IN_200462860196.htm	Get hash	malicious	Browse	143.204.9.123
	PA69345.html	Get hash	malicious	Browse	143.204.225.25
	IN_203024890925.htm	Get hash	malicious	Browse	143.204.9.75
	IN_203024890782.htm	Get hash	malicious	Browse	52.222.149.10
	Doc-Confidentiel-pdf (3).html	Get hash	malicious	Browse	18.66.196.109
	ATTL4CF.html	Get hash	malicious	Browse	18.66.196.122
	Hess - RemittanceAdvice_15095_992021_1053.htm	Get hash	malicious	Browse	99.84.144.113
	RemittanceAdvice_15095_972021_1053.htm	Get hash	malicious	Browse	143.204.98.37
	RemittanceAdvice_15095_972021_1053.htm	Get hash	malicious	Browse	13.224.94.40
	Newcastlepermanent- File 4854937.html	Get hash	malicious	Browse	13.226.155.6
	Doc-Confidentiel-pdf.html	Get hash	malicious	Browse	13.32.121.48
	DoubleLine Group LP - SupplierRemittance Notification.htm	Get hash	malicious	Browse	52.222.149.82
	Pioneer Family Pools - (EFT) Payment Advice8302021.htm	Get hash	malicious	Browse	18.66.196.122
	Palliser Furniture - SupplierEFTPayment Notification.htm	Get hash	malicious	Browse	18.66.196.75
	Palliser Furniture - SupplierRemittance Notification.htm	Get hash	malicious	Browse	143.204.98.37
	Palliser Furniture - EFT Payment Notification.htm	Get hash	malicious	Browse	13.35.199.2
	message.html	Get hash	malicious	Browse	143.204.98.21
	Algoma-Documents.htm	Get hash	malicious	Browse	143.204.98.115
	Axactor Italy - (EFT) Payment Advice[Date_short.htm	Get hash	malicious	Browse	13.226.175.109
	Amaury.vanvinckenroye-AudioMessage_520498.htm	Get hash	malicious	Browse	13.224.96.22

ASN

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
ASN-CXA-ALL-CCI-22773-RDCUS	4oihqZr8ZO	Get hash	malicious	Browse	70.191.247.219
	b3astmode.arm	Get hash	malicious	Browse	68.100.92.220
	xd.arm7	Get hash	malicious	Browse	70.169.190.63
	xd.arm	Get hash	malicious	Browse	70.167.127.41
	U1gjyXpR35	Get hash	malicious	Browse	164.172.20.96
	2hrxC5NcX5	Get hash	malicious	Browse	70.190.70.40
	i686	Get hash	malicious	Browse	70.174.153.17
	Un5xMqp1Yj	Get hash	malicious	Browse	164.172.189.201
	4czqYWTUq8	Get hash	malicious	Browse	24.254.111.14
	xUAaxUb8FS	Get hash	malicious	Browse	184.183.222.246
	sora.arm	Get hash	malicious	Browse	72.222.13.147
	LkypMws5yh	Get hash	malicious	Browse	174.66.191.245
	dark.x86	Get hash	malicious	Browse	68.99.78.80
	HQbAY82OKk	Get hash	malicious	Browse	98.176.149.130
	va8Rts13b8	Get hash	malicious	Browse	24.234.228.102
	jKira.arm7	Get hash	malicious	Browse	174.78.141.240
	b3astmode.x86	Get hash	malicious	Browse	98.187.157.163
	2S8N5fDSRs	Get hash	malicious	Browse	70.190.94.21
	index_2021-09-21-11_23	Get hash	malicious	Browse	98.179.24.232
	dark.arm	Get hash	malicious	Browse	70.173.15.115
MIT-GATEWAYSUS	8u6nZbyMxl	Get hash	malicious	Browse	19.23.51.129
	fmS6YYhBy1	Get hash	malicious	Browse	19.35.10.79
	sora.arm7	Get hash	malicious	Browse	19.44.33.203
	ov8cmawldv	Get hash	malicious	Browse	18.74.87.146
	Nq0m2t3vNZ	Get hash	malicious	Browse	18.160.160.190
	hnBBQPVGVR	Get hash	malicious	Browse	19.58.69.236
	Du7uHwvCQC	Get hash	malicious	Browse	19.251.72.213
	xd.arm7	Get hash	malicious	Browse	19.67.191.191
	LAKmNB72J8	Get hash	malicious	Browse	19.241.28.215
	soramrk.x86	Get hash	malicious	Browse	19.85.152.126
	55bUuUSd6j	Get hash	malicious	Browse	18.123.79.105
	xd.arm	Get hash	malicious	Browse	19.24.225.154
	U1gjyXpR35	Get hash	malicious	Browse	19.199.198.184
	l88za3KqVX	Get hash	malicious	Browse	19.102.103.3
	m4CSmBNjk5	Get hash	malicious	Browse	18.50.180.237
	12SBfF9k2m	Get hash	malicious	Browse	19.123.95.66
	7PUgGUWM2l	Get hash	malicious	Browse	19.20.145.45
	rpEL8cL9KS	Get hash	malicious	Browse	19.84.144.38
	ShxmSBgPmy	Get hash	malicious	Browse	18.127.100.0
	sora.arm7	Get hash	malicious	Browse	18.11.163.246

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	451603
Entropy (8bit):	5.009711072558331
Encrypted:	false
SSDEEP:	12288:ZHfRTyGZ6lup8Cfrvq4JBPKh+FBlESBw4p6:NfOCzvRKhGvwJ
MD5:	A78AD14E77147E7DE3647E61964C0335
SHA1:	CECC3DD41F4CEA0192B24300C71E1911BD4FCE45
SHA-256:	0D6803758FF8F87081FAFD62E90F0950DFB2DD7991E9607FE76A8F92D0E893FA
SHA-512:	DDE24D5AD50D68FC91E9E325D31E66EF8F624B6BB3A07D14FFED1104D3AB5F4EF1D7969A5CDE0DFBB19CB31C506F7DE97AF67C2F244F7E7E8E10648EA8321101
Malicious:	false
Reputation:	high, very likely benign file
Preview:	BDic.... ....6...."..Z..4g....6.2...{/...3...5....AF 1363.AF nm.AF pt.AF n1.AF p.AF tc.AF SM.AF M.AF S.AF MS.AF MNR.AF GDS.AF MNT.AF MH.AF MR.AF SZMR.AF MJ.AF MT.AF MY.AF MRZ.AF MN.AF MG.AF RM.AF N.AF MV.AF XM.AF DSM.AF SD.AF G.AF R.AF MNX.AF MRS.AF MD.AF MNRB.AF B.AF ZSMR.AF PM.AF SMNGJ.AF SMN.AF ZMR.AF SMGB.AF MZR.AF GM.AF SMR.AF SMDG.AF RMZ.AF ZM.AF MDG.AF MDT.AF SMNXT.AF SDY.AF LSDG.AF LGDS.AF GLDS.AF UY.AF U.AF DSGNX.AF GNDSX.AF DSG.AF Y.AF GS.AF IEMS.AF YP.AF ZGDRS.AF XGNVDS.AF UT.AF GNDS.AF GVDS.AF MYPS.AF XGNDS.AF TPRY.AF MDSG.AF ZGSDR.AF DYSG.AF PMYTNS.AF AGDS.AF DRZGS.AF PY.AF GSPMDY.AF EGVDS.AF SL.AF GNXDS.AF DSBG.AF IM.AF I.AF MDGS.AF SMY.AF DSGN.AF DSLG.AF GMDS.AF MDSBG.AF SGD.AF IY.AF P.AF DSMG.AF BLZGDRS.AF TR.AF AGSD.AF ZGBDRSL.AF PTRY.AF ASDGV.AF ASM.AF ICANGSD.AF ICAM.AF IKY.AF AMS.AF PMYTRS.AF BZGVDRS.AF SDRBZG.AF GVMDS.AF PSM.AF DGLS.AF GNVXDS.AF AGDSL.AF DGS.AF XDSGNV.AF BZGDRS.AF AM.AF AS.AF A.AF LDSG.AF AGVDS.AF SDG.AF LDSMG.AF EDSMG.AF EY.AF DRSMZG.AF PRYT.AF LZ

C:\Users\user\AppData\Local\Google\Chrome\User Data\3bc4123c-1174-4e23-be41-6ed8f4513a77.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	373512
Entropy (8bit):	6.014901344443662
Encrypted:	false
SSDEEP:	6144:GXxPZdp8EBlbyvvux0/xTKD8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1m:GpZd7XbImxnwxzurRDn9nfNxF4ijZVtm
MD5:	F737359F02A7E7372116906B2E21CEC3
SHA1:	6AAEC585126081C4EE947B54744E43B04B6FB4AB
SHA-256:	D59948377796470A88B893E79897952D8819105539EF3AE91ED8AC366EA7B4B6
SHA-512:	B0FF1558CBF5C28707F81C228A4A5E63EE937161FF8E331CF520BF2657D45AE038A4C130F20B64B7256587F69E6BB4B29DB1DF9CD334A6AE2A27578B63404C9F
Malicious:	false
Reputation:	low
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.632782279702673e+12,"network":1.632749881e+12,"ticks":7051022999.0,"uncertainty":4228758.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075265799"},"policy":{"last_statistics_update":"1327725587722

C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	120
Entropy (8bit):	3.3041625260016576
Encrypted:	false
SSDEEP:	3:FkXYDu6cR9iTXYDu6cR9iTXYDu6cR9n:+Y66cR4TXY66cR4TXY66cR9
MD5:	569FA64ACAA310B1DE1A6250CC7356B0
SHA1:	14251450C245F8612958BF94779E8B72AE6D6213
SHA-256:	AEE20ADEBF2D35EB8A39BE2DC391B0E5966EFCB4AFDC971BB3A18115C929F563
SHA-512:	850914A053EF541046B29260266C17FEFF2466A87784394F9AB3B565D2EA1E656F61F02BDB78F9F9676E90365F837F3709BCC0856B3B844256848F477250E0C7
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	sdPC.....................8...?E."..N_.sdPC.....................8...?E."..N_.sdPC.....................8...?E."..N_.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0ef202ba-9601-451a-bbb7-b36c9773b379.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	1994
Entropy (8bit):	4.902743093495863
Encrypted:	false
SSDEEP:	48:Y2n6qtwTCXDHyvzM3zsiRsKGsjlRLs+TdsWMHfYhbxD:JnxOTCXDH+zMbJ5lxJGwhVD
MD5:	029A358B8455DD2B0C281BF3F4C8246C
SHA1:	54247407E4F6232A118D9B81F597DB953791F474
SHA-256:	37FA78B51C8E1A22655C1DE3DD7D4E38106797492EEAFD1E3958D5508B8EAA4C
SHA-512:	EC8EE944D63452DBBA51A825541299BD801860B9D7CD3AB8C58797DE4BFDC931395297DEDD57175FD6D74FE1B5AC79E66FAC0DF8EE94E2DA70CD018446BD3B70
Malicious:	false
Reputation:	low
Preview:	{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"isolation":[],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13279847879428121","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://ajax.googleapis.com"},{"alternative_service":[{"advert

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1a9ca5b2-4ec0-43ab-8a3f-9b34d95394b2.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:L:L
MD5:	5058F1AF8388633F609CADB75A75DC9D
SHA1:	3A52CE780950D4D969792A2559CD519D7EE8C727
SHA-256:	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
SHA-512:	0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
Malicious:	false
Preview:	.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\25abaca1-f42a-4692-96cb-088faeb5696f.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.871599185186076
Encrypted:	false
SSDEEP:	48:YXs2MHRzsoMHT5s0MHyKsTMHksrDys4Csb7synWsQItFsym6zs6zMHWLsZMH5YhV:+GDGTHGmGHDW1/nOIbmOGlGGhVD
MD5:	829D5654ADF098AD43036E24C47F2A94
SHA1:	506C8BA397509BA0357787950C538C1879047DF3
SHA-256:	4D0B852D18FCA5C1A712904CF6DB3811FB905E86D8A7508A2D42F9C8D68E2211
SHA-512:	D9B18E6B0AD1E8E4BECF9E84BBE30D64730CFEC2CBEAF96D5DF52E28B907B03EADF22F020FBE0A56D137A52F4F09798031BC6CA026CFA8A979A608B3445DBCAA
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600883925","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":40156},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542628822803","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":30856},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600893104","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":25300},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600872791","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34789},"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"exp

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3ca16608-ad5c-483f-8271-cc3ad94b9958.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	16449
Entropy (8bit):	5.584407498386205
Encrypted:	false
SSDEEP:	384:mMct1LlofX/1kXqKf/pUZNCgVLH2HfDurUtw6q4v:mLlq/1kXqKf/pUZNCgVLH2Hf6rUNqo
MD5:	1FFF2162392B3984AD05444DB9492796
SHA1:	78C559FB5918BC6319C73CD59A71E14F26668C35
SHA-256:	4AC06EB4DB5DBD66F361D19743DCBCDABD1A48F7E123F49B2821AAD70C8C63FB
SHA-512:	AD49FD02F611FDB9B15261582669AFE9EF3FFD659692D77E6AA4B8FE98C3A8A263F5D884DB3E29BE0CE037DB432F9906A0C8185E5C6A3ED1AF7D52054A72403E
Malicious:	false
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13277255877341058","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\41379485-7a78-4184-9115-08be19d76178.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4800
Entropy (8bit):	4.942378185688073
Encrypted:	false
SSDEEP:	48:YcTPklSiklq0cyqABqqTlYclQKHoTw0d1aPc8C1Nfct/9BhUJo3KhmeSnpNGz0sQ:nkrXru9pSKIYIk0JCKL8xpbOTQVuwn
MD5:	5C07FD0AC86FE64BD05FDFF7CD5C2C51
SHA1:	3DD0FFD09B303022114BCB9E4D7695EBB8A0D805
SHA-256:	76F9A96D616BFD44F3A60EBF873B13AE39A57EE50123A7ED4514805DA7DE677D
SHA-512:	948C2169352ABA33A66E8F6F395E803C05BEFCB41A1D2FBC87766F72FBC49F01FCDF4A81124081B1DEC4FE6BD9C333A20853F2ACBD91187DC51382A1F116628E
Malicious:	false
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13277255877662291","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245950583260338","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245950640095768","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1538886"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	336
Entropy (8bit):	5.256909638526138
Encrypted:	false
SSDEEP:	6:mYw9aK+q2P923iKKdK9RXXTZIFUtpXw9z6ZmwPXw9zWVkwO923iKKdK9RXX5LJ:nlrv45Kk7XT2FUtpXt/PXf5L5Kk7XVJ
MD5:	DDB7E7A309CA2F772A013E3CA0B94A49
SHA1:	B2F52F0BA1964A1CEF5FDA06A4F43DCCD4BBBF10
SHA-256:	08AF12B42FC6D9E0B468A7F85A124E14645BDF09FB5C3FCC9EB3BF8F20757265
SHA-512:	DC9FA1F7E73FAAFAB1D64CBCAD3A57CA0DFF51CFF3FC8797673C3D14C4FC138888086FF2B6A2EFD1D7C48DD52342F7A893ACABA449C64FE50812A9CF75FEEEC6
Malicious:	false
Preview:	2021/09/27-15:38:04.637 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/09/27-15:38:04.645 18a8 Recovering log #3.2021/09/27-15:38:04.645 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	336
Entropy (8bit):	5.256909638526138
Encrypted:	false
SSDEEP:	6:mYw9aK+q2P923iKKdK9RXXTZIFUtpXw9z6ZmwPXw9zWVkwO923iKKdK9RXX5LJ:nlrv45Kk7XT2FUtpXt/PXf5L5Kk7XVJ
MD5:	DDB7E7A309CA2F772A013E3CA0B94A49
SHA1:	B2F52F0BA1964A1CEF5FDA06A4F43DCCD4BBBF10
SHA-256:	08AF12B42FC6D9E0B468A7F85A124E14645BDF09FB5C3FCC9EB3BF8F20757265
SHA-512:	DC9FA1F7E73FAAFAB1D64CBCAD3A57CA0DFF51CFF3FC8797673C3D14C4FC138888086FF2B6A2EFD1D7C48DD52342F7A893ACABA449C64FE50812A9CF75FEEEC6
Malicious:	false
Preview:	2021/09/27-15:38:04.637 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/MANIFEST-000001.2021/09/27-15:38:04.645 18a8 Recovering log #3.2021/09/27-15:38:04.645 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.239762424812776
Encrypted:	false
SSDEEP:	6:mYw9QjUGt+q2P923iKKdKyDZIFUtpXw9QgZmwPXw9QwAVkwO923iKKdKyJLJ:nnov45Kk02FUtpXi/PXX5L5KkWJ
MD5:	620E2F4CEA0D20514BE3DF3CC20898F7
SHA1:	34A7B2CD025F008F70175CDCE628961CF032217D
SHA-256:	91EB32F78F84580255728B7287E61C56F9AD929F305D2A6EEDC017A6C3CB60E6
SHA-512:	6514C84664761E893CE1BE15BB835155D40386BDADA1424C63B7B9EE5B516D115DA51B0678943C95DF59DEECA7BF230BB068DED371996BD5B8B42AF10D5E71F7
Malicious:	false
Preview:	2021/09/27-15:38:04.568 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/09/27-15:38:04.572 18a8 Recovering log #3.2021/09/27-15:38:04.577 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	320
Entropy (8bit):	5.239762424812776
Encrypted:	false
SSDEEP:	6:mYw9QjUGt+q2P923iKKdKyDZIFUtpXw9QgZmwPXw9QwAVkwO923iKKdKyJLJ:nnov45Kk02FUtpXi/PXX5L5KkWJ
MD5:	620E2F4CEA0D20514BE3DF3CC20898F7
SHA1:	34A7B2CD025F008F70175CDCE628961CF032217D
SHA-256:	91EB32F78F84580255728B7287E61C56F9AD929F305D2A6EEDC017A6C3CB60E6
SHA-512:	6514C84664761E893CE1BE15BB835155D40386BDADA1424C63B7B9EE5B516D115DA51B0678943C95DF59DEECA7BF230BB068DED371996BD5B8B42AF10D5E71F7
Malicious:	false
Preview:	2021/09/27-15:38:04.568 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/MANIFEST-000001.2021/09/27-15:38:04.572 18a8 Recovering log #3.2021/09/27-15:38:04.577 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	12288
Entropy (8bit):	0.6863571317626186
Encrypted:	false
SSDEEP:	12:TLyen4ufFdbXGwcFOaOndOtJRbGMNmt2SH/+eVpUHFxOUwae6:TLyqJLbXaFpEO5bNmISHn06Uwd
MD5:	1C0EAEEE6463CAE33B7A7CD9D9DF4DA5
SHA1:	FBC6A28A1501E40154FDC0A9D0C2F34A5F88AA65
SHA-256:	ED8AE7C5E6885874A39F4E86258F552670352A18D29BE1FF4D372A2F4CD06C8A
SHA-512:	355D19828609971998B09B36E7C7D304B7FB88C7A726670BEBF5CF2E2710F8E71B0F9DEF6FE9712B484C1EB122AEEEFDECF31D13E02C4539C399DFB86EC7619F
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	12836
Entropy (8bit):	0.9696832685498548
Encrypted:	false
SSDEEP:	24:rIL4rtEy8/qLbJLbXaFpEO5bNmISHn06Uwqt8:rI+Kq5LLOpEO5J/Kn7Ud8
MD5:	1DF85555D36BED10736FED79171CE6DF
SHA1:	E263BA15E974E6F86F61E2D4AA883D3E4B097398
SHA-256:	3A324CBE3DE466859A247B991334A70D3E198C32CA3FA2F91DDCEFC59A7B027B
SHA-512:	9833CC10B03F4B1E2E134378582FB65F0D3520DD55BCA65230AC560C152ECBD49AB58758D364C59828B677F2D951002C83479E126460FE933530E7C109598B3F
Malicious:	false
Preview:	........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1157
Entropy (8bit):	3.618411060982434
Encrypted:	false
SSDEEP:	24:34SxylrlCJc0kRU/Ph1/4X2kuu/+SWqVZJU/Ph1/4XyRlLlL:34Nxec0kRQhd4X2kB/+SpQhd4XyDRL
MD5:	39C683349B785A385FB82083DD7019B8
SHA1:	749B0D6D921F935558E92BEF921DDC26220C29AE
SHA-256:	F6836F759E6953CDCD5DDC290043FD4423797C5454422874A134F67CC4643519
SHA-512:	89E302792CFD0E5575291C9B5ACBB91CFC9FD6517632B8654EE8A57756DFA0F5E1FBECC70EDAD7B401F0FF083990CBBF734D49439F91166C011CAC301C58EB8A
Malicious:	false
Preview:	SNSS....................................................!.............................................1..,.......$...d22718cd_4baa_4d90_9523_6e886db2dab9........................%.................................................................................5..0.......&...{2F4F8386-A58B-4B0C-A17B-2FAAF764E551}............................S...file:///C:/Users/user/Desktop/26222021%20114007%20a.m.%20Owa%20Outlook%20App.html.....................................................h.......`.......................................................N......O......P.......h...................................S...f.i.l.e.:./././.C.:./.U.s.e.r.s./.a.l.f.o.n.s./.D.e.s.k.t.o.p./.2.6.2.2.2.0.2.1.%.2.0.1.1.4.0.0.7.%.2.0.a...m...%.2.0.O.w.a.%.2.0.O.u.t.l.o.o.k.%.2.0.A.p.p...h.t.m.l...................................8.......0.......8....................................................................... .......................................................S...file:///C:/Users/user/Desktop/26222021%201

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.8112781244591325
Encrypted:	false
SSDEEP:	3:3Dtn:3h
MD5:	0686D6159557E1162D04C44240103333
SHA1:	053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256:	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512:	884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious:	false
Preview:	SNSS....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	126
Entropy (8bit):	4.569580985472087
Encrypted:	false
SSDEEP:	3:FQxlXayz/t2Hmwg0EOZL7Ao4uhFkEuRLKyC54:qT5z/t2qoEwhXeLKI
MD5:	F9672B4DD4FE52E26F179EAF35E69B22
SHA1:	DE3C80E35851DFAD51E1FD0F35E90EC5C223B739
SHA-256:	11F36B4E7449BA10E1E24571A5DE3A67918F8B971A2B2B43FFC549492C00DEC5
SHA-512:	898A55D8F35DA209FA85E9F94654CFA12859D411740394BBA1A909FA77109B0FB6F36D5E7B4AFA7F8CCBF6BE407E01421229E7EC241906A9ECCCAE852622609B
Malicious:	false
Preview:	.f.5................i.Wd...............Sgdaefkejpgkiemlaofpalmlakkmbjdnl.declarative_rules.declarativeContent.onPageChanged.[]

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	322
Entropy (8bit):	5.228381559031737
Encrypted:	false
SSDEEP:	6:mYwwVq2P923iKKdK8aPrqIFUtpXwlq0gZmwPXwlq0IkwO923iKKdK8amLJ:nVv45KkL3FUtpXh/PX75L5KkQJ
MD5:	38E62AE6101B1511F77805A331A803D1
SHA1:	3E004D137F066C1F6803CC3B4FC5B59D110C8FCE
SHA-256:	972DE6D337DFA076FFD3F58B20D51DBA1448F04B9F837A6C6977A17771887F03
SHA-512:	5929BF485265C63724C43BE7BA149A2EDBE406054360D4B573D995F580BBD1E3C8AD03BA00BE451F93D4D957630DB845B4158E69FC58215D3611858AA57830D6
Malicious:	false
Preview:	2021/09/27-15:37:57.671 1424 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/09/27-15:37:57.672 1424 Recovering log #3.2021/09/27-15:37:57.672 1424 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	322
Entropy (8bit):	5.228381559031737
Encrypted:	false
SSDEEP:	6:mYwwVq2P923iKKdK8aPrqIFUtpXwlq0gZmwPXwlq0IkwO923iKKdK8amLJ:nVv45KkL3FUtpXh/PX75L5KkQJ
MD5:	38E62AE6101B1511F77805A331A803D1
SHA1:	3E004D137F066C1F6803CC3B4FC5B59D110C8FCE
SHA-256:	972DE6D337DFA076FFD3F58B20D51DBA1448F04B9F837A6C6977A17771887F03
SHA-512:	5929BF485265C63724C43BE7BA149A2EDBE406054360D4B573D995F580BBD1E3C8AD03BA00BE451F93D4D957630DB845B4158E69FC58215D3611858AA57830D6
Malicious:	false
Preview:	2021/09/27-15:37:57.671 1424 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/MANIFEST-000001.2021/09/27-15:37:57.672 1424 Recovering log #3.2021/09/27-15:37:57.672 1424 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	456
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWWW
MD5:	F23D2DF21A39AA8D814CADE6C37856C8
SHA1:	233E65707015A53F83A0D53DB03A4AF8FAB21EA6
SHA-256:	C5CE9AAF8FFDCB8A00463A7BF24001885E0A792F110C8DB74A1E2F4392CB0E31
SHA-512:	A7B50B8CAFBA80F6BACA44B260F8379852C4176F3DD57168812F3B4B811D2FF340F09F8CE625CC2ADECAB2851CC33725CB729548A3DA98B041387C7952077918
Malicious:	false
Preview:	.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	319
Entropy (8bit):	5.2321881162800565
Encrypted:	false
SSDEEP:	6:mYwx7dSQ+q2P923iKKdK8NIFUtpXwxlXwgZmwPXwxUQVkwO923iKKdK8+eLJ:nYOv45KkpFUtpXaZ/PXk5L5KkqJ
MD5:	088D6D70BEB93C36DCD0A7D81B0895C5
SHA1:	EB2F15E4077DA922BFEC7359459E8B931C488B70
SHA-256:	849DEACC6CDBF55691F69B9C9BD2ECD0BB4F9B87FD0570E29EDEA3B52618F07F
SHA-512:	7D41A0E79906292722C3152E0E2EA753450C90B1C9D17F84D28F31257CDCE57FE0AD76BFF4932B4F40AD75B0B915D22C24373B34ECDFF49DB395A87F56BE55F4
Malicious:	false
Preview:	2021/09/27-15:38:00.673 b28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/09/27-15:38:00.675 b28 Recovering log #3.2021/09/27-15:38:00.682 b28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldTM (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	319
Entropy (8bit):	5.2321881162800565
Encrypted:	false
SSDEEP:	6:mYwx7dSQ+q2P923iKKdK8NIFUtpXwxlXwgZmwPXwxUQVkwO923iKKdK8+eLJ:nYOv45KkpFUtpXaZ/PXk5L5KkqJ
MD5:	088D6D70BEB93C36DCD0A7D81B0895C5
SHA1:	EB2F15E4077DA922BFEC7359459E8B931C488B70
SHA-256:	849DEACC6CDBF55691F69B9C9BD2ECD0BB4F9B87FD0570E29EDEA3B52618F07F
SHA-512:	7D41A0E79906292722C3152E0E2EA753450C90B1C9D17F84D28F31257CDCE57FE0AD76BFF4932B4F40AD75B0B915D22C24373B34ECDFF49DB395A87F56BE55F4
Malicious:	false
Preview:	2021/09/27-15:38:00.673 b28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/MANIFEST-000001.2021/09/27-15:38:00.675 b28 Recovering log #3.2021/09/27-15:38:00.682 b28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	16384
Entropy (8bit):	2.0005638828266776
Encrypted:	false
SSDEEP:	48:yBmw6fU3hd4me5Zj6tZOBno8wrEfgJXG8RjBcBDmxLchd4JRjx:yBCnpfdfgZ10BDgdn
MD5:	EEC2381AE735561FB1D5D2F9D6EEC1AB
SHA1:	388671A7EA21B825ED297BFE807CA3D0CDAFAC55
SHA-256:	6FB657C63BAF9883DA4AC2B47B3DEB84EB2B8221FDBF6B7A3D5AAD2CE8F73C29
SHA-512:	8C7F3B12E669A1B926E9CDC9C039C9E2F5527B8DC4FAB1EE6D1AF26AE1910ADA3335801DA753305A314A524F84314E082249F782DEA86BD415A951C099B03A0A
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................C..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	16972
Entropy (8bit):	0.7762229887460738
Encrypted:	false
SSDEEP:	24:2RqyLiXxh0GY/l1rWR1PmCx9fZjsBX+T6UwrY3n:2RqdBmw6fUYY3n
MD5:	F516E5EA93E7467FDAF583283E5C4E68
SHA1:	715E7D4C6749A4260C29EBCF107EF1B0333E59FF
SHA-256:	778CB97D0A8DD769245A17D8B67D5ED96FA29A7E0C2DD65D8EE0D2785B83FF56
SHA-512:	65E05B634AEDF209FE343BF3C2CEF2FA1804C21BA29BB79BE972F9F5E43E3EA632D2DB625543D0B916354B08ED621582CB3476B8D104C42943A993741B048617
Malicious:	false
Preview:	..............s.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.8784775129881184
Encrypted:	false
SSDEEP:	3:FQxlX:qT
MD5:	0407B455F23E3655661BA46A574CFCA4
SHA1:	855CB7CC8EAC30458B4207614D046CB09EE3A591
SHA-256:	AB5C71347D95F319781DF230012713C7819AC0D69373E8C9A7302CAE3F9A04B7
SHA-512:	3020F7C87DC5201589FA43E03B1591ED8BEB64523B37EB3736557F3AB7D654980FB42284115A69D91DE44204CEFAB751B60466C0EF677608467DE43D41BFB939
Malicious:	false
Preview:	.f.5...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	374
Entropy (8bit):	5.287228149378418
Encrypted:	false
SSDEEP:	6:mYw9euK3+q2P923iKKdK25+Xqx8chI+IFUtpXw9+6ZmwPXw9WdVkwO923iKKdK2L:nqKOv45KkTXfchI3FUtpXG/PX35L5KkI
MD5:	EC25D529AC154D7B93696BEA1727F594
SHA1:	2BEBEB671791C1C6BB1D2A9E8598A675B944F21A
SHA-256:	C9FF14628BC334875F885E298A95903D906D8B2F12E974096B9D1E220EA31B92
SHA-512:	66BAF14DF86A1FAEA90302452156DF41F3DCFDC2C66689DA2F08007250FF29B774C29D9A0CA8849B8EA92EF165545C6EFA64FB2C80E15D2C7A99B79A7AC349FD
Malicious:	false
Preview:	2021/09/27-15:38:04.461 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/09/27-15:38:04.468 18a8 Recovering log #3.2021/09/27-15:38:04.469 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	374
Entropy (8bit):	5.287228149378418
Encrypted:	false
SSDEEP:	6:mYw9euK3+q2P923iKKdK25+Xqx8chI+IFUtpXw9+6ZmwPXw9WdVkwO923iKKdK2L:nqKOv45KkTXfchI3FUtpXG/PX35L5KkI
MD5:	EC25D529AC154D7B93696BEA1727F594
SHA1:	2BEBEB671791C1C6BB1D2A9E8598A675B944F21A
SHA-256:	C9FF14628BC334875F885E298A95903D906D8B2F12E974096B9D1E220EA31B92
SHA-512:	66BAF14DF86A1FAEA90302452156DF41F3DCFDC2C66689DA2F08007250FF29B774C29D9A0CA8849B8EA92EF165545C6EFA64FB2C80E15D2C7A99B79A7AC349FD
Malicious:	false
Preview:	2021/09/27-15:38:04.461 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/MANIFEST-000001.2021/09/27-15:38:04.468 18a8 Recovering log #3.2021/09/27-15:38:04.469 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	360
Entropy (8bit):	5.215002378407611
Encrypted:	false
SSDEEP:	6:mYw9iW+q2P923iKKdK25+XuoIFUtpXw9EE5ZmwPXw983d3VkwO923iKKdK25+Xu6:nTXv45KkTXYFUtpXnE5/PX13dF5L5Kkl
MD5:	A35F635AE06884C935204F6E596FFE4D
SHA1:	7BF2292C0FE2E24C9EA921DAACE5A6178FC7DB1C
SHA-256:	C08E59EE42D85B54B363CD71BF782D89E583BE230B03D031DCB82A9C32A0102D
SHA-512:	5CAA9BC6815BDDC0886EEA0C0D073FC7BBB7EFDD4A718BCC43D884E645E6A543A0CE30D74226B3EDFB8EED39CD319234C643A07F82454CB001FA55D6B2583DE1
Malicious:	false
Preview:	2021/09/27-15:38:04.402 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/09/27-15:38:04.404 18a8 Recovering log #3.2021/09/27-15:38:04.405 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	360
Entropy (8bit):	5.215002378407611
Encrypted:	false
SSDEEP:	6:mYw9iW+q2P923iKKdK25+XuoIFUtpXw9EE5ZmwPXw983d3VkwO923iKKdK25+Xu6:nTXv45KkTXYFUtpXnE5/PX13dF5L5Kkl
MD5:	A35F635AE06884C935204F6E596FFE4D
SHA1:	7BF2292C0FE2E24C9EA921DAACE5A6178FC7DB1C
SHA-256:	C08E59EE42D85B54B363CD71BF782D89E583BE230B03D031DCB82A9C32A0102D
SHA-512:	5CAA9BC6815BDDC0886EEA0C0D073FC7BBB7EFDD4A718BCC43D884E645E6A543A0CE30D74226B3EDFB8EED39CD319234C643A07F82454CB001FA55D6B2583DE1
Malicious:	false
Preview:	2021/09/27-15:38:04.402 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/MANIFEST-000001.2021/09/27-15:38:04.404 18a8 Recovering log #3.2021/09/27-15:38:04.405 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	332
Entropy (8bit):	5.23702078231585
Encrypted:	false
SSDEEP:	6:mYw9Wf+q2P923iKKdKWT5g1IdqIFUtpXw9WlvZmwPXw9WGuWVkwO923iKKdKWT5i:nXmv45Kkg5gSRFUtpXXJ/PXXnG5L5Kkn
MD5:	BA0EE148E84F4ED44E1AF89E829197C8
SHA1:	49FC93BC5D0A87895D0B74C2DCEDA3E3A19E2DA8
SHA-256:	AB07E51AB0AF0AB44053F4803FD6114456953EA18E543589BCD3398CB0AAC895
SHA-512:	1C990AE186574ECCC219D8FE693E24D7B2E6DA03F9D2598EE1B65A326C3ECD72955CE4DF6D3BDA2996B7053C593C898A08F72CA23E574D69F8D7C506022D2984
Malicious:	false
Preview:	2021/09/27-15:38:04.311 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/09/27-15:38:04.322 18a8 Recovering log #3.2021/09/27-15:38:04.323 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.olddl (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	332
Entropy (8bit):	5.23702078231585
Encrypted:	false
SSDEEP:	6:mYw9Wf+q2P923iKKdKWT5g1IdqIFUtpXw9WlvZmwPXw9WGuWVkwO923iKKdKWT5i:nXmv45Kkg5gSRFUtpXXJ/PXXnG5L5Kkn
MD5:	BA0EE148E84F4ED44E1AF89E829197C8
SHA1:	49FC93BC5D0A87895D0B74C2DCEDA3E3A19E2DA8
SHA-256:	AB07E51AB0AF0AB44053F4803FD6114456953EA18E543589BCD3398CB0AAC895
SHA-512:	1C990AE186574ECCC219D8FE693E24D7B2E6DA03F9D2598EE1B65A326C3ECD72955CE4DF6D3BDA2996B7053C593C898A08F72CA23E574D69F8D7C506022D2984
Malicious:	false
Preview:	2021/09/27-15:38:04.311 18a8 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/MANIFEST-000001.2021/09/27-15:38:04.322 18a8 Recovering log #3.2021/09/27-15:38:04.323 18a8 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.13894229739227035
Encrypted:	false
SSDEEP:	12:TLBj/CBV3JRh1Nd4rQDbNuQXBGI/xNCBV3JRh1Nd4n:TLBC/Ph1/4sDJuyo/Ph1/4n
MD5:	3CF16D69046821027D38BB90AD89DD4B
SHA1:	DCD02E330A76AC4667116C883CD32DCEB146213D
SHA-256:	D8FCE5E612BEE52389BDFDB26E391B4FB29129DEC4383068A9B9183D43C71F10
SHA-512:	B4F55288B85C933890425380D108DA9E25A655F93A5339A18EE8C128913C1968A61186565643CE74B2727E37CBA3CF0CC55F36FD5151752EAB1A189A91119A83
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	807
Entropy (8bit):	5.254446540652756
Encrypted:	false
SSDEEP:	24:MVi33RifDwJkg8Z16aFt/keyY78BJgskfa9yBDOxogC/Ph1/4rvJ:GiUMkg83V1LkUVhd4rvJ
MD5:	05FDF3FAED9032C66E59EB10A6BA173E
SHA1:	CBAF4D90CC7F03BE0FB13FF697C56F6EFEECB6B1
SHA-256:	E7E0256F423F145290A2A0103B434A518D512BCBC3D400B153485814290AF367
SHA-512:	2043C6C5E74025EA87C75ECBA6EF81620F07249F65222EE2CFDFCE4C5B071FF7AF56D71403A9F3E3AF1BE96C7216A83665CB55DA83E4FFB0A38D3CB51E694095
Malicious:	false
Preview:	............"Y....114007..26222021..a..user..app..c..desktop..file..html..m..outlook..owa..users..web........114007......26222021......a......user......app......c......desktop......file......html......m......outlook......owa......users......web..2.........0.........1.........2........4........6........7........a...........b........c........d........e...........f.........h........i........k.........l...........m.........n........o...........p.........r........s..........t..........u.........w....:..................................................................................................................................B............. ........Sfile:///C:/Users/user/Desktop/26222021%20114007%20a.m.%20Owa%20Outlook%20App.html2.Outlook Web App:................J.............. )0259AE.....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	42076
Entropy (8bit):	0.0888186158449421
Encrypted:	false
SSDEEP:	6:Gl9LlW42vXugWg9bNFlEwtCS/l4El3l5s75fO0ud0Xi99pG/L:Gl9RW1fugWqLipS/N3l5s75fOb0S9LI
MD5:	823EBCF84BAF4E6E53E12FC0536ED30C
SHA1:	9E4176D0445468FC6648FBD8353CF4530467B6F3
SHA-256:	A85001F7EAA46AF5C84C1BCC7494ACDE4A8E77033FBD86E3D0DC21742D8854A5
SHA-512:	57046A55358AEC1E3D8643B2C205881780BC72B84FE4EA9142D8377D7439CB8BBC6D4D478F1A38EA2EAA191E03E8EB824519F2BFB0FF64388A99720BFF932B82
Malicious:	false
Preview:	............\.r.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	1157
Entropy (8bit):	3.618411060982434
Encrypted:	false
SSDEEP:	24:34SxylrlCJc0kRU/Ph1/4X2kuu/+SWqVZJU/Ph1/4XyRlLlL:34Nxec0kRQhd4X2kB/+SpQhd4XyDRL
MD5:	39C683349B785A385FB82083DD7019B8
SHA1:	749B0D6D921F935558E92BEF921DDC26220C29AE
SHA-256:	F6836F759E6953CDCD5DDC290043FD4423797C5454422874A134F67CC4643519
SHA-512:	89E302792CFD0E5575291C9B5ACBB91CFC9FD6517632B8654EE8A57756DFA0F5E1FBECC70EDAD7B401F0FF083990CBBF734D49439F91166C011CAC301C58EB8A
Malicious:	false
Preview:	SNSS....................................................!.............................................1..,.......$...d22718cd_4baa_4d90_9523_6e886db2dab9........................%.................................................................................5..0.......&...{2F4F8386-A58B-4B0C-A17B-2FAAF764E551}............................S...file:///C:/Users/user/Desktop/26222021%20114007%20a.m.%20Owa%20Outlook%20App.html.....................................................h.......`.......................................................N......O......P.......h...................................S...f.i.l.e.:./././.C.:./.U.s.e.r.s./.a.l.f.o.n.s./.D.e.s.k.t.o.p./.2.6.2.2.2.0.2.1.%.2.0.1.1.4.0.0.7.%.2.0.a...m...%.2.0.O.w.a.%.2.0.O.u.t.l.o.o.k.%.2.0.A.p.p...h.t.m.l...................................8.......0.......8....................................................................... .......................................................S...file:///C:/Users/user/Desktop/26222021%201

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabslc (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	8
Entropy (8bit):	1.8112781244591325
Encrypted:	false
SSDEEP:	3:3Dtn:3h
MD5:	0686D6159557E1162D04C44240103333
SHA1:	053E9DB58E20A67D1E158E407094359BF61D0639
SHA-256:	3303D5EED881951B0BB52CF1C6BFA758770034D0120C197F9F7A3520B92A86FB
SHA-512:	884C0D3594390E2FC0AEAB05460F0783815170C4B57DB749B8AD9CD10741A5604B7A0F979465C4171AD9C14ED56359A4508B4DE58E794550599AAA261120976C
Malicious:	false
Preview:	SNSS....

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	331
Entropy (8bit):	5.201480763038243
Encrypted:	false
SSDEEP:	6:mYwDFUSwQ+q2P923iKKdK8a2jMGIFUtpXwBF6gZmwPXwnQVkwO923iKKdK8a2jM4:nUFtN+v45Kk8EFUtpXw/PXTV5L5Kk8bJ
MD5:	3C872EBAD3BA72D45C403B26B670AC92
SHA1:	DC061513E7EC50481C88DD9BC331460BAF7E29F5
SHA-256:	AD18D67ED3771C6EF841C62D77338FFCB47C9035C49C8A91F9A06EF68E5CA07B
SHA-512:	900981D4B75A13A341D18697E762897702BD0F08B3A1FD98CC7ECB7B74D3A085146C713669525A4E225A9CB8E31416131CCC4EC3811AC5FC847FF8CCCE78546B
Malicious:	false
Preview:	2021/09/27-15:37:57.391 5dc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/09/27-15:37:57.393 5dc Recovering log #3.2021/09/27-15:37:57.394 5dc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	331
Entropy (8bit):	5.201480763038243
Encrypted:	false
SSDEEP:	6:mYwDFUSwQ+q2P923iKKdK8a2jMGIFUtpXwBF6gZmwPXwnQVkwO923iKKdK8a2jM4:nUFtN+v45Kk8EFUtpXw/PXTV5L5Kk8bJ
MD5:	3C872EBAD3BA72D45C403B26B670AC92
SHA1:	DC061513E7EC50481C88DD9BC331460BAF7E29F5
SHA-256:	AD18D67ED3771C6EF841C62D77338FFCB47C9035C49C8A91F9A06EF68E5CA07B
SHA-512:	900981D4B75A13A341D18697E762897702BD0F08B3A1FD98CC7ECB7B74D3A085146C713669525A4E225A9CB8E31416131CCC4EC3811AC5FC847FF8CCCE78546B
Malicious:	false
Preview:	2021/09/27-15:37:57.391 5dc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2021/09/27-15:37:57.393 5dc Recovering log #3.2021/09/27-15:37:57.394 5dc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	1994
Entropy (8bit):	4.902743093495863
Encrypted:	false
SSDEEP:	48:Y2n6qtwTCXDHyvzM3zsiRsKGsjlRLs+TdsWMHfYhbxD:JnxOTCXDH+zMbJ5lxJGwhVD
MD5:	029A358B8455DD2B0C281BF3F4C8246C
SHA1:	54247407E4F6232A118D9B81F597DB953791F474
SHA-256:	37FA78B51C8E1A22655C1DE3DD7D4E38106797492EEAFD1E3958D5508B8EAA4C
SHA-512:	EC8EE944D63452DBBA51A825541299BD801860B9D7CD3AB8C58797DE4BFDC931395297DEDD57175FD6D74FE1B5AC79E66FAC0DF8EE94E2DA70CD018446BD3B70
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://www.google.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.googleapis.com","supports_spdy":true},{"isolation":[],"server":"https://ssl.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://www.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://fonts.gstatic.com","supports_spdy":true},{"isolation":[],"server":"https://apis.google.com","supports_spdy":true},{"isolation":[],"server":"https://ogs.google.com","supports_spdy":true},{"isolation":[],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"isolation":[],"server":"https://dns.google","supports_spdy":true},{"isolation":[],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[50],"expiration":"13279847879428121","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://ajax.googleapis.com"},{"alternative_service":[{"advert

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	2693
Entropy (8bit):	4.871599185186076
Encrypted:	false
SSDEEP:	48:YXs2MHRzsoMHT5s0MHyKsTMHksrDys4Csb7synWsQItFsym6zs6zMHWLsZMH5YhV:+GDGTHGmGHDW1/nOIbmOGlGGhVD
MD5:	829D5654ADF098AD43036E24C47F2A94
SHA1:	506C8BA397509BA0357787950C538C1879047DF3
SHA-256:	4D0B852D18FCA5C1A712904CF6DB3811FB905E86D8A7508A2D42F9C8D68E2211
SHA-512:	D9B18E6B0AD1E8E4BECF9E84BBE30D64730CFEC2CBEAF96D5DF52E28B907B03EADF22F020FBE0A56D137A52F4F09798031BC6CA026CFA8A979A608B3445DBCAA
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600883925","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":40156},"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542628822803","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":30856},"server":"https://dns.google","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600893104","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":25300},"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"expiration":"13248542600872791","port":443,"protocol_str":"quic"}],"isolation":[],"network_stats":{"srtt":34789},"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_versions":[],"exp

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	333
Entropy (8bit):	5.258717839921465
Encrypted:	false
SSDEEP:	6:mYwYTFd34q2P923iKKdKgXz4rRIFUtpXwYcZmwPXwYdF9kwO923iKKdKgXz4q8LJ:npF14v45KkgXiuFUtpXe/PX35L5KkgXS
MD5:	3E3C5E375428E6D7F6A9357BCE72E8DB
SHA1:	B9EC059664FF6AF3693A4F11AFE23017978C507F
SHA-256:	950FF137B4BB7F352749755BF84BC38715755130D40CC665CFB3FDBC5BBE06C9
SHA-512:	D87D17D45FF0DCC02F90F1E0D594BAB319716A593D79FA624DBD75EEBA03AD2E8AA40D5DAB43697D3A153D73BA43E3A7255FB8E5AABCC494E31DCF9D2E880870
Malicious:	false
Preview:	2021/09/27-15:37:57.686 1e4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/09/27-15:37:57.687 1e4 Recovering log #3.2021/09/27-15:37:57.688 1e4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	333
Entropy (8bit):	5.258717839921465
Encrypted:	false
SSDEEP:	6:mYwYTFd34q2P923iKKdKgXz4rRIFUtpXwYcZmwPXwYdF9kwO923iKKdKgXz4q8LJ:npF14v45KkgXiuFUtpXe/PX35L5KkgXS
MD5:	3E3C5E375428E6D7F6A9357BCE72E8DB
SHA1:	B9EC059664FF6AF3693A4F11AFE23017978C507F
SHA-256:	950FF137B4BB7F352749755BF84BC38715755130D40CC665CFB3FDBC5BBE06C9
SHA-512:	D87D17D45FF0DCC02F90F1E0D594BAB319716A593D79FA624DBD75EEBA03AD2E8AA40D5DAB43697D3A153D73BA43E3A7255FB8E5AABCC494E31DCF9D2E880870
Malicious:	false
Preview:	2021/09/27-15:37:57.686 1e4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/MANIFEST-000001.2021/09/27-15:37:57.687 1e4 Recovering log #3.2021/09/27-15:37:57.688 1e4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4891
Entropy (8bit):	4.953145663426357
Encrypted:	false
SSDEEP:	48:YcTPklSiklq0c6b7qABqqTlYclQKHoTw0d1aPc8C1Nfct/9BhUJo3KhmeSnpNGzv:nkrX3u9pSKIYIk0JCKL8x0bOTQVuwn
MD5:	9A6FB13E4F4F532D4E8E125BC95FA7BC
SHA1:	19BC5A90550D9E287683F06EB11AD80D745773E9
SHA-256:	0DD55B36370C8769D49929C845F277C5128358BED45DBB83B8A4F8C6A1A247BE
SHA-512:	BE710415D5340B204E07701EC2E5360B1839BF3986CE0A1AC2E546BB289CB2F7B6E93C99DD9ECDAB45BC88F8819C5CCAF90608208A78C2BCC195791B022DAF91
Malicious:	false
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13277255877662291","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245950583260338","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245950640095768","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1538886"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesTM (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4800
Entropy (8bit):	4.942378185688073
Encrypted:	false
SSDEEP:	48:YcTPklSiklq0cyqABqqTlYclQKHoTw0d1aPc8C1Nfct/9BhUJo3KhmeSnpNGz0sQ:nkrXru9pSKIYIk0JCKL8xpbOTQVuwn
MD5:	5C07FD0AC86FE64BD05FDFF7CD5C2C51
SHA1:	3DD0FFD09B303022114BCB9E4D7695EBB8A0D805
SHA-256:	76F9A96D616BFD44F3A60EBF873B13AE39A57EE50123A7ED4514805DA7DE677D
SHA-512:	948C2169352ABA33A66E8F6F395E803C05BEFCB41A1D2FBC87766F72FBC49F01FCDF4A81124081B1DEC4FE6BD9C333A20853F2ACBD91187DC51382A1F116628E
Malicious:	false
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13277255877662291","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245950583260338","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245950640095768","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1538886"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	28672
Entropy (8bit):	1.1316479957376386
Encrypted:	false
SSDEEP:	48:TUIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUXdwY80OKo8Sbk:wIElwQF8mpcS8nvbFlnqb7/IHPl7w1
MD5:	F3C042767E315A255456E9C2C3DA013C
SHA1:	1352BFFCE90EF8537353B3DE80E4378905E8CBB5
SHA-256:	6E2A62DB9CF19E3CF2A0B78AA5636FB74293BB97A5D8F9110406177B7C79C423
SHA-512:	BBA9EF4908E5D0179F1CA282081A776A3D6C58217A90406C3C9A47158D096DB0F72BA4810718FF00349B85D7A63A19547BA3F90691206FE63A77827BE81D51BB
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................C..........g...^.........j............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	29252
Entropy (8bit):	0.6288607939044842
Encrypted:	false
SSDEEP:	48:UwqkIopK2rJNVr1GJmm8pF82phrJNVrdHX/cjrJN2yJ1n4n1GmhGUv4:UwhIElwQF8mpcSs
MD5:	50BA79EAEDB02FE600E0BA7C9C9F06B0
SHA1:	D1FB4B5EB2F8DD3401D008FE0AF8DE0A9E0A8716
SHA-256:	E2E565E28261989B9BAFFCE23EE5AD949D6EB1F726B3ECEE34E00952DBA373AE
SHA-512:	D95C9B407A087E3076DFEE22537FF56BCF86C3B5319E7BF11B7C5D0DF9E05D9B3266A3B0609974182301A17571C331450231FE666F6D6A79484F043F06EDE3DD
Malicious:	false
Preview:	.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.. (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	16449
Entropy (8bit):	5.584407498386205
Encrypted:	false
SSDEEP:	384:mMct1LlofX/1kXqKf/pUZNCgVLH2HfDurUtw6q4v:mLlq/1kXqKf/pUZNCgVLH2Hf6rUNqo
MD5:	1FFF2162392B3984AD05444DB9492796
SHA1:	78C559FB5918BC6319C73CD59A71E14F26668C35
SHA-256:	4AC06EB4DB5DBD66F361D19743DCBCDABD1A48F7E123F49B2821AAD70C8C63FB
SHA-512:	AD49FD02F611FDB9B15261582669AFE9EF3FFD659692D77E6AA4B8FE98C3A8A263F5D884DB3E29BE0CE037DB432F9906A0C8185E5C6A3ED1AF7D52054A72403E
Malicious:	false
Preview:	{"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13277255877341058","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Discover great apps, games, extensions and themes for Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","pe

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	19
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:5l:5l
MD5:	E556F26DF3E95C19DBAECA8F5DF0C341
SHA1:	247A89F0557FC3666B5173833DB198B188F3AA2E
SHA-256:	B0A7B19404285905663876774A2176939A6ED75EF3904E44283A125824BD0BF3
SHA-512:	055BC4AB12FEEDF3245EAAF0A0109036909C44E3B69916F8A01E6C8459785317FE75CA6B28F8B339316FC2310D3E5392CD15DBDB0F84016667F304D377444E2E
Malicious:	false
Preview:	..&f...............

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	319
Entropy (8bit):	5.188667026814523
Encrypted:	false
SSDEEP:	6:mYwFEq2P923iKKdKrQMxIFUtpXwQXrZZmwPXwQXrzkwO923iKKdKrQMFLJ:nNv45KkCFUtpXFl/PXF35L5KktJ
MD5:	B4D52D895300D5FDFED614D36B0306FD
SHA1:	426855FE06DA6C0CA3C56845ACB0EB4D00147463
SHA-256:	45F81EE1F03E87B8A641864AA7A228D7C71C43D7C5018B0CEADA3EA6D0940A36
SHA-512:	E9978511C060DEC2E046D605A00696C400AF39783C44CD5D7EB6BF16CDA4B66297C80C7735309931BAB566D930E02BD9792B9E67D0F81097642E78C49372F516
Malicious:	false
Preview:	2021/09/27-15:37:57.568 1e4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/09/27-15:37:57.602 1e4 Recovering log #3.2021/09/27-15:37:57.602 1e4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	319
Entropy (8bit):	5.188667026814523
Encrypted:	false
SSDEEP:	6:mYwFEq2P923iKKdKrQMxIFUtpXwQXrZZmwPXwQXrzkwO923iKKdKrQMFLJ:nNv45KkCFUtpXFl/PXF35L5KktJ
MD5:	B4D52D895300D5FDFED614D36B0306FD
SHA1:	426855FE06DA6C0CA3C56845ACB0EB4D00147463
SHA-256:	45F81EE1F03E87B8A641864AA7A228D7C71C43D7C5018B0CEADA3EA6D0940A36
SHA-512:	E9978511C060DEC2E046D605A00696C400AF39783C44CD5D7EB6BF16CDA4B66297C80C7735309931BAB566D930E02BD9792B9E67D0F81097642E78C49372F516
Malicious:	false
Preview:	2021/09/27-15:37:57.568 1e4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/MANIFEST-000001.2021/09/27-15:37:57.602 1e4 Recovering log #3.2021/09/27-15:37:57.602 1e4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	350
Entropy (8bit):	5.1843603466462405
Encrypted:	false
SSDEEP:	6:mYwaTIq2P923iKKdK7Uh2ghZIFUtpXw5ZmwPXwrSzkwO923iKKdK7Uh2gnLJ:nR8v45KkIhHh2FUtpX0/PX4Sz5L5KkIT
MD5:	F955F5ACFF648A02B6D4C360150C12FB
SHA1:	BA0830F43CEE345FB5DBAD0B700FDDE210504CE8
SHA-256:	450F2CF2FB54AD20D98D983099FDFEF17B93AA8F85857F076F926844D6D9B2AB
SHA-512:	CF5C78D78951766F2E73A21E50000CEE1C1D2CE7A6791BD167CEA250112F7D36B998BB15CBC6E2320A65081FE88957B731454B198092C4BBE62A2E587EBB0486
Malicious:	false
Preview:	2021/09/27-15:37:57.368 17a4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/09/27-15:37:57.372 17a4 Recovering log #3.2021/09/27-15:37:57.373 17a4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldP (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	350
Entropy (8bit):	5.1843603466462405
Encrypted:	false
SSDEEP:	6:mYwaTIq2P923iKKdK7Uh2ghZIFUtpXw5ZmwPXwrSzkwO923iKKdK7Uh2gnLJ:nR8v45KkIhHh2FUtpX0/PX4Sz5L5KkIT
MD5:	F955F5ACFF648A02B6D4C360150C12FB
SHA1:	BA0830F43CEE345FB5DBAD0B700FDDE210504CE8
SHA-256:	450F2CF2FB54AD20D98D983099FDFEF17B93AA8F85857F076F926844D6D9B2AB
SHA-512:	CF5C78D78951766F2E73A21E50000CEE1C1D2CE7A6791BD167CEA250112F7D36B998BB15CBC6E2320A65081FE88957B731454B198092C4BBE62A2E587EBB0486
Malicious:	false
Preview:	2021/09/27-15:37:57.368 17a4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/MANIFEST-000001.2021/09/27-15:37:57.372 17a4 Recovering log #3.2021/09/27-15:37:57.373 17a4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\5421334c-1056-4c48-b50f-719b716521d0.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.956993026220225
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5rAcJksDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdVAsBdLJlyH7E4f3K33y
MD5:	0C03D530AC97788D62D27B2802C34D83
SHA1:	20F78B6B32D98FA52846C70DF78E4E5CEF663E2D
SHA-256:	7941FADA9867DAAE08EBC196BAFC6952DD506842C3E7D8FB14DF9D4E402D894B
SHA-512:	D5905C124060997A14322D12DECE5C00C63F7174743C740C974D00E88B03F203909CC2AC972B2759E8087B0B10F6306C6E66BF853319B5AC96907F34C8456C80
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248542588505091","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.299243014715785
Encrypted:	false
SSDEEP:	6:mYwURekVq2P923iKKdKusNpV/2jMGIFUtpXwUkgZmwPXwUkIkwO923iKKdKusNp+:nlv45KkFFUtpX//PXt5L5KkOJ
MD5:	FB126D3087C95EA301B2D5B65BD64DB5
SHA1:	DABE267C0B68DF2B57A650E6054BC2EB25986070
SHA-256:	B32084555A06E4306CAF16671BFC8A62DE977559EEA84511CB4A35AB9A369C4F
SHA-512:	747108B56DA585F31A01D64DD3C58BD59AF6314AB16CC49B8C469B2B727AD94FF9CF56A5F40842EB4D11FC49F3D94DFEEF07838617A5BF2E01140DC07780D40E
Malicious:	false
Preview:	2021/09/27-15:37:57.644 1424 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/09/27-15:37:57.645 1424 Recovering log #3.2021/09/27-15:37:57.645 1424 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	432
Entropy (8bit):	5.299243014715785
Encrypted:	false
SSDEEP:	6:mYwURekVq2P923iKKdKusNpV/2jMGIFUtpXwUkgZmwPXwUkIkwO923iKKdKusNp+:nlv45KkFFUtpX//PXt5L5KkOJ
MD5:	FB126D3087C95EA301B2D5B65BD64DB5
SHA1:	DABE267C0B68DF2B57A650E6054BC2EB25986070
SHA-256:	B32084555A06E4306CAF16671BFC8A62DE977559EEA84511CB4A35AB9A369C4F
SHA-512:	747108B56DA585F31A01D64DD3C58BD59AF6314AB16CC49B8C469B2B727AD94FF9CF56A5F40842EB4D11FC49F3D94DFEEF07838617A5BF2E01140DC07780D40E
Malicious:	false
Preview:	2021/09/27-15:37:57.644 1424 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/MANIFEST-000001.2021/09/27-15:37:57.645 1424 Recovering log #3.2021/09/27-15:37:57.645 1424 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	325
Entropy (8bit):	4.956993026220225
Encrypted:	false
SSDEEP:	6:YHpoNXR8+eq7JdV5rAcJksDHF4R8HLJ2AVQBR70S7PMVKJw1K3KnMRK3VY:YHO8sdVAsBdLJlyH7E4f3K33y
MD5:	0C03D530AC97788D62D27B2802C34D83
SHA1:	20F78B6B32D98FA52846C70DF78E4E5CEF663E2D
SHA-256:	7941FADA9867DAAE08EBC196BAFC6952DD506842C3E7D8FB14DF9D4E402D894B
SHA-512:	D5905C124060997A14322D12DECE5C00C63F7174743C740C974D00E88B03F203909CC2AC972B2759E8087B0B10F6306C6E66BF853319B5AC96907F34C8456C80
Malicious:	false
Preview:	{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_versions":[50],"expiration":"13248542588505091","port":443,"protocol_str":"quic"}],"isolation":[],"server":"https://dns.google","supports_spdy":true}],"version":5},"network_qualities":{"CAASABiAgICA+P////8B":"4G","CAESABiAgICA+P////8B":"4G"}}}

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	431
Entropy (8bit):	5.3194374620651885
Encrypted:	false
SSDEEP:	6:mYw3Iq2P923iKKdKusNpqz4rRIFUtpXwXZmwPXwFkwO923iKKdKusNpqz4q8LJ:n6Iv45KkmiuFUtpXY/PXA5L5Kkm2J
MD5:	30DC72AA0B618E83C702DACD291D39D4
SHA1:	1B2586E59928DF782652E9C2A83A3D86F568E8AA
SHA-256:	BAB6FEF22AEFE1718CC5FDEB340B98926F24F2DE4F3ED299F090A4DCEAFA0425
SHA-512:	24E828BD138265AE8B810BA487C1D329013860CD00312FF073B0777C24380F16836C25DB69F4F413E6455A614F40919391D67CED0C5FBE31DA29E6410FC9D8C0
Malicious:	false
Preview:	2021/09/27-15:37:57.692 1c4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/09/27-15:37:57.694 1c4 Recovering log #3.2021/09/27-15:37:57.694 1c4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	431
Entropy (8bit):	5.3194374620651885
Encrypted:	false
SSDEEP:	6:mYw3Iq2P923iKKdKusNpqz4rRIFUtpXwXZmwPXwFkwO923iKKdKusNpqz4q8LJ:n6Iv45KkmiuFUtpXY/PXA5L5Kkm2J
MD5:	30DC72AA0B618E83C702DACD291D39D4
SHA1:	1B2586E59928DF782652E9C2A83A3D86F568E8AA
SHA-256:	BAB6FEF22AEFE1718CC5FDEB340B98926F24F2DE4F3ED299F090A4DCEAFA0425
SHA-512:	24E828BD138265AE8B810BA487C1D329013860CD00312FF073B0777C24380F16836C25DB69F4F413E6455A614F40919391D67CED0C5FBE31DA29E6410FC9D8C0
Malicious:	false
Preview:	2021/09/27-15:37:57.692 1c4 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/MANIFEST-000001.2021/09/27-15:37:57.694 1c4 Recovering log #3.2021/09/27-15:37:57.694 1c4 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	38
Entropy (8bit):	1.9837406708828553
Encrypted:	false
SSDEEP:	3:sgGg:st
MD5:	45A8ECA4E5C4A6B1395080C1B728B6C9
SHA1:	8A97BB0E599775D9A10C0FC53C4EDB29AA4CEB4E
SHA-256:	DB320AB28DFF27CDA0A7F87B82F2F8E61B3178A6DE8503753D76F1172D32E08E
SHA-512:	8EE91A3A1E77459273553F6A776C423A8EE95DB9DCFA897771814B7AD13FD84F06BB2B859F22B6DDA384B39EAA91F1819F170BABED6DA16BDBCF5BCB06CF2124
Malicious:	false
Preview:	..F..................F................

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	323
Entropy (8bit):	5.246388254123816
Encrypted:	false
SSDEEP:	6:mYwc+q2P923iKKdKpIFUtpXw+mWZmwPXwrBVkwO923iKKdKa/WLJ:n/+v45KkmFUtpX+W/PX4BV5L5KkaUJ
MD5:	F96A9C2DAB0EEA5A093F69746A6BEF71
SHA1:	3030F7808DFD1F4D45487E2885555B0F4314CBFB
SHA-256:	CA7280A4C3D5F7EB6A46ABD563907ED394897B69C0E5C7769ADD5831D6CD830E
SHA-512:	8CA25C9593B166260D46CC42A360CCCB5ACCA781D4E61A4CF33273B2BA9FCB587612CD3078E791AC0CF75B288BAA8A907C00832579AF5B51E3906EE5FA433A1C
Malicious:	false
Preview:	2021/09/27-15:37:57.365 8cc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/09/27-15:37:57.370 8cc Recovering log #3.2021/09/27-15:37:57.373 8cc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldte (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	323
Entropy (8bit):	5.246388254123816
Encrypted:	false
SSDEEP:	6:mYwc+q2P923iKKdKpIFUtpXw+mWZmwPXwrBVkwO923iKKdKa/WLJ:n/+v45KkmFUtpX+W/PX4BV5L5KkaUJ
MD5:	F96A9C2DAB0EEA5A093F69746A6BEF71
SHA1:	3030F7808DFD1F4D45487E2885555B0F4314CBFB
SHA-256:	CA7280A4C3D5F7EB6A46ABD563907ED394897B69C0E5C7769ADD5831D6CD830E
SHA-512:	8CA25C9593B166260D46CC42A360CCCB5ACCA781D4E61A4CF33273B2BA9FCB587612CD3078E791AC0CF75B288BAA8A907C00832579AF5B51E3906EE5FA433A1C
Malicious:	false
Preview:	2021/09/27-15:37:57.365 8cc Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2021/09/27-15:37:57.370 8cc Recovering log #3.2021/09/27-15:37:57.373 8cc Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	12
Entropy (8bit):	3.188721875540867
Encrypted:	false
SSDEEP:	3:cE1+n:/+n
MD5:	BC563736F9D389B07EE0F19C6CB2F8C6
SHA1:	EA7FB83C62CDB4332E6FFC67D64277326F5ED47C
SHA-256:	48A76E412278852B582776F703CDE426A0B6268B7AF0D18AA9A8B1D09038155B
SHA-512:	DB916A47EF9CD07FED3772A617552CF42D427C7847C1331CAEFAA9A3AFAA019D34BB9DD1674893EC93EAAE4C785B0163AFD50E3C08FAEC5870BD28E57955585E
Malicious:	false
Preview:	.........I..

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b683066b-6474-4d31-8760-5a95e3517e72.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4891
Entropy (8bit):	4.953145663426357
Encrypted:	false
SSDEEP:	48:YcTPklSiklq0c6b7qABqqTlYclQKHoTw0d1aPc8C1Nfct/9BhUJo3KhmeSnpNGzv:nkrX3u9pSKIYIk0JCKL8x0bOTQVuwn
MD5:	9A6FB13E4F4F532D4E8E125BC95FA7BC
SHA1:	19BC5A90550D9E287683F06EB11AD80D745773E9
SHA-256:	0DD55B36370C8769D49929C845F277C5128358BED45DBB83B8A4F8C6A1A247BE
SHA-512:	BE710415D5340B204E07701EC2E5360B1839BF3986CE0A1AC2E546BB289CB2F7B6E93C99DD9ECDAB45BC88F8819C5CCAF90608208A78C2BCC195791B022DAF91
Malicious:	false
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13277255877662291","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245950583260338","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245950640095768","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1538886"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:	3:1sjgWIV//Rv:1qIFJ
MD5:	6752A1D65B201C13B62EA44016EB221F
SHA1:	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
SHA-256:	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
SHA-512:	9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
Malicious:	false
Preview:	MANIFEST-000004.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT.. (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	16
Entropy (8bit):	3.2743974703476995
Encrypted:	false
SSDEEP:	3:1sjgWIV//Rv:1qIFJ
MD5:	6752A1D65B201C13B62EA44016EB221F
SHA1:	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B
SHA-256:	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
SHA-512:	9CFD838D3FB570B44FC3461623AB2296123404C6C8F576B0DE0AABD9A6020840D4C9125EB679ED384170DBCAAC2FA30DC7FA9EE5B77D6DF7C344A0AA030E0389
Malicious:	false
Preview:	MANIFEST-000004.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	136
Entropy (8bit):	4.56583866051727
Encrypted:	false
SSDEEP:	3:tUK1wsDFgmWZmwv3XwsU2Fhh7V8sXwsTFxSv7WGv:mYw8RWZmwPXwHihVVvXwgUtv
MD5:	BC6D37DD2B0E182E21EDFD28BC050B14
SHA1:	6123844B263D5029432F5A9A025A951727A9E81B
SHA-256:	81ED5F1FE01576A98AD0D79CDC1F39790678BD922B01FF0FD01B88C9C351A10B
SHA-512:	152A11FFA9BD6F2E9D2B298C15FAFFA5F64EF1DF57D8FD3878C35B5074C91F06CF290656E4353ECADEDA0B93442FBA12F69C4B2F8DB06562BA20D3CB673A995E
Malicious:	false
Preview:	2021/09/27-15:38:03.826 9ec Recovering log #3.2021/09/27-15:38:03.883 9ec Delete type=0 #3.2021/09/27-15:38:03.884 9ec Delete type=3 #2.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old8\ (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	136
Entropy (8bit):	4.56583866051727
Encrypted:	false
SSDEEP:	3:tUK1wsDFgmWZmwv3XwsU2Fhh7V8sXwsTFxSv7WGv:mYw8RWZmwPXwHihVVvXwgUtv
MD5:	BC6D37DD2B0E182E21EDFD28BC050B14
SHA1:	6123844B263D5029432F5A9A025A951727A9E81B
SHA-256:	81ED5F1FE01576A98AD0D79CDC1F39790678BD922B01FF0FD01B88C9C351A10B
SHA-512:	152A11FFA9BD6F2E9D2B298C15FAFFA5F64EF1DF57D8FD3878C35B5074C91F06CF290656E4353ECADEDA0B93442FBA12F69C4B2F8DB06562BA20D3CB673A995E
Malicious:	false
Preview:	2021/09/27-15:38:03.826 9ec Recovering log #3.2021/09/27-15:38:03.883 9ec Delete type=0 #3.2021/09/27-15:38:03.884 9ec Delete type=3 #2.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004 Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MPEG-4 LOAS
Category:	dropped
Size (bytes):	50
Entropy (8bit):	5.028758439731456
Encrypted:	false
SSDEEP:	3:Ukk/vxQRDKIVmt+8jzn:oO7t8n
MD5:	031D6D1E28FE41A9BDCBD8A21DA92DF1
SHA1:	38CEE81CB035A60A23D6E045E5D72116F2A58683
SHA-256:	B51BC53F3C43A5B800A723623C4E56A836367D6E2787C57D71184DF5D24151DA
SHA-512:	E994CD3A8EE3E3CF6304C33DF5B7D6CC8207E0C08D568925AFA9D46D42F6F1A5BDD7261F0FD1FCDF4DF1A173EF4E159EE1DE8125E54EFEE488A1220CE85AF904
Malicious:	false
Preview:	V........leveldb.BytewiseComparator...#...........

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\facf3efe-4eac-4323-bc68-99f479c22f04.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	4800
Entropy (8bit):	4.942378185688073
Encrypted:	false
SSDEEP:	48:YcTPklSiklq0cyqABqqTlYclQKHoTw0d1aPc8C1Nfct/9BhUJo3KhmeSnpNGz0sQ:nkrXru9pSKIYIk0JCKL8xpbOTQVuwn
MD5:	5C07FD0AC86FE64BD05FDFF7CD5C2C51
SHA1:	3DD0FFD09B303022114BCB9E4D7695EBB8A0D805
SHA-256:	76F9A96D616BFD44F3A60EBF873B13AE39A57EE50123A7ED4514805DA7DE677D
SHA-512:	948C2169352ABA33A66E8F6F395E803C05BEFCB41A1D2FBC87766F72FBC49F01FCDF4A81124081B1DEC4FE6BD9C333A20853F2ACBD91187DC51382A1F116628E
Malicious:	false
Preview:	{"account_id_migration_state":2,"account_tracker_service_last_update":"13277255877662291","alternate_error_pages":{"backup":true},"announcement_notification_service_first_run_time":"13245950583260338","autocomplete":{"retention_policy_last_version":85},"autofill":{"orphan_rows_removed":true},"browser":{"default_browser_infobar_last_declined":"13245950640095768","has_seen_welcome_page":true,"navi_onboard_group":"","should_reset_check_default_browser":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":21843,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1538886"],"daily_received_length":["0","0","0","0","0","0","0","

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	337
Entropy (8bit):	5.275414930956228
Encrypted:	false
SSDEEP:	6:mYw98gQ+q2P923iKKdKfrzAdIFUtpXw9QtAgZmwPXw9QlQVkwO923iKKdKfrzILJ:nHYv45Kk9FUtpXP/PXG5L5Kk2J
MD5:	CBCB9EE1AD4AAE97D9440C8B796FD1BA
SHA1:	932DDD048D3F508005957CB3E419E7520D1EB550
SHA-256:	7629C7BC68E78DB33C7E8570D63E88B38D3B91D16EEE7551817C39E1B20C10C5
SHA-512:	9748EC9D865918E81FEA44B292C81F95AB40ADC50F80FD606023DFB19054452A919DD344FDD264402BA32B27EEA329FDE7875B860AEDB87C2E31833ABB6FD2EA
Malicious:	false
Preview:	2021/09/27-15:38:04.687 b28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/09/27-15:38:04.692 b28 Recovering log #3.2021/09/27-15:38:04.693 b28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	337
Entropy (8bit):	5.275414930956228
Encrypted:	false
SSDEEP:	6:mYw98gQ+q2P923iKKdKfrzAdIFUtpXw9QtAgZmwPXw9QlQVkwO923iKKdKfrzILJ:nHYv45Kk9FUtpXP/PXG5L5Kk2J
MD5:	CBCB9EE1AD4AAE97D9440C8B796FD1BA
SHA1:	932DDD048D3F508005957CB3E419E7520D1EB550
SHA-256:	7629C7BC68E78DB33C7E8570D63E88B38D3B91D16EEE7551817C39E1B20C10C5
SHA-512:	9748EC9D865918E81FEA44B292C81F95AB40ADC50F80FD606023DFB19054452A919DD344FDD264402BA32B27EEA329FDE7875B860AEDB87C2E31833ABB6FD2EA
Malicious:	false
Preview:	2021/09/27-15:38:04.687 b28 Reusing MANIFEST C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2021/09/27-15:38:04.692 b28 Recovering log #3.2021/09/27-15:38:04.693 b28 Reusing old log C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata/000003.log .

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	data
Category:	dropped
Size (bytes):	106
Entropy (8bit):	3.138546519832722
Encrypted:	false
SSDEEP:	3:tbloIlrJ5ldQxl7aXVdJiG6R0RlAl:tbdlrnQxZaHIGi0R6l
MD5:	DE9EF0C5BCC012A3A1131988DEE272D8
SHA1:	FA9CCBDC969AC9E1474FCE773234B28D50951CD8
SHA-256:	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
SHA-512:	CEA946EBEADFE6BE65E33EDFF6C68953A84EC2E2410884E12F406CAC1E6C8A0793180433A7EF7CE097B24EA78A1FDBB4E3B3D9CDF1A827AB6FF5605DA3691724
Malicious:	false
Preview:	C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.

C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.8150724101159437
Encrypted:	false
SSDEEP:	3:Yx7:4
MD5:	C422F72BA41F662A919ED0B70E5C3289
SHA1:	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632
SHA-256:	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
SHA-512:	86010ED2B2EEBDCC5A8A076B37703669C294C6D1BFAAEA963E26A9C94B81B4C53EC765D9425E5B616159C43923F800A891F9B903659575DF02F8845521F8DC46
Malicious:	false
Preview:	85.0.4183.121

C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	373512
Entropy (8bit):	6.0149013100802025
Encrypted:	false
SSDEEP:	6144:xXxPZdp8EBlbyvvux0/xTKD8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1m:xpZd7XbImxnwxzurRDn9nfNxF4ijZVtm
MD5:	B8EC615DA60E46CA98484168B69B678C
SHA1:	26A910EB582C42D884F041FF886B50F452FF2350
SHA-256:	E75B754C26015B0C73EAFDCCEEB1FAC0E9C91321036CB46BE5E9E5ABC1B09164
SHA-512:	1474CD1AC6E5E118F1D86FFDFA65A84766EC4FF0B7B229393F2B6CC4C346201C18131C737F3976DBA96E78C7927487A690C703A38FDB0EA68E9180BA8B86EC29
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.632782279702673e+12,"network":1.632749881e+12,"ticks":7051022999.0,"uncertainty":4228758.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075375298"},"policy":{"last_statistics_update":"1327725587722

C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateTM (copy) Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	375661
Entropy (8bit):	6.021857935755219
Encrypted:	false
SSDEEP:	6144:dXxPZdp8EBlbyvvux0/xTKD8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1m:dpZd7XbImxnwxzurRDn9nfNxF4ijZVtm
MD5:	D5AEBEB61EFA0EE76F271AFAF3BF9AC5
SHA1:	600801535C96DF822E28BC2087CBA60F8BC1C178
SHA-256:	8B493E43647FF8056BBF6D7FAE9508334DA4BF37A5550DAA8526BA92B7B1D28A
SHA-512:	0D9E239D3CFEEBAE6CD46031892F2BC5B20FCF6A2F36D66CE732CF929995A8F10DB995379F673FD60BC92978D17623FD1B7557C7BADA3DB40CAB152822D9DABD
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.632782279702673e+12,"network":1.632749881e+12,"ticks":7051022999.0,"uncertainty":4228758.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075375298"},"plugins":{"resource_cache_update":"1632782338.11

C:\Users\user\AppData\Local\Google\Chrome\User Data\a1509532-d25e-4aba-b08f-254b206cf479.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	modified
Size (bytes):	375661
Entropy (8bit):	6.021857935755219
Encrypted:	false
SSDEEP:	6144:dXxPZdp8EBlbyvvux0/xTKD8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1m:dpZd7XbImxnwxzurRDn9nfNxF4ijZVtm
MD5:	D5AEBEB61EFA0EE76F271AFAF3BF9AC5
SHA1:	600801535C96DF822E28BC2087CBA60F8BC1C178
SHA-256:	8B493E43647FF8056BBF6D7FAE9508334DA4BF37A5550DAA8526BA92B7B1D28A
SHA-512:	0D9E239D3CFEEBAE6CD46031892F2BC5B20FCF6A2F36D66CE732CF929995A8F10DB995379F673FD60BC92978D17623FD1B7557C7BADA3DB40CAB152822D9DABD
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.632782279702673e+12,"network":1.632749881e+12,"ticks":7051022999.0,"uncertainty":4228758.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075375298"},"plugins":{"resource_cache_update":"1632782338.11

C:\Users\user\AppData\Local\Google\Chrome\User Data\a9108da0-6858-4a07-8219-4a48bbcc7c87.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	373512
Entropy (8bit):	6.014901344443662
Encrypted:	false
SSDEEP:	6144:GXxPZdp8EBlbyvvux0/xTKD8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1m:GpZd7XbImxnwxzurRDn9nfNxF4ijZVtm
MD5:	F737359F02A7E7372116906B2E21CEC3
SHA1:	6AAEC585126081C4EE947B54744E43B04B6FB4AB
SHA-256:	D59948377796470A88B893E79897952D8819105539EF3AE91ED8AC366EA7B4B6
SHA-512:	B0FF1558CBF5C28707F81C228A4A5E63EE937161FF8E331CF520BF2657D45AE038A4C130F20B64B7256587F69E6BB4B29DB1DF9CD334A6AE2A27578B63404C9F
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.632782279702673e+12,"network":1.632749881e+12,"ticks":7051022999.0,"uncertainty":4228758.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075265799"},"policy":{"last_statistics_update":"1327725587722

C:\Users\user\AppData\Local\Google\Chrome\User Data\ebc83320-4b2a-4847-bfc8-69ff059251f9.tmp Download File
Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	373512
Entropy (8bit):	6.0149013100802025
Encrypted:	false
SSDEEP:	6144:xXxPZdp8EBlbyvvux0/xTKD8Acx6ZaurE5/EDnJpAl9SeefNqWF4iVx/9LPeq/1m:xpZd7XbImxnwxzurRDn9nfNxF4ijZVtm
MD5:	B8EC615DA60E46CA98484168B69B678C
SHA1:	26A910EB582C42D884F041FF886B50F452FF2350
SHA-256:	E75B754C26015B0C73EAFDCCEEB1FAC0E9C91321036CB46BE5E9E5ABC1B09164
SHA-512:	1474CD1AC6E5E118F1D86FFDFA65A84766EC4FF0B7B229393F2B6CC4C346201C18131C737F3976DBA96E78C7927487A690C703A38FDB0EA68E9180BA8B86EC29
Malicious:	false
Preview:	{"browser":{"last_redirect_origin":"","shortcut_migration_version":"85.0.4183.121"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.632782279702673e+12,"network":1.632749881e+12,"ticks":7051022999.0,"uncertainty":4228758.0}},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAABUPWY4cSyAQZRX3j8/SLmMAAAAAAIAAAAAABBmAAAAAQAAIAAAACC7lwCjByxIY/Ds1S6cdCxJW6iSr1QfjoKlVKoVEQ4EAAAAAA6AAAAAAgAAIAAAAD9PMfiGkWkdrfU+zeMpOLPS1eDxLpcgjYP2R/ndeCNxMAAAAK+RpovfP61NtB5nOpQgPMjPTyt2T1WPeru9i3yP05zNVEj0uCRDWfONruG9ricX1kAAAADB9KtQ9KY2z38GdfaF7dW2ZLcAMHOX2oEKBg8ZJG9lsuMexxChB4M8HFpyb0Bpr6axpi+zmMIXt76noTOxFzKN"},"password_manager":{"os_password_blank":true,"os_password_last_changed":"13245950075375298"},"policy":{"last_statistics_update":"1327725587722

Static File Info

General
File type:	HTML document, ASCII text, with very long lines, with CRLF line terminators
Entropy (8bit):	5.900136314203029
TrID:	HyperText Markup Language (13003/1) 100.00%
File name:	26222021 114007 a.m. Owa Outlook App.html
File size:	54776
MD5:	efa08de227c06d13162b994472142102
SHA1:	195d8bd6d84fd8da5208ed91ee578fd8feab7f5c
SHA256:	21e1b3843d882911bc6fc1ba3b991060562d0ab228ff298d4c8c87ae582bf333
SHA512:	42bd00b3ff842292a20da6a22911b9e7ec1ae256f49ce3bcb9def903c07bba6cb38c479de75a12ea0c04426b1d645861cff369ae5281af2799777f3556c43109
SSDEEP:	768:23qQS4/yT1GsqLX9ciGwPLzz+mUJskRdKV7aQbl1ANaH17aNCB0rD01xEQqPcelF:7GsqX9c4zz+mJokF5soVeNd3SkcseQ
File Content Preview:	..<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">.. Copyright (c) 2011 Microsoft Corporation. All rights reserved. -->.. OwaPage = ASP.auth_logon_aspx -->.... {57A118C6-2DA9-419d-BE9A-F92B0F9A418B} -->..<!DOCTYPE HTML PUBLIC "

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2021 15:37:59.434175014 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.434209108 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.434273958 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.434510946 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.434529066 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.447204113 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.447242975 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.447318077 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.447541952 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.447556973 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.456963062 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.457006931 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.457133055 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.457298040 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.457317114 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.458723068 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.458751917 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.458823919 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.459073067 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.459090948 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.472316980 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.472352982 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.472492933 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.472752094 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.472768068 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.484663963 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.484664917 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.485049963 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.485367060 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.485400915 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.487004042 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.487164021 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.487349987 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.487453938 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.496144056 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.496691942 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.497456074 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.498867989 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.498966932 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.502496958 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.502924919 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.504216909 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.504318953 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.504755020 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.505100012 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.505153894 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.507344007 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.507487059 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.636513948 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.636998892 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.637013912 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.640090942 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.640290022 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.640655994 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.640902042 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.641469955 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.641675949 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.641788960 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.642244101 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.642287970 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.642497063 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.642515898 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.642561913 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.642596960 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.642631054 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.642649889 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.642776012 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.654973030 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655065060 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655102015 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.655127048 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655183077 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.655211926 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655308008 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655363083 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.655379057 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655404091 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655523062 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.655536890 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655582905 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655590057 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.655601978 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655658960 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.655668974 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655848980 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655900955 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.655905962 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.655922890 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.656104088 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.656225920 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.656241894 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.659607887 CEST	49738	443	192.168.2.5	104.16.19.94
Sep 27, 2021 15:37:59.659640074 CEST	443	49738	104.16.19.94	192.168.2.5
Sep 27, 2021 15:37:59.662113905 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662174940 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662194014 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.662219048 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662282944 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.662302017 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662590027 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662633896 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662667990 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662694931 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662704945 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.662725925 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.662740946 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.662781000 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.662791014 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663043976 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663084030 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663109064 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.663147926 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663204908 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.663554907 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663670063 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663706064 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663727045 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.663736105 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663748026 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.663806915 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.664313078 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664386988 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664387941 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.664401054 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664453030 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664486885 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664515018 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.664541960 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664561033 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.664841890 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664901018 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664947033 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664982080 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.664984941 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.665003061 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665013075 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.665034056 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665066957 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.665076971 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665285110 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.665359974 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665411949 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665443897 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665474892 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.665488005 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665566921 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.665704966 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665757895 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665786982 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.665806055 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.665819883 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.666621923 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.666663885 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.666697979 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.666712046 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.666724920 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.666763067 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.666783094 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.666790009 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.666795969 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.666848898 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.666856050 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.667418003 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.667500973 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.667511940 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.674956083 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675049067 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675092936 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.675095081 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675112009 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675184011 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.675364971 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675415039 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675432920 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.675445080 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675488949 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675498962 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.675507069 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675573111 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.675579071 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675829887 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675868034 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675893068 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.675899982 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675929070 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.675956964 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.675965071 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.676018000 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.676023006 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.676038027 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.676084995 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.676630974 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.676697016 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.676709890 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.676723957 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.677270889 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.677509069 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.677517891 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.677568913 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.677597046 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.677599907 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.677608967 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.677650928 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.677676916 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.677686930 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.677766085 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.678076029 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.678168058 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.678241014 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.678293943 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.678302050 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.682773113 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.682832956 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.682854891 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.688299894 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.688388109 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.688473940 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.688496113 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.688565969 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.690078974 CEST	49736	443	192.168.2.5	172.217.168.13
Sep 27, 2021 15:37:59.690154076 CEST	443	49736	172.217.168.13	192.168.2.5
Sep 27, 2021 15:37:59.701107979 CEST	49741	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.701148033 CEST	443	49741	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.701566935 CEST	49742	443	192.168.2.5	104.18.11.207
Sep 27, 2021 15:37:59.701586962 CEST	443	49742	104.18.11.207	192.168.2.5
Sep 27, 2021 15:37:59.831806898 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.831907988 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.831999063 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.835036039 CEST	49740	443	192.168.2.5	18.66.196.75
Sep 27, 2021 15:37:59.835069895 CEST	443	49740	18.66.196.75	192.168.2.5
Sep 27, 2021 15:37:59.935698986 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:37:59.935736895 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:37:59.935846090 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:37:59.936072111 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:37:59.936093092 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.364885092 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.365550995 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.365583897 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.366892099 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.366980076 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.369163990 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.369268894 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.369323969 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.408802032 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.408821106 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.450789928 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.523755074 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.523792028 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.523804903 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.523848057 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.523920059 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.523933887 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.523968935 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.524223089 CEST	443	49744	98.164.36.69	192.168.2.5
Sep 27, 2021 15:38:00.524311066 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.529412031 CEST	49744	443	192.168.2.5	98.164.36.69
Sep 27, 2021 15:38:00.529439926 CEST	443	49744	98.164.36.69	192.168.2.5

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2021 15:37:59.405744076 CEST	61733	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.406470060 CEST	65447	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.413667917 CEST	52441	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.416723013 CEST	62176	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.419859886 CEST	53	65447	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.420283079 CEST	59596	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.424601078 CEST	65296	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.426301003 CEST	53	52441	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.432632923 CEST	63183	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.433202982 CEST	53	61733	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.435615063 CEST	60151	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.437180042 CEST	56969	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.444050074 CEST	53	62176	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.444343090 CEST	53	65296	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.449055910 CEST	53	60151	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.455996037 CEST	53	59596	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.457834005 CEST	53	56969	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.471393108 CEST	53	63183	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.706384897 CEST	55161	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.734617949 CEST	53	55161	8.8.8.8	192.168.2.5
Sep 27, 2021 15:37:59.865755081 CEST	54757	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:37:59.934731960 CEST	53	54757	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:01.329493046 CEST	60075	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:01.343097925 CEST	53	60075	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:09.863195896 CEST	58530	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:09.899008036 CEST	53	58530	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:20.811553955 CEST	53813	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:20.824790001 CEST	53	53813	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:42.237412930 CEST	63732	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:42.271171093 CEST	53	63732	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:42.466550112 CEST	57344	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:42.502690077 CEST	53	57344	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:54.437269926 CEST	54450	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:54.457707882 CEST	53	54450	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:57.643460989 CEST	59261	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:57.647670031 CEST	57151	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:57.675291061 CEST	53	59261	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:57.679354906 CEST	53	57151	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:57.889830112 CEST	59413	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:57.903963089 CEST	53	59413	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:58.172931910 CEST	51649	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:58.199666977 CEST	53	51649	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:58.246436119 CEST	65086	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:58.286041021 CEST	53	65086	8.8.8.8	192.168.2.5
Sep 27, 2021 15:38:58.354743004 CEST	56432	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:38:58.367736101 CEST	53	56432	8.8.8.8	192.168.2.5
Sep 27, 2021 15:39:00.773499012 CEST	52929	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:39:00.792020082 CEST	53	52929	8.8.8.8	192.168.2.5
Sep 27, 2021 15:39:35.264508009 CEST	64317	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:39:35.299179077 CEST	53	64317	8.8.8.8	192.168.2.5
Sep 27, 2021 15:39:37.085812092 CEST	61004	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:39:37.114155054 CEST	53	61004	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:26.961467028 CEST	56895	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:27.055243015 CEST	53	56895	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:27.595438004 CEST	62372	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:27.670969963 CEST	53	62372	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:28.215034008 CEST	61515	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:28.229171991 CEST	53	61515	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:28.619673967 CEST	56675	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:28.702785015 CEST	53	56675	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:29.567312956 CEST	57172	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:29.581234932 CEST	53	57172	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:30.134557962 CEST	55267	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:30.151473999 CEST	53	55267	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:30.707915068 CEST	50969	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:30.818088055 CEST	53	50969	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:31.607738018 CEST	64362	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:31.694071054 CEST	53	64362	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:32.498399019 CEST	54766	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:32.511276007 CEST	53	54766	8.8.8.8	192.168.2.5
Sep 27, 2021 15:40:32.896868944 CEST	61446	53	192.168.2.5	8.8.8.8
Sep 27, 2021 15:40:32.909696102 CEST	53	61446	8.8.8.8	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Sep 27, 2021 15:37:59.405744076 CEST	192.168.2.5	8.8.8.8	0x7387	Standard query (0)	accounts.google.com	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.406470060 CEST	192.168.2.5	8.8.8.8	0xfde9	Standard query (0)	clients2.google.com	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.413667917 CEST	192.168.2.5	8.8.8.8	0x703d	Standard query (0)	code.jquery.com	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.420283079 CEST	192.168.2.5	8.8.8.8	0x788a	Standard query (0)	logo.clearbit.com	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.424601078 CEST	192.168.2.5	8.8.8.8	0xf1e5	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.432632923 CEST	192.168.2.5	8.8.8.8	0x35ab	Standard query (0)	maxcdn.bootstrapcdn.com	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.437180042 CEST	192.168.2.5	8.8.8.8	0xbad2	Standard query (0)	stackpath.bootstrapcdn.com	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.865755081 CEST	192.168.2.5	8.8.8.8	0x71de	Standard query (0)	mail.borets.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Sep 27, 2021 15:37:59.419859886 CEST	8.8.8.8	192.168.2.5	0xfde9	No error (0)	clients2.google.com	clients.l.google.com		CNAME (Canonical name)	IN (0x0001)
Sep 27, 2021 15:37:59.419859886 CEST	8.8.8.8	192.168.2.5	0xfde9	No error (0)	clients.l.google.com		172.217.168.78	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.426301003 CEST	8.8.8.8	192.168.2.5	0x703d	No error (0)	code.jquery.com	cds.s5x3j6q5.hwcdn.net		CNAME (Canonical name)	IN (0x0001)
Sep 27, 2021 15:37:59.433202982 CEST	8.8.8.8	192.168.2.5	0x7387	No error (0)	accounts.google.com		172.217.168.13	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.444343090 CEST	8.8.8.8	192.168.2.5	0xf1e5	No error (0)	cdnjs.cloudflare.com		104.16.19.94	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.444343090 CEST	8.8.8.8	192.168.2.5	0xf1e5	No error (0)	cdnjs.cloudflare.com		104.16.18.94	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.455996037 CEST	8.8.8.8	192.168.2.5	0x788a	No error (0)	logo.clearbit.com	d26p066pn2w0s0.cloudfront.net		CNAME (Canonical name)	IN (0x0001)
Sep 27, 2021 15:37:59.455996037 CEST	8.8.8.8	192.168.2.5	0x788a	No error (0)	d26p066pn2w0s0.cloudfront.net		18.66.196.75	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.455996037 CEST	8.8.8.8	192.168.2.5	0x788a	No error (0)	d26p066pn2w0s0.cloudfront.net		18.66.196.122	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.455996037 CEST	8.8.8.8	192.168.2.5	0x788a	No error (0)	d26p066pn2w0s0.cloudfront.net		18.66.196.109	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.455996037 CEST	8.8.8.8	192.168.2.5	0x788a	No error (0)	d26p066pn2w0s0.cloudfront.net		18.66.196.20	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.457834005 CEST	8.8.8.8	192.168.2.5	0xbad2	No error (0)	stackpath.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.457834005 CEST	8.8.8.8	192.168.2.5	0xbad2	No error (0)	stackpath.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.471393108 CEST	8.8.8.8	192.168.2.5	0x35ab	No error (0)	maxcdn.bootstrapcdn.com		104.18.11.207	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.471393108 CEST	8.8.8.8	192.168.2.5	0x35ab	No error (0)	maxcdn.bootstrapcdn.com		104.18.10.207	A (IP address)	IN (0x0001)
Sep 27, 2021 15:37:59.934731960 CEST	8.8.8.8	192.168.2.5	0x71de	No error (0)	mail.borets.com		98.164.36.69	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

cdnjs.cloudflare.com

stackpath.bootstrapcdn.com

maxcdn.bootstrapcdn.com

logo.clearbit.com

accounts.google.com

mail.borets.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.5	49738	104.16.19.94	443	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2021-09-27 13:37:59 UTC	0	OUT	GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive Origin: null User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2021-09-27 13:37:59 UTC	2	IN	HTTP/1.1 200 OK Date: Mon, 27 Sep 2021 13:37:59 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03fa9-4af4" Last-Modified: Mon, 04 May 2020 16:15:37 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff cf-request-id: 09e8e6d86e00000229429e7000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" CF-Cache-Status: HIT Age: 12350931 Expires: Sat, 17 Sep 2022 13:37:59 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sii3wCioA2UnbNBFXBnWznYP62RcZaAY30C1%2B95RV3ihxEDo%2FxTh9mhTDQE9gGEP%2FifMyecOfv%2BcmI5ebjz0r1L3Uotj6Co6gSBvOF5NUnZAcdlE7HdhHMxECY9dMmipYPKFjOx5"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 6955213bca2c0229-ZRH alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
2021-09-27 13:37:59 UTC	3	IN	Data Raw: 33 39 33 36 0d 0a 2f 2a 0a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 46 65 64 65 72 69 63 6f 20 5a 69 76 6f 6c 6f 20 32 30 31 37 0a 20 44 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 28 6c 69 63 65 6e 73 65 20 74 65 72 6d 73 20 61 72 65 20 61 74 20 68 74 74 70 3a 2f 2f 6f 70 65 6e 73 6f 75 72 63 65 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 73 2f 4d 49 54 29 2e 0a 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 27 6f 62 6a 65 63 74 27 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 27 75 6e Data Ascii: 3936/* Copyright (C) Federico Zivolo 2017 Distributed under the MIT License (license terms are at http://opensource.org/licenses/MIT). */(function(e,t){'object'==typeof exports&&'un
2021-09-27 13:37:59 UTC	3	IN	Data Raw: 64 65 66 69 6e 65 64 27 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 27 66 75 6e 63 74 69 6f 6e 27 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 65 2e 50 6f 70 70 65 72 3d 74 28 29 7d 29 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 27 75 73 65 20 73 74 72 69 63 74 27 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 27 5b 6f 62 6a 65 63 74 20 46 75 6e 63 74 69 6f 6e 5d 27 3d 3d 3d 7b 7d 2e 74 6f 53 74 72 69 6e 67 2e 63 61 6c 6c 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 74 28 65 2c 74 29 7b 69 66 28 31 21 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 29 72 65 74 75 72 6e 5b 5d 3b 76 61 72 20 6f 3d 67 65 74 43 6f Data Ascii: defined'!=typeof module?module.exports=t():'function'==typeof define&&define.amd?define(t):e.Popper=t()})(this,function(){'use strict';function e(e){return e&&'[object Function]'==={}.toString.call(e)}function t(e,t){if(1!==e.nodeType)return[];var o=getCo
2021-09-27 13:37:59 UTC	4	IN	Data Raw: 72 67 75 6d 65 6e 74 73 5b 31 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3a 27 74 6f 70 27 2c 6f 3d 27 74 6f 70 27 3d 3d 3d 74 3f 27 73 63 72 6f 6c 6c 54 6f 70 27 3a 27 73 63 72 6f 6c 6c 4c 65 66 74 27 2c 69 3d 65 2e 6e 6f 64 65 4e 61 6d 65 3b 69 66 28 27 42 4f 44 59 27 3d 3d 3d 69 7c 7c 27 48 54 4d 4c 27 3d 3d 3d 69 29 7b 76 61 72 20 6e 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 72 3d 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 73 63 72 6f 6c 6c 69 6e 67 45 6c 65 6d 65 6e 74 7c 7c 6e 3b 72 65 74 75 72 6e 20 72 5b 6f 5d 7d 72 65 74 75 72 6e 20 65 5b 6f 5d 7d 66 75 6e 63 74 69 6f 6e 20 6c 28 65 2c 74 29 7b 76 61 72 20 6f 3d 32 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 26 26 76 6f 69 64 20 Data Ascii: rguments[1]?arguments[1]:'top',o='top'===t?'scrollTop':'scrollLeft',i=e.nodeName;if('BODY'===i\|\|'HTML'===i){var n=e.ownerDocument.documentElement,r=e.ownerDocument.scrollingElement\|\|n;return r[o]}return e[o]}function l(e,t){var o=2<arguments.length&&void
2021-09-27 13:37:59 UTC	6	IN	Data Raw: 76 61 72 20 67 3d 74 28 65 29 3b 6c 2d 3d 66 28 67 2c 27 78 27 29 2c 6d 2d 3d 66 28 67 2c 27 79 27 29 2c 72 2e 77 69 64 74 68 2d 3d 6c 2c 72 2e 68 65 69 67 68 74 2d 3d 6d 7d 72 65 74 75 72 6e 20 63 28 72 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 6f 29 7b 76 61 72 20 69 3d 69 65 28 29 2c 72 3d 27 48 54 4d 4c 27 3d 3d 3d 6f 2e 6e 6f 64 65 4e 61 6d 65 2c 70 3d 67 28 65 29 2c 73 3d 67 28 6f 29 2c 64 3d 6e 28 65 29 2c 61 3d 74 28 6f 29 2c 66 3d 70 61 72 73 65 46 6c 6f 61 74 28 61 2e 62 6f 72 64 65 72 54 6f 70 57 69 64 74 68 2c 31 30 29 2c 6d 3d 70 61 72 73 65 46 6c 6f 61 74 28 61 2e 62 6f 72 64 65 72 4c 65 66 74 57 69 64 74 68 2c 31 30 29 2c 68 3d 63 28 7b 74 6f 70 3a 70 2e 74 6f 70 2d 73 2e 74 6f 70 2d 66 2c 6c 65 66 74 3a 70 2e 6c 65 66 74 2d 73 2e 6c 65 Data Ascii: var g=t(e);l-=f(g,'x'),m-=f(g,'y'),r.width-=l,r.height-=m}return c(r)}function u(e,o){var i=ie(),r='HTML'===o.nodeName,p=g(e),s=g(o),d=n(e),a=t(o),f=parseFloat(a.borderTopWidth,10),m=parseFloat(a.borderLeftWidth,10),h=c({top:p.top-s.top-f,left:p.left-s.le
2021-09-27 13:37:59 UTC	7	IN	Data Raw: 3b 72 65 74 75 72 6e 20 74 2a 6f 7d 66 75 6e 63 74 69 6f 6e 20 76 28 65 2c 74 2c 6f 2c 69 2c 6e 29 7b 76 61 72 20 72 3d 35 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 35 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 35 5d 3a 30 3b 69 66 28 2d 31 3d 3d 3d 65 2e 69 6e 64 65 78 4f 66 28 27 61 75 74 6f 27 29 29 72 65 74 75 72 6e 20 65 3b 76 61 72 20 70 3d 79 28 6f 2c 69 2c 72 2c 6e 29 2c 73 3d 7b 74 6f 70 3a 7b 77 69 64 74 68 3a 70 2e 77 69 64 74 68 2c 68 65 69 67 68 74 3a 74 2e 74 6f 70 2d 70 2e 74 6f 70 7d 2c 72 69 67 68 74 3a 7b 77 69 64 74 68 3a 70 2e 72 69 67 68 74 2d 74 2e 72 69 67 68 74 2c 68 65 69 67 68 74 3a 70 2e 68 65 69 67 68 74 7d 2c 62 6f 74 74 6f 6d 3a 7b 77 69 64 74 68 3a 70 2e 77 69 Data Ascii: ;return t*o}function v(e,t,o,i,n){var r=5<arguments.length&&void 0!==arguments[5]?arguments[5]:0;if(-1===e.indexOf('auto'))return e;var p=y(o,i,r,n),s={top:{width:p.width,height:t.top-p.top},right:{width:p.right-t.right,height:p.height},bottom:{width:p.wi
2021-09-27 13:37:59 UTC	8	IN	Data Raw: 78 29 72 65 74 75 72 6e 20 65 2e 66 69 6e 64 49 6e 64 65 78 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 74 5d 3d 3d 3d 6f 7d 29 3b 76 61 72 20 69 3d 54 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 74 5d 3d 3d 3d 6f 7d 29 3b 72 65 74 75 72 6e 20 65 2e 69 6e 64 65 78 4f 66 28 69 29 7d 66 75 6e 63 74 69 6f 6e 20 43 28 74 2c 6f 2c 69 29 7b 76 61 72 20 6e 3d 76 6f 69 64 20 30 3d 3d 3d 69 3f 74 3a 74 2e 73 6c 69 63 65 28 30 2c 44 28 74 2c 27 6e 61 6d 65 27 2c 69 29 29 3b 72 65 74 75 72 6e 20 6e 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 5b 27 66 75 6e 63 74 69 6f 6e 27 5d 26 26 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 27 60 6d 6f 64 69 66 69 65 72 2e 66 75 6e 63 74 69 6f 6e 60 20 69 73 20 64 Data Ascii: x)return e.findIndex(function(e){return e[t]===o});var i=T(e,function(e){return e[t]===o});return e.indexOf(i)}function C(t,o,i){var n=void 0===i?t:t.slice(0,D(t,'name',i));return n.forEach(function(t){t['function']&&console.warn('`modifier.function` is d
2021-09-27 13:37:59 UTC	10	IN	Data Raw: 68 69 73 2e 6d 6f 64 69 66 69 65 72 73 2c 27 61 70 70 6c 79 53 74 79 6c 65 27 29 26 26 28 74 68 69 73 2e 70 6f 70 70 65 72 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 27 78 2d 70 6c 61 63 65 6d 65 6e 74 27 29 2c 74 68 69 73 2e 70 6f 70 70 65 72 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 27 27 2c 74 68 69 73 2e 70 6f 70 70 65 72 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 3d 27 27 2c 74 68 69 73 2e 70 6f 70 70 65 72 2e 73 74 79 6c 65 2e 74 6f 70 3d 27 27 2c 74 68 69 73 2e 70 6f 70 70 65 72 2e 73 74 79 6c 65 5b 57 28 27 74 72 61 6e 73 66 6f 72 6d 27 29 5d 3d 27 27 29 2c 74 68 69 73 2e 64 69 73 61 62 6c 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 28 29 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 72 65 6d 6f 76 65 4f 6e 44 65 73 74 72 6f 79 26 26 74 68 69 73 Data Ascii: his.modifiers,'applyStyle')&&(this.popper.removeAttribute('x-placement'),this.popper.style.left='',this.popper.style.position='',this.popper.style.top='',this.popper.style[W('transform')]=''),this.disableEventListeners(),this.options.removeOnDestroy&&this
2021-09-27 13:37:59 UTC	11	IN	Data Raw: 5d 2e 69 6e 64 65 78 4f 66 28 6f 29 26 26 55 28 74 5b 6f 5d 29 26 26 28 69 3d 27 70 78 27 29 2c 65 2e 73 74 79 6c 65 5b 6f 5d 3d 74 5b 6f 5d 2b 69 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 6a 28 65 2c 74 29 7b 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 76 61 72 20 69 3d 74 5b 6f 5d 3b 21 31 3d 3d 3d 69 3f 65 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 6f 29 3a 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 6f 2c 74 5b 6f 5d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 46 28 65 2c 74 2c 6f 29 7b 76 61 72 20 69 3d 54 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6f 3d 65 2e 6e 61 6d 65 3b 72 65 74 75 72 6e 20 6f 3d 3d 3d 74 7d 29 2c 6e 3d 21 21 69 26 26 65 2e 73 6f 6d 65 28 66 75 6e 63 74 69 Data Ascii: ].indexOf(o)&&U(t[o])&&(i='px'),e.style[o]=t[o]+i})}function j(e,t){Object.keys(t).forEach(function(o){var i=t[o];!1===i?e.removeAttribute(o):e.setAttribute(o,t[o])})}function F(e,t,o){var i=T(e,function(e){var o=e.name;return o===t}),n=!!i&&e.some(functi
2021-09-27 13:37:59 UTC	12	IN	Data Raw: 64 2e 27 29 3b 76 61 72 20 64 3d 2f 5c 73 2a 2c 5c 73 2a 7c 5c 73 2b 2f 2c 61 3d 2d 31 3d 3d 3d 73 3f 5b 70 5d 3a 5b 70 2e 73 6c 69 63 65 28 30 2c 73 29 2e 63 6f 6e 63 61 74 28 5b 70 5b 73 5d 2e 73 70 6c 69 74 28 64 29 5b 30 5d 5d 29 2c 5b 70 5b 73 5d 2e 73 70 6c 69 74 28 64 29 5b 31 5d 5d 2e 63 6f 6e 63 61 74 28 70 2e 73 6c 69 63 65 28 73 2b 31 29 29 5d 3b 72 65 74 75 72 6e 20 61 3d 61 2e 6d 61 70 28 66 75 6e 63 74 69 6f 6e 28 65 2c 69 29 7b 76 61 72 20 6e 3d 28 31 3d 3d 3d 69 3f 21 72 3a 72 29 3f 27 68 65 69 67 68 74 27 3a 27 77 69 64 74 68 27 2c 70 3d 21 31 3b 72 65 74 75 72 6e 20 65 2e 72 65 64 75 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 27 27 3d 3d 3d 65 5b 65 2e 6c 65 6e 67 74 68 2d 31 5d 26 26 2d 31 21 3d 3d 5b 27 2b 27 Data Ascii: d.');var d=/\s,\s\|\s+/,a=-1===s?[p]:[p.slice(0,s).concat([p[s].split(d)[0]]),[p[s].split(d)[1]].concat(p.slice(s+1))];return a=a.map(function(e,i){var n=(1===i?!r:r)?'height':'width',p=!1;return e.reduce(function(e,t){return''===e[e.length-1]&&-1!==['+'
2021-09-27 13:37:59 UTC	14	IN	Data Raw: 61 73 73 20 61 73 20 61 20 66 75 6e 63 74 69 6f 6e 27 29 7d 2c 72 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6f 2c 6e 3d 30 3b 6e 3c 74 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 6f 3d 74 5b 6e 5d 2c 6f 2e 65 6e 75 6d 65 72 61 62 6c 65 3d 6f 2e 65 6e 75 6d 65 72 61 62 6c 65 7c 7c 21 31 2c 6f 2e 63 6f 6e 66 69 67 75 72 61 62 6c 65 3d 21 30 2c 27 76 61 6c 75 65 27 69 6e 20 6f 26 26 28 6f 2e 77 72 69 74 61 62 6c 65 3d 21 30 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 6f 2e 6b 65 79 2c 6f 29 7d 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 2c 6f 2c 69 29 7b 72 65 74 75 72 6e 20 6f 26 26 65 28 74 2e 70 72 6f 74 6f 74 79 70 65 2c 6f 29 2c 69 26 26 65 28 74 2c 69 Data Ascii: ass as a function')},re=function(){function e(e,t){for(var o,n=0;n<t.length;n++)o=t[n],o.enumerable=o.enumerable\|\|!1,o.configurable=!0,'value'in o&&(o.writable=!0),Object.defineProperty(e,o.key,o)}return function(t,o,i){return o&&e(t.prototype,o),i&&e(t,i
2021-09-27 13:37:59 UTC	15	IN	Data Raw: 2c 74 68 69 73 2e 6d 6f 64 69 66 69 65 72 73 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 6d 6f 64 69 66 69 65 72 73 29 2e 6d 61 70 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 73 65 28 7b 6e 61 6d 65 3a 65 7d 2c 6e 2e 6f 70 74 69 6f 6e 73 2e 6d 6f 64 69 66 69 65 72 73 5b 65 5d 29 7d 29 2e 73 6f 72 74 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 2e 6f 72 64 65 72 2d 74 2e 6f 72 64 65 72 7d 29 2c 74 68 69 73 2e 6d 6f 64 69 66 69 65 72 73 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 2e 65 6e 61 62 6c 65 64 26 26 65 28 74 2e 6f 6e 4c 6f 61 64 29 26 26 74 2e 6f 6e 4c 6f 61 64 28 6e 2e 72 65 66 65 72 65 6e 63 65 2c 6e 2e 70 6f 70 70 65 72 2c 6e 2e 6f 70 74 69 6f 6e 73 Data Ascii: ,this.modifiers=Object.keys(this.options.modifiers).map(function(e){return se({name:e},n.options.modifiers[e])}).sort(function(e,t){return e.order-t.order}),this.modifiers.forEach(function(t){t.enabled&&e(t.onLoad)&&t.onLoad(n.reference,n.popper,n.options
2021-09-27 13:37:59 UTC	16	IN	Data Raw: 6e 73 74 61 6e 63 65 2e 72 65 66 65 72 65 6e 63 65 2c 74 2e 70 61 64 64 69 6e 67 2c 6f 29 3b 74 2e 62 6f 75 6e 64 61 72 69 65 73 3d 69 3b 76 61 72 20 6e 3d 74 2e 70 72 69 6f 72 69 74 79 2c 70 3d 65 2e 6f 66 66 73 65 74 73 2e 70 6f 70 70 65 72 2c 73 3d 7b 70 72 69 6d 61 72 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6f 3d 70 5b 65 5d 3b 72 65 74 75 72 6e 20 70 5b 65 5d 3c 69 5b 65 5d 26 26 21 74 2e 65 73 63 61 70 65 57 69 74 68 52 65 66 65 72 65 6e 63 65 26 26 28 6f 3d 4a 28 70 5b 65 5d 2c 69 5b 65 5d 29 29 2c 70 65 28 7b 7d 2c 65 2c 6f 29 7d 2c 73 65 63 6f 6e 64 61 72 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6f 3d 27 72 69 67 68 74 27 3d 3d 3d 65 3f 27 6c 65 66 74 27 3a 27 74 6f 70 27 2c 6e 3d 70 5b 6f 5d 3b 72 65 74 75 72 6e 20 70 Data Ascii: nstance.reference,t.padding,o);t.boundaries=i;var n=t.priority,p=e.offsets.popper,s={primary:function(e){var o=p[e];return p[e]<i[e]&&!t.escapeWithReference&&(o=J(p[e],i[e])),pe({},e,o)},secondary:function(e){var o='right'===e?'left':'top',n=p[o];return p
2021-09-27 13:37:59 UTC	17	IN	Data Raw: 31 31 62 65 0d 0a 65 69 67 68 74 27 3b 72 65 74 75 72 6e 20 6f 5b 73 5d 3c 72 28 69 5b 64 5d 29 26 26 28 65 2e 6f 66 66 73 65 74 73 2e 70 6f 70 70 65 72 5b 64 5d 3d 72 28 69 5b 64 5d 29 2d 6f 5b 61 5d 29 2c 6f 5b 64 5d 3e 72 28 69 5b 73 5d 29 26 26 28 65 2e 6f 66 66 73 65 74 73 2e 70 6f 70 70 65 72 5b 64 5d 3d 72 28 69 5b 73 5d 29 29 2c 65 7d 7d 2c 61 72 72 6f 77 3a 7b 6f 72 64 65 72 3a 35 30 30 2c 65 6e 61 62 6c 65 64 3a 21 30 2c 66 6e 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6f 29 7b 76 61 72 20 69 3b 69 66 28 21 46 28 65 2e 69 6e 73 74 61 6e 63 65 2e 6d 6f 64 69 66 69 65 72 73 2c 27 61 72 72 6f 77 27 2c 27 6b 65 65 70 54 6f 67 65 74 68 65 72 27 29 29 72 65 74 75 72 6e 20 65 3b 76 61 72 20 6e 3d 6f 2e 65 6c 65 6d 65 6e 74 3b 69 66 28 27 73 74 72 69 6e 67 27 Data Ascii: 11beeight';return o[s]<r(i[d])&&(e.offsets.popper[d]=r(i[d])-o[a]),o[d]>r(i[s])&&(e.offsets.popper[d]=r(i[s])),e}},arrow:{order:500,enabled:!0,fn:function(e,o){var i;if(!F(e.instance.modifiers,'arrow','keepTogether'))return e;var n=o.element;if('string'
2021-09-27 13:37:59 UTC	18	IN	Data Raw: 29 7b 63 61 73 65 20 6c 65 2e 46 4c 49 50 3a 70 3d 5b 69 2c 6e 5d 3b 62 72 65 61 6b 3b 63 61 73 65 20 6c 65 2e 43 4c 4f 43 4b 57 49 53 45 3a 70 3d 71 28 69 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 6c 65 2e 43 4f 55 4e 54 45 52 43 4c 4f 43 4b 57 49 53 45 3a 70 3d 71 28 69 2c 21 30 29 3b 62 72 65 61 6b 3b 64 65 66 61 75 6c 74 3a 70 3d 74 2e 62 65 68 61 76 69 6f 72 3b 7d 72 65 74 75 72 6e 20 70 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 73 2c 64 29 7b 69 66 28 69 21 3d 3d 73 7c 7c 70 2e 6c 65 6e 67 74 68 3d 3d 3d 64 2b 31 29 72 65 74 75 72 6e 20 65 3b 69 3d 65 2e 70 6c 61 63 65 6d 65 6e 74 2e 73 70 6c 69 74 28 27 2d 27 29 5b 30 5d 2c 6e 3d 78 28 69 29 3b 76 61 72 20 61 3d 65 2e 6f 66 66 73 65 74 73 2e 70 6f 70 70 65 72 2c 6c 3d 65 2e 6f 66 66 73 65 Data Ascii: ){case le.FLIP:p=[i,n];break;case le.CLOCKWISE:p=q(i);break;case le.COUNTERCLOCKWISE:p=q(i,!0);break;default:p=t.behavior;}return p.forEach(function(s,d){if(i!==s\|\|p.length===d+1)return e;i=e.placement.split('-')[0],n=x(i);var a=e.offsets.popper,l=e.offse
2021-09-27 13:37:59 UTC	20	IN	Data Raw: 6f 66 66 73 65 74 73 2e 72 65 66 65 72 65 6e 63 65 2c 6f 3d 54 28 65 2e 69 6e 73 74 61 6e 63 65 2e 6d 6f 64 69 66 69 65 72 73 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 27 70 72 65 76 65 6e 74 4f 76 65 72 66 6c 6f 77 27 3d 3d 3d 65 2e 6e 61 6d 65 7d 29 2e 62 6f 75 6e 64 61 72 69 65 73 3b 69 66 28 74 2e 62 6f 74 74 6f 6d 3c 6f 2e 74 6f 70 7c 7c 74 2e 6c 65 66 74 3e 6f 2e 72 69 67 68 74 7c 7c 74 2e 74 6f 70 3e 6f 2e 62 6f 74 74 6f 6d 7c 7c 74 2e 72 69 67 68 74 3c 6f 2e 6c 65 66 74 29 7b 69 66 28 21 30 3d 3d 3d 65 2e 68 69 64 65 29 72 65 74 75 72 6e 20 65 3b 65 2e 68 69 64 65 3d 21 30 2c 65 2e 61 74 74 72 69 62 75 74 65 73 5b 27 78 2d 6f 75 74 2d 6f 66 2d 62 6f 75 6e 64 61 72 69 65 73 27 5d 3d 27 27 7d 65 6c 73 65 7b 69 66 28 21 31 3d 3d 3d 65 Data Ascii: offsets.reference,o=T(e.instance.modifiers,function(e){return'preventOverflow'===e.name}).boundaries;if(t.bottom<o.top\|\|t.left>o.right\|\|t.top>o.bottom\|\|t.right<o.left){if(!0===e.hide)return e;e.hide=!0,e.attributes['x-out-of-boundaries']=''}else{if(!1===e
2021-09-27 13:37:59 UTC	21	IN	Data Raw: 3a 21 30 2c 66 6e 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 59 28 65 2e 69 6e 73 74 61 6e 63 65 2e 70 6f 70 70 65 72 2c 65 2e 73 74 79 6c 65 73 29 2c 6a 28 65 2e 69 6e 73 74 61 6e 63 65 2e 70 6f 70 70 65 72 2c 65 2e 61 74 74 72 69 62 75 74 65 73 29 2c 65 2e 61 72 72 6f 77 45 6c 65 6d 65 6e 74 26 26 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 2e 61 72 72 6f 77 53 74 79 6c 65 73 29 2e 6c 65 6e 67 74 68 26 26 59 28 65 2e 61 72 72 6f 77 45 6c 65 6d 65 6e 74 2c 65 2e 61 72 72 6f 77 53 74 79 6c 65 73 29 2c 65 7d 2c 6f 6e 4c 6f 61 64 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6f 2c 69 2c 6e 29 7b 76 61 72 20 72 3d 4f 28 6e 2c 74 2c 65 29 2c 70 3d 76 28 6f 2e 70 6c 61 63 65 6d 65 6e 74 2c 72 2c 74 2c 65 2c 6f 2e 6d 6f 64 69 66 69 65 72 73 2e 66 6c 69 Data Ascii: :!0,fn:function(e){return Y(e.instance.popper,e.styles),j(e.instance.popper,e.attributes),e.arrowElement&&Object.keys(e.arrowStyles).length&&Y(e.arrowElement,e.arrowStyles),e},onLoad:function(e,t,o,i,n){var r=O(n,t,e),p=v(o.placement,r,t,e,o.modifiers.fli
2021-09-27 13:37:59 UTC	21	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.5	49741	104.18.11.207	443	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2021-09-27 13:37:59 UTC	0	OUT	GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1 Host: stackpath.bootstrapcdn.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2021-09-27 13:37:59 UTC	21	IN	HTTP/1.1 200 OK Date: Mon, 27 Sep 2021 13:37:59 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: CH CDN-EdgeStorageId: 723 CDN-EdgeStorageId: 718 CDN-EdgeStorageId: 718 Last-Modified: Mon, 25 Jan 2021 22:04:06 GMT CDN-CachedAt: 2021-04-27 05:43:19 CDN-RequestPullSuccess: True CDN-RequestPullCode: 200 Cache-Control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff CDN-RequestId: 5f4af7230ff4eacb884d4c87f6925b67 CDN-Cache: HIT CF-Cache-Status: HIT Age: 13253662 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 6955213bd82923af-ZRH alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
2021-09-27 13:37:59 UTC	23	IN	Data Raw: 37 62 63 39 0d 0a 2f 2a 21 0a 20 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 31 2e 33 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 38 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 67 72 61 70 68 73 2f 63 6f 6e 74 72 69 62 75 74 6f 72 73 29 0a 20 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 Data Ascii: 7bc9/! Bootstrap v4.1.3 (https://getbootstrap.com/) * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */!function(
2021-09-27 13:37:59 UTC	23	IN	Data Raw: 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 65 28 65 78 70 6f 72 74 73 2c 72 65 71 75 69 72 65 28 22 6a 71 75 65 72 79 22 29 2c 72 65 71 75 69 72 65 28 22 70 6f 70 70 65 72 2e 6a 73 22 29 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 65 78 70 6f 72 74 73 22 2c 22 6a 71 75 65 72 79 22 2c 22 70 6f 70 70 65 72 2e 6a 73 22 5d 2c 65 29 3a 65 28 74 2e 62 6f 6f 74 73 74 72 61 70 3d 7b 7d 2c 74 2e 6a 51 75 65 72 79 2c 74 2e 50 6f 70 70 65 72 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 68 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 69 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 Data Ascii: s&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var
2021-09-27 13:37:59 UTC	24	IN	Data Raw: 2c 42 65 2c 56 65 2c 59 65 2c 7a 65 2c 4a 65 2c 5a 65 2c 47 65 2c 24 65 2c 58 65 2c 74 6e 2c 65 6e 2c 6e 6e 2c 72 6e 2c 6f 6e 2c 73 6e 2c 61 6e 2c 6c 6e 2c 63 6e 2c 68 6e 2c 75 6e 2c 66 6e 2c 64 6e 2c 67 6e 2c 5f 6e 2c 6d 6e 2c 70 6e 2c 76 6e 2c 79 6e 2c 45 6e 2c 43 6e 2c 54 6e 2c 62 6e 2c 53 6e 2c 49 6e 2c 41 6e 2c 44 6e 2c 77 6e 2c 4e 6e 2c 4f 6e 2c 6b 6e 2c 50 6e 2c 6a 6e 2c 48 6e 2c 4c 6e 2c 52 6e 2c 78 6e 2c 57 6e 2c 55 6e 2c 71 6e 2c 46 6e 3d 66 75 6e 63 74 69 6f 6e 28 69 29 7b 76 61 72 20 65 3d 22 74 72 61 6e 73 69 74 69 6f 6e 65 6e 64 22 3b 66 75 6e 63 74 69 6f 6e 20 74 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2c 6e 3d 21 31 3b 72 65 74 75 72 6e 20 69 28 74 68 69 73 29 2e 6f 6e 65 28 6c 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 2c 66 75 6e 63 Data Ascii: ,Be,Ve,Ye,ze,Je,Ze,Ge,$e,Xe,tn,en,nn,rn,on,sn,an,ln,cn,hn,un,fn,dn,gn,_n,mn,pn,vn,yn,En,Cn,Tn,bn,Sn,In,An,Dn,wn,Nn,On,kn,Pn,jn,Hn,Ln,Rn,xn,Wn,Un,qn,Fn=function(i){var e="transitionend";function t(t){var e=this,n=!1;return i(this).one(l.TRANSITION_END,func
2021-09-27 13:37:59 UTC	26	IN	Data Raw: 65 6e 74 2e 73 70 65 63 69 61 6c 5b 6c 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 5d 3d 7b 62 69 6e 64 54 79 70 65 3a 65 2c 64 65 6c 65 67 61 74 65 54 79 70 65 3a 65 2c 68 61 6e 64 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 69 28 74 2e 74 61 72 67 65 74 29 2e 69 73 28 74 68 69 73 29 29 72 65 74 75 72 6e 20 74 2e 68 61 6e 64 6c 65 4f 62 6a 2e 68 61 6e 64 6c 65 72 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 2c 6c 7d 28 65 29 2c 4b 6e 3d 28 6e 3d 22 61 6c 65 72 74 22 2c 61 3d 22 2e 22 2b 28 6f 3d 22 62 73 2e 61 6c 65 72 74 22 29 2c 63 3d 28 72 3d 65 29 2e 66 6e 5b 6e 5d 2c 75 3d 7b 43 4c 4f 53 45 3a 22 63 6c 6f 73 65 22 2b 61 2c 43 4c 4f 53 45 44 3a 22 63 6c 6f 73 65 64 22 2b 61 2c 43 4c 49 43 4b 5f 44 41 54 41 5f 41 Data Ascii: ent.special[l.TRANSITION_END]={bindType:e,delegateType:e,handle:function(t){if(i(t.target).is(this))return t.handleObj.handler.apply(this,arguments)}},l}(e),Kn=(n="alert",a="."+(o="bs.alert"),c=(r=e).fn[n],u={CLOSE:"close"+a,CLOSED:"closed"+a,CLICK_DATA_A
2021-09-27 13:37:59 UTC	27	IN	Data Raw: 73 28 69 2c 6e 75 6c 6c 2c 5b 7b 6b 65 79 3a 22 56 45 52 53 49 4f 4e 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 34 2e 31 2e 33 22 7d 7d 5d 29 2c 69 7d 28 29 2c 72 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 75 2e 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 2c 27 5b 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 61 6c 65 72 74 22 5d 27 2c 5f 2e 5f 68 61 6e 64 6c 65 44 69 73 6d 69 73 73 28 6e 65 77 20 5f 29 29 2c 72 2e 66 6e 5b 6e 5d 3d 5f 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2c 72 2e 66 6e 5b 6e 5d 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 5f 2c 72 2e 66 6e 5b 6e 5d 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 2e 66 6e 5b 6e 5d 3d 63 2c 5f 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 Data Ascii: s(i,null,[{key:"VERSION",get:function(){return"4.1.3"}}]),i}(),r(document).on(u.CLICK_DATA_API,'[data-dismiss="alert"]',_._handleDismiss(new _)),r.fn[n]=_._jQueryInterface,r.fn[n].Constructor=_,r.fn[n].noConflict=function(){return r.fn[n]=c,_._jQueryInter
2021-09-27 13:37:59 UTC	28	IN	Data Raw: 3d 65 26 26 74 5b 65 5d 28 29 7d 29 7d 2c 73 28 6e 2c 6e 75 6c 6c 2c 5b 7b 6b 65 79 3a 22 56 45 52 53 49 4f 4e 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 34 2e 31 2e 33 22 7d 7d 5d 29 2c 6e 7d 28 29 2c 6d 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 4f 2e 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 2c 49 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 76 61 72 20 65 3d 74 2e 74 61 72 67 65 74 3b 6d 28 65 29 2e 68 61 73 43 6c 61 73 73 28 62 29 7c 7c 28 65 3d 6d 28 65 29 2e 63 6c 6f 73 65 73 74 28 4e 29 29 2c 6b 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2e 63 61 6c 6c 28 6d 28 65 29 2c 22 74 6f 67 67 6c 65 22 29 7d 29 2e 6f 6e 28 4f 2e 46 4f 43 55 53 5f 42 4c 55 52 5f 44 41 54 Data Ascii: =e&&t[e]()})},s(n,null,[{key:"VERSION",get:function(){return"4.1.3"}}]),n}(),m(document).on(O.CLICK_DATA_API,I,function(t){t.preventDefault();var e=t.target;m(e).hasClass(b)\|\|(e=m(e).closest(N)),k._jQueryInterface.call(m(e),"toggle")}).on(O.FOCUS_BLUR_DAT
2021-09-27 13:37:59 UTC	30	IN	Data Raw: 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 3d 21 31 2c 74 68 69 73 2e 74 6f 75 63 68 54 69 6d 65 6f 75 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 3d 74 68 69 73 2e 5f 67 65 74 43 6f 6e 66 69 67 28 65 29 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 50 28 74 29 5b 30 5d 2c 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 6e 74 29 2c 74 68 69 73 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 28 29 7d 76 61 72 20 74 3d 6f 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 6e 20 74 2e 6e 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 7c 7c 74 68 69 73 2e 5f 73 6c 69 64 65 28 71 29 7d 2c 74 2e Data Ascii: his._isSliding=!1,this.touchTimeout=null,this._config=this._getConfig(e),this._element=P(t)[0],this._indicatorsElement=this._element.querySelector(nt),this._addEventListeners()}var t=o.prototype;return t.next=function(){this._isSliding\|\|this._slide(q)},t.
2021-09-27 13:37:59 UTC	31	IN	Data Raw: 74 65 72 76 61 6c 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 73 50 61 75 73 65 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 7d 2c 74 2e 5f 67 65 74 43 6f 6e 66 69 67 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 3d 6c 28 7b 7d 2c 57 2c 74 29 2c 46 6e 2e 74 79 70 65 43 68 65 63 6b 43 6f 6e 66 69 67 28 6a 2c 74 2c 55 29 2c 74 7d 2c 74 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 6b 65 79 62 6f 61 72 64 26 26 50 28 74 68 69 73 2e 5f Data Ascii: terval=null,this._isPaused=null,this._isSliding=null,this._activeElement=null,this._indicatorsElement=null},t._getConfig=function(t){return t=l({},W,t),Fn.typeCheckConfig(j,t,U),t},t._addEventListeners=function(){var e=this;this._config.keyboard&&P(this._
2021-09-27 13:37:59 UTC	32	IN	Data Raw: 50 2e 45 76 65 6e 74 28 51 2e 53 4c 49 44 45 2c 7b 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 74 2c 64 69 72 65 63 74 69 6f 6e 3a 65 2c 66 72 6f 6d 3a 69 2c 74 6f 3a 6e 7d 29 3b 72 65 74 75 72 6e 20 50 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 72 29 2c 72 7d 2c 74 2e 5f 73 65 74 41 63 74 69 76 65 49 6e 64 69 63 61 74 6f 72 45 6c 65 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 29 7b 76 61 72 20 65 3d 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 68 69 73 2e 5f 69 6e 64 69 63 61 74 6f 72 73 45 6c 65 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 24 29 29 3b 50 28 65 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 56 29 3b 76 61 72 20 Data Ascii: P.Event(Q.SLIDE,{relatedTarget:t,direction:e,from:i,to:n});return P(this._element).trigger(r),r},t._setActiveIndicatorElement=function(t){if(this._indicatorsElement){var e=[].slice.call(this._indicatorsElement.querySelectorAll($));P(e).removeClass(V);var
2021-09-27 13:37:59 UTC	34	IN	Data Raw: 74 79 70 65 6f 66 20 69 26 26 28 65 3d 6c 28 7b 7d 2c 65 2c 69 29 29 3b 76 61 72 20 6e 3d 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 69 3f 69 3a 65 2e 73 6c 69 64 65 3b 69 66 28 74 7c 7c 28 74 3d 6e 65 77 20 6f 28 74 68 69 73 2c 65 29 2c 50 28 74 68 69 73 29 2e 64 61 74 61 28 48 2c 74 29 29 2c 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 69 29 74 2e 74 6f 28 69 29 3b 65 6c 73 65 20 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 6e 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 74 5b 6e 5d 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 27 4e 6f 20 6d 65 74 68 6f 64 20 6e 61 6d 65 64 20 22 27 2b 6e 2b 27 22 27 29 3b 74 5b 6e 5d 28 29 7d 65 6c 73 65 20 65 2e 69 6e 74 65 72 76 61 6c 26 26 Data Ascii: typeof i&&(e=l({},e,i));var n="string"==typeof i?i:e.slide;if(t\|\|(t=new o(this,e),P(this).data(H,t)),"number"==typeof i)t.to(i);else if("string"==typeof n){if("undefined"==typeof t[n])throw new TypeError('No method named "'+n+'"');t[n]()}else e.interval&&
2021-09-27 13:37:59 UTC	35	IN	Data Raw: 6e 67 22 2c 43 74 3d 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 63 6f 6c 6c 61 70 73 65 22 5d 27 2c 54 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 61 28 65 2c 74 29 7b 74 68 69 73 2e 5f 69 73 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 21 31 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 65 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 3d 74 68 69 73 2e 5f 67 65 74 43 6f 6e 66 69 67 28 74 29 2c 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 3d 73 74 2e 6d 61 6b 65 41 72 72 61 79 28 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 63 6f 6c 6c 61 70 73 65 22 5d 5b 68 72 65 66 3d 22 23 27 2b 65 2e 69 64 2b 27 22 5d 2c 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 63 6f Data Ascii: ng",Ct='[data-toggle="collapse"]',Tt=function(){function a(e,t){this._isTransitioning=!1,this._element=e,this._config=this._getConfig(t),this._triggerArray=st.makeArray(document.querySelectorAll('[data-toggle="collapse"][href="#'+e.id+'"],[data-toggle="co
2021-09-27 13:37:59 UTC	36	IN	Data Raw: 6c 65 6d 65 6e 74 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 5f 74 29 2e 61 64 64 43 6c 61 73 73 28 6d 74 29 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 73 74 79 6c 65 5b 72 5d 3d 30 2c 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 2e 6c 65 6e 67 74 68 26 26 73 74 28 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 70 74 29 2e 61 74 74 72 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 21 30 29 2c 74 68 69 73 2e 73 65 74 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 28 21 30 29 3b 76 61 72 20 6f 3d 22 73 63 72 6f 6c 6c 22 2b 28 72 5b 30 5d 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 2b 72 2e 73 6c 69 63 65 28 31 29 29 2c 73 3d 46 6e 2e 67 65 74 54 72 61 6e 73 69 74 69 6f 6e 44 75 72 61 74 69 6f 6e 46 72 6f Data Ascii: lement).removeClass(_t).addClass(mt),this._element.style[r]=0,this._triggerArray.length&&st(this._triggerArray).removeClass(pt).attr("aria-expanded",!0),this.setTransitioning(!0);var o="scroll"+(r[0].toUpperCase()+r.slice(1)),s=Fn.getTransitionDurationFro
2021-09-27 13:37:59 UTC	38	IN	Data Raw: 49 44 44 45 4e 29 7d 29 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 61 29 7d 7d 7d 2c 74 2e 73 65 74 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 68 69 73 2e 5f 69 73 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 74 7d 2c 74 2e 64 69 73 70 6f 73 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 73 74 2e 72 65 6d 6f 76 65 44 61 74 61 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2c 6c 74 29 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 70 61 72 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 69 73 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 6e 75 6c 6c 7d 2c 74 2e 5f Data Ascii: IDDEN)}).emulateTransitionEnd(a)}}},t.setTransitioning=function(t){this._isTransitioning=t},t.dispose=function(){st.removeData(this._element,lt),this._config=null,this._parent=null,this._element=null,this._triggerArray=null,this._isTransitioning=null},t._
2021-09-27 13:37:59 UTC	39	IN	Data Raw: 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 27 4e 6f 20 6d 65 74 68 6f 64 20 6e 61 6d 65 64 20 22 27 2b 69 2b 27 22 27 29 3b 65 5b 69 5d 28 29 7d 7d 29 7d 2c 73 28 61 2c 6e 75 6c 6c 2c 5b 7b 6b 65 79 3a 22 56 45 52 53 49 4f 4e 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 34 2e 31 2e 33 22 7d 7d 2c 7b 6b 65 79 3a 22 44 65 66 61 75 6c 74 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 75 74 7d 7d 5d 29 2c 61 7d 28 29 2c 73 74 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 64 74 2e 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 2c 43 74 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 41 22 3d 3d 3d 74 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 2e 74 61 67 4e 61 6d 65 26 26 74 2e 70 72 65 76 65 6e 74 44 65 66 Data Ascii: throw new TypeError('No method named "'+i+'"');e[i]()}})},s(a,null,[{key:"VERSION",get:function(){return"4.1.3"}},{key:"Default",get:function(){return ut}}]),a}(),st(document).on(dt.CLICK_DATA_API,Ct,function(t){"A"===t.currentTarget.tagName&&t.preventDef
2021-09-27 13:37:59 UTC	40	IN	Data Raw: 6e 64 61 72 79 3a 22 28 73 74 72 69 6e 67 7c 65 6c 65 6d 65 6e 74 29 22 2c 72 65 66 65 72 65 6e 63 65 3a 22 28 73 74 72 69 6e 67 7c 65 6c 65 6d 65 6e 74 29 22 2c 64 69 73 70 6c 61 79 3a 22 73 74 72 69 6e 67 22 7d 2c 47 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 63 28 74 2c 65 29 7b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 74 2c 74 68 69 73 2e 5f 70 6f 70 70 65 72 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 3d 74 68 69 73 2e 5f 67 65 74 43 6f 6e 66 69 67 28 65 29 2c 74 68 69 73 2e 5f 6d 65 6e 75 3d 74 68 69 73 2e 5f 67 65 74 4d 65 6e 75 45 6c 65 6d 65 6e 74 28 29 2c 74 68 69 73 2e 5f 69 6e 4e 61 76 62 61 72 3d 74 68 69 73 2e 5f 64 65 74 65 63 74 4e 61 76 62 61 72 28 29 2c 74 68 69 73 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 Data Ascii: ndary:"(string\|element)",reference:"(string\|element)",display:"string"},Gt=function(){function c(t,e){this._element=t,this._popper=null,this._config=this._getConfig(e),this._menu=this._getMenuElement(),this._inNavbar=this._detectNavbar(),this._addEventLis
2021-09-27 13:37:59 UTC	42	IN	Data Raw: 65 6c 65 6d 65 6e 74 29 2e 6f 66 66 28 41 74 29 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 2c 28 74 68 69 73 2e 5f 6d 65 6e 75 3d 6e 75 6c 6c 29 21 3d 3d 74 68 69 73 2e 5f 70 6f 70 70 65 72 26 26 28 74 68 69 73 2e 5f 70 6f 70 70 65 72 2e 64 65 73 74 72 6f 79 28 29 2c 74 68 69 73 2e 5f 70 6f 70 70 65 72 3d 6e 75 6c 6c 29 7d 2c 74 2e 75 70 64 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 69 6e 4e 61 76 62 61 72 3d 74 68 69 73 2e 5f 64 65 74 65 63 74 4e 61 76 62 61 72 28 29 2c 6e 75 6c 6c 21 3d 3d 74 68 69 73 2e 5f 70 6f 70 70 65 72 26 26 74 68 69 73 2e 5f 70 6f 70 70 65 72 2e 73 63 68 65 64 75 6c 65 55 70 64 61 74 65 28 29 7d 2c 74 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 Data Ascii: element).off(At),this._element=null,(this._menu=null)!==this._popper&&(this._popper.destroy(),this._popper=null)},t.update=function(){this._inNavbar=this._detectNavbar(),null!==this._popper&&this._popper.scheduleUpdate()},t._addEventListeners=function(){v
2021-09-27 13:37:59 UTC	43	IN	Data Raw: 31 7d 29 2c 6e 7d 2c 63 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 62 74 28 74 68 69 73 29 2e 64 61 74 61 28 49 74 29 3b 69 66 28 74 7c 7c 28 74 3d 6e 65 77 20 63 28 74 68 69 73 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 3f 65 3a 6e 75 6c 6c 29 2c 62 74 28 74 68 69 73 29 2e 64 61 74 61 28 49 74 2c 74 29 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 74 5b 65 5d 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 27 4e 6f 20 6d 65 74 68 6f 64 20 6e 61 6d 65 64 20 22 27 2b 65 2b 27 22 27 29 3b 74 5b Data Ascii: 1}),n},c._jQueryInterface=function(e){return this.each(function(){var t=bt(this).data(It);if(t\|\|(t=new c(this,"object"==typeof e?e:null),bt(this).data(It,t)),"string"==typeof e){if("undefined"==typeof t[e])throw new TypeError('No method named "'+e+'"');t[
2021-09-27 13:37:59 UTC	44	IN	Data Raw: 69 73 61 62 6c 65 64 26 26 21 62 74 28 74 68 69 73 29 2e 68 61 73 43 6c 61 73 73 28 6b 74 29 29 29 7b 76 61 72 20 65 3d 63 2e 5f 67 65 74 50 61 72 65 6e 74 46 72 6f 6d 45 6c 65 6d 65 6e 74 28 74 68 69 73 29 2c 6e 3d 62 74 28 65 29 2e 68 61 73 43 6c 61 73 73 28 50 74 29 3b 69 66 28 28 6e 7c 7c 32 37 3d 3d 3d 74 2e 77 68 69 63 68 26 26 33 32 3d 3d 3d 74 2e 77 68 69 63 68 29 26 26 28 21 6e 7c 7c 32 37 21 3d 3d 74 2e 77 68 69 63 68 26 26 33 32 21 3d 3d 74 2e 77 68 69 63 68 29 29 7b 76 61 72 20 69 3d 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 4b 74 29 29 3b 69 66 28 30 21 3d 3d 69 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 72 3d 69 2e 69 6e 64 65 78 4f 66 28 74 2e 74 61 72 67 65 74 29 3b 33 38 3d 3d 3d 74 2e Data Ascii: isabled&&!bt(this).hasClass(kt))){var e=c._getParentFromElement(this),n=bt(e).hasClass(Pt);if((n\|\|27===t.which&&32===t.which)&&(!n\|\|27!==t.which&&32!==t.which)){var i=[].slice.call(e.querySelectorAll(Kt));if(0!==i.length){var r=i.indexOf(t.target);38===t.
2021-09-27 13:37:59 UTC	46	IN	Data Raw: 49 53 4d 49 53 53 3a 22 63 6c 69 63 6b 2e 64 69 73 6d 69 73 73 22 2b 65 65 2c 4b 45 59 44 4f 57 4e 5f 44 49 53 4d 49 53 53 3a 22 6b 65 79 64 6f 77 6e 2e 64 69 73 6d 69 73 73 22 2b 65 65 2c 4d 4f 55 53 45 55 50 5f 44 49 53 4d 49 53 53 3a 22 6d 6f 75 73 65 75 70 2e 64 69 73 6d 69 73 73 22 2b 65 65 2c 4d 4f 55 53 45 44 4f 57 4e 5f 44 49 53 4d 49 53 53 3a 22 6d 6f 75 73 65 64 6f 77 6e 2e 64 69 73 6d 69 73 73 22 2b 65 65 2c 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 3a 22 63 6c 69 63 6b 22 2b 65 65 2b 22 2e 64 61 74 61 2d 61 70 69 22 7d 2c 73 65 3d 22 6d 6f 64 61 6c 2d 73 63 72 6f 6c 6c 62 61 72 2d 6d 65 61 73 75 72 65 22 2c 61 65 3d 22 6d 6f 64 61 6c 2d 62 61 63 6b 64 72 6f 70 22 2c 6c 65 3d 22 6d 6f 64 61 6c 2d 6f 70 65 6e 22 2c 63 65 3d 22 66 61 64 65 22 2c Data Ascii: ISMISS:"click.dismiss"+ee,KEYDOWN_DISMISS:"keydown.dismiss"+ee,MOUSEUP_DISMISS:"mouseup.dismiss"+ee,MOUSEDOWN_DISMISS:"mousedown.dismiss"+ee,CLICK_DATA_API:"click"+ee+".data-api"},se="modal-scrollbar-measure",ae="modal-backdrop",le="modal-open",ce="fade",
2021-09-27 13:37:59 UTC	47	IN	Data Raw: 68 69 73 2e 5f 73 68 6f 77 42 61 63 6b 64 72 6f 70 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 5f 73 68 6f 77 45 6c 65 6d 65 6e 74 28 74 29 7d 29 29 7d 7d 2c 74 2e 68 69 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 69 66 28 74 26 26 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 2c 21 74 68 69 73 2e 5f 69 73 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 26 26 74 68 69 73 2e 5f 69 73 53 68 6f 77 6e 29 7b 76 61 72 20 6e 3d 24 74 2e 45 76 65 6e 74 28 6f 65 2e 48 49 44 45 29 3b 69 66 28 24 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 6e 29 2c 74 68 69 73 2e 5f 69 73 53 68 6f 77 6e 26 26 21 6e 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 29 7b 74 68 69 73 2e 5f Data Ascii: his._showBackdrop(function(){return e._showElement(t)}))}},t.hide=function(t){var e=this;if(t&&t.preventDefault(),!this._isTransitioning&&this._isShown){var n=$t.Event(oe.HIDE);if($t(this._element).trigger(n),this._isShown&&!n.isDefaultPrevented()){this._
2021-09-27 13:37:59 UTC	48	IN	Data Raw: 65 6e 74 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 68 69 64 64 65 6e 22 29 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 73 63 72 6f 6c 6c 54 6f 70 3d 30 2c 6e 26 26 46 6e 2e 72 65 66 6c 6f 77 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2c 24 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 61 64 64 43 6c 61 73 73 28 68 65 29 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 66 6f 63 75 73 26 26 74 68 69 73 2e 5f 65 6e 66 6f 72 63 65 46 6f 63 75 73 28 29 3b 76 61 72 20 69 3d 24 74 2e 45 76 65 6e 74 28 6f 65 2e 53 48 4f 57 4e 2c 7b 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 74 7d 29 2c 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 5f 63 6f 6e 66 69 67 2e 66 6f 63 75 73 26 26 65 2e 5f 65 6c 65 6d 65 6e 74 2e 66 6f 63 75 73 28 29 2c 65 2e Data Ascii: ent.removeAttribute("aria-hidden"),this._element.scrollTop=0,n&&Fn.reflow(this._element),$t(this._element).addClass(he),this._config.focus&&this._enforceFocus();var i=$t.Event(oe.SHOWN,{relatedTarget:t}),r=function(){e._config.focus&&e._element.focus(),e.
2021-09-27 13:37:59 UTC	50	IN	Data Raw: 6f 76 65 28 29 2c 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 3d 6e 75 6c 6c 29 7d 2c 74 2e 5f 73 68 6f 77 42 61 63 6b 64 72 6f 70 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2c 6e 3d 24 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 68 61 73 43 6c 61 73 73 28 63 65 29 3f 63 65 3a 22 22 3b 69 66 28 74 68 69 73 2e 5f 69 73 53 68 6f 77 6e 26 26 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 62 61 63 6b 64 72 6f 70 29 7b 69 66 28 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 29 2c 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 2e 63 6c 61 73 73 4e 61 6d 65 3d 61 65 2c 6e 26 26 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 Data Ascii: ove(),this._backdrop=null)},t._showBackdrop=function(t){var e=this,n=$t(this._element).hasClass(ce)?ce:"";if(this._isShown&&this._config.backdrop){if(this._backdrop=document.createElement("div"),this._backdrop.className=ae,n&&this._backdrop.classList.add(
2021-09-27 13:37:59 UTC	51	IN	Data Raw: 2e 73 74 79 6c 65 2e 70 61 64 64 69 6e 67 52 69 67 68 74 3d 22 22 7d 2c 74 2e 5f 63 68 65 63 6b 53 63 72 6f 6c 6c 62 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 28 29 3b 74 68 69 73 2e 5f 69 73 42 6f 64 79 4f 76 65 72 66 6c 6f 77 69 6e 67 3d 74 2e 6c 65 66 74 2b 74 2e 72 69 67 68 74 3c 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 2c 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 62 61 72 57 69 64 74 68 3d 74 68 69 73 2e 5f 67 65 74 53 63 72 6f 6c 6c 62 61 72 57 69 64 74 68 28 29 7d 2c 74 2e 5f 73 65 74 53 63 72 6f 6c 6c 62 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 72 3d 74 68 69 73 3b 69 66 28 74 68 69 73 2e 5f 69 73 42 6f 64 79 Data Ascii: .style.paddingRight=""},t._checkScrollbar=function(){var t=document.body.getBoundingClientRect();this._isBodyOverflowing=t.left+t.right<window.innerWidth,this._scrollbarWidth=this._getScrollbarWidth()},t._setScrollbar=function(){var r=this;if(this._isBody
2021-09-27 13:37:59 UTC	52	IN	Data Raw: 67 68 74 22 29 2c 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 73 74 79 6c 65 2e 70 61 64 64 69 6e 67 52 69 67 68 74 3d 6e 7c 7c 22 22 7d 2c 74 2e 5f 67 65 74 53 63 72 6f 6c 6c 62 61 72 57 69 64 74 68 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 29 3b 74 2e 63 6c 61 73 73 4e 61 6d 65 3d 73 65 2c 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 29 3b 76 61 72 20 65 3d 74 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 28 29 2e 77 69 64 74 68 2d 74 2e 63 6c 69 65 6e 74 57 69 64 74 68 3b 72 65 74 75 72 6e 20 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 2c 65 7d 2c 72 2e 5f 6a 51 75 Data Ascii: ght"),document.body.style.paddingRight=n\|\|""},t._getScrollbarWidth=function(){var t=document.createElement("div");t.className=se,document.body.appendChild(t);var e=t.getBoundingClientRect().width-t.clientWidth;return document.body.removeChild(t),e},r._jQu
2021-09-27 13:37:59 UTC	86	IN	Data Raw: 34 62 39 36 0d 0a 65 3d 6e 65 77 20 52 65 67 45 78 70 28 22 28 5e 7c 5c 5c 73 29 22 2b 54 65 2b 22 5c 5c 53 2b 22 2c 22 67 22 29 2c 41 65 3d 7b 61 6e 69 6d 61 74 69 6f 6e 3a 21 30 2c 74 65 6d 70 6c 61 74 65 3a 27 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 6f 6f 6c 74 69 70 22 20 72 6f 6c 65 3d 22 74 6f 6f 6c 74 69 70 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 72 72 6f 77 22 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 6f 6f 6c 74 69 70 2d 69 6e 6e 65 72 22 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 27 2c 74 72 69 67 67 65 72 3a 22 68 6f 76 65 72 20 66 6f 63 75 73 22 2c 74 69 74 6c 65 3a 22 22 2c 64 65 6c 61 79 3a 30 2c 68 74 6d 6c 3a 21 28 49 65 3d 7b 41 55 54 4f 3a 22 61 75 74 6f 22 2c 54 4f 50 3a 22 74 6f 70 22 2c 52 49 47 48 54 3a 22 72 69 67 Data Ascii: 4b96e=new RegExp("(^\|\\s)"+Te+"\\S+","g"),Ae={animation:!0,template:'<div class="tooltip" role="tooltip"><div class="arrow"></div><div class="tooltip-inner"></div></div>',trigger:"hover focus",title:"",delay:0,html:!(Ie={AUTO:"auto",TOP:"top",RIGHT:"rig
2021-09-27 13:37:59 UTC	87	IN	Data Raw: 6e 61 62 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 69 73 45 6e 61 62 6c 65 64 3d 21 30 7d 2c 74 2e 64 69 73 61 62 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 69 73 45 6e 61 62 6c 65 64 3d 21 31 7d 2c 74 2e 74 6f 67 67 6c 65 45 6e 61 62 6c 65 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 69 73 45 6e 61 62 6c 65 64 3d 21 74 68 69 73 2e 5f 69 73 45 6e 61 62 6c 65 64 7d 2c 74 2e 74 6f 67 67 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 74 68 69 73 2e 5f 69 73 45 6e 61 62 6c 65 64 29 69 66 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 44 41 54 41 5f 4b 45 59 2c 6e 3d 70 65 28 74 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 29 2e 64 61 74 61 28 65 29 3b 6e 7c 7c 28 6e 3d 6e 65 Data Ascii: nable=function(){this._isEnabled=!0},t.disable=function(){this._isEnabled=!1},t.toggleEnabled=function(){this._isEnabled=!this._isEnabled},t.toggle=function(t){if(this._isEnabled)if(t){var e=this.constructor.DATA_KEY,n=pe(t.currentTarget).data(e);n\|\|(n=ne
2021-09-27 13:37:59 UTC	88	IN	Data Raw: 65 6d 65 6e 74 28 29 2c 72 3d 46 6e 2e 67 65 74 55 49 44 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 4e 41 4d 45 29 3b 69 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 72 29 2c 74 68 69 73 2e 65 6c 65 6d 65 6e 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 64 65 73 63 72 69 62 65 64 62 79 22 2c 72 29 2c 74 68 69 73 2e 73 65 74 43 6f 6e 74 65 6e 74 28 29 2c 74 68 69 73 2e 63 6f 6e 66 69 67 2e 61 6e 69 6d 61 74 69 6f 6e 26 26 70 65 28 69 29 2e 61 64 64 43 6c 61 73 73 28 4f 65 29 3b 76 61 72 20 6f 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 68 69 73 2e 63 6f 6e 66 69 67 2e 70 6c 61 63 65 6d 65 6e 74 3f 74 68 69 73 2e 63 6f 6e 66 69 67 2e 70 6c 61 63 65 6d 65 6e 74 2e 63 61 6c 6c 28 74 68 69 73 2c 69 2c Data Ascii: ement(),r=Fn.getUID(this.constructor.NAME);i.setAttribute("id",r),this.element.setAttribute("aria-describedby",r),this.setContent(),this.config.animation&&pe(i).addClass(Oe);var o="function"==typeof this.config.placement?this.config.placement.call(this,i,
2021-09-27 13:37:59 UTC	90	IN	Data Raw: 28 46 6e 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 2c 6c 29 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 63 29 7d 65 6c 73 65 20 6c 28 29 7d 7d 2c 74 2e 68 69 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 2c 6e 3d 74 68 69 73 2e 67 65 74 54 69 70 45 6c 65 6d 65 6e 74 28 29 2c 69 3d 70 65 2e 45 76 65 6e 74 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 45 76 65 6e 74 2e 48 49 44 45 29 2c 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 65 2e 5f 68 6f 76 65 72 53 74 61 74 65 21 3d 3d 44 65 26 26 6e 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 6e 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 6e 29 2c 65 2e 5f 63 6c 65 61 6e 54 69 70 43 6c 61 73 73 28 29 2c 65 2e 65 6c 65 6d 65 6e 74 2e 72 Data Ascii: (Fn.TRANSITION_END,l).emulateTransitionEnd(c)}else l()}},t.hide=function(t){var e=this,n=this.getTipElement(),i=pe.Event(this.constructor.Event.HIDE),r=function(){e._hoverState!==De&&n.parentNode&&n.parentNode.removeChild(n),e._cleanTipClass(),e.element.r
2021-09-27 13:37:59 UTC	91	IN	Data Raw: 6e 74 28 29 2e 69 73 28 74 29 7c 7c 74 2e 65 6d 70 74 79 28 29 2e 61 70 70 65 6e 64 28 65 29 3a 74 2e 74 65 78 74 28 70 65 28 65 29 2e 74 65 78 74 28 29 29 3a 74 5b 6e 3f 22 68 74 6d 6c 22 3a 22 74 65 78 74 22 5d 28 65 29 7d 2c 74 2e 67 65 74 54 69 74 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 65 6c 65 6d 65 6e 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 6f 72 69 67 69 6e 61 6c 2d 74 69 74 6c 65 22 29 3b 72 65 74 75 72 6e 20 74 7c 7c 28 74 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 68 69 73 2e 63 6f 6e 66 69 67 2e 74 69 74 6c 65 3f 74 68 69 73 2e 63 6f 6e 66 69 67 2e 74 69 74 6c 65 2e 63 61 6c 6c 28 74 68 69 73 2e 65 6c 65 6d 65 6e 74 29 3a 74 68 69 73 2e 63 6f 6e 66 69 67 2e 74 69 74 Data Ascii: nt().is(t)\|\|t.empty().append(e):t.text(pe(e).text()):t[n?"html":"text"](e)},t.getTitle=function(){var t=this.element.getAttribute("data-original-title");return t\|\|(t="function"==typeof this.config.title?this.config.title.call(this.element):this.config.tit
2021-09-27 13:37:59 UTC	92	IN	Data Raw: 65 6e 74 54 61 72 67 65 74 2c 74 68 69 73 2e 5f 67 65 74 44 65 6c 65 67 61 74 65 43 6f 6e 66 69 67 28 29 29 2c 70 65 28 74 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 29 2e 64 61 74 61 28 6e 2c 65 29 29 2c 74 26 26 28 65 2e 5f 61 63 74 69 76 65 54 72 69 67 67 65 72 5b 22 66 6f 63 75 73 69 6e 22 3d 3d 3d 74 2e 74 79 70 65 3f 4c 65 3a 48 65 5d 3d 21 30 29 2c 70 65 28 65 2e 67 65 74 54 69 70 45 6c 65 6d 65 6e 74 28 29 29 2e 68 61 73 43 6c 61 73 73 28 6b 65 29 7c 7c 65 2e 5f 68 6f 76 65 72 53 74 61 74 65 3d 3d 3d 44 65 3f 65 2e 5f 68 6f 76 65 72 53 74 61 74 65 3d 44 65 3a 28 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 65 2e 5f 74 69 6d 65 6f 75 74 29 2c 65 2e 5f 68 6f 76 65 72 53 74 61 74 65 3d 44 65 2c 65 2e 63 6f 6e 66 69 67 2e 64 65 6c 61 79 26 26 65 2e 63 6f 6e Data Ascii: entTarget,this._getDelegateConfig()),pe(t.currentTarget).data(n,e)),t&&(e._activeTrigger["focusin"===t.type?Le:He]=!0),pe(e.getTipElement()).hasClass(ke)\|\|e._hoverState===De?e._hoverState=De:(clearTimeout(e._timeout),e._hoverState=De,e.config.delay&&e.con
2021-09-27 13:37:59 UTC	94	IN	Data Raw: 66 61 75 6c 74 5b 65 5d 21 3d 3d 74 68 69 73 2e 63 6f 6e 66 69 67 5b 65 5d 26 26 28 74 5b 65 5d 3d 74 68 69 73 2e 63 6f 6e 66 69 67 5b 65 5d 29 3b 72 65 74 75 72 6e 20 74 7d 2c 74 2e 5f 63 6c 65 61 6e 54 69 70 43 6c 61 73 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 70 65 28 74 68 69 73 2e 67 65 74 54 69 70 45 6c 65 6d 65 6e 74 28 29 29 2c 65 3d 74 2e 61 74 74 72 28 22 63 6c 61 73 73 22 29 2e 6d 61 74 63 68 28 62 65 29 3b 6e 75 6c 6c 21 3d 3d 65 26 26 65 2e 6c 65 6e 67 74 68 26 26 74 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 65 2e 6a 6f 69 6e 28 22 22 29 29 7d 2c 74 2e 5f 68 61 6e 64 6c 65 50 6f 70 70 65 72 50 6c 61 63 65 6d 65 6e 74 43 68 61 6e 67 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 2e 69 6e 73 74 61 6e 63 65 3b 74 68 Data Ascii: fault[e]!==this.config[e]&&(t[e]=this.config[e]);return t},t._cleanTipClass=function(){var t=pe(this.getTipElement()),e=t.attr("class").match(be);null!==e&&e.length&&t.removeClass(e.join(""))},t._handlePopperPlacementChange=function(t){var e=t.instance;th
2021-09-27 13:37:59 UTC	95	IN	Data Raw: 73 2d 70 6f 70 6f 76 65 72 22 2c 42 65 3d 6e 65 77 20 52 65 67 45 78 70 28 22 28 5e 7c 5c 5c 73 29 22 2b 51 65 2b 22 5c 5c 53 2b 22 2c 22 67 22 29 2c 56 65 3d 6c 28 7b 7d 2c 7a 6e 2e 44 65 66 61 75 6c 74 2c 7b 70 6c 61 63 65 6d 65 6e 74 3a 22 72 69 67 68 74 22 2c 74 72 69 67 67 65 72 3a 22 63 6c 69 63 6b 22 2c 63 6f 6e 74 65 6e 74 3a 22 22 2c 74 65 6d 70 6c 61 74 65 3a 27 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 6f 76 65 72 22 20 72 6f 6c 65 3d 22 74 6f 6f 6c 74 69 70 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 72 72 6f 77 22 3e 3c 2f 64 69 76 3e 3c 68 33 20 63 6c 61 73 73 3d 22 70 6f 70 6f 76 65 72 2d 68 65 61 64 65 72 22 3e 3c 2f 68 33 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 6f 76 65 72 2d 62 6f 64 79 22 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 Data Ascii: s-popover",Be=new RegExp("(^\|\\s)"+Qe+"\\S+","g"),Ve=l({},zn.Default,{placement:"right",trigger:"click",content:"",template:'<div class="popover" role="tooltip"><div class="arrow"></div><h3 class="popover-header"></h3><div class="popover-body"></div></div
2021-09-27 13:37:59 UTC	96	IN	Data Raw: 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 55 65 28 74 68 69 73 2e 67 65 74 54 69 70 45 6c 65 6d 65 6e 74 28 29 29 2c 65 3d 74 2e 61 74 74 72 28 22 63 6c 61 73 73 22 29 2e 6d 61 74 63 68 28 42 65 29 3b 6e 75 6c 6c 21 3d 3d 65 26 26 30 3c 65 2e 6c 65 6e 67 74 68 26 26 74 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 65 2e 6a 6f 69 6e 28 22 22 29 29 7d 2c 69 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 55 65 28 74 68 69 73 29 2e 64 61 74 61 28 46 65 29 2c 65 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6e 3f 6e 3a 6e 75 6c 6c 3b 69 66 28 28 74 7c 7c 21 2f 64 65 73 74 72 6f 79 7c 68 69 64 65 2f 2e 74 65 73 74 28 6e Data Ascii: tion(){var t=Ue(this.getTipElement()),e=t.attr("class").match(Be);null!==e&&0<e.length&&t.removeClass(e.join(""))},i._jQueryInterface=function(n){return this.each(function(){var t=Ue(this).data(Fe),e="object"==typeof n?n:null;if((t\|\|!/destroy\|hide/.test(n
2021-09-27 13:37:59 UTC	98	IN	Data Raw: 3d 74 68 69 73 3b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 74 2c 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 3d 22 42 4f 44 59 22 3d 3d 3d 74 2e 74 61 67 4e 61 6d 65 3f 77 69 6e 64 6f 77 3a 74 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 3d 74 68 69 73 2e 5f 67 65 74 43 6f 6e 66 69 67 28 65 29 2c 74 68 69 73 2e 5f 73 65 6c 65 63 74 6f 72 3d 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 74 61 72 67 65 74 2b 22 20 22 2b 67 6e 2b 22 2c 22 2b 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 74 61 72 67 65 74 2b 22 20 22 2b 6d 6e 2b 22 2c 22 2b 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 74 61 72 67 65 74 2b 22 20 22 2b 76 6e 2c 74 68 69 73 2e 5f 6f 66 66 73 65 74 73 3d 5b 5d 2c 74 68 69 73 2e 5f 74 61 72 67 65 74 73 3d 5b 5d 2c 74 68 69 73 2e 5f 61 63 74 69 76 65 54 61 72 Data Ascii: =this;this._element=t,this._scrollElement="BODY"===t.tagName?window:t,this._config=this._getConfig(e),this._selector=this._config.target+" "+gn+","+this._config.target+" "+mn+","+this._config.target+" "+vn,this._offsets=[],this._targets=[],this._activeTar
2021-09-27 13:37:59 UTC	99	IN	Data Raw: 26 26 74 3f 74 3a 7b 7d 29 29 2e 74 61 72 67 65 74 29 7b 76 61 72 20 65 3d 74 6e 28 74 2e 74 61 72 67 65 74 29 2e 61 74 74 72 28 22 69 64 22 29 3b 65 7c 7c 28 65 3d 46 6e 2e 67 65 74 55 49 44 28 65 6e 29 2c 74 6e 28 74 2e 74 61 72 67 65 74 29 2e 61 74 74 72 28 22 69 64 22 2c 65 29 29 2c 74 2e 74 61 72 67 65 74 3d 22 23 22 2b 65 7d 72 65 74 75 72 6e 20 46 6e 2e 74 79 70 65 43 68 65 63 6b 43 6f 6e 66 69 67 28 65 6e 2c 74 2c 61 6e 29 2c 74 7d 2c 74 2e 5f 67 65 74 53 63 72 6f 6c 6c 54 6f 70 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 3d 3d 3d 77 69 6e 64 6f 77 3f 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 2e 70 61 67 65 59 4f 66 66 73 65 74 3a 74 68 69 73 2e 5f 73 63 72 6f 6c Data Ascii: &&t?t:{})).target){var e=tn(t.target).attr("id");e\|\|(e=Fn.getUID(en),tn(t.target).attr("id",e)),t.target="#"+e}return Fn.typeCheckConfig(en,t,an),t},t._getScrollTop=function(){return this._scrollElement===window?this._scrollElement.pageYOffset:this._scrol
2021-09-27 13:37:59 UTC	100	IN	Data Raw: 69 6e 28 22 2c 22 29 29 29 29 3b 6e 2e 68 61 73 43 6c 61 73 73 28 63 6e 29 3f 28 6e 2e 63 6c 6f 73 65 73 74 28 70 6e 29 2e 66 69 6e 64 28 79 6e 29 2e 61 64 64 43 6c 61 73 73 28 68 6e 29 2c 6e 2e 61 64 64 43 6c 61 73 73 28 68 6e 29 29 3a 28 6e 2e 61 64 64 43 6c 61 73 73 28 68 6e 29 2c 6e 2e 70 61 72 65 6e 74 73 28 64 6e 29 2e 70 72 65 76 28 67 6e 2b 22 2c 20 22 2b 6d 6e 29 2e 61 64 64 43 6c 61 73 73 28 68 6e 29 2c 6e 2e 70 61 72 65 6e 74 73 28 64 6e 29 2e 70 72 65 76 28 5f 6e 29 2e 63 68 69 6c 64 72 65 6e 28 67 6e 29 2e 61 64 64 43 6c 61 73 73 28 68 6e 29 29 2c 74 6e 28 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 6c 6e 2e 41 43 54 49 56 41 54 45 2c 7b 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 65 7d 29 7d 2c 74 2e Data Ascii: in(","))));n.hasClass(cn)?(n.closest(pn).find(yn).addClass(hn),n.addClass(hn)):(n.addClass(hn),n.parents(dn).prev(gn+", "+mn).addClass(hn),n.parents(dn).prev(_n).children(gn).addClass(hn)),tn(this._scrollElement).trigger(ln.ACTIVATE,{relatedTarget:e})},t.
2021-09-27 13:37:59 UTC	102	IN	Data Raw: 74 6f 67 67 6c 65 3d 22 6c 69 73 74 22 5d 27 2c 57 6e 3d 22 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 22 2c 55 6e 3d 22 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 2e 61 63 74 69 76 65 22 2c 71 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 69 28 74 29 7b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 74 7d 76 61 72 20 74 3d 69 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 6e 20 74 2e 73 68 6f 77 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 3d 74 68 69 73 3b 69 66 28 21 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 6e 6f 64 65 54 79 70 65 3d 3d 3d 4e 6f 64 65 2e 45 4c 45 4d 45 4e 54 5f 4e 4f 44 45 26 26 62 6e 28 Data Ascii: toggle="list"]',Wn=".dropdown-toggle",Un="> .dropdown-menu .active",qn=function(){function i(t){this._element=t}var t=i.prototype;return t.show=function(){var n=this;if(!(this._element.parentNode&&this._element.parentNode.nodeType===Node.ELEMENT_NODE&&bn(
2021-09-27 13:37:59 UTC	103	IN	Data Raw: 6e 2b 22 20 22 2b 4e 6e 29 3b 76 61 72 20 69 3d 62 6e 28 65 2e 70 61 72 65 6e 74 4e 6f 64 65 29 2e 66 69 6e 64 28 55 6e 29 5b 30 5d 3b 69 26 26 62 6e 28 69 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 4e 6e 29 2c 22 74 61 62 22 3d 3d 3d 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 72 6f 6c 65 22 29 26 26 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 73 65 6c 65 63 74 65 64 22 2c 21 31 29 7d 69 66 28 62 6e 28 74 29 2e 61 64 64 43 6c 61 73 73 28 4e 6e 29 2c 22 74 61 62 22 3d 3d 3d 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 72 6f 6c 65 22 29 26 26 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 61 72 69 61 2d 73 65 6c 65 63 74 65 64 22 2c 21 30 29 2c 46 6e 2e 72 65 66 6c 6f 77 28 74 29 2c 62 6e 28 74 29 2e 61 64 64 43 6c 61 73 73 28 50 Data Ascii: n+" "+Nn);var i=bn(e.parentNode).find(Un)[0];i&&bn(i).removeClass(Nn),"tab"===e.getAttribute("role")&&e.setAttribute("aria-selected",!1)}if(bn(t).addClass(Nn),"tab"===t.getAttribute("role")&&t.setAttribute("aria-selected",!0),Fn.reflow(t),bn(t).addClass(P
2021-09-27 13:37:59 UTC	104	IN	Data Raw: 75 73 65 6c 3d 51 6e 2c 74 2e 43 6f 6c 6c 61 70 73 65 3d 42 6e 2c 74 2e 44 72 6f 70 64 6f 77 6e 3d 56 6e 2c 74 2e 4d 6f 64 61 6c 3d 59 6e 2c 74 2e 50 6f 70 6f 76 65 72 3d 4a 6e 2c 74 2e 53 63 72 6f 6c 6c 73 70 79 3d 5a 6e 2c 74 2e 54 61 62 3d 47 6e 2c 74 2e 54 6f 6f 6c 74 69 70 3d 7a 6e 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 7d 29 3b 0a 2f 2f 23 20 73 6f 75 72 63 65 4d 61 70 70 69 6e 67 55 52 4c 3d 62 6f 6f 74 73 74 72 61 70 2e 6d 69 6e 2e 6a 73 2e 6d 61 70 0d 0a Data Ascii: usel=Qn,t.Collapse=Bn,t.Dropdown=Vn,t.Modal=Yn,t.Popover=Jn,t.Scrollspy=Zn,t.Tab=Gn,t.Tooltip=zn,Object.defineProperty(t,"__esModule",{value:!0})});//# sourceMappingURL=bootstrap.min.js.map
2021-09-27 13:37:59 UTC	104	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.5	49742	104.18.11.207	443	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2021-09-27 13:37:59 UTC	0	OUT	GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com Connection: keep-alive Origin: null User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2021-09-27 13:37:59 UTC	54	IN	HTTP/1.1 200 OK Date: Mon, 27 Sep 2021 13:37:59 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: CH CDN-EdgeStorageId: 601 CDN-EdgeStorageId: 617 CDN-EdgeStorageId: 617 Last-Modified: Mon, 25 Jan 2021 22:04:04 GMT CDN-CachedAt: 2021-04-23 07:07:34 CDN-RequestPullSuccess: True CDN-RequestPullCode: 200 Cache-Control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff CDN-RequestId: ed89b8c89c56e6e46ebb133df3802e61 CDN-Cache: HIT CF-Cache-Status: HIT Age: 13594326 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 6955213bd84801db-ZRH alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
2021-09-27 13:37:59 UTC	55	IN	Data Raw: 31 31 30 34 0d 0a 2f 2a 21 0a 20 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 30 2e 30 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0a 20 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 38 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 67 72 61 70 68 73 2f 63 6f 6e 74 72 69 62 75 74 6f 72 73 29 0a 20 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 74 Data Ascii: 1104/! Bootstrap v4.0.0 (https://getbootstrap.com) * Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */!function(t
2021-09-27 13:37:59 UTC	55	IN	Data Raw: 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 65 28 65 78 70 6f 72 74 73 2c 72 65 71 75 69 72 65 28 22 6a 71 75 65 72 79 22 29 2c 72 65 71 75 69 72 65 28 22 70 6f 70 70 65 72 2e 6a 73 22 29 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 22 65 78 70 6f 72 74 73 22 2c 22 6a 71 75 65 72 79 22 2c 22 70 6f 70 70 65 72 2e 6a 73 22 5d 2c 65 29 3a 65 28 74 2e 62 6f 6f 74 73 74 72 61 70 3d 7b 7d 2c 74 2e 6a 51 75 65 72 79 2c 74 2e 50 6f 70 70 65 72 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 69 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 Data Ascii: &&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,n){"use strict";function i(t,e){for(var
2021-09-27 13:37:59 UTC	56	IN	Data Raw: 64 6f 63 75 6d 65 6e 74 29 2e 66 69 6e 64 28 69 29 2e 6c 65 6e 67 74 68 3e 30 3f 69 3a 6e 75 6c 6c 7d 63 61 74 63 68 28 74 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 7d 2c 72 65 66 6c 6f 77 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 2e 6f 66 66 73 65 74 48 65 69 67 68 74 7d 2c 74 72 69 67 67 65 72 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 74 28 6e 29 2e 74 72 69 67 67 65 72 28 65 2e 65 6e 64 29 7d 2c 73 75 70 70 6f 72 74 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 42 6f 6f 6c 65 61 6e 28 65 29 7d 2c 69 73 45 6c 65 6d 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 28 74 5b 30 5d 7c 7c 74 29 2e 6e 6f 64 65 54 79 70 65 7d 2c 74 79 Data Ascii: document).find(i).length>0?i:null}catch(t){return null}},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(n){t(n).trigger(e.end)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]\|\|t).nodeType},ty
2021-09-27 13:37:59 UTC	58	IN	Data Raw: 74 53 65 6c 65 63 74 6f 72 46 72 6f 6d 45 6c 65 6d 65 6e 74 28 74 29 2c 6e 3d 21 31 3b 72 65 74 75 72 6e 20 65 26 26 28 6e 3d 6f 28 65 29 5b 30 5d 29 2c 6e 7c 7c 28 6e 3d 6f 28 74 29 2e 63 6c 6f 73 65 73 74 28 22 2e 22 2b 66 29 5b 30 5d 29 2c 6e 7d 2c 65 2e 5f 74 72 69 67 67 65 72 43 6c 6f 73 65 45 76 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 6f 2e 45 76 65 6e 74 28 75 2e 43 4c 4f 53 45 29 3b 72 65 74 75 72 6e 20 6f 28 74 29 2e 74 72 69 67 67 65 72 28 65 29 2c 65 7d 2c 65 2e 5f 72 65 6d 6f 76 65 45 6c 65 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 6f 28 74 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 5f 29 2c 50 2e 73 75 70 70 6f 72 74 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 29 26 26 6f 28 Data Ascii: tSelectorFromElement(t),n=!1;return e&&(n=o(e)[0]),n\|\|(n=o(t).closest("."+f)[0]),n},e._triggerCloseEvent=function(t){var e=o.Event(u.CLOSE);return o(t).trigger(e),e},e._removeElement=function(t){var e=this;o(t).removeClass(_),P.supportsTransitionEnd()&&o(
2021-09-27 13:37:59 UTC	59	IN	Data Raw: 37 66 66 61 0d 0a 29 5b 30 5d 3b 69 66 28 6e 29 7b 76 61 72 20 69 3d 70 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 66 69 6e 64 28 53 29 5b 30 5d 3b 69 66 28 69 29 7b 69 66 28 22 72 61 64 69 6f 22 3d 3d 3d 69 2e 74 79 70 65 29 69 66 28 69 2e 63 68 65 63 6b 65 64 26 26 70 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 68 61 73 43 6c 61 73 73 28 43 29 29 74 3d 21 31 3b 65 6c 73 65 7b 76 61 72 20 73 3d 70 28 6e 29 2e 66 69 6e 64 28 77 29 5b 30 5d 3b 73 26 26 70 28 73 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 43 29 7d 69 66 28 74 29 7b 69 66 28 69 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 69 73 61 62 6c 65 64 22 29 7c 7c 6e 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 69 73 61 62 6c 65 64 22 29 7c 7c 69 2e 63 6c 61 73 73 4c 69 73 74 2e 63 6f 6e Data Ascii: 7ffa)[0];if(n){var i=p(this._element).find(S)[0];if(i){if("radio"===i.type)if(i.checked&&p(this._element).hasClass(C))t=!1;else{var s=p(n).find(w)[0];s&&p(s).removeClass(C)}if(t){if(i.hasAttribute("disabled")\|\|n.hasAttribute("disabled")\|\|i.classList.con
2021-09-27 13:37:59 UTC	60	IN	Data Raw: 6e 7c 73 74 72 69 6e 67 29 22 2c 70 61 75 73 65 3a 22 28 73 74 72 69 6e 67 7c 62 6f 6f 6c 65 61 6e 29 22 2c 77 72 61 70 3a 22 62 6f 6f 6c 65 61 6e 22 7d 2c 68 3d 22 6e 65 78 74 22 2c 63 3d 22 70 72 65 76 22 2c 75 3d 22 6c 65 66 74 22 2c 66 3d 22 72 69 67 68 74 22 2c 64 3d 7b 53 4c 49 44 45 3a 22 73 6c 69 64 65 22 2b 69 2c 53 4c 49 44 3a 22 73 6c 69 64 22 2b 69 2c 4b 45 59 44 4f 57 4e 3a 22 6b 65 79 64 6f 77 6e 22 2b 69 2c 4d 4f 55 53 45 45 4e 54 45 52 3a 22 6d 6f 75 73 65 65 6e 74 65 72 22 2b 69 2c 4d 4f 55 53 45 4c 45 41 56 45 3a 22 6d 6f 75 73 65 6c 65 61 76 65 22 2b 69 2c 54 4f 55 43 48 45 4e 44 3a 22 74 6f 75 63 68 65 6e 64 22 2b 69 2c 4c 4f 41 44 5f 44 41 54 41 5f 41 50 49 3a 22 6c 6f 61 64 22 2b 69 2b 22 2e 64 61 74 61 2d 61 70 69 22 2c 43 4c 49 43 Data Ascii: n\|string)",pause:"(string\|boolean)",wrap:"boolean"},h="next",c="prev",u="left",f="right",d={SLIDE:"slide"+i,SLID:"slid"+i,KEYDOWN:"keydown"+i,MOUSEENTER:"mouseenter"+i,MOUSELEAVE:"mouseleave"+i,TOUCHEND:"touchend"+i,LOAD_DATA_API:"load"+i+".data-api",CLIC
2021-09-27 13:37:59 UTC	62	IN	Data Raw: 74 68 69 73 2e 63 79 63 6c 65 28 21 30 29 29 2c 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 74 68 69 73 2e 5f 69 6e 74 65 72 76 61 6c 29 2c 74 68 69 73 2e 5f 69 6e 74 65 72 76 61 6c 3d 6e 75 6c 6c 7d 2c 43 2e 63 79 63 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 7c 7c 28 74 68 69 73 2e 5f 69 73 50 61 75 73 65 64 3d 21 31 29 2c 74 68 69 73 2e 5f 69 6e 74 65 72 76 61 6c 26 26 28 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 74 68 69 73 2e 5f 69 6e 74 65 72 76 61 6c 29 2c 74 68 69 73 2e 5f 69 6e 74 65 72 76 61 6c 3d 6e 75 6c 6c 29 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 69 6e 74 65 72 76 61 6c 26 26 21 74 68 69 73 2e 5f 69 73 50 61 75 73 65 64 26 26 28 74 68 69 73 2e 5f 69 6e 74 65 72 76 61 6c 3d 73 65 74 49 6e 74 65 72 76 61 6c 28 28 64 6f 63 75 6d 65 6e 74 Data Ascii: this.cycle(!0)),clearInterval(this._interval),this._interval=null},C.cycle=function(t){t\|\|(this._isPaused=!1),this._interval&&(clearInterval(this._interval),this._interval=null),this._config.interval&&!this._isPaused&&(this._interval=setInterval((document
2021-09-27 13:37:59 UTC	63	IN	Data Raw: 2e 74 6f 75 63 68 54 69 6d 65 6f 75 74 26 26 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 65 2e 74 6f 75 63 68 54 69 6d 65 6f 75 74 29 2c 65 2e 74 6f 75 63 68 54 69 6d 65 6f 75 74 3d 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 63 79 63 6c 65 28 74 29 7d 2c 35 30 30 2b 65 2e 5f 63 6f 6e 66 69 67 2e 69 6e 74 65 72 76 61 6c 29 7d 29 29 7d 2c 43 2e 5f 6b 65 79 64 6f 77 6e 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 21 2f 69 6e 70 75 74 7c 74 65 78 74 61 72 65 61 2f 69 2e 74 65 73 74 28 74 2e 74 61 72 67 65 74 2e 74 61 67 4e 61 6d 65 29 29 73 77 69 74 63 68 28 74 2e 77 68 69 63 68 29 7b 63 61 73 65 20 33 37 3a 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 2c 74 68 69 73 2e 70 72 65 76 28 29 3b 62 72 65 Data Ascii: .touchTimeout&&clearTimeout(e.touchTimeout),e.touchTimeout=setTimeout(function(t){return e.cycle(t)},500+e._config.interval)}))},C._keydown=function(t){if(!/input\|textarea/i.test(t.target.tagName))switch(t.which){case 37:t.preventDefault(),this.prev();bre
2021-09-27 13:37:59 UTC	64	IN	Data Raw: 6e 67 3d 21 31 3b 65 6c 73 65 20 69 66 28 21 74 68 69 73 2e 5f 74 72 69 67 67 65 72 53 6c 69 64 65 45 76 65 6e 74 28 63 2c 72 29 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 26 26 61 26 26 63 29 7b 74 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 3d 21 30 2c 43 26 26 74 68 69 73 2e 70 61 75 73 65 28 29 2c 74 68 69 73 2e 5f 73 65 74 41 63 74 69 76 65 49 6e 64 69 63 61 74 6f 72 45 6c 65 6d 65 6e 74 28 63 29 3b 76 61 72 20 49 3d 74 2e 45 76 65 6e 74 28 64 2e 53 4c 49 44 2c 7b 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 63 2c 64 69 72 65 63 74 69 6f 6e 3a 72 2c 66 72 6f 6d 3a 6c 2c 74 6f 3a 5f 7d 29 3b 50 2e 73 75 70 70 6f 72 74 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 29 26 26 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 68 61 73 43 6c Data Ascii: ng=!1;else if(!this._triggerSlideEvent(c,r).isDefaultPrevented()&&a&&c){this._isSliding=!0,C&&this.pause(),this._setActiveIndicatorElement(c);var I=t.Event(d.SLID,{relatedTarget:c,direction:r,from:l,to:_});P.supportsTransitionEnd()&&t(this._element).hasCl
2021-09-27 13:37:59 UTC	66	IN	Data Raw: 22 34 2e 30 2e 30 22 7d 7d 2c 7b 6b 65 79 3a 22 44 65 66 61 75 6c 74 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 7d 7d 5d 29 2c 6f 7d 28 29 3b 72 65 74 75 72 6e 20 74 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 64 2e 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 2c 79 2e 44 41 54 41 5f 53 4c 49 44 45 2c 43 2e 5f 64 61 74 61 41 70 69 43 6c 69 63 6b 48 61 6e 64 6c 65 72 29 2c 74 28 77 69 6e 64 6f 77 29 2e 6f 6e 28 64 2e 4c 4f 41 44 5f 44 41 54 41 5f 41 50 49 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 79 2e 44 41 54 41 5f 52 49 44 45 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 28 74 68 69 73 29 3b 43 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2e 63 61 6c 6c 28 65 2c 65 2e 64 61 74 61 28 29 29 7d Data Ascii: "4.0.0"}},{key:"Default",get:function(){return a}}]),o}();return t(document).on(d.CLICK_DATA_API,y.DATA_SLIDE,C._dataApiClickHandler),t(window).on(d.LOAD_DATA_API,function(){t(y.DATA_RIDE).each(function(){var e=t(this);C._jQueryInterface.call(e,e.data())}
2021-09-27 13:37:59 UTC	67	IN	Data Raw: 74 6f 67 67 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 68 61 73 43 6c 61 73 73 28 63 29 3f 74 68 69 73 2e 68 69 64 65 28 29 3a 74 68 69 73 2e 73 68 6f 77 28 29 7d 2c 6f 2e 73 68 6f 77 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 73 2c 72 3d 74 68 69 73 3b 69 66 28 21 74 68 69 73 2e 5f 69 73 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 26 26 21 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 68 61 73 43 6c 61 73 73 28 63 29 26 26 28 74 68 69 73 2e 5f 70 61 72 65 6e 74 26 26 30 3d 3d 3d 28 65 3d 74 2e 6d 61 6b 65 41 72 72 61 79 28 74 28 74 68 69 73 2e 5f 70 61 72 65 6e 74 29 2e 66 69 6e 64 28 70 2e 41 43 54 49 56 45 53 29 2e 66 69 6c 74 65 72 28 27 5b 64 61 74 61 2d 70 61 72 65 6e 74 3d 22 27 2b 74 68 Data Ascii: toggle=function(){t(this._element).hasClass(c)?this.hide():this.show()},o.show=function(){var e,s,r=this;if(!this._isTransitioning&&!t(this._element).hasClass(c)&&(this._parent&&0===(e=t.makeArray(t(this._parent).find(p.ACTIVES).filter('[data-parent="'+th
2021-09-27 13:37:59 UTC	68	IN	Data Raw: 6e 74 29 2c 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 61 64 64 43 6c 61 73 73 28 66 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 75 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 63 29 2c 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 2e 6c 65 6e 67 74 68 3e 30 29 66 6f 72 28 76 61 72 20 73 3d 30 3b 73 3c 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 2e 6c 65 6e 67 74 68 3b 73 2b 2b 29 7b 76 61 72 20 72 3d 74 68 69 73 2e 5f 74 72 69 67 67 65 72 41 72 72 61 79 5b 73 5d 2c 6f 3d 50 2e 67 65 74 53 65 6c 65 63 74 6f 72 46 72 6f 6d 45 6c 65 6d 65 6e 74 28 72 29 3b 69 66 28 6e 75 6c 6c 21 3d 3d 6f 29 74 28 6f 29 2e 68 61 73 43 6c 61 73 73 28 63 29 7c 7c 74 28 72 29 2e 61 64 64 43 6c 61 73 73 28 64 29 2e 61 74 74 72 28 22 61 72 69 61 2d 65 78 70 Data Ascii: nt),t(this._element).addClass(f).removeClass(u).removeClass(c),this._triggerArray.length>0)for(var s=0;s<this._triggerArray.length;s++){var r=this._triggerArray[s],o=P.getSelectorFromElement(r);if(null!==o)t(o).hasClass(c)\|\|t(r).addClass(d).attr("aria-exp
2021-09-27 13:37:59 UTC	70	IN	Data Raw: 65 43 6c 61 73 73 28 64 2c 21 69 29 2e 61 74 74 72 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 69 29 7d 7d 2c 69 2e 5f 67 65 74 54 61 72 67 65 74 46 72 6f 6d 45 6c 65 6d 65 6e 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 50 2e 67 65 74 53 65 6c 65 63 74 6f 72 46 72 6f 6d 45 6c 65 6d 65 6e 74 28 65 29 3b 72 65 74 75 72 6e 20 6e 3f 74 28 6e 29 5b 30 5d 3a 6e 75 6c 6c 7d 2c 69 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 73 3d 74 28 74 68 69 73 29 2c 6f 3d 73 2e 64 61 74 61 28 6e 29 2c 6c 3d 72 28 7b 7d 2c 61 2c 73 2e 64 61 74 61 28 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 Data Ascii: eClass(d,!i).attr("aria-expanded",i)}},i._getTargetFromElement=function(e){var n=P.getSelectorFromElement(e);return n?t(n)[0]:null},i._jQueryInterface=function(e){return this.each(function(){var s=t(this),o=s.data(n),l=r({},a,s.data(),"object"==typeof e&&
2021-09-27 13:37:59 UTC	71	IN	Data Raw: 70 64 6f 77 6e 20 66 6f 72 6d 22 2c 79 3d 22 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 22 2c 43 3d 22 2e 6e 61 76 62 61 72 2d 6e 61 76 22 2c 49 3d 22 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 2e 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 22 2c 41 3d 22 74 6f 70 2d 73 74 61 72 74 22 2c 62 3d 22 74 6f 70 2d 65 6e 64 22 2c 44 3d 22 62 6f 74 74 6f 6d 2d 73 74 61 72 74 22 2c 53 3d 22 62 6f 74 74 6f 6d 2d 65 6e 64 22 2c 77 3d 22 72 69 67 68 74 2d 73 74 61 72 74 22 2c 4e 3d 22 6c 65 66 74 2d 73 74 61 72 74 22 2c 4f 3d 7b 6f 66 66 73 65 74 3a 30 2c 66 6c 69 70 3a 21 30 2c 62 6f 75 6e 64 61 72 79 3a 22 73 63 72 6f 6c 6c 50 61 72 65 6e 74 22 7d 2c 6b 3d 7b 6f 66 66 73 65 74 3a 22 28 6e 75 6d 62 65 72 7c 73 74 72 69 6e 67 Data Ascii: pdown form",y=".dropdown-menu",C=".navbar-nav",I=".dropdown-menu .dropdown-item:not(.disabled)",A="top-start",b="top-end",D="bottom-start",S="bottom-end",w="right-start",N="left-start",O={offset:0,flip:!0,boundary:"scrollParent"},k={offset:"(number\|string
2021-09-27 13:37:59 UTC	72	IN	Data Raw: 6f 67 67 6c 65 43 6c 61 73 73 28 66 29 2e 74 72 69 67 67 65 72 28 74 2e 45 76 65 6e 74 28 63 2e 53 48 4f 57 4e 2c 73 29 29 7d 7d 7d 7d 2c 6c 2e 64 69 73 70 6f 73 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 72 65 6d 6f 76 65 44 61 74 61 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2c 69 29 2c 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 66 66 28 6f 29 2c 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 6d 65 6e 75 3d 6e 75 6c 6c 2c 6e 75 6c 6c 21 3d 3d 74 68 69 73 2e 5f 70 6f 70 70 65 72 26 26 28 74 68 69 73 2e 5f 70 6f 70 70 65 72 2e 64 65 73 74 72 6f 79 28 29 2c 74 68 69 73 2e 5f 70 6f 70 70 65 72 3d 6e 75 6c 6c 29 7d 2c 6c 2e 75 70 64 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 69 6e 4e 61 76 62 61 72 Data Ascii: oggleClass(f).trigger(t.Event(c.SHOWN,s))}}}},l.dispose=function(){t.removeData(this._element,i),t(this._element).off(o),this._element=null,this._menu=null,null!==this._popper&&(this._popper.destroy(),this._popper=null)},l.update=function(){this._inNavbar
2021-09-27 13:37:59 UTC	74	IN	Data Raw: 7d 7d 7d 2c 61 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 3d 74 28 74 68 69 73 29 2e 64 61 74 61 28 69 29 3b 69 66 28 6e 7c 7c 28 6e 3d 6e 65 77 20 61 28 74 68 69 73 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 3f 65 3a 6e 75 6c 6c 29 2c 74 28 74 68 69 73 29 2e 64 61 74 61 28 69 2c 6e 29 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6e 5b 65 5d 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 27 4e 6f 20 6d 65 74 68 6f 64 20 6e 61 6d 65 64 20 22 27 2b 65 2b 27 22 27 29 3b 6e 5b 65 5d 28 29 7d 7d 29 Data Ascii: }}},a._jQueryInterface=function(e){return this.each(function(){var n=t(this).data(i);if(n\|\|(n=new a(this,"object"==typeof e?e:null),t(this).data(i,n)),"string"==typeof e){if("undefined"==typeof n[e])throw new TypeError('No method named "'+e+'"');n[e]()}})
2021-09-27 13:37:59 UTC	75	IN	Data Raw: 26 26 28 21 69 7c 7c 32 37 21 3d 3d 65 2e 77 68 69 63 68 26 26 33 32 21 3d 3d 65 2e 77 68 69 63 68 29 29 7b 76 61 72 20 73 3d 74 28 6e 29 2e 66 69 6e 64 28 49 29 2e 67 65 74 28 29 3b 69 66 28 30 21 3d 3d 73 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 72 3d 73 2e 69 6e 64 65 78 4f 66 28 65 2e 74 61 72 67 65 74 29 3b 33 38 3d 3d 3d 65 2e 77 68 69 63 68 26 26 72 3e 30 26 26 72 2d 2d 2c 34 30 3d 3d 3d 65 2e 77 68 69 63 68 26 26 72 3c 73 2e 6c 65 6e 67 74 68 2d 31 26 26 72 2b 2b 2c 72 3c 30 26 26 28 72 3d 30 29 2c 73 5b 72 5d 2e 66 6f 63 75 73 28 29 7d 7d 65 6c 73 65 7b 69 66 28 32 37 3d 3d 3d 65 2e 77 68 69 63 68 29 7b 76 61 72 20 6f 3d 74 28 6e 29 2e 66 69 6e 64 28 45 29 5b 30 5d 3b 74 28 6f 29 2e 74 72 69 67 67 65 72 28 22 66 6f 63 75 73 22 29 7d 74 28 74 68 69 Data Ascii: &&(!i\|\|27!==e.which&&32!==e.which)){var s=t(n).find(I).get();if(0!==s.length){var r=s.indexOf(e.target);38===e.which&&r>0&&r--,40===e.which&&r<s.length-1&&r++,r<0&&(r=0),s[r].focus()}}else{if(27===e.which){var o=t(n).find(E)[0];t(o).trigger("focus")}t(thi
2021-09-27 13:37:59 UTC	76	IN	Data Raw: 7d 2c 63 3d 22 6d 6f 64 61 6c 2d 73 63 72 6f 6c 6c 62 61 72 2d 6d 65 61 73 75 72 65 22 2c 75 3d 22 6d 6f 64 61 6c 2d 62 61 63 6b 64 72 6f 70 22 2c 66 3d 22 6d 6f 64 61 6c 2d 6f 70 65 6e 22 2c 64 3d 22 66 61 64 65 22 2c 5f 3d 22 73 68 6f 77 22 2c 67 3d 7b 44 49 41 4c 4f 47 3a 22 2e 6d 6f 64 61 6c 2d 64 69 61 6c 6f 67 22 2c 44 41 54 41 5f 54 4f 47 47 4c 45 3a 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 6d 6f 64 61 6c 22 5d 27 2c 44 41 54 41 5f 44 49 53 4d 49 53 53 3a 27 5b 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 6d 6f 64 61 6c 22 5d 27 2c 46 49 58 45 44 5f 43 4f 4e 54 45 4e 54 3a 22 2e 66 69 78 65 64 2d 74 6f 70 2c 20 2e 66 69 78 65 64 2d 62 6f 74 74 6f 6d 2c 20 2e 69 73 2d 66 69 78 65 64 2c 20 2e 73 74 69 63 6b 79 2d 74 6f 70 22 2c 53 54 49 43 4b 59 5f Data Ascii: },c="modal-scrollbar-measure",u="modal-backdrop",f="modal-open",d="fade",_="show",g={DIALOG:".modal-dialog",DATA_TOGGLE:'[data-toggle="modal"]',DATA_DISMISS:'[data-dismiss="modal"]',FIXED_CONTENT:".fixed-top, .fixed-bottom, .is-fixed, .sticky-top",STICKY_
2021-09-27 13:37:59 UTC	78	IN	Data Raw: 65 6d 65 6e 74 28 65 29 7d 29 29 7d 7d 2c 70 2e 68 69 64 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 74 68 69 73 3b 69 66 28 65 26 26 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 2c 21 74 68 69 73 2e 5f 69 73 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 26 26 74 68 69 73 2e 5f 69 73 53 68 6f 77 6e 29 7b 76 61 72 20 69 3d 74 2e 45 76 65 6e 74 28 68 2e 48 49 44 45 29 3b 69 66 28 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 69 29 2c 74 68 69 73 2e 5f 69 73 53 68 6f 77 6e 26 26 21 69 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 29 7b 74 68 69 73 2e 5f 69 73 53 68 6f 77 6e 3d 21 31 3b 76 61 72 20 73 3d 50 2e 73 75 70 70 6f 72 74 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 29 26 26 74 28 74 68 Data Ascii: ement(e)}))}},p.hide=function(e){var n=this;if(e&&e.preventDefault(),!this._isTransitioning&&this._isShown){var i=t.Event(h.HIDE);if(t(this._element).trigger(i),this._isShown&&!i.isDefaultPrevented()){this._isShown=!1;var s=P.supportsTransitionEnd()&&t(th
2021-09-27 13:37:59 UTC	79	IN	Data Raw: 6c 65 6d 65 6e 74 29 2c 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 61 64 64 43 6c 61 73 73 28 5f 29 2c 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 66 6f 63 75 73 26 26 74 68 69 73 2e 5f 65 6e 66 6f 72 63 65 46 6f 63 75 73 28 29 3b 76 61 72 20 73 3d 74 2e 45 76 65 6e 74 28 68 2e 53 48 4f 57 4e 2c 7b 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 65 7d 29 2c 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 5f 63 6f 6e 66 69 67 2e 66 6f 63 75 73 26 26 6e 2e 5f 65 6c 65 6d 65 6e 74 2e 66 6f 63 75 73 28 29 2c 6e 2e 5f 69 73 54 72 61 6e 73 69 74 69 6f 6e 69 6e 67 3d 21 31 2c 74 28 6e 2e 5f 65 6c 65 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 73 29 7d 3b 69 3f 74 28 74 68 69 73 2e 5f 64 69 61 6c 6f 67 29 2e 6f 6e 65 28 50 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 45 4e 44 2c Data Ascii: lement),t(this._element).addClass(_),this._config.focus&&this._enforceFocus();var s=t.Event(h.SHOWN,{relatedTarget:e}),r=function(){n._config.focus&&n._element.focus(),n._isTransitioning=!1,t(n._element).trigger(s)};i?t(this._dialog).one(P.TRANSITION_END,
2021-09-27 13:37:59 UTC	80	IN	Data Raw: 6e 45 6e 64 28 29 26 26 69 3b 69 66 28 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 29 2c 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 2e 63 6c 61 73 73 4e 61 6d 65 3d 75 2c 69 26 26 74 28 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 29 2e 61 64 64 43 6c 61 73 73 28 69 29 2c 74 28 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 29 2e 61 70 70 65 6e 64 54 6f 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 2c 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 68 2e 43 4c 49 43 4b 5f 44 49 53 4d 49 53 53 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6e 2e 5f 69 67 6e 6f 72 65 42 61 63 6b 64 72 6f 70 43 6c 69 63 6b 3f 6e 2e 5f 69 67 6e 6f 72 65 42 61 63 6b 64 72 6f 70 43 6c 69 63 6b 3d 21 Data Ascii: nEnd()&&i;if(this._backdrop=document.createElement("div"),this._backdrop.className=u,i&&t(this._backdrop).addClass(i),t(this._backdrop).appendTo(document.body),t(this._element).on(h.CLICK_DISMISS,function(t){n._ignoreBackdropClick?n._ignoreBackdropClick=!
2021-09-27 13:37:59 UTC	82	IN	Data Raw: 5f 69 73 42 6f 64 79 4f 76 65 72 66 6c 6f 77 69 6e 67 29 7b 74 28 67 2e 46 49 58 45 44 5f 43 4f 4e 54 45 4e 54 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 6e 2c 69 29 7b 76 61 72 20 73 3d 74 28 69 29 5b 30 5d 2e 73 74 79 6c 65 2e 70 61 64 64 69 6e 67 52 69 67 68 74 2c 72 3d 74 28 69 29 2e 63 73 73 28 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 22 29 3b 74 28 69 29 2e 64 61 74 61 28 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 22 2c 73 29 2e 63 73 73 28 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 22 2c 70 61 72 73 65 46 6c 6f 61 74 28 72 29 2b 65 2e 5f 73 63 72 6f 6c 6c 62 61 72 57 69 64 74 68 2b 22 70 78 22 29 7d 29 2c 74 28 67 2e 53 54 49 43 4b 59 5f 43 4f 4e 54 45 4e 54 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 6e 2c 69 29 7b 76 61 72 20 73 3d 74 28 Data Ascii: _isBodyOverflowing){t(g.FIXED_CONTENT).each(function(n,i){var s=t(i)[0].style.paddingRight,r=t(i).css("padding-right");t(i).data("padding-right",s).css("padding-right",parseFloat(r)+e._scrollbarWidth+"px")}),t(g.STICKY_CONTENT).each(function(n,i){var s=t(
2021-09-27 13:37:59 UTC	83	IN	Data Raw: 74 68 2d 74 2e 63 6c 69 65 6e 74 57 69 64 74 68 3b 72 65 74 75 72 6e 20 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 2c 65 7d 2c 6f 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 69 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 73 3d 74 28 74 68 69 73 29 2e 64 61 74 61 28 6e 29 2c 61 3d 72 28 7b 7d 2c 6f 2e 44 65 66 61 75 6c 74 2c 74 28 74 68 69 73 29 2e 64 61 74 61 28 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 65 29 3b 69 66 28 73 7c 7c 28 73 3d 6e 65 77 20 6f 28 74 68 69 73 2c 61 29 2c 74 28 74 68 69 73 29 2e 64 61 74 61 28 6e 2c 73 29 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 29 Data Ascii: th-t.clientWidth;return document.body.removeChild(t),e},o._jQueryInterface=function(e,i){return this.each(function(){var s=t(this).data(n),a=r({},o.Default,t(this).data(),"object"==typeof e&&e);if(s\|\|(s=new o(this,a),t(this).data(n,s)),"string"==typeof e)
2021-09-27 13:37:59 UTC	84	IN	Data Raw: 6c 62 61 63 6b 50 6c 61 63 65 6d 65 6e 74 3a 22 28 73 74 72 69 6e 67 7c 61 72 72 61 79 29 22 2c 62 6f 75 6e 64 61 72 79 3a 22 28 73 74 72 69 6e 67 7c 65 6c 65 6d 65 6e 74 29 22 7d 2c 63 3d 7b 41 55 54 4f 3a 22 61 75 74 6f 22 2c 54 4f 50 3a 22 74 6f 70 22 2c 52 49 47 48 54 3a 22 72 69 67 68 74 22 2c 42 4f 54 54 4f 4d 3a 22 62 6f 74 74 6f 6d 22 2c 4c 45 46 54 3a 22 6c 65 66 74 22 7d 2c 75 3d 7b 61 6e 69 6d 61 74 69 6f 6e 3a 21 30 2c 74 65 6d 70 6c 61 74 65 3a 27 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 6f 6f 6c 74 69 70 22 20 72 6f 6c 65 3d 22 74 6f 6f 6c 74 69 70 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 72 72 6f 77 22 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 6f 6f 6c 74 69 70 2d 69 6e 6e 65 72 22 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e Data Ascii: lbackPlacement:"(string\|array)",boundary:"(string\|element)"},c={AUTO:"auto",TOP:"top",RIGHT:"right",BOTTOM:"bottom",LEFT:"left"},u={animation:!0,template:'<div class="tooltip" role="tooltip"><div class="arrow"></div><div class="tooltip-inner"></div></div>
2021-09-27 13:37:59 UTC	104	IN	Data Raw: 65 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 29 2e 64 61 74 61 28 6e 2c 69 29 29 2c 69 2e 5f 61 63 74 69 76 65 54 72 69 67 67 65 72 2e 63 6c 69 63 6b 3d 21 69 2e 5f 61 63 74 69 76 65 54 72 69 67 67 65 72 2e 63 6c 69 63 6b 2c 69 2e 5f 69 73 57 69 74 68 41 63 74 69 76 65 54 72 69 67 67 65 72 28 29 3f 69 2e 5f 65 6e 74 65 72 28 6e 75 6c 6c 2c 69 29 3a 69 2e 5f 6c 65 61 76 65 28 6e 75 6c 6c 2c 69 29 7d 65 6c 73 65 7b 69 66 28 74 28 74 68 69 73 2e 67 65 74 54 69 70 45 6c 65 6d 65 6e 74 28 29 29 2e 68 61 73 43 6c 61 73 73 28 70 29 29 72 65 74 75 72 6e 20 76 6f 69 64 20 74 68 69 73 2e 5f 6c 65 61 76 65 28 6e 75 6c 6c 2c 74 68 69 73 29 3b 74 68 69 73 2e 5f 65 6e 74 65 72 28 6e 75 6c 6c 2c 74 68 69 73 29 7d 7d 2c 49 2e 64 69 73 70 6f 73 65 3d 66 75 6e 63 74 69 6f Data Ascii: e.currentTarget).data(n,i)),i._activeTrigger.click=!i._activeTrigger.click,i._isWithActiveTrigger()?i._enter(null,i):i._leave(null,i)}else{if(t(this.getTipElement()).hasClass(p))return void this._leave(null,this);this._enter(null,this)}},I.dispose=functio
2021-09-27 13:37:59 UTC	106	IN	Data Raw: 6d 65 6e 74 43 6c 61 73 73 28 68 29 3b 76 61 72 20 63 3d 21 31 3d 3d 3d 74 68 69 73 2e 63 6f 6e 66 69 67 2e 63 6f 6e 74 61 69 6e 65 72 3f 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 3a 74 28 74 68 69 73 2e 63 6f 6e 66 69 67 2e 63 6f 6e 74 61 69 6e 65 72 29 3b 74 28 72 29 2e 64 61 74 61 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 44 41 54 41 5f 4b 45 59 2c 74 68 69 73 29 2c 74 2e 63 6f 6e 74 61 69 6e 73 28 74 68 69 73 2e 65 6c 65 6d 65 6e 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2c 74 68 69 73 2e 74 69 70 29 7c 7c 74 28 72 29 2e 61 70 70 65 6e 64 54 6f 28 63 29 2c 74 28 74 68 69 73 2e 65 6c 65 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 45 76 65 6e 74 Data Ascii: mentClass(h);var c=!1===this.config.container?document.body:t(this.config.container);t(r).data(this.constructor.DATA_KEY,this),t.contains(this.element.ownerDocument.documentElement,this.tip)\|\|t(r).appendTo(c),t(this.element).trigger(this.constructor.Event
2021-09-27 13:37:59 UTC	107	IN	Data Raw: 7d 3b 74 28 74 68 69 73 2e 65 6c 65 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 73 29 2c 73 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 7c 7c 28 74 28 69 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 70 29 2c 22 6f 6e 74 6f 75 63 68 73 74 61 72 74 22 69 6e 20 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 26 26 74 28 22 62 6f 64 79 22 29 2e 63 68 69 6c 64 72 65 6e 28 29 2e 6f 66 66 28 22 6d 6f 75 73 65 6f 76 65 72 22 2c 6e 75 6c 6c 2c 74 2e 6e 6f 6f 70 29 2c 74 68 69 73 2e 5f 61 63 74 69 76 65 54 72 69 67 67 65 72 5b 79 5d 3d 21 31 2c 74 68 69 73 2e 5f 61 63 74 69 76 65 54 72 69 67 67 65 72 5b 54 5d 3d 21 31 2c 74 68 69 73 2e 5f 61 63 74 69 76 65 54 72 69 67 67 65 72 5b 45 5d 3d 21 31 2c 50 2e 73 75 70 70 6f 72 74 73 Data Ascii: };t(this.element).trigger(s),s.isDefaultPrevented()\|\|(t(i).removeClass(p),"ontouchstart"in document.documentElement&&t("body").children().off("mouseover",null,t.noop),this._activeTrigger[y]=!1,this._activeTrigger[T]=!1,this._activeTrigger[E]=!1,P.supports
2021-09-27 13:37:59 UTC	108	IN	Data Raw: 74 6f 72 2e 45 76 65 6e 74 2e 43 4c 49 43 4b 2c 65 2e 63 6f 6e 66 69 67 2e 73 65 6c 65 63 74 6f 72 2c 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 74 6f 67 67 6c 65 28 74 29 7d 29 3b 65 6c 73 65 20 69 66 28 6e 21 3d 3d 43 29 7b 76 61 72 20 69 3d 6e 3d 3d 3d 45 3f 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 45 76 65 6e 74 2e 4d 4f 55 53 45 45 4e 54 45 52 3a 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 45 76 65 6e 74 2e 46 4f 43 55 53 49 4e 2c 73 3d 6e 3d 3d 3d 45 3f 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 45 76 65 6e 74 2e 4d 4f 55 53 45 4c 45 41 56 45 3a 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 45 76 65 6e 74 2e 46 4f 43 55 53 4f 55 54 3b 74 28 65 2e 65 6c 65 6d 65 6e 74 29 2e 6f 6e 28 69 2c 65 2e 63 6f 6e 66 69 67 2e 73 65 6c 65 63 74 6f Data Ascii: tor.Event.CLICK,e.config.selector,function(t){return e.toggle(t)});else if(n!==C){var i=n===E?e.constructor.Event.MOUSEENTER:e.constructor.Event.FOCUSIN,s=n===E?e.constructor.Event.MOUSELEAVE:e.constructor.Event.FOCUSOUT;t(e.element).on(i,e.config.selecto
2021-09-27 13:37:59 UTC	110	IN	Data Raw: 32 65 33 32 0d 0a 63 74 69 6f 6e 28 65 2c 6e 29 7b 76 61 72 20 69 3d 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 44 41 54 41 5f 4b 45 59 3b 28 6e 3d 6e 7c 7c 74 28 65 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 29 2e 64 61 74 61 28 69 29 29 7c 7c 28 6e 3d 6e 65 77 20 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 2c 74 68 69 73 2e 5f 67 65 74 44 65 6c 65 67 61 74 65 43 6f 6e 66 69 67 28 29 29 2c 74 28 65 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 29 2e 64 61 74 61 28 69 2c 6e 29 29 2c 65 26 26 28 6e 2e 5f 61 63 74 69 76 65 54 72 69 67 67 65 72 5b 22 66 6f 63 75 73 6f 75 74 22 3d 3d 3d 65 2e 74 79 70 65 3f 54 3a 45 5d 3d 21 31 29 2c 6e 2e 5f 69 73 57 69 74 68 41 63 74 69 76 65 54 72 69 67 67 65 72 28 29 Data Ascii: 2e32ction(e,n){var i=this.constructor.DATA_KEY;(n=n\|\|t(e.currentTarget).data(i))\|\|(n=new this.constructor(e.currentTarget,this._getDelegateConfig()),t(e.currentTarget).data(i,n)),e&&(n._activeTrigger["focusout"===e.type?T:E]=!1),n._isWithActiveTrigger()
2021-09-27 13:37:59 UTC	111	IN	Data Raw: 67 65 74 41 74 74 72 69 62 75 74 65 28 22 78 2d 70 6c 61 63 65 6d 65 6e 74 22 29 26 26 28 74 28 65 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 67 29 2c 74 68 69 73 2e 63 6f 6e 66 69 67 2e 61 6e 69 6d 61 74 69 6f 6e 3d 21 31 2c 74 68 69 73 2e 68 69 64 65 28 29 2c 74 68 69 73 2e 73 68 6f 77 28 29 2c 74 68 69 73 2e 63 6f 6e 66 69 67 2e 61 6e 69 6d 61 74 69 6f 6e 3d 6e 29 7d 2c 61 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 3d 74 28 74 68 69 73 29 2e 64 61 74 61 28 69 29 2c 73 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 65 3b 69 66 28 28 6e 7c 7c 21 2f 64 69 73 70 6f 73 65 7c 68 69 64 65 2f 2e 74 65 Data Ascii: getAttribute("x-placement")&&(t(e).removeClass(g),this.config.animation=!1,this.hide(),this.show(),this.config.animation=n)},a._jQueryInterface=function(e){return this.each(function(){var n=t(this).data(i),s="object"==typeof e&&e;if((n\|\|!/dispose\|hide/.te
2021-09-27 13:37:59 UTC	112	IN	Data Raw: 43 4b 3a 22 63 6c 69 63 6b 22 2b 69 2c 46 4f 43 55 53 49 4e 3a 22 66 6f 63 75 73 69 6e 22 2b 69 2c 46 4f 43 55 53 4f 55 54 3a 22 66 6f 63 75 73 6f 75 74 22 2b 69 2c 4d 4f 55 53 45 45 4e 54 45 52 3a 22 6d 6f 75 73 65 65 6e 74 65 72 22 2b 69 2c 4d 4f 55 53 45 4c 45 41 56 45 3a 22 6d 6f 75 73 65 6c 65 61 76 65 22 2b 69 7d 2c 67 3d 66 75 6e 63 74 69 6f 6e 28 72 29 7b 76 61 72 20 6f 2c 67 3b 66 75 6e 63 74 69 6f 6e 20 70 28 29 7b 72 65 74 75 72 6e 20 72 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7c 7c 74 68 69 73 7d 67 3d 72 2c 28 6f 3d 70 29 2e 70 72 6f 74 6f 74 79 70 65 3d 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 28 67 2e 70 72 6f 74 6f 74 79 70 65 29 2c 6f 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 6f 2c 6f 2e Data Ascii: CK:"click"+i,FOCUSIN:"focusin"+i,FOCUSOUT:"focusout"+i,MOUSEENTER:"mouseenter"+i,MOUSELEAVE:"mouseleave"+i},g=function(r){var o,g;function p(){return r.apply(this,arguments)\|\|this}g=r,(o=p).prototype=Object.create(g.prototype),o.prototype.constructor=o,o.
2021-09-27 13:37:59 UTC	114	IN	Data Raw: 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 7d 7d 2c 7b 6b 65 79 3a 22 4e 41 4d 45 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 7d 2c 7b 6b 65 79 3a 22 44 41 54 41 5f 4b 45 59 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 7d 7d 2c 7b 6b 65 79 3a 22 45 76 65 6e 74 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 7d 7d 2c 7b 6b 65 79 3a 22 45 56 45 4e 54 5f 4b 45 59 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 69 7d 7d 2c 7b 6b 65 79 3a 22 44 65 66 61 75 6c 74 54 79 70 65 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 68 7d 7d 5d 29 2c 70 7d 28 55 29 3b 72 65 74 75 72 6e 20 74 2e 66 6e 5b 65 5d 3d 67 2e 5f 6a 51 Data Ascii: nction(){return l}},{key:"NAME",get:function(){return e}},{key:"DATA_KEY",get:function(){return n}},{key:"Event",get:function(){return _}},{key:"EVENT_KEY",get:function(){return i}},{key:"DefaultType",get:function(){return h}}]),p}(U);return t.fn[e]=g._jQ
2021-09-27 13:37:59 UTC	115	IN	Data Raw: 67 3d 6f 2e 70 72 6f 74 6f 74 79 70 65 3b 72 65 74 75 72 6e 20 67 2e 72 65 66 72 65 73 68 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2c 6e 3d 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 3d 3d 3d 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 2e 77 69 6e 64 6f 77 3f 64 3a 5f 2c 69 3d 22 61 75 74 6f 22 3d 3d 3d 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 6d 65 74 68 6f 64 3f 6e 3a 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 6d 65 74 68 6f 64 2c 73 3d 69 3d 3d 3d 5f 3f 74 68 69 73 2e 5f 67 65 74 53 63 72 6f 6c 6c 54 6f 70 28 29 3a 30 3b 74 68 69 73 2e 5f 6f 66 66 73 65 74 73 3d 5b 5d 2c 74 68 69 73 2e 5f 74 61 72 67 65 74 73 3d 5b 5d 2c 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 48 65 69 67 68 74 3d 74 68 69 73 2e 5f 67 65 74 53 Data Ascii: g=o.prototype;return g.refresh=function(){var e=this,n=this._scrollElement===this._scrollElement.window?d:_,i="auto"===this._config.method?n:this._config.method,s=i===_?this._getScrollTop():0;this._offsets=[],this._targets=[],this._scrollHeight=this._getS
2021-09-27 13:37:59 UTC	116	IN	Data Raw: 3d 3d 3d 77 69 6e 64 6f 77 3f 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 3a 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 45 6c 65 6d 65 6e 74 2e 67 65 74 42 6f 75 6e 64 69 6e 67 43 6c 69 65 6e 74 52 65 63 74 28 29 2e 68 65 69 67 68 74 7d 2c 67 2e 5f 70 72 6f 63 65 73 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 5f 67 65 74 53 63 72 6f 6c 6c 54 6f 70 28 29 2b 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 6f 66 66 73 65 74 2c 65 3d 74 68 69 73 2e 5f 67 65 74 53 63 72 6f 6c 6c 48 65 69 67 68 74 28 29 2c 6e 3d 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 6f 66 66 73 65 74 2b 65 2d 74 68 69 73 2e 5f 67 65 74 4f 66 66 73 65 74 48 65 69 67 68 74 28 29 3b 69 66 28 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 48 65 69 67 68 74 21 3d 3d 65 26 26 74 68 69 73 Data Ascii: ===window?window.innerHeight:this._scrollElement.getBoundingClientRect().height},g._process=function(){var t=this._getScrollTop()+this._config.offset,e=this._getScrollHeight(),n=this._config.offset+e-this._getOffsetHeight();if(this._scrollHeight!==e&&this
2021-09-27 13:37:59 UTC	118	IN	Data Raw: 20 65 26 26 65 29 2c 74 28 74 68 69 73 29 2e 64 61 74 61 28 6e 2c 69 29 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 69 5b 65 5d 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 27 4e 6f 20 6d 65 74 68 6f 64 20 6e 61 6d 65 64 20 22 27 2b 65 2b 27 22 27 29 3b 69 5b 65 5d 28 29 7d 7d 29 7d 2c 73 28 6f 2c 6e 75 6c 6c 2c 5b 7b 6b 65 79 3a 22 56 45 52 53 49 4f 4e 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 34 2e 30 2e 30 22 7d 7d 2c 7b 6b 65 79 3a 22 44 65 66 61 75 6c 74 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 7d 7d 5d 29 2c 6f 7d 28 29 3b 72 65 74 75 72 6e 20 74 28 77 69 6e 64 6f 77 29 2e 6f 6e Data Ascii: e&&e),t(this).data(n,i)),"string"==typeof e){if("undefined"==typeof i[e])throw new TypeError('No method named "'+e+'"');i[e]()}})},s(o,null,[{key:"VERSION",get:function(){return"4.0.0"}},{key:"Default",get:function(){return a}}]),o}();return t(window).on
2021-09-27 13:37:59 UTC	119	IN	Data Raw: 74 2e 45 76 65 6e 74 28 72 2e 53 48 4f 57 2c 7b 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 69 7d 29 3b 69 66 28 69 26 26 74 28 69 29 2e 74 72 69 67 67 65 72 28 63 29 2c 74 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 29 2e 74 72 69 67 67 65 72 28 75 29 2c 21 75 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 26 26 21 63 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 29 7b 6f 26 26 28 6e 3d 74 28 6f 29 5b 30 5d 29 2c 74 68 69 73 2e 5f 61 63 74 69 76 61 74 65 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2c 73 29 3b 76 61 72 20 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 3d 74 2e 45 76 65 6e 74 28 72 2e 48 49 44 44 45 4e 2c 7b 72 65 6c 61 74 65 64 54 61 72 67 65 74 3a 65 2e 5f 65 6c 65 6d 65 6e 74 7d 29 2c 73 3d 74 2e 45 76 Data Ascii: t.Event(r.SHOW,{relatedTarget:i});if(i&&t(i).trigger(c),t(this._element).trigger(u),!u.isDefaultPrevented()&&!c.isDefaultPrevented()){o&&(n=t(o)[0]),this._activate(this._element,s);var g=function(){var n=t.Event(r.HIDDEN,{relatedTarget:e._element}),s=t.Ev
2021-09-27 13:37:59 UTC	120	IN	Data Raw: 29 7d 7d 29 7d 2c 73 28 6e 2c 6e 75 6c 6c 2c 5b 7b 6b 65 79 3a 22 56 45 52 53 49 4f 4e 22 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 34 2e 30 2e 30 22 7d 7d 5d 29 2c 6e 7d 28 29 3b 72 65 74 75 72 6e 20 74 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 72 2e 43 4c 49 43 4b 5f 44 41 54 41 5f 41 50 49 2c 67 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 2c 76 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2e 63 61 6c 6c 28 74 28 74 68 69 73 29 2c 22 73 68 6f 77 22 29 7d 29 2c 74 2e 66 6e 2e 74 61 62 3d 76 2e 5f 6a 51 75 65 72 79 49 6e 74 65 72 66 61 63 65 2c 74 2e 66 6e 2e 74 61 62 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 76 2c 74 2e 66 6e 2e 74 61 62 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 Data Ascii: )}})},s(n,null,[{key:"VERSION",get:function(){return"4.0.0"}}]),n}();return t(document).on(r.CLICK_DATA_API,g,function(e){e.preventDefault(),v._jQueryInterface.call(t(this),"show")}),t.fn.tab=v._jQueryInterface,t.fn.tab.Constructor=v,t.fn.tab.noConflict=f
2021-09-27 13:37:59 UTC	121	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
3	192.168.2.5	49740	18.66.196.75	443	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2021-09-27 13:37:59 UTC	1	OUT	GET /slageris.lv HTTP/1.1 Host: logo.clearbit.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2021-09-27 13:37:59 UTC	123	IN	HTTP/1.1 404 Not Found Content-Type: text/plain; charset=utf-8 Content-Length: 1 Connection: close Date: Mon, 27 Sep 2021 13:37:59 GMT x-content-type-options: nosniff Server: envoy X-Cache: Error from cloudfront Via: 1.1 240ebea27618238384903016b8e84169.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MXP63-P1 X-Amz-Cf-Id: htvAx_nwdIX-i7MEi-8xETDTFGiCzgrjvV47ETf0gXu7ajAAUUlD8Q==
2021-09-27 13:37:59 UTC	123	IN	Data Raw: 0a Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
4	192.168.2.5	49736	172.217.168.13	443	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2021-09-27 13:37:59 UTC	1	OUT	POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1 Host: accounts.google.com Connection: keep-alive Content-Length: 1 Origin: https://www.google.com Content-Type: application/x-www-form-urlencoded Sec-Fetch-Site: none Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2021-09-27 13:37:59 UTC	2	OUT	Data Raw: 20 Data Ascii:
2021-09-27 13:37:59 UTC	121	IN	HTTP/1.1 200 OK Content-Type: application/json; charset=utf-8 Access-Control-Allow-Origin: https://www.google.com Access-Control-Allow-Credentials: true X-Content-Type-Options: nosniff Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 27 Sep 2021 13:37:59 GMT Strict-Transport-Security: max-age=31536000 Content-Security-Policy: script-src 'report-sample' 'nonce-0gXk0o73zC3b40bAuTK80w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self' Content-Security-Policy: script-src 'nonce-0gXk0o73zC3b40bAuTK80w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="IdentityListAccountsHttp" Report-To: {"group":"IdentityListAccountsHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external"}]} Server: ESF X-XSS-Protection: 0 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Accept-Ranges: none Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding Connection: close Transfer-Encoding: chunked
2021-09-27 13:37:59 UTC	123	IN	Data Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a Data Ascii: 11["gaia.l.a.r",[]]
2021-09-27 13:37:59 UTC	123	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
5	192.168.2.5	49744	98.164.36.69	443	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	kBytes transferred	Direction	Data
2021-09-27 13:38:00 UTC	123	OUT	GET /owa/auth/15.0.1497/themes/resources/favicon.ico HTTP/1.1 Host: mail.borets.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2021-09-27 13:38:00 UTC	124	IN	HTTP/1.1 200 OK Cache-Control: public,max-age=2592000 Content-Type: image/x-icon Last-Modified: Tue, 28 May 2019 22:02:58 GMT Accept-Ranges: bytes ETag: "015f11ba115d51:0" Server: Microsoft-IIS/8.5 request-id: 41807974-98ed-468f-8717-cc688356ff27 Set-Cookie: ClientId=KRPTIIPEMKYIULMRANBPA; expires=Tue, 27-Sep-2022 13:38:00 GMT; path=/; HttpOnly X-Powered-By: ASP.NET Date: Mon, 27 Sep 2021 13:38:00 GMT Connection: close Content-Length: 7886
2021-09-27 13:38:00 UTC	124	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c2 6c 00 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @ l

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exe PID: 3560 Parent PID: 3444

General

Start time:	15:37:56
Start date:	27/09/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\26222021 114007 a.m. Owa Outlook App.html'
Imagebase:	0x7ff677c70000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: chrome.exe PID: 1188 Parent PID: 3560

General

Start time:	15:37:57
Start date:	27/09/2021
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1648,11094347611715134829,13990568648629289274,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
Imagebase:	0x7ff677c70000
File size:	2150896 bytes
MD5 hash:	C139654B5C1438A95B321BB01AD63EF6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Windows Analysis Report 26222021 114007 a.m. Owa Outlook App.html

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Initial Sample

Sigma Overview

Jbx Signature Overview

Phishing:

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTPS Proxied Packets

Code Manipulations

Statistics

CPU Usage

Memory Usage

High Level Behavior Distribution

back

Behavior

System Behavior

Analysis Process: chrome.exe PID: 3560 Parent PID: 3444

General

Chronological Activities

Analysis Process: chrome.exe PID: 1188 Parent PID: 3560

General

Chronological Activities

Disassembly