Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/11/2024, 19:02 UTC

General

  • Target

    https://drive.google.com/file/d/14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ/view?usp=sharing

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • System Location Discovery: System Language Discovery 1 TTPs 9 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 20 IoCs
  • Modifies registry class 13 IoCs
  • Opens file in notepad (likely ransom note) 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 32 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 46 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 53 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://drive.google.com/file/d/14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ/view?usp=sharing
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4356
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffff6e146f8,0x7ffff6e14708,0x7ffff6e14718
      2⤵
        PID:4680
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
        2⤵
          PID:4136
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:5080
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
          2⤵
            PID:2288
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
            2⤵
              PID:5088
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
              2⤵
                PID:4972
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
                2⤵
                  PID:2976
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
                  2⤵
                    PID:4312
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5792 /prefetch:8
                    2⤵
                      PID:3076
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5792 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:2996
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
                      2⤵
                        PID:4236
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
                        2⤵
                          PID:2584
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
                          2⤵
                            PID:116
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
                            2⤵
                              PID:5036
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
                              2⤵
                                PID:5376
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5444 /prefetch:8
                                2⤵
                                  PID:5384
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6488 /prefetch:8
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:5528
                                • C:\Windows\system32\NOTEPAD.EXE
                                  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\TeddyLauncherV2.apk
                                  2⤵
                                  • Opens file in notepad (likely ransom note)
                                  PID:5728
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
                                  2⤵
                                    PID:2916
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
                                    2⤵
                                      PID:4436
                                    • C:\Windows\system32\NOTEPAD.EXE
                                      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\TeddyLauncherV2.apk
                                      2⤵
                                      • Opens file in notepad (likely ransom note)
                                      PID:6048
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,8196786311773096805,1339714362356456334,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4760 /prefetch:2
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:4348
                                  • C:\Windows\System32\CompPkgSrv.exe
                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                    1⤵
                                      PID:1540
                                    • C:\Windows\System32\CompPkgSrv.exe
                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                      1⤵
                                        PID:2412
                                      • C:\Windows\System32\rundll32.exe
                                        C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                        1⤵
                                          PID:5756
                                        • C:\Windows\system32\OpenWith.exe
                                          C:\Windows\system32\OpenWith.exe -Embedding
                                          1⤵
                                          • Modifies registry class
                                          • Suspicious behavior: GetForegroundWindowSpam
                                          • Suspicious use of SetWindowsHookEx
                                          PID:5784
                                          • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                            "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\TeddyLauncherV2.apk"
                                            2⤵
                                            • System Location Discovery: System Language Discovery
                                            • Checks processor information in registry
                                            • Modifies Internet Explorer settings
                                            • Suspicious behavior: EnumeratesProcesses
                                            • Suspicious use of FindShellTrayWindow
                                            • Suspicious use of SetWindowsHookEx
                                            PID:5948
                                            • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                              "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
                                              3⤵
                                              • System Location Discovery: System Language Discovery
                                              PID:5156
                                              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=67D236BBD6BF29173449E7AFACF46521 --mojo-platform-channel-handle=1756 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                4⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:2780
                                              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=928263FC201D3D99D3267F8066F01484 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=928263FC201D3D99D3267F8066F01484 --renderer-client-id=2 --mojo-platform-channel-handle=1764 --allow-no-sandbox-job /prefetch:1
                                                4⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:3344
                                              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=E05E1A5E492A24E5BBD3E6D88A72992A --mojo-platform-channel-handle=2316 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                4⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:5560
                                              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=C96CBA8CDA956F491428DCBD8D3B35C5 --mojo-platform-channel-handle=2424 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                4⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:5728
                                              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=41142EC9458A36D877553934B6374D1C --mojo-platform-channel-handle=2360 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                4⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:5916
                                              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=274A419C11D9FB0A97069320C2D2A43B --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=274A419C11D9FB0A97069320C2D2A43B --renderer-client-id=8 --mojo-platform-channel-handle=2516 --allow-no-sandbox-job /prefetch:1
                                                4⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:5872
                                        • C:\Windows\System32\CompPkgSrv.exe
                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                          1⤵
                                            PID:5556
                                          • C:\Windows\system32\OpenWith.exe
                                            C:\Windows\system32\OpenWith.exe -Embedding
                                            1⤵
                                            • Modifies registry class
                                            • Suspicious behavior: GetForegroundWindowSpam
                                            • Suspicious use of SetWindowsHookEx
                                            PID:5348
                                            • C:\Windows\system32\NOTEPAD.EXE
                                              "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\TeddyLauncherV2.apk
                                              2⤵
                                              • Opens file in notepad (likely ransom note)
                                              PID:5568
                                          • C:\Program Files\7-Zip\7zG.exe
                                            "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\TeddyLauncherV2\" -ad -an -ai#7zMap31319:92:7zEvent22289
                                            1⤵
                                            • Suspicious use of AdjustPrivilegeToken
                                            • Suspicious use of FindShellTrayWindow
                                            PID:4564
                                          • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
                                            "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\Downloads\TeddyLauncherV2\AndroidManifest.xml"
                                            1⤵
                                              PID:2212
                                              • C:\Program Files\Internet Explorer\iexplore.exe
                                                "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Downloads\TeddyLauncherV2\AndroidManifest.xml
                                                2⤵
                                                • Modifies Internet Explorer settings
                                                • Suspicious use of FindShellTrayWindow
                                                • Suspicious use of SetWindowsHookEx
                                                PID:5404
                                                • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                                                  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5404 CREDAT:17410 /prefetch:2
                                                  3⤵
                                                  • System Location Discovery: System Language Discovery
                                                  • Modifies Internet Explorer settings
                                                  • Suspicious use of SetWindowsHookEx
                                                  PID:3824

                                            Network

                                            • flag-us
                                              DNS
                                              104.219.191.52.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              104.219.191.52.in-addr.arpa
                                              IN PTR
                                              Response
                                            • flag-us
                                              DNS
                                              drive.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              drive.google.com
                                              IN A
                                              Response
                                              drive.google.com
                                              IN A
                                              142.250.187.206
                                            • flag-gb
                                              GET
                                              https://drive.google.com/file/d/14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ/view?usp=sharing
                                              msedge.exe
                                              Remote address:
                                              142.250.187.206:443
                                              Request
                                              GET /file/d/14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ/view?usp=sharing HTTP/2.0
                                              host: drive.google.com
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              sec-ch-ua-mobile: ?0
                                              dnt: 1
                                              upgrade-insecure-requests: 1
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                              sec-fetch-site: none
                                              sec-fetch-mode: navigate
                                              sec-fetch-user: ?1
                                              sec-fetch-dest: document
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              106.209.201.84.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              106.209.201.84.in-addr.arpa
                                              IN PTR
                                              Response
                                            • flag-us
                                              DNS
                                              206.187.250.142.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              206.187.250.142.in-addr.arpa
                                              IN PTR
                                              Response
                                              206.187.250.142.in-addr.arpa
                                              IN PTR
                                              lhr25s33-in-f141e100net
                                            • flag-us
                                              DNS
                                              95.221.229.192.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              95.221.229.192.in-addr.arpa
                                              IN PTR
                                              Response
                                            • flag-us
                                              DNS
                                              ogs.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              ogs.google.com
                                              IN A
                                              Response
                                              ogs.google.com
                                              IN CNAME
                                              www3.l.google.com
                                              www3.l.google.com
                                              IN A
                                              216.58.201.110
                                            • flag-us
                                              DNS
                                              apis.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              apis.google.com
                                              IN A
                                              Response
                                              apis.google.com
                                              IN CNAME
                                              plus.l.google.com
                                              plus.l.google.com
                                              IN A
                                              216.58.201.110
                                            • flag-us
                                              DNS
                                              ogads-pa.googleapis.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              ogads-pa.googleapis.com
                                              IN A
                                              Response
                                              ogads-pa.googleapis.com
                                              IN A
                                              216.58.204.74
                                              ogads-pa.googleapis.com
                                              IN A
                                              142.250.178.10
                                              ogads-pa.googleapis.com
                                              IN A
                                              216.58.212.234
                                              ogads-pa.googleapis.com
                                              IN A
                                              142.250.200.42
                                              ogads-pa.googleapis.com
                                              IN A
                                              142.250.200.10
                                              ogads-pa.googleapis.com
                                              IN A
                                              142.250.179.234
                                              ogads-pa.googleapis.com
                                              IN A
                                              172.217.169.10
                                              ogads-pa.googleapis.com
                                              IN A
                                              142.250.180.10
                                              ogads-pa.googleapis.com
                                              IN A
                                              216.58.201.106
                                              ogads-pa.googleapis.com
                                              IN A
                                              142.250.187.202
                                              ogads-pa.googleapis.com
                                              IN A
                                              142.250.187.234
                                              ogads-pa.googleapis.com
                                              IN A
                                              216.58.212.202
                                              ogads-pa.googleapis.com
                                              IN A
                                              216.58.213.10
                                              ogads-pa.googleapis.com
                                              IN A
                                              172.217.16.234
                                            • flag-gb
                                              GET
                                              https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0
                                              msedge.exe
                                              Remote address:
                                              216.58.201.110:443
                                              Request
                                              GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/2.0
                                              host: apis.google.com
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              dnt: 1
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: */*
                                              sec-fetch-site: same-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: script
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              cookie: NID=518=MRag9bfxfgv-cdha8sNJ3Eh2Fzjg3xdhRvD1rar3HaGOB9I7bjoupITXNHBJyoT3gKSbjeYLO9IXCsIZzhILt8_c3jaMgMnFLSBfRqOvt8AZVtRlJ81pMzOcc2izK1G8ea015kYely-jGJAeoxVBtwYgHPYX0RVhFzT25LHrx_s4htU
                                            • flag-gb
                                              GET
                                              https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_1
                                              msedge.exe
                                              Remote address:
                                              216.58.201.110:443
                                              Request
                                              GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_1 HTTP/2.0
                                              host: apis.google.com
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              dnt: 1
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: */*
                                              sec-fetch-site: same-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: script
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              cookie: NID=518=MRag9bfxfgv-cdha8sNJ3Eh2Fzjg3xdhRvD1rar3HaGOB9I7bjoupITXNHBJyoT3gKSbjeYLO9IXCsIZzhILt8_c3jaMgMnFLSBfRqOvt8AZVtRlJ81pMzOcc2izK1G8ea015kYely-jGJAeoxVBtwYgHPYX0RVhFzT25LHrx_s4htU
                                            • flag-gb
                                              GET
                                              https://ogs.google.com/widget/callout?prid=19016403&pgid=19010599&puid=1b10da64bfa91688&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=
                                              msedge.exe
                                              Remote address:
                                              216.58.201.110:443
                                              Request
                                              GET /widget/callout?prid=19016403&pgid=19010599&puid=1b10da64bfa91688&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm= HTTP/2.0
                                              host: ogs.google.com
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              sec-ch-ua-mobile: ?0
                                              upgrade-insecure-requests: 1
                                              dnt: 1
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                              sec-fetch-site: same-site
                                              sec-fetch-mode: navigate
                                              sec-fetch-dest: iframe
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              cookie: NID=518=MRag9bfxfgv-cdha8sNJ3Eh2Fzjg3xdhRvD1rar3HaGOB9I7bjoupITXNHBJyoT3gKSbjeYLO9IXCsIZzhILt8_c3jaMgMnFLSBfRqOvt8AZVtRlJ81pMzOcc2izK1G8ea015kYely-jGJAeoxVBtwYgHPYX0RVhFzT25LHrx_s4htU
                                            • flag-gb
                                              OPTIONS
                                              https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData
                                              msedge.exe
                                              Remote address:
                                              216.58.204.74:443
                                              Request
                                              OPTIONS /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
                                              host: ogads-pa.googleapis.com
                                              accept: */*
                                              access-control-request-method: POST
                                              access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                              origin: https://drive.google.com
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              sec-fetch-mode: cors
                                              sec-fetch-site: cross-site
                                              sec-fetch-dest: empty
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              play.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              play.google.com
                                              IN A
                                              Response
                                              play.google.com
                                              IN A
                                              172.217.16.238
                                            • flag-gb
                                              POST
                                              https://play.google.com/log?format=json&hasfast=true
                                              msedge.exe
                                              Remote address:
                                              172.217.16.238:443
                                              Request
                                              POST /log?format=json&hasfast=true HTTP/2.0
                                              host: play.google.com
                                              content-length: 3998
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              dnt: 1
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              content-type: text/plain;charset=UTF-8
                                              accept: */*
                                              origin: https://drive.google.com
                                              sec-fetch-site: same-site
                                              sec-fetch-mode: cors
                                              sec-fetch-dest: empty
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              cookie: NID=518=MRag9bfxfgv-cdha8sNJ3Eh2Fzjg3xdhRvD1rar3HaGOB9I7bjoupITXNHBJyoT3gKSbjeYLO9IXCsIZzhILt8_c3jaMgMnFLSBfRqOvt8AZVtRlJ81pMzOcc2izK1G8ea015kYely-jGJAeoxVBtwYgHPYX0RVhFzT25LHrx_s4htU
                                            • flag-us
                                              DNS
                                              youtube.googleapis.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              youtube.googleapis.com
                                              IN A
                                              Response
                                              youtube.googleapis.com
                                              IN A
                                              142.250.187.234
                                              youtube.googleapis.com
                                              IN A
                                              142.250.200.10
                                              youtube.googleapis.com
                                              IN A
                                              216.58.204.74
                                              youtube.googleapis.com
                                              IN A
                                              172.217.16.234
                                              youtube.googleapis.com
                                              IN A
                                              216.58.213.10
                                              youtube.googleapis.com
                                              IN A
                                              216.58.212.202
                                              youtube.googleapis.com
                                              IN A
                                              172.217.169.42
                                              youtube.googleapis.com
                                              IN A
                                              216.58.201.106
                                              youtube.googleapis.com
                                              IN A
                                              142.250.180.10
                                              youtube.googleapis.com
                                              IN A
                                              142.250.200.42
                                              youtube.googleapis.com
                                              IN A
                                              142.250.179.234
                                              youtube.googleapis.com
                                              IN A
                                              172.217.169.74
                                              youtube.googleapis.com
                                              IN A
                                              216.58.212.234
                                              youtube.googleapis.com
                                              IN A
                                              142.250.187.202
                                              youtube.googleapis.com
                                              IN A
                                              142.250.178.10
                                            • flag-us
                                              DNS
                                              ssl.gstatic.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              ssl.gstatic.com
                                              IN A
                                              Response
                                              ssl.gstatic.com
                                              IN A
                                              172.217.16.227
                                            • flag-gb
                                              GET
                                              https://ssl.gstatic.com/docs/common/cleardot.gif?zx=y64twrblr2fu
                                              msedge.exe
                                              Remote address:
                                              172.217.16.227:443
                                              Request
                                              GET /docs/common/cleardot.gif?zx=y64twrblr2fu HTTP/2.0
                                              host: ssl.gstatic.com
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              dnt: 1
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              www.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              www.google.com
                                              IN A
                                              Response
                                              www.google.com
                                              IN A
                                              142.250.180.4
                                            • flag-gb
                                              GET
                                              https://www.google.com/images/hpp/Chrome_Owned_96x96.png
                                              msedge.exe
                                              Remote address:
                                              142.250.180.4:443
                                              Request
                                              GET /images/hpp/Chrome_Owned_96x96.png HTTP/2.0
                                              host: www.google.com
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              dnt: 1
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              sec-fetch-site: same-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://ogs.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              cookie: NID=518=MRag9bfxfgv-cdha8sNJ3Eh2Fzjg3xdhRvD1rar3HaGOB9I7bjoupITXNHBJyoT3gKSbjeYLO9IXCsIZzhILt8_c3jaMgMnFLSBfRqOvt8AZVtRlJ81pMzOcc2izK1G8ea015kYely-jGJAeoxVBtwYgHPYX0RVhFzT25LHrx_s4htU
                                            • flag-us
                                              DNS
                                              accounts.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              accounts.google.com
                                              IN A
                                              Response
                                              accounts.google.com
                                              IN A
                                              173.194.69.84
                                            • flag-nl
                                              GET
                                              https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com
                                              msedge.exe
                                              Remote address:
                                              173.194.69.84:443
                                              Request
                                              GET /ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com HTTP/2.0
                                              host: accounts.google.com
                                              upgrade-insecure-requests: 1
                                              dnt: 1
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                              sec-fetch-site: same-site
                                              sec-fetch-mode: navigate
                                              sec-fetch-dest: iframe
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              sec-ch-ua-mobile: ?0
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              cookie: NID=518=DVYmEUQWLu1UVEvCozqVI_teU-rou73PWtXQUMSKOL9rhSBDIeZxN5rECywFfjD0TclFp_U5UoDcWMX6tppQopL1n-ohz29hfgKlY9xkJNv73-Op6NUJIEBB_Ozta8GTKCEzKIPUvxyRK8QiWV16VtQLxPPrzZY0oFgj9ToH8UsFQmzr-QUiqd8
                                            • flag-us
                                              DNS
                                              227.187.250.142.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              227.187.250.142.in-addr.arpa
                                              IN PTR
                                              Response
                                              227.187.250.142.in-addr.arpa
                                              IN PTR
                                              lhr25s34-in-f31e100net
                                            • flag-us
                                              DNS
                                              10.178.250.142.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              10.178.250.142.in-addr.arpa
                                              IN PTR
                                              Response
                                              10.178.250.142.in-addr.arpa
                                              IN PTR
                                              lhr48s27-in-f101e100net
                                            • flag-us
                                              DNS
                                              35.200.250.142.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              35.200.250.142.in-addr.arpa
                                              IN PTR
                                              Response
                                              35.200.250.142.in-addr.arpa
                                              IN PTR
                                              lhr48s30-in-f31e100net
                                            • flag-us
                                              DNS
                                              110.201.58.216.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              110.201.58.216.in-addr.arpa
                                              IN PTR
                                              Response
                                              110.201.58.216.in-addr.arpa
                                              IN PTR
                                              prg03s02-in-f1101e100net
                                              110.201.58.216.in-addr.arpa
                                              IN PTR
                                              prg03s02-in-f14�J
                                              110.201.58.216.in-addr.arpa
                                              IN PTR
                                              lhr48s48-in-f14�J
                                            • flag-us
                                              DNS
                                              74.204.58.216.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              74.204.58.216.in-addr.arpa
                                              IN PTR
                                              Response
                                              74.204.58.216.in-addr.arpa
                                              IN PTR
                                              lhr25s13-in-f101e100net
                                              74.204.58.216.in-addr.arpa
                                              IN PTR
                                              lhr25s13-in-f74�H
                                              74.204.58.216.in-addr.arpa
                                              IN PTR
                                              lhr48s49-in-f10�H
                                            • flag-us
                                              DNS
                                              227.16.217.172.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              227.16.217.172.in-addr.arpa
                                              IN PTR
                                              Response
                                              227.16.217.172.in-addr.arpa
                                              IN PTR
                                              mad08s04-in-f31e100net
                                              227.16.217.172.in-addr.arpa
                                              IN PTR
                                              lhr48s28-in-f3�H
                                            • flag-us
                                              DNS
                                              234.187.250.142.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              234.187.250.142.in-addr.arpa
                                              IN PTR
                                              Response
                                              234.187.250.142.in-addr.arpa
                                              IN PTR
                                              lhr25s34-in-f101e100net
                                            • flag-us
                                              DNS
                                              4.180.250.142.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              4.180.250.142.in-addr.arpa
                                              IN PTR
                                              Response
                                              4.180.250.142.in-addr.arpa
                                              IN PTR
                                              lhr25s32-in-f41e100net
                                            • flag-us
                                              DNS
                                              84.69.194.173.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              84.69.194.173.in-addr.arpa
                                              IN PTR
                                              Response
                                              84.69.194.173.in-addr.arpa
                                              IN PTR
                                              ef-in-f841e100net
                                            • flag-us
                                              DNS
                                              content.googleapis.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              content.googleapis.com
                                              IN A
                                              Response
                                              content.googleapis.com
                                              IN A
                                              216.58.204.74
                                              content.googleapis.com
                                              IN A
                                              142.250.180.10
                                              content.googleapis.com
                                              IN A
                                              142.250.200.42
                                              content.googleapis.com
                                              IN A
                                              172.217.169.42
                                              content.googleapis.com
                                              IN A
                                              216.58.201.106
                                              content.googleapis.com
                                              IN A
                                              216.58.213.10
                                              content.googleapis.com
                                              IN A
                                              216.58.212.202
                                              content.googleapis.com
                                              IN A
                                              142.250.187.234
                                              content.googleapis.com
                                              IN A
                                              172.217.169.74
                                              content.googleapis.com
                                              IN A
                                              142.250.179.234
                                              content.googleapis.com
                                              IN A
                                              172.217.16.234
                                              content.googleapis.com
                                              IN A
                                              142.250.200.10
                                              content.googleapis.com
                                              IN A
                                              142.250.178.10
                                              content.googleapis.com
                                              IN A
                                              142.250.187.202
                                              content.googleapis.com
                                              IN A
                                              172.217.169.10
                                            • flag-us
                                              DNS
                                              blobcomments-pa.clients6.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              blobcomments-pa.clients6.google.com
                                              IN A
                                              Response
                                              blobcomments-pa.clients6.google.com
                                              IN A
                                              142.250.200.10
                                            • flag-gb
                                              OPTIONS
                                              https://blobcomments-pa.clients6.google.com/v1/metadata?docId=14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ&revisionId=0B81XTW65YAjqMFM3TFNpWVR1eUM5NDBkL3U1c3BpcnRFbnBjPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
                                              msedge.exe
                                              Remote address:
                                              142.250.200.10:443
                                              Request
                                              OPTIONS /v1/metadata?docId=14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ&revisionId=0B81XTW65YAjqMFM3TFNpWVR1eUM5NDBkL3U1c3BpcnRFbnBjPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 HTTP/2.0
                                              host: blobcomments-pa.clients6.google.com
                                              accept: */*
                                              access-control-request-method: GET
                                              access-control-request-headers: x-clientdetails,x-goog-authuser,x-goog-encode-response-if-executable,x-javascript-user-agent,x-requested-with
                                              origin: https://drive.google.com
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              sec-fetch-mode: cors
                                              sec-fetch-site: same-site
                                              sec-fetch-dest: empty
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              drive-thirdparty.googleusercontent.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              drive-thirdparty.googleusercontent.com
                                              IN A
                                              Response
                                              drive-thirdparty.googleusercontent.com
                                              IN CNAME
                                              googlehosted.l.googleusercontent.com
                                              googlehosted.l.googleusercontent.com
                                              IN A
                                              216.58.213.1
                                            • flag-us
                                              DNS
                                              drive-thirdparty.googleusercontent.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              drive-thirdparty.googleusercontent.com
                                              IN A
                                            • flag-us
                                              DNS
                                              10.200.250.142.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              10.200.250.142.in-addr.arpa
                                              IN PTR
                                              Response
                                              10.200.250.142.in-addr.arpa
                                              IN PTR
                                              lhr48s29-in-f101e100net
                                            • flag-gb
                                              GET
                                              https://drive-thirdparty.googleusercontent.com/16/type/application/vnd.android.package-archive
                                              msedge.exe
                                              Remote address:
                                              216.58.213.1:443
                                              Request
                                              GET /16/type/application/vnd.android.package-archive HTTP/2.0
                                              host: drive-thirdparty.googleusercontent.com
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              dnt: 1
                                              sec-ch-ua-mobile: ?0
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                              sec-fetch-site: cross-site
                                              sec-fetch-mode: no-cors
                                              sec-fetch-dest: image
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                            • flag-us
                                              DNS
                                              1.213.58.216.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              1.213.58.216.in-addr.arpa
                                              IN PTR
                                              Response
                                              1.213.58.216.in-addr.arpa
                                              IN PTR
                                              lhr25s25-in-f11e100net
                                              1.213.58.216.in-addr.arpa
                                              IN PTR
                                              ber01s14-in-f1�F
                                            • flag-us
                                              DNS
                                              drive.usercontent.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              drive.usercontent.google.com
                                              IN A
                                              Response
                                              drive.usercontent.google.com
                                              IN A
                                              172.217.16.225
                                            • flag-gb
                                              GET
                                              https://drive.usercontent.google.com/uc?id=14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ&export=download
                                              msedge.exe
                                              Remote address:
                                              172.217.16.225:443
                                              Request
                                              GET /uc?id=14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ&export=download HTTP/2.0
                                              host: drive.usercontent.google.com
                                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                              sec-ch-ua-mobile: ?0
                                              upgrade-insecure-requests: 1
                                              dnt: 1
                                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                              sec-fetch-site: same-site
                                              sec-fetch-mode: navigate
                                              sec-fetch-user: ?1
                                              sec-fetch-dest: document
                                              referer: https://drive.google.com/
                                              accept-encoding: gzip, deflate, br
                                              accept-language: en-US,en;q=0.9
                                              cookie: NID=518=DVYmEUQWLu1UVEvCozqVI_teU-rou73PWtXQUMSKOL9rhSBDIeZxN5rECywFfjD0TclFp_U5UoDcWMX6tppQopL1n-ohz29hfgKlY9xkJNv73-Op6NUJIEBB_Ozta8GTKCEzKIPUvxyRK8QiWV16VtQLxPPrzZY0oFgj9ToH8UsFQmzr-QUiqd8
                                              cookie: OGPC=19010599-1:
                                              cookie: __Secure-ENID=23.SE=NN-5FMQnxlidPxPE9kc5t6YB_cLOfE9UHh299zP2MbZ-l4uUz0DCfi7MxwX4p193EB3yKQ1lSHGrrDwZQCh31vus5TZb6gepO-whGgkGqXPFcaDJnZOOW6kbvSPEOtAUeCUDWFGWBZAU7jsotCDJURiMek_ENe54xjOHg7emu0WMB-hjLVKya5xU_A
                                            • flag-us
                                              DNS
                                              225.16.217.172.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              225.16.217.172.in-addr.arpa
                                              IN PTR
                                              Response
                                              225.16.217.172.in-addr.arpa
                                              IN PTR
                                              lhr48s28-in-f11e100net
                                              225.16.217.172.in-addr.arpa
                                              IN PTR
                                              mad08s04-in-f1�H
                                            • flag-us
                                              DNS
                                              50.23.12.20.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              50.23.12.20.in-addr.arpa
                                              IN PTR
                                              Response
                                            • flag-us
                                              DNS
                                              18.31.95.13.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              18.31.95.13.in-addr.arpa
                                              IN PTR
                                              Response
                                            • flag-us
                                              DNS
                                              75.117.19.2.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              75.117.19.2.in-addr.arpa
                                              IN PTR
                                              Response
                                              75.117.19.2.in-addr.arpa
                                              IN PTR
                                              a2-19-117-75deploystaticakamaitechnologiescom
                                            • flag-us
                                              DNS
                                              www.adobe.com
                                              AcroRd32.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              www.adobe.com
                                              IN A
                                              Response
                                              www.adobe.com
                                              IN CNAME
                                              stls.adobe.com-cn.edgesuite.net
                                              stls.adobe.com-cn.edgesuite.net
                                              IN CNAME
                                              stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net
                                              stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net
                                              IN CNAME
                                              a1815.dscr.akamai.net
                                              a1815.dscr.akamai.net
                                              IN A
                                              2.19.117.34
                                              a1815.dscr.akamai.net
                                              IN A
                                              2.19.117.8
                                            • flag-us
                                              DNS
                                              www.adobe.com
                                              AcroRd32.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              www.adobe.com
                                              IN A
                                              Response
                                              www.adobe.com
                                              IN CNAME
                                              stls.adobe.com-cn.edgesuite.net
                                              stls.adobe.com-cn.edgesuite.net
                                              IN CNAME
                                              stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net
                                              stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net
                                              IN CNAME
                                              a1815.dscr.akamai.net
                                              a1815.dscr.akamai.net
                                              IN A
                                              2.19.117.34
                                              a1815.dscr.akamai.net
                                              IN A
                                              2.19.117.8
                                            • flag-gb
                                              PROPFIND
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              AcroRd32.exe
                                              Remote address:
                                              2.19.117.34:80
                                              Request
                                              PROPFIND /go/homeacrordrunified18_2018 HTTP/1.1
                                              Accept: */*
                                              Depth: 1
                                              User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 19.10.20064 )
                                              Host: www.adobe.com
                                              Content-Length: 0
                                              Connection: Keep-Alive
                                              Cache-Control: no-cache
                                              Response
                                              HTTP/1.1 501 Not Implemented
                                              Server: AkamaiGHost
                                              Mime-Version: 1.0
                                              Content-Type: text/html
                                              Content-Length: 383
                                              Expires: Sat, 09 Nov 2024 19:03:28 GMT
                                              Date: Sat, 09 Nov 2024 19:03:28 GMT
                                              Connection: close
                                              Server-Timing: sis; desc=0
                                              Akamai-Cache-Status: NotCacheable from child
                                              Akamai-GRN-www.adobe.com: 0.a24bdd58.1731179008.4c4a2924
                                              Server-Timing: ak_p; desc="1731179008715_1490897826_1279928612_10_7095_23_0_-";dur=1
                                            • flag-gb
                                              PROPFIND
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              AcroRd32.exe
                                              Remote address:
                                              2.19.117.34:80
                                              Request
                                              PROPFIND /go/homeacrordrunified18_2018 HTTP/1.1
                                              Accept: */*
                                              Depth: 1
                                              User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 19.10.20064 )
                                              Host: www.adobe.com
                                              Content-Length: 0
                                              Connection: Keep-Alive
                                              Cache-Control: no-cache
                                              Response
                                              HTTP/1.1 501 Not Implemented
                                              Server: AkamaiGHost
                                              Mime-Version: 1.0
                                              Content-Type: text/html
                                              Content-Length: 383
                                              Expires: Sat, 09 Nov 2024 19:03:28 GMT
                                              Date: Sat, 09 Nov 2024 19:03:28 GMT
                                              Connection: close
                                              Server-Timing: sis; desc=0
                                              Akamai-Cache-Status: NotCacheable from child
                                              Akamai-GRN-www.adobe.com: 0.a24bdd58.1731179008.4c4a29bd
                                              Server-Timing: ak_p; desc="1731179008801_1490897826_1279928765_10_7235_20_0_-";dur=1
                                            • flag-gb
                                              PROPFIND
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              AcroRd32.exe
                                              Remote address:
                                              2.19.117.34:80
                                              Request
                                              PROPFIND /go/homeacrordrunified18_2018 HTTP/1.1
                                              Accept: */*
                                              Depth: 1
                                              User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 19.10.20064 )
                                              Host: www.adobe.com
                                              Content-Length: 0
                                              Connection: Keep-Alive
                                              Cache-Control: no-cache
                                              Response
                                              HTTP/1.1 501 Not Implemented
                                              Server: AkamaiGHost
                                              Mime-Version: 1.0
                                              Content-Type: text/html
                                              Content-Length: 383
                                              Expires: Sat, 09 Nov 2024 19:03:29 GMT
                                              Date: Sat, 09 Nov 2024 19:03:29 GMT
                                              Connection: close
                                              Server-Timing: sis; desc=0
                                              Akamai-Cache-Status: NotCacheable from child
                                              Akamai-GRN-www.adobe.com: 0.a24bdd58.1731179009.4c4a2abd
                                              Server-Timing: ak_p; desc="1731179008936_1490897826_1279929021_12_7433_0_0_-";dur=1
                                            • flag-us
                                              DNS
                                              34.117.19.2.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              34.117.19.2.in-addr.arpa
                                              IN PTR
                                              Response
                                              34.117.19.2.in-addr.arpa
                                              IN PTR
                                              a2-19-117-34deploystaticakamaitechnologiescom
                                            • flag-gb
                                              GET
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              AcroRd32.exe
                                              Remote address:
                                              2.19.117.34:80
                                              Request
                                              GET /go/homeacrordrunified18_2018 HTTP/1.1
                                              Accept: */*
                                              User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 19.10.20064 )
                                              Host: www.adobe.com
                                              Connection: Keep-Alive
                                              Cache-Control: no-cache
                                              Response
                                              HTTP/1.1 301 Moved Permanently
                                              Server: AkamaiGHost
                                              Content-Length: 0
                                              Location: https://www.adobe.com/go/homeacrordrunified18_2018
                                              Date: Sat, 09 Nov 2024 19:03:29 GMT
                                              Connection: keep-alive
                                              Server-Timing: cdn-cache; desc=HIT
                                              Server-Timing: edge; dur=1
                                              Server-Timing: sis; desc=0
                                              Akamai-Cache-Status: NotCacheable from child
                                              Akamai-GRN-www.adobe.com: 0.a24bdd58.1731179009.4c4a2d14
                                              Server-Timing: ak_p; desc="1731179009238_1490897826_1279929620_11_7487_21_0_-";dur=1
                                            • flag-gb
                                              PROPFIND
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              AcroRd32.exe
                                              Remote address:
                                              2.19.117.34:80
                                              Request
                                              PROPFIND /go/homeacrordrunified18_2018 HTTP/1.1
                                              Accept: */*
                                              Depth: 1
                                              User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 19.10.20064 )
                                              Host: www.adobe.com
                                              Content-Length: 0
                                              Connection: Keep-Alive
                                              Cache-Control: no-cache
                                              Response
                                              HTTP/1.1 501 Not Implemented
                                              Server: AkamaiGHost
                                              Mime-Version: 1.0
                                              Content-Type: text/html
                                              Content-Length: 383
                                              Expires: Sat, 09 Nov 2024 19:03:31 GMT
                                              Date: Sat, 09 Nov 2024 19:03:31 GMT
                                              Connection: close
                                              Server-Timing: sis; desc=0
                                              Akamai-Cache-Status: NotCacheable from child
                                              Akamai-GRN-www.adobe.com: 0.a24bdd58.1731179011.4c4a2d27
                                              Server-Timing: ak_p; desc="1731179011411_1490897826_1279929639_8_7212_21_0_-";dur=1
                                            • flag-gb
                                              GET
                                              https://www.adobe.com/go/homeacrordrunified18_2018
                                              AcroRd32.exe
                                              Remote address:
                                              2.19.117.34:443
                                              Request
                                              GET /go/homeacrordrunified18_2018 HTTP/1.1
                                              Accept: */*
                                              User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 19.10.20064 )
                                              Connection: Keep-Alive
                                              Cache-Control: no-cache
                                              Host: www.adobe.com
                                              Response
                                              HTTP/1.1 301 Moved Permanently
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 0
                                              Server: Apache
                                              Location: https://www.adobe.com/content/dam/dx-dc/en/pdfs/Welcome.pdf
                                              X-Adobe-Cache: MISS
                                              Cache-Control: max-age=795
                                              Date: Sat, 09 Nov 2024 19:03:29 GMT
                                              Connection: keep-alive
                                              Server-Timing: cdn-cache; desc=HIT
                                              Server-Timing: edge; dur=18
                                              Server-Timing: origin; dur=0
                                              Server-Timing: sis; desc=0
                                              Akamai-Cache-Status: Miss from child, Redirect from parent
                                              Akamai-GRN-www.adobe.com: 0.a24bdd58.1731179009.4c4a3026
                                              Strict-Transport-Security: max-age=15768000
                                              Server-Timing: ak_p; desc="1731179009293_1490897826_1279930406_2030_5511_23_375_-";dur=1
                                            • flag-gb
                                              GET
                                              https://www.adobe.com/content/dam/dx-dc/en/pdfs/Welcome.pdf
                                              AcroRd32.exe
                                              Remote address:
                                              2.19.117.34:443
                                              Request
                                              GET /content/dam/dx-dc/en/pdfs/Welcome.pdf HTTP/1.1
                                              Accept: */*
                                              User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 19.10.20064 )
                                              Connection: Keep-Alive
                                              Cache-Control: no-cache
                                              Host: www.adobe.com
                                              Response
                                              HTTP/1.1 200 OK
                                              Last-Modified: Wed, 06 Nov 2024 07:16:27 GMT
                                              Content-Type: application/pdf
                                              Content-Length: 1734720
                                              Server: Apache
                                              X-Adobe-Content: AEM-www
                                              X-XSS-Protection: 1; mode=block
                                              X-Frame-Options: SAMEORIGIN
                                              X-Adobe-Loc: ew1
                                              X-Adobe-Source: 128.75
                                              X-Content-Type-Options: nosniff
                                              X-Adobe-Cache: MISS
                                              Accept-Ranges: bytes
                                              Cache-Control: max-age=21600
                                              Expires: Sun, 10 Nov 2024 01:03:29 GMT
                                              Date: Sat, 09 Nov 2024 19:03:29 GMT
                                              Connection: keep-alive
                                              Server-Timing: cdn-cache; desc=HIT
                                              Server-Timing: edge; dur=1
                                              Server-Timing: sis; desc=0
                                              Akamai-Cache-Status: Hit from child
                                              Akamai-GRN-www.adobe.com: 0.a24bdd58.1731179009.4c4a327b
                                              Strict-Transport-Security: max-age=15768000
                                              Server-Timing: ak_p; desc="1731179009981_1490897826_1279931003_50_7749_22_0_-";dur=1
                                            • flag-us
                                              DNS
                                              204.20.192.23.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              204.20.192.23.in-addr.arpa
                                              IN PTR
                                              Response
                                              204.20.192.23.in-addr.arpa
                                              IN PTR
                                              a23-192-20-204deploystaticakamaitechnologiescom
                                            • flag-us
                                              DNS
                                              204.20.192.23.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              204.20.192.23.in-addr.arpa
                                              IN PTR
                                              Response
                                              204.20.192.23.in-addr.arpa
                                              IN PTR
                                              a23-192-20-204deploystaticakamaitechnologiescom
                                            • flag-us
                                              DNS
                                              71.117.19.2.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              71.117.19.2.in-addr.arpa
                                              IN PTR
                                              Response
                                              71.117.19.2.in-addr.arpa
                                              IN PTR
                                              a2-19-117-71deploystaticakamaitechnologiescom
                                            • flag-us
                                              DNS
                                              71.117.19.2.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              71.117.19.2.in-addr.arpa
                                              IN PTR
                                              Response
                                              71.117.19.2.in-addr.arpa
                                              IN PTR
                                              a2-19-117-71deploystaticakamaitechnologiescom
                                            • flag-us
                                              DNS
                                              240.221.184.93.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              240.221.184.93.in-addr.arpa
                                              IN PTR
                                              Response
                                            • flag-us
                                              DNS
                                              www.google.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              www.google.com
                                              IN A
                                              Response
                                              www.google.com
                                              IN A
                                              142.250.179.228
                                            • flag-us
                                              DNS
                                              228.179.250.142.in-addr.arpa
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              228.179.250.142.in-addr.arpa
                                              IN PTR
                                              Response
                                              228.179.250.142.in-addr.arpa
                                              IN PTR
                                              lhr25s31-in-f41e100net
                                            • flag-us
                                              DNS
                                              ssl.gstatic.com
                                              msedge.exe
                                              Remote address:
                                              8.8.8.8:53
                                              Request
                                              ssl.gstatic.com
                                              IN A
                                              Response
                                              ssl.gstatic.com
                                              IN A
                                              142.250.200.35
                                            • 142.250.187.206:443
                                              https://drive.google.com/file/d/14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ/view?usp=sharing
                                              tls, http2
                                              msedge.exe
                                              2.5kB
                                              35.4kB
                                              27
                                              40

                                              HTTP Request

                                              GET https://drive.google.com/file/d/14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ/view?usp=sharing
                                            • 216.58.201.110:443
                                              https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_1
                                              tls, http2
                                              msedge.exe
                                              5.8kB
                                              122.9kB
                                              93
                                              96

                                              HTTP Request

                                              GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0

                                              HTTP Request

                                              GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_1
                                            • 216.58.201.110:443
                                              https://ogs.google.com/widget/callout?prid=19016403&pgid=19010599&puid=1b10da64bfa91688&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=
                                              tls, http2
                                              msedge.exe
                                              2.4kB
                                              23.0kB
                                              20
                                              26

                                              HTTP Request

                                              GET https://ogs.google.com/widget/callout?prid=19016403&pgid=19010599&puid=1b10da64bfa91688&cce=1&dc=1&origin=https%3A%2F%2Fdrive.google.com&cn=callout&pid=25&spid=25&hl=en-GB&dm=
                                            • 216.58.204.74:443
                                              https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData
                                              tls, http2
                                              msedge.exe
                                              1.8kB
                                              6.7kB
                                              14
                                              14

                                              HTTP Request

                                              OPTIONS https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData
                                            • 172.217.16.238:443
                                              https://play.google.com/log?format=json&hasfast=true
                                              tls, http2
                                              msedge.exe
                                              6.1kB
                                              8.8kB
                                              18
                                              17

                                              HTTP Request

                                              POST https://play.google.com/log?format=json&hasfast=true
                                            • 172.217.16.227:443
                                              https://ssl.gstatic.com/docs/common/cleardot.gif?zx=y64twrblr2fu
                                              tls, http2
                                              msedge.exe
                                              1.8kB
                                              6.6kB
                                              15
                                              15

                                              HTTP Request

                                              GET https://ssl.gstatic.com/docs/common/cleardot.gif?zx=y64twrblr2fu
                                            • 142.250.180.4:443
                                              https://www.google.com/images/hpp/Chrome_Owned_96x96.png
                                              tls, http2
                                              msedge.exe
                                              2.2kB
                                              12.9kB
                                              20
                                              21

                                              HTTP Request

                                              GET https://www.google.com/images/hpp/Chrome_Owned_96x96.png
                                            • 173.194.69.84:443
                                              https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com
                                              tls, http2
                                              msedge.exe
                                              2.4kB
                                              7.7kB
                                              16
                                              17

                                              HTTP Request

                                              GET https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com
                                            • 142.250.200.10:443
                                              https://blobcomments-pa.clients6.google.com/v1/metadata?docId=14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ&revisionId=0B81XTW65YAjqMFM3TFNpWVR1eUM5NDBkL3U1c3BpcnRFbnBjPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
                                              tls, http2
                                              msedge.exe
                                              2.1kB
                                              12.2kB
                                              17
                                              20

                                              HTTP Request

                                              OPTIONS https://blobcomments-pa.clients6.google.com/v1/metadata?docId=14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ&revisionId=0B81XTW65YAjqMFM3TFNpWVR1eUM5NDBkL3U1c3BpcnRFbnBjPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
                                            • 216.58.213.1:443
                                              https://drive-thirdparty.googleusercontent.com/16/type/application/vnd.android.package-archive
                                              tls, http2
                                              msedge.exe
                                              1.9kB
                                              12.2kB
                                              15
                                              17

                                              HTTP Request

                                              GET https://drive-thirdparty.googleusercontent.com/16/type/application/vnd.android.package-archive
                                            • 172.217.16.225:443
                                              https://drive.usercontent.google.com/uc?id=14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ&export=download
                                              tls, http2
                                              msedge.exe
                                              2.3kB
                                              7.5kB
                                              15
                                              16

                                              HTTP Request

                                              GET https://drive.usercontent.google.com/uc?id=14B4oJ9II5rDyYUSUa1-M1dZBuJsuRCcJ&export=download
                                            • 172.217.16.225:443
                                              drive.usercontent.google.com
                                              tls, http2
                                              msedge.exe
                                              999 B
                                              5.9kB
                                              9
                                              8
                                            • 2.19.117.34:80
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              http
                                              AcroRd32.exe
                                              506 B
                                              1.0kB
                                              6
                                              5

                                              HTTP Request

                                              PROPFIND http://www.adobe.com/go/homeacrordrunified18_2018

                                              HTTP Response

                                              501
                                            • 2.19.117.34:80
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              http
                                              AcroRd32.exe
                                              506 B
                                              1.0kB
                                              6
                                              5

                                              HTTP Request

                                              PROPFIND http://www.adobe.com/go/homeacrordrunified18_2018

                                              HTTP Response

                                              501
                                            • 2.19.117.34:80
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              http
                                              AcroRd32.exe
                                              828 B
                                              1.1kB
                                              8
                                              6

                                              HTTP Request

                                              PROPFIND http://www.adobe.com/go/homeacrordrunified18_2018

                                              HTTP Response

                                              501
                                            • 2.19.117.34:80
                                              http://www.adobe.com/go/homeacrordrunified18_2018
                                              http
                                              AcroRd32.exe
                                              788 B
                                              1.6kB
                                              8
                                              7

                                              HTTP Request

                                              GET http://www.adobe.com/go/homeacrordrunified18_2018

                                              HTTP Response

                                              301

                                              HTTP Request

                                              PROPFIND http://www.adobe.com/go/homeacrordrunified18_2018

                                              HTTP Response

                                              501
                                            • 2.19.117.34:443
                                              https://www.adobe.com/content/dam/dx-dc/en/pdfs/Welcome.pdf
                                              tls, http
                                              AcroRd32.exe
                                              66.1kB
                                              1.8MB
                                              1301
                                              1294

                                              HTTP Request

                                              GET https://www.adobe.com/go/homeacrordrunified18_2018

                                              HTTP Response

                                              301

                                              HTTP Request

                                              GET https://www.adobe.com/content/dam/dx-dc/en/pdfs/Welcome.pdf

                                              HTTP Response

                                              200
                                            • 8.8.8.8:53
                                              104.219.191.52.in-addr.arpa
                                              dns
                                              73 B
                                              147 B
                                              1
                                              1

                                              DNS Request

                                              104.219.191.52.in-addr.arpa

                                            • 8.8.8.8:53
                                              drive.google.com
                                              dns
                                              msedge.exe
                                              62 B
                                              78 B
                                              1
                                              1

                                              DNS Request

                                              drive.google.com

                                              DNS Response

                                              142.250.187.206

                                            • 8.8.8.8:53
                                              106.209.201.84.in-addr.arpa
                                              dns
                                              73 B
                                              133 B
                                              1
                                              1

                                              DNS Request

                                              106.209.201.84.in-addr.arpa

                                            • 8.8.8.8:53
                                              206.187.250.142.in-addr.arpa
                                              dns
                                              74 B
                                              113 B
                                              1
                                              1

                                              DNS Request

                                              206.187.250.142.in-addr.arpa

                                            • 8.8.8.8:53
                                              95.221.229.192.in-addr.arpa
                                              dns
                                              73 B
                                              144 B
                                              1
                                              1

                                              DNS Request

                                              95.221.229.192.in-addr.arpa

                                            • 8.8.8.8:53
                                              ogs.google.com
                                              dns
                                              msedge.exe
                                              60 B
                                              97 B
                                              1
                                              1

                                              DNS Request

                                              ogs.google.com

                                              DNS Response

                                              216.58.201.110

                                            • 8.8.8.8:53
                                              apis.google.com
                                              dns
                                              msedge.exe
                                              61 B
                                              98 B
                                              1
                                              1

                                              DNS Request

                                              apis.google.com

                                              DNS Response

                                              216.58.201.110

                                            • 8.8.8.8:53
                                              ogads-pa.googleapis.com
                                              dns
                                              msedge.exe
                                              69 B
                                              293 B
                                              1
                                              1

                                              DNS Request

                                              ogads-pa.googleapis.com

                                              DNS Response

                                              216.58.204.74
                                              142.250.178.10
                                              216.58.212.234
                                              142.250.200.42
                                              142.250.200.10
                                              142.250.179.234
                                              172.217.169.10
                                              142.250.180.10
                                              216.58.201.106
                                              142.250.187.202
                                              142.250.187.234
                                              216.58.212.202
                                              216.58.213.10
                                              172.217.16.234

                                            • 142.250.187.206:443
                                              drive.google.com
                                              https
                                              msedge.exe
                                              4.3kB
                                              10.7kB
                                              13
                                              17
                                            • 216.58.204.74:443
                                              ogads-pa.googleapis.com
                                              https
                                              msedge.exe
                                              3.8kB
                                              7.3kB
                                              8
                                              10
                                            • 8.8.8.8:53
                                              play.google.com
                                              dns
                                              msedge.exe
                                              61 B
                                              77 B
                                              1
                                              1

                                              DNS Request

                                              play.google.com

                                              DNS Response

                                              172.217.16.238

                                            • 8.8.8.8:53
                                              youtube.googleapis.com
                                              dns
                                              msedge.exe
                                              68 B
                                              308 B
                                              1
                                              1

                                              DNS Request

                                              youtube.googleapis.com

                                              DNS Response

                                              142.250.187.234
                                              142.250.200.10
                                              216.58.204.74
                                              172.217.16.234
                                              216.58.213.10
                                              216.58.212.202
                                              172.217.169.42
                                              216.58.201.106
                                              142.250.180.10
                                              142.250.200.42
                                              142.250.179.234
                                              172.217.169.74
                                              216.58.212.234
                                              142.250.187.202
                                              142.250.178.10

                                            • 8.8.8.8:53
                                              ssl.gstatic.com
                                              dns
                                              msedge.exe
                                              61 B
                                              77 B
                                              1
                                              1

                                              DNS Request

                                              ssl.gstatic.com

                                              DNS Response

                                              172.217.16.227

                                            • 8.8.8.8:53
                                              www.google.com
                                              dns
                                              msedge.exe
                                              60 B
                                              76 B
                                              1
                                              1

                                              DNS Request

                                              www.google.com

                                              DNS Response

                                              142.250.180.4

                                            • 142.250.187.234:443
                                              youtube.googleapis.com
                                              https
                                              msedge.exe
                                              5.6kB
                                              18.4kB
                                              19
                                              21
                                            • 172.217.16.227:443
                                              ssl.gstatic.com
                                              https
                                              msedge.exe
                                              6.1kB
                                              64.0kB
                                              41
                                              58
                                            • 8.8.8.8:53
                                              accounts.google.com
                                              dns
                                              msedge.exe
                                              65 B
                                              81 B
                                              1
                                              1

                                              DNS Request

                                              accounts.google.com

                                              DNS Response

                                              173.194.69.84

                                            • 172.217.16.238:443
                                              play.google.com
                                              https
                                              msedge.exe
                                              29.7kB
                                              10.4kB
                                              40
                                              35
                                            • 8.8.8.8:53
                                              227.187.250.142.in-addr.arpa
                                              dns
                                              74 B
                                              112 B
                                              1
                                              1

                                              DNS Request

                                              227.187.250.142.in-addr.arpa

                                            • 8.8.8.8:53
                                              10.178.250.142.in-addr.arpa
                                              dns
                                              73 B
                                              112 B
                                              1
                                              1

                                              DNS Request

                                              10.178.250.142.in-addr.arpa

                                            • 8.8.8.8:53
                                              35.200.250.142.in-addr.arpa
                                              dns
                                              73 B
                                              111 B
                                              1
                                              1

                                              DNS Request

                                              35.200.250.142.in-addr.arpa

                                            • 8.8.8.8:53
                                              110.201.58.216.in-addr.arpa
                                              dns
                                              73 B
                                              173 B
                                              1
                                              1

                                              DNS Request

                                              110.201.58.216.in-addr.arpa

                                            • 8.8.8.8:53
                                              74.204.58.216.in-addr.arpa
                                              dns
                                              72 B
                                              171 B
                                              1
                                              1

                                              DNS Request

                                              74.204.58.216.in-addr.arpa

                                            • 8.8.8.8:53
                                              227.16.217.172.in-addr.arpa
                                              dns
                                              73 B
                                              140 B
                                              1
                                              1

                                              DNS Request

                                              227.16.217.172.in-addr.arpa

                                            • 8.8.8.8:53
                                              234.187.250.142.in-addr.arpa
                                              dns
                                              74 B
                                              113 B
                                              1
                                              1

                                              DNS Request

                                              234.187.250.142.in-addr.arpa

                                            • 8.8.8.8:53
                                              4.180.250.142.in-addr.arpa
                                              dns
                                              72 B
                                              110 B
                                              1
                                              1

                                              DNS Request

                                              4.180.250.142.in-addr.arpa

                                            • 8.8.8.8:53
                                              84.69.194.173.in-addr.arpa
                                              dns
                                              72 B
                                              105 B
                                              1
                                              1

                                              DNS Request

                                              84.69.194.173.in-addr.arpa

                                            • 8.8.8.8:53
                                              content.googleapis.com
                                              dns
                                              msedge.exe
                                              68 B
                                              308 B
                                              1
                                              1

                                              DNS Request

                                              content.googleapis.com

                                              DNS Response

                                              216.58.204.74
                                              142.250.180.10
                                              142.250.200.42
                                              172.217.169.42
                                              216.58.201.106
                                              216.58.213.10
                                              216.58.212.202
                                              142.250.187.234
                                              172.217.169.74
                                              142.250.179.234
                                              172.217.16.234
                                              142.250.200.10
                                              142.250.178.10
                                              142.250.187.202
                                              172.217.169.10

                                            • 173.194.69.84:443
                                              accounts.google.com
                                              https
                                              msedge.exe
                                              3.8kB
                                              12.4kB
                                              15
                                              19
                                            • 8.8.8.8:53
                                              blobcomments-pa.clients6.google.com
                                              dns
                                              msedge.exe
                                              81 B
                                              97 B
                                              1
                                              1

                                              DNS Request

                                              blobcomments-pa.clients6.google.com

                                              DNS Response

                                              142.250.200.10

                                            • 142.250.200.10:443
                                              blobcomments-pa.clients6.google.com
                                              https
                                              msedge.exe
                                              7.0kB
                                              10.5kB
                                              15
                                              14
                                            • 216.58.201.110:443
                                              apis.google.com
                                              https
                                              msedge.exe
                                              5.5kB
                                              41.4kB
                                              26
                                              37
                                            • 8.8.8.8:53
                                              drive-thirdparty.googleusercontent.com
                                              dns
                                              msedge.exe
                                              168 B
                                              129 B
                                              2
                                              1

                                              DNS Request

                                              drive-thirdparty.googleusercontent.com

                                              DNS Request

                                              drive-thirdparty.googleusercontent.com

                                              DNS Response

                                              216.58.213.1

                                            • 142.250.180.4:443
                                              www.google.com
                                              https
                                              msedge.exe
                                              4.1kB
                                              11.0kB
                                              12
                                              13
                                            • 8.8.8.8:53
                                              10.200.250.142.in-addr.arpa
                                              dns
                                              73 B
                                              112 B
                                              1
                                              1

                                              DNS Request

                                              10.200.250.142.in-addr.arpa

                                            • 8.8.8.8:53
                                              1.213.58.216.in-addr.arpa
                                              dns
                                              71 B
                                              138 B
                                              1
                                              1

                                              DNS Request

                                              1.213.58.216.in-addr.arpa

                                            • 8.8.8.8:53
                                              drive.usercontent.google.com
                                              dns
                                              msedge.exe
                                              74 B
                                              90 B
                                              1
                                              1

                                              DNS Request

                                              drive.usercontent.google.com

                                              DNS Response

                                              172.217.16.225

                                            • 172.217.16.225:443
                                              drive.usercontent.google.com
                                              https
                                              msedge.exe
                                              426.2kB
                                              84.7MB
                                              6182
                                              62021
                                            • 8.8.8.8:53
                                              225.16.217.172.in-addr.arpa
                                              dns
                                              73 B
                                              140 B
                                              1
                                              1

                                              DNS Request

                                              225.16.217.172.in-addr.arpa

                                            • 224.0.0.251:5353
                                              462 B
                                              7
                                            • 8.8.8.8:53
                                              50.23.12.20.in-addr.arpa
                                              dns
                                              70 B
                                              156 B
                                              1
                                              1

                                              DNS Request

                                              50.23.12.20.in-addr.arpa

                                            • 8.8.8.8:53
                                              18.31.95.13.in-addr.arpa
                                              dns
                                              70 B
                                              144 B
                                              1
                                              1

                                              DNS Request

                                              18.31.95.13.in-addr.arpa

                                            • 172.217.16.238:443
                                              play.google.com
                                              https
                                              msedge.exe
                                              3.7kB
                                              7.2kB
                                              8
                                              11
                                            • 8.8.8.8:53
                                              75.117.19.2.in-addr.arpa
                                              dns
                                              70 B
                                              133 B
                                              1
                                              1

                                              DNS Request

                                              75.117.19.2.in-addr.arpa

                                            • 8.8.8.8:53
                                              www.adobe.com
                                              dns
                                              AcroRd32.exe
                                              118 B
                                              466 B
                                              2
                                              2

                                              DNS Request

                                              www.adobe.com

                                              DNS Request

                                              www.adobe.com

                                              DNS Response

                                              2.19.117.34
                                              2.19.117.8

                                              DNS Response

                                              2.19.117.34
                                              2.19.117.8

                                            • 8.8.8.8:53
                                              34.117.19.2.in-addr.arpa
                                              dns
                                              70 B
                                              133 B
                                              1
                                              1

                                              DNS Request

                                              34.117.19.2.in-addr.arpa

                                            • 8.8.8.8:53
                                              204.20.192.23.in-addr.arpa
                                              dns
                                              144 B
                                              274 B
                                              2
                                              2

                                              DNS Request

                                              204.20.192.23.in-addr.arpa

                                              DNS Request

                                              204.20.192.23.in-addr.arpa

                                            • 8.8.8.8:53
                                              71.117.19.2.in-addr.arpa
                                              dns
                                              140 B
                                              266 B
                                              2
                                              2

                                              DNS Request

                                              71.117.19.2.in-addr.arpa

                                              DNS Request

                                              71.117.19.2.in-addr.arpa

                                            • 172.217.16.227:443
                                              ssl.gstatic.com
                                              https
                                              msedge.exe
                                              3.7kB
                                              3.3kB
                                              9
                                              10
                                            • 8.8.8.8:53
                                              240.221.184.93.in-addr.arpa
                                              dns
                                              73 B
                                              144 B
                                              1
                                              1

                                              DNS Request

                                              240.221.184.93.in-addr.arpa

                                            • 172.217.16.225:443
                                              drive.usercontent.google.com
                                              https
                                              msedge.exe
                                              3.6kB
                                              6.3kB
                                              18
                                              17
                                            • 8.8.8.8:53
                                              www.google.com
                                              dns
                                              msedge.exe
                                              60 B
                                              76 B
                                              1
                                              1

                                              DNS Request

                                              www.google.com

                                              DNS Response

                                              142.250.179.228

                                            • 142.250.179.228:443
                                              www.google.com
                                              https
                                              msedge.exe
                                              2.9kB
                                              13.2kB
                                              12
                                              17
                                            • 8.8.8.8:53
                                              228.179.250.142.in-addr.arpa
                                              dns
                                              74 B
                                              112 B
                                              1
                                              1

                                              DNS Request

                                              228.179.250.142.in-addr.arpa

                                            • 8.8.8.8:53
                                              ssl.gstatic.com
                                              dns
                                              msedge.exe
                                              61 B
                                              77 B
                                              1
                                              1

                                              DNS Request

                                              ssl.gstatic.com

                                              DNS Response

                                              142.250.200.35

                                            MITRE ATT&CK Enterprise v15

                                            Replay Monitor

                                            Loading Replay Monitor...

                                            Downloads

                                            • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                              Filesize

                                              36KB

                                              MD5

                                              b30d3becc8731792523d599d949e63f5

                                              SHA1

                                              19350257e42d7aee17fb3bf139a9d3adb330fad4

                                              SHA256

                                              b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

                                              SHA512

                                              523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

                                            • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                              Filesize

                                              56KB

                                              MD5

                                              752a1f26b18748311b691c7d8fc20633

                                              SHA1

                                              c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

                                              SHA256

                                              111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

                                              SHA512

                                              a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

                                            • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                              Filesize

                                              64KB

                                              MD5

                                              f0b2775d33a3f60cd153d5d88bffff89

                                              SHA1

                                              581b3068d2e2f07470a9afe7b7cd9e8438ec5114

                                              SHA256

                                              ca8506cdff979fc815f50515f0c6b3f8797fecb81ae8cff8a6d4f07c160061f4

                                              SHA512

                                              a98c467155e55cf76231764780d150feacb91e9680bc26f02f0b6c3625713afab733a133654df54fe1a7f04ad0d15d574fc16bd91682199fbd6fb2eb68d1919d

                                            • C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                                              Filesize

                                              12KB

                                              MD5

                                              a15625dad7f02a05670c17b4556cc0c4

                                              SHA1

                                              a64dc303ff268decb610b784f9b0cbe8180dfa35

                                              SHA256

                                              3d94c354215069fbfa417408be706441899e25d8eacf72cbad9846f752d979cd

                                              SHA512

                                              250928e8b694dfccf17d3902fdd569542eec605c085faea9f8dc7c6f5d54118e40bd4395b872985e4ed3770feecb186fcf2ae1e0c0be93d99577a2e806316a19

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                              Filesize

                                              152B

                                              MD5

                                              85ba073d7015b6ce7da19235a275f6da

                                              SHA1

                                              a23c8c2125e45a0788bac14423ae1f3eab92cf00

                                              SHA256

                                              5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617

                                              SHA512

                                              eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                              Filesize

                                              152B

                                              MD5

                                              7de1bbdc1f9cf1a58ae1de4951ce8cb9

                                              SHA1

                                              010da169e15457c25bd80ef02d76a940c1210301

                                              SHA256

                                              6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e

                                              SHA512

                                              e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                              Filesize

                                              456B

                                              MD5

                                              819a01937b73fdf9995b96a3a2d301ae

                                              SHA1

                                              365fc8d5da5ea0a8fb86aed191595d96f811c0a8

                                              SHA256

                                              d95644e9a8e2ded778be2fa859ac5d314b2aee8d1e5f1f4d944133cd240c155c

                                              SHA512

                                              f9320cad9161c845feb3531de9cfd699499333b1ca62cc7dd17912258a108d91c9904a89d30775c7fbcff568f61f529ee78949a28e2225d7e0c97dd3f3ebb7d0

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                              Filesize

                                              3KB

                                              MD5

                                              e9a24d771fef4a73d3275f087e050185

                                              SHA1

                                              040707f72ae4d03efcb20e120924a916a38d4c2a

                                              SHA256

                                              a5f02fe8eac805a878a63b33dc793fb17f8c197c445de875bc20a927c0a461c2

                                              SHA512

                                              fd8daca95c4279dcf0306a1df20302ded2211ec14a12846531ea3dd95e793b3593eabb98ddf813bad9052503119eca05e740a7b52d91d1972542c13cfcd289df

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                              Filesize

                                              3KB

                                              MD5

                                              3972e9989b8784015f0c2941362f9a1e

                                              SHA1

                                              520d46ef2b0fe41db0b467251f9dee9143da4779

                                              SHA256

                                              d3dba48abcf324ba4ddb80c5315bd01f5d25388c7714647c45ae98bb539066fc

                                              SHA512

                                              11651553ec00c49e6c7097805273875a3dcf53d852b147cee8d689904cd79f7ed319f220399957abb870589a3b63a4a9aa53555501c1f28312063855f9d59c55

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                              Filesize

                                              6KB

                                              MD5

                                              f17cb228511b788d81d97a0bfcda4d84

                                              SHA1

                                              b18b5d52dbac5ab1e11a330305cc90be878ed42c

                                              SHA256

                                              06847cfb6da2001d89a83c3bd96cada03de27dccadc4c7bb4a8fc8fb4ebe3087

                                              SHA512

                                              2afec2648fcc42482fbed9196c33daf309fb047cbbf06c710e00a096ac3e91794edf2e4f95a46e3353b637502d73fe2dfad2331bb82abd6571c9a1aa1a8a0772

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                              Filesize

                                              7KB

                                              MD5

                                              08965445eee9450d2ab865a35e37b6ac

                                              SHA1

                                              1662f46c0ef2279f3166dba16877a52e365b6446

                                              SHA256

                                              bdb0b478884be0ad53df1e90f7ebdae7bef1ec1de11ba3a71188c6db9db206f9

                                              SHA512

                                              bde30ab94f3c79553f84bee764b44a9d7bd82cccc39c075e3b19627c38caeff0f675a75cc2ba2ba45558cb0f0c91b405dcbd82336be6dd6d8f982a1ac0bfca30

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                              Filesize

                                              5KB

                                              MD5

                                              d3a5af7d58de459faa6d7f564452817d

                                              SHA1

                                              50fce6da5d178fdbc3b105510a47bd088c9f2e1e

                                              SHA256

                                              4efeff8ceaaf526ea292b8fea1e4a8c1600e8389880635d42766badb8cd35411

                                              SHA512

                                              4338f2dc4a505f7ed509a87d54d376b1ee96a7d119f6b1fe3efe67699a5d268f142e367c7b520e1b2bc9ce4696104cbf08ac57c391640e7b942d546d55cbe679

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                              Filesize

                                              6KB

                                              MD5

                                              e3e4966469c248a05ad64dc880ca69a7

                                              SHA1

                                              4a849804b67093cfeb8af92ee9371d2f98f5bc23

                                              SHA256

                                              b748c9427f45f0dc6ddc4f69b4deaac317ae9f1340d47f044dfe915d8c9030c7

                                              SHA512

                                              83d58f316312b498ea406f0d8c350b773c3deaeec56dd12f32be363f11337dd3d4cc91c20fe8a80dd4ac8901dd247fb6a565b682ab22caba8133dc15b36775e1

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                              Filesize

                                              16B

                                              MD5

                                              6752a1d65b201c13b62ea44016eb221f

                                              SHA1

                                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                              SHA256

                                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                              SHA512

                                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                              Filesize

                                              11KB

                                              MD5

                                              bf29878098633f11f0297d1d05a48a04

                                              SHA1

                                              1910ccef5c255145c70273a8a2755a487b1b3549

                                              SHA256

                                              52ba228921ad9b23366520e4ca46ed3831919e16fbe52ae8953e1ef1b8fd3284

                                              SHA512

                                              2fe0aa6f58e66d7874fa2275ff858a5a0d4d96fb12113231c5a4ae17e43f6f57cb8689cc15868b12cfd8a37102695ed15d1cf8aea164f5bac2943fd6edbaa3f5

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                              Filesize

                                              10KB

                                              MD5

                                              332b2cd29c6b649df400b67d5af5079e

                                              SHA1

                                              f942907dfeb3521644479a8f91f8b650bab7a599

                                              SHA256

                                              63ced2a13fa9e7ff84aa23ee464131cba6ac17cdc0aec4114b7bc2ac7d3cf1e6

                                              SHA512

                                              41bd1e15ebd2201ec7afd7bb3ffa9abddaac3e4d5dcf50aedd7ce48b49b2703977a210268fc28957aa6a009dc5b66bb276e4bde1c9a67b09f5b590acf9a57778

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                              Filesize

                                              10KB

                                              MD5

                                              53bdeb86262f67fab9ff8a8616a95663

                                              SHA1

                                              9c7763084f3e2df252910ec84004a75dd7f34dd4

                                              SHA256

                                              7550f75ec3f3545e0cc35e38e6e9e75344cb9c12ff4a1638b3e11f70a8be1a92

                                              SHA512

                                              d25f351f7c39d4b013a69d3ef2093428141f1246b8ab433ff358085fbd76018e90b11d61512ca64e3cc1430b05a6e6a31eab9e6268e36423e82ea096f9be8693

                                            • C:\Users\Admin\Downloads\TeddyLauncherV2\AndroidManifest.xml

                                              Filesize

                                              4KB

                                              MD5

                                              54fa4cec4be04f311d0b637b688b64ca

                                              SHA1

                                              4292dbdba244d6a54a4243be908d4ed5e30c4860

                                              SHA256

                                              61e283840f6c0bef4f0899081c843339cb8ca72ffb0f41805d100d3516e526de

                                              SHA512

                                              6bd075b87380c13493859f8de48187c605f8f4ea0a9a1d1f00793208d39fc826bf3b6fd7966d047542e838b5abf0110b43f030ab3a0df26c0550611bbef94e2f

                                            • C:\Users\Admin\Downloads\TeddyLauncherV2\META-INF\androidx.documentfile_documentfile.version

                                              Filesize

                                              6B

                                              MD5

                                              c9e47dbb0e1927076ed7b2e1ec157be7

                                              SHA1

                                              c538b66c7110ca3a028ccfe422d0f1fa200a9935

                                              SHA256

                                              59854984853104df5c353e2f681a15fc7924742f9a2e468c29af248dce45ce03

                                              SHA512

                                              c6e5081ce77f5971474ff994acc1b8887818f3007a4e3db32c91640203906f0bd2df3012441c9e1b6c1ae4e54dfea465ec23034092779cf6852aece45bf1df21

                                            • C:\Users\Admin\Downloads\TeddyLauncherV2\META-INF\androidx.emoji2_emoji2.version

                                              Filesize

                                              6B

                                              MD5

                                              4049400e232490d58f1e26d9ab973a03

                                              SHA1

                                              cf744bd007850b04601dc865815ec0f5e60c6970

                                              SHA256

                                              1e5b51cde515396a9fa762909cf8ca6584ccc564b325d2eebeea76175fe95c4d

                                              SHA512

                                              8da6b544889de1985ee82a224a8a8a40dcc4a2eea849ae98a9806655a88ffd5a9931d910cc0b0463742dafb10554c3e312565f0a4829fa6fb723033e227309aa

                                            • C:\Users\Admin\Downloads\TeddyLauncherV2\META-INF\androidx.lifecycle_lifecycle-viewmodel-savedstate.version

                                              Filesize

                                              6B

                                              MD5

                                              90d03bebeb88f1b007f47b68aaeb9893

                                              SHA1

                                              9a1a4bc4ca9e44b3ccf4c764cb670aae41b078a0

                                              SHA256

                                              99600f6a7bfe6c33ebd1a2518f44a861a67afc40c25da42bc622595716529584

                                              SHA512

                                              f2dd4209f2ff2a09aaa63267411caaaf0434ba9e1df833add86dbb4b1c96397670e3173b22ecf087bf9fe8236a703e8fb080e14c12fed081c3710b57993b0925

                                            • C:\Users\Admin\Downloads\TeddyLauncherV2\META-INF\androidx.recyclerview_recyclerview.version

                                              Filesize

                                              6B

                                              MD5

                                              30a04cf33ee91a3ecf4b75c71268f316

                                              SHA1

                                              05e17b646a817240c206186f94f8f4c70974d5dc

                                              SHA256

                                              1575e1af4a95f12f70b4ee6a6adce8160953d93ea17dc2611b90883ccc3ad3b8

                                              SHA512

                                              45068042776137c07c26a0a005777fed7966ee689c1eef6a4bf3500857aadcb026eca047e6c0665482273dead269de7c810ccbf5753aa71703ae79272f278c51

                                            • C:\Users\Admin\Downloads\TeddyLauncherV2\META-INF\androidx.versionedparcelable_versionedparcelable.version

                                              Filesize

                                              6B

                                              MD5

                                              375e8a39ec9331ddd89c8acbeb620028

                                              SHA1

                                              3b1c4a149729cc044e1a39df31b3628cdbf5f895

                                              SHA256

                                              cc52f678848b814373757b460383bf61960e4943c203735adde0a350b3e50989

                                              SHA512

                                              32bac321e3df5237d7e66c72179befdc5ce68ca80eaa2766705c31d84d20e0409df49a39a521c2bd7e6783513395834c1a75240f97f2405a5fd914e1e15864dc

                                            • C:\Users\Admin\Downloads\TeddyLauncherV2\META-INF\com.google.android.material_material.version

                                              Filesize

                                              6B

                                              MD5

                                              fad559d22a5329a1ac596bbef9e2c9e2

                                              SHA1

                                              7223cdd0ba007d056ed9cf20936fee53968ab70a

                                              SHA256

                                              6430a242e9486093ef6f71d9086d48f61ba102f0d2fb0f5b95334c6007a46db3

                                              SHA512

                                              64676d311742a12b58ced632491ed358ddd6dbe6cb4f9109e571c04d3c056a7c162fe726394181e3b44c74e502d096b1798b7e4db542e84a57ee7215487ac0c3

                                            • C:\Users\Admin\Downloads\TeddyLauncherV2\res\aW.xml

                                              Filesize

                                              124B

                                              MD5

                                              8b40c428b5b0d9ad329f439e73363216

                                              SHA1

                                              d84478ee99eba9d8c5af5a09189a7de687be8b72

                                              SHA256

                                              9b0ac791a3fa953e28b526e020fd2e629b40812ee1bc4693ff5fdfef15044202

                                              SHA512

                                              f13ff9cd26405117470729075a37f8db56eb287e906f6710d80a36cc0c798e6e2904c0eb8745169a2b1cfcea3bee4b55be3c85748fb96e8bf7000d9bcf4a31be

                                            • memory/2212-1604-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            • memory/2212-1606-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            • memory/2212-1605-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            • memory/2212-1607-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            • memory/2212-1608-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            • memory/2212-1611-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            • memory/2212-1613-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            • memory/2212-1612-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            • memory/2212-1610-0x00007FF7C53F0000-0x00007FF7C5400000-memory.dmp

                                              Filesize

                                              64KB

                                            We care about your privacy.

                                            This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.