Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://shfkldjslf-dsfndsfnl.azurewebsites.net/

Overview

General Information

Sample URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/
Analysis ID:1428453
Infos:

Detection

TechSupportScam
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected TechSupportScam
Detected clear text password fields (password is not hidden)
HTML body contains low number of good links
HTML title does not match URL

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3488 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3584 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 --field-trial-handle=2360,i,8067986526861408440,12216698964054931657,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6596 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://shfkldjslf-dsfndsfnl.azurewebsites.net/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_64JoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.1.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
      0.3.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
        0.0.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
          0.2.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security

            Sigma Signatures

            No Sigma rule has matched

            Snort Signatures

            No Snort rule has matched

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus / Scanner detection for submitted sample
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/SlashNext: detection malicious, Label: Scareware type: Phishing & Social Engineering

            Phishing

            barindex
            Yara detected TechSupportScam
            Source: Yara matchFile source: 0.1.pages.csv, type: HTML
            Source: Yara matchFile source: 0.3.pages.csv, type: HTML
            Source: Yara matchFile source: 0.0.pages.csv, type: HTML
            Source: Yara matchFile source: 0.2.pages.csv, type: HTML
            Source: Yara matchFile source: dropped/chromecache_64, type: DROPPED
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: <input type="text"... for password input
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: Number of links: 0
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: Title: Security center does not match URL
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: No <meta name="author".. found
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: No <meta name="author".. found
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: No <meta name="author".. found
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: No <meta name="author".. found
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: No <meta name="copyright".. found
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: No <meta name="copyright".. found
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: No <meta name="copyright".. found
            Source: https://shfkldjslf-dsfndsfnl.azurewebsites.net/HTTP Parser: No <meta name="copyright".. found
            Source: unknownHTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.4:49767 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.4:49776 version: TLS 1.2
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
            Source: unknownTCP traffic detected without corresponding DNS query: 104.46.162.224
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownTCP traffic detected without corresponding DNS query: 23.220.189.216
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
            Source: unknownDNS traffic detected: queries for: shfkldjslf-dsfndsfnl.azurewebsites.net
            Source: chromecache_63.2.drString found in binary or memory: http://fontawesome.io
            Source: chromecache_63.2.drString found in binary or memory: http://fontawesome.io/license
            Source: chromecache_91.2.drString found in binary or memory: https://ezgif.com/optimize
            Source: chromecache_86.2.dr, chromecache_75.2.drString found in binary or memory: https://getbootstrap.com/)
            Source: chromecache_86.2.dr, chromecache_75.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
            Source: chromecache_86.2.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
            Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
            Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
            Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
            Source: unknownHTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.4:49767 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 23.220.189.216:443 -> 192.168.2.4:49776 version: TLS 1.2

            Spam, unwanted Advertisements and Ransom Demands

            barindex
            Yara detected TechSupportScam
            Source: Yara matchFile source: 0.1.pages.csv, type: HTML
            Source: Yara matchFile source: 0.3.pages.csv, type: HTML
            Source: Yara matchFile source: 0.0.pages.csv, type: HTML
            Source: Yara matchFile source: 0.2.pages.csv, type: HTML
            Source: Yara matchFile source: dropped/chromecache_64, type: DROPPED
            Source: classification engineClassification label: mal56.phis.win@16/60@6/3
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 --field-trial-handle=2360,i,8067986526861408440,12216698964054931657,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://shfkldjslf-dsfndsfnl.azurewebsites.net/"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 --field-trial-handle=2360,i,8067986526861408440,12216698964054931657,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: Window RecorderWindow detected: More than 3 window changes detected

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
            Process Injection            		1
            Process Injection            		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
            Non-Application Layer Protocol            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
            Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
            Ingress Tool Transfer            		Traffic DuplicationData Destruction

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            https://shfkldjslf-dsfndsfnl.azurewebsites.net/100%SlashNextScareware type: Phishing & Social Engineering

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            No Antivirus matches

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            www.google.com
            		172.253.124.103
            		truefalse
              		high
              fp2e7a.wpc.phicdn.net
              		192.229.211.108
              		truefalse
                		unknown
                shfkldjslf-dsfndsfnl.azurewebsites.net
                		unknown
                		unknownfalse
                  		unknown

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  https://shfkldjslf-dsfndsfnl.azurewebsites.net/true
                    		unknown

                    URLs from Memory and Binaries

                    NameSourceMaliciousAntivirus DetectionReputation
                    http://fontawesome.iochromecache_63.2.drfalse
                      		high
                      https://github.com/twbs/bootstrap/graphs/contributors)chromecache_86.2.drfalse
                        		high
                        https://getbootstrap.com/)chromecache_86.2.dr, chromecache_75.2.drfalse
                          		high
                          https://github.com/twbs/bootstrap/blob/main/LICENSE)chromecache_86.2.dr, chromecache_75.2.drfalse
                            		high
                            https://ezgif.com/optimizechromecache_91.2.drfalse
                              		high
                              http://fontawesome.io/licensechromecache_63.2.drfalse
                                		high

                                World Map of Contacted IPs

                                • No. of IPs < 25%
                                • 25% < No. of IPs < 50%
                                • 50% < No. of IPs < 75%
                                • 75% < No. of IPs

                                Public IPs

                                IPDomainCountryFlagASNASN NameMalicious
                                239.255.255.250
                                		unknownReserved
                                		unknownunknownfalse
                                172.253.124.103
                                		www.google.comUnited States
                                		15169GOOGLEUSfalse

                                Private

                                IP
                                192.168.2.4

                                General Information

                                Joe Sandbox version:40.0.0 Tourmaline
                                Analysis ID:1428453
                                Start date and time:2024-04-19 00:16:35 +02:00
                                Joe Sandbox product:CloudBasic
                                Overall analysis duration:0h 3m 32s
                                Hypervisor based Inspection enabled:false
                                Report type:full
                                Cookbook file name:browseurl.jbs
                                Sample URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/
                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                Number of analysed new started processes analysed:8
                                Number of new started drivers analysed:0
                                Number of existing processes analysed:0
                                Number of existing drivers analysed:0
                                Number of injected processes analysed:0
                                Technologies:
                                • HCA enabled
                                • EGA enabled
                                • AMSI enabled
                                Analysis Mode:default
                                Analysis stop reason:Timeout
                                Detection:MAL
                                Classification:mal56.phis.win@16/60@6/3
                                EGA Information:Failed
                                HCA Information:
                                • Successful, ratio: 100%
                                • Number of executed functions: 0
                                • Number of non-executed functions: 0

                                Warnings

                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                • Excluded IPs from analysis (whitelisted): 74.125.138.138, 74.125.138.139, 74.125.138.102, 74.125.138.101, 74.125.138.113, 74.125.138.100, 64.233.177.84, 74.125.136.94, 34.104.35.123, 20.119.16.44, 64.233.177.95, 172.253.124.95, 74.125.138.95, 142.250.9.95, 172.217.215.95, 108.177.122.95, 64.233.185.95, 64.233.176.95, 142.250.105.95, 142.251.15.95, 173.194.219.95, 74.125.136.95, 20.114.59.183, 72.21.81.240, 192.229.211.108, 52.165.164.15, 13.85.23.206, 64.233.185.94
                                • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, waws-prod-blu-493-8104.eastus.cloudapp.azure.com, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
                                • Not all processes where analyzed, report is missing behavior information
                                • Report size getting too big, too many NtSetInformationFile calls found.
                                • VT rate limit hit for: https://shfkldjslf-dsfndsfnl.azurewebsites.net/

                                Simulations

                                Behavior and APIs

                                No simulations

                                Joe Sandbox View / Context

                                IPs

                                No context

                                Domains

                                No context

                                ASNs

                                No context

                                JA3 Fingerprints

                                No context

                                Dropped Files

                                No context

                                Created / dropped Files

                                Chrome Cache Entry: 61

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 1060 x 900, 8-bit/color RGBA, non-interlaced
                                Category:dropped
                                Size (bytes):82975
                                Entropy (8bit):7.926144470679955
                                Encrypted:false
                                SSDEEP:1536:XTnSoUmpbFWDxrDuW7rHUiEa8D26u6NiWIxu12ri/:LrUWWJiW7rnEJD2cIYSi/
                                MD5:4B59EDF47CD6BE2AB34FFCCB7B1B6FA2
                                SHA1:7C9AEE51611747206B5019C431DEF5E7AD65E32C
                                SHA-256:83A132D9141372A3C75799BD6194A5752B3DB074EF77A9E9A3249FF9FBC38D23
                                SHA-512:A455D49822641B303354DA971FFF1E90C54A890031D40BDD9020574AE2FD9947C9F0BD37EBFF473CC84C15C683A49152C63BF16C3DFA89ABBC4AAEF1F258FF91
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR...$.........y-.i....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

                                Chrome Cache Entry: 62

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text
                                Category:downloaded
                                Size (bytes):15721
                                Entropy (8bit):5.2487516887162595
                                Encrypted:false
                                SSDEEP:192:wjAEPAxRxdQTjuC1ux7bd+wjZNKZxY4dp1j84T8xtNdMqg7ciBZAzaUksv2xFxTK:uwgozGFYtgr7Atk/zrl+R7sxtQcIzYe
                                MD5:EA2537F1B482FF7BCCB647532F8C908E
                                SHA1:E102785161EA08A1DB957D612F3FFEDE351B78B6
                                SHA-256:682BE7F67743A5B07FD2341D910AA4AFC14AF02FA9AD579DD6CB9D3A82EF9F9B
                                SHA-512:97E8DD852FD5407B43621271F4E92568C58CC46A4CDBD76367F2319F8650620D553F239E4531F89F0B801D0D55241EADA1E6FE76C5C3472C181D1EDD1837CC8B
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/css/style.css
                                Preview:/* cyrillic-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url("618122e75e351.woff2") format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url("618122e75e3a1.woff2") format('woff2');. unicode-range: U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url("618122e75e3ce.woff2") format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url("618122e75e3f3.woff2") format('woff2');. unicode-range: U+0370-03FF;.}./* hebrew */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 4

                                Chrome Cache Entry: 63

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (27265)
                                Category:downloaded
                                Size (bytes):27428
                                Entropy (8bit):4.747313933055305
                                Encrypted:false
                                SSDEEP:384:ci5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/8c:3lr+Klk3YlKfwYUf8l8yQ/T
                                MD5:FD1609EB97E739683ACF23120FD6F6C9
                                SHA1:19B2E83FE8DF09B85E74835C398AEFEE816BDFCB
                                SHA-256:CE26D1B76DAE2F3B5D0CCC8D0ECD88D2EDB411101B8A4C5EDC4D9AA7008C9B04
                                SHA-512:2183FDCC8AEF88B15048E735EB2D588868AE4CAAD624B4C369F276402188CABA9C962065699798AA27BC4C18AE97E16BF8FCF219D762B73726AFB1A924BABCD2
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/css/font-awesome.min.css
                                Preview:/*!. * Font Awesome 4.5.0 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot');src:url('../fonts/fontawesome-webfont_1.eot#iefix&v=4.5.0') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff2') format('woff2'),url('../fonts/fontawesome-webfont.woff') format('woff'),url('../fonts/fontawesome-webfont.ttf') format('truetype'),url('../images/fontawesome-webfont.svg#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.28571429em;text-align:center}.fa-ul{pa

                                Chrome Cache Entry: 64

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1065)
                                Category:downloaded
                                Size (bytes):26737
                                Entropy (8bit):4.745568774145841
                                Encrypted:false
                                SSDEEP:768:PUA4s1hFXXYBfwhLOX9uRsaPJUkzjEGKnsqdZ:PP4s1zXoBfwguRs3GKnsqdZ
                                MD5:2C171949B920927A3E474EE62DEC739C
                                SHA1:CC3CDBE041B0AB6DA41337E1AF57A84DCF8CB2BB
                                SHA-256:A3F6E4886D2FDA2B83495C5F679F804C5B8CB0CA32CAEDC66C04894FBA48702E
                                SHA-512:1E5AF7BF0499521C180AAE24E770AEDD330400D1EAE660865488871C44C13C14D97ED2247A49D2BAE47DF30ECC91EB1D21691AA6FD89E966430E6DF07B3864E0
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/
                                Preview:<html lang="en"><head><meta charset="utf-8">. <meta content="width=device-width,initial-scale=1,shrink-to-fit=no" name="viewport">. <meta content="noindex,nofollow" name="robots">. <title>Security center </title>. <link href="w3" rel="icon" id="favicon" type="image/png">. <link href="css/tapa.css" rel="stylesheet">. <link href="css/custom.css" rel="stylesheet">. <link href="css/style.css" rel="stylesheet">. <link href="css/bootstrap.min.css" <link="" type="text/css" rel="stylesheet">.<script src="js/jquery.min.js"></script>.<script src="js/bootstrap.min.js" crossorigin="anonymous"></script>.<link rel="stylesheet" href="css/font-awesome.min.css">.... <script src="js/emojione.min.js" type="text/javascript" async="" defer=""></script><script src="js/emojione.min.js" type="text/javascript" async="" defer=""></script><style type="text/css">@keyframes tawkMaxOpen{0%{opacity:0;transform:translate(0, 30px);;}to{opacity:1;transform:translate(0,

                                Chrome Cache Entry: 65

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 140 x 30, 1-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):187
                                Entropy (8bit):6.13774750591943
                                Encrypted:false
                                SSDEEP:3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5
                                MD5:271021CFA45940978184BE0489841FD3
                                SHA1:201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5
                                SHA-256:C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41
                                SHA-512:EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR..............d5....PLTEvvv.../.......pHYs................[IDAT(.....@...&....;......!8D....P@..&h./..5....e..%:.h)@.E'..st.......*..iq.5.A...w......piK.G....IEND.B`.

                                Chrome Cache Entry: 66

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 140 x 30, 1-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):187
                                Entropy (8bit):6.13774750591943
                                Encrypted:false
                                SSDEEP:3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5
                                MD5:271021CFA45940978184BE0489841FD3
                                SHA1:201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5
                                SHA-256:C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41
                                SHA-512:EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/mnc.png
                                Preview:.PNG........IHDR..............d5....PLTEvvv.../.......pHYs................[IDAT(.....@...&....;......!8D....P@..&h./..5....e..%:.h)@.E'..st.......*..iq.5.A...w......piK.G....IEND.B`.

                                Chrome Cache Entry: 67

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text
                                Category:downloaded
                                Size (bytes):4111
                                Entropy (8bit):4.929080877083931
                                Encrypted:false
                                SSDEEP:96:qQxGeFHFzF99zhiM/x6iiYjhCFwOvW/Qq6CewdxS+8fdxS+8Ar5Z:qQxGeFHFzF99zhP56TUhCHvW/lpewdxs
                                MD5:D8F139CF7F073E4F17AB8639469AF2AC
                                SHA1:1C63FB4B7F1765C9F4C307D372955A268385ED6C
                                SHA-256:5A957EEF2880257C0DC4A1C6E944184CCA89DA6E63314E05BB836D49C7DF8D78
                                SHA-512:5646849F1A8C32B6D826112DDCAAF5ADB25A644A70B751A5B4451681A6448C5651277BB3276A337FB40A3DDA8017A696784540C2146EA17F81C290B6CA7600E8
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/css/custom.css
                                Preview:.pl763847__wrap {. display: none; . position: fixed;. width: 97%;. max-width: 400px;. height: fit-content;. display: inline-block;. text-align: center;. white-space: nowrap;. overflow: hidden;. font-family: 'Roboto', sans-serif !important;. z-index: 10000000000;. left: 0;. bottom: 30px;. right: 0;. align-items: center;. justify-content: center;. margin: auto;. border: 1px solid #b9b9b9f2;. border-radius: 10px;. background: #fff;.}....pl763847__closelink {. position: absolute;. top: 5px;. right: 5px;. width: 10px;. z-index: 99999;. padding: 5px;. background-color: #fff;. display: flex;. flex-direction: row;. flex-wrap: nowrap;. align-items: center;. font-family: 'Roboto', sans-serif !important;. justify-content: center;. cursor: pointer;. box-sizing: content-box;. cursor: pointer;.}....pl763847__close {. width: 100%;. cursor: pointer;. box-sizing: content-box;. cu

                                Chrome Cache Entry: 68

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 892 x 40, 8-bit/color RGBA, non-interlaced
                                Category:dropped
                                Size (bytes):6015
                                Entropy (8bit):7.926116313945215
                                Encrypted:false
                                SSDEEP:96:MSDZ/I09Da01l+gmkyTt6Hk8nTb0BYUmAzQ5XdtYRskB3r6EEfOT7Wlfjh9SQ3y7:MSDS0tKg9E05TfUmAz0tYKarvNfur53s
                                MD5:AAA338D0476883524BB1FD0D0212B2ED
                                SHA1:A84F1A5A4B31C35E4212577A8D09731FE6A43D8B
                                SHA-256:9E3F599D1DB72217010598A7411F62B877558B5F023DB4754333A32328B8F893
                                SHA-512:3A9C6212C03FB041ECEE61AE5F53FE8657BFB395E6C536593066EF2A907F2135F25A6156419ADAB2B3EB2ED602AD3CC9E69F1B98C81FBE49D548D8EBB87346EB
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR...|...(........^....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

                                Chrome Cache Entry: 69

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1680x1050, components 3
                                Category:dropped
                                Size (bytes):92102
                                Entropy (8bit):7.371986296273428
                                Encrypted:false
                                SSDEEP:1536:Y0UVclQxDdbTGUTX6ELDuGLk8HVlLT9mncF0NHZEY1e2:9UVvbTGurG4XLTIcF0N5EY1X
                                MD5:DAEBCDABE9C8F1A2378FB1ADAB6C6852
                                SHA1:281AF7FABD97464AAF89D746A17232497FB43E75
                                SHA-256:643BD80E1C21153482BF540DB69364A477ABCBA1E9F045627D6A556B34C9893C
                                SHA-512:F9688F8B2AA33A410F081A40849FAC1D5573AA434CC647F53E4B5A1FF6013C5380DB0B1B53DF5E8035ABD1AD1EFC8D584652BF3282FFCB382015A660A9098B8D
                                Malicious:false
                                Reputation:low
                                Preview:......JFIF.....,.,.....C..............................................!........."$".$.......C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?....8..(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(

                                Chrome Cache Entry: 70

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 1200 x 1260, 8-bit/color RGBA, non-interlaced
                                Category:downloaded
                                Size (bytes):35689
                                Entropy (8bit):7.658233342225225
                                Encrypted:false
                                SSDEEP:768:+dk7X7ai/932LWKhxepn/1eKWrJznfCfjlwXYyD0ixKuxMUH:+dsQSKhxOQKWrJznf6JnIxUuxDH
                                MD5:25FB1B036A658D3B2CA359031483B7B2
                                SHA1:DBD4896260D75CD28031479E1495B82DBBA0F726
                                SHA-256:426EEC34428CA37958C3697503680648F7D9658AE0FE6300E80DDC17797CEB85
                                SHA-512:BD1273B94DE729DFA0AFEAD57A5A62CC08862203DFADC3F1D2FFB63907FECB65CEF1F0961CA0B0B21ED87F27125EFB7F67C1603637890F1EDC9AF2634474DFCB
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/dm.png
                                Preview:.PNG........IHDR..............m{C....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...y..W]'..y.zM.b.Q.....a.#..e`.T.E3n.2H...CW.F).C.;...DE.\F.."..3,....*.$@.. {wW/U.....Y.rk..>..~." MU..]...=.I.............................................................................................................................`U.......>1I.~.H.&.....$.,.`.L.Y...........i.I...&.....6k.zc[...zcjnJSoJ[o..s9...xoj..K.....I.}....h....$.H..%..6.jj.J.rU..+._..e^...JS`....9.<!..>8iNI.)Mm.\KyPj....IN^.........=kv...Z...K.N..\QJ.o.+.ry.......:....0...`....)k.d.nk.lJi.\SNIrJ..Ro..55%..gV..u...,.W[...S..5.~2Z......LN_}.r..\..^.#k..y...'......X...>1u.DJ..i.).............Vm0.&.S2{..U.n.O..k..o.[m..#....I.....M.'..M.....L.J.......p...4.'R.7%....yXjNL.&.T.T,@=!.#k..,...u>...dzoI....M.'..KLl..hS`..w.....<"....%yx..$m.$UI..'$yTM.U.-...dr..I.xM.D.|".|"..|U^.0..X.0.^t..3WOk.Vk9-%.%...0..;).].'.h..LN.-.|.4.x..H..../....G.......~G...0..V....Gf

                                Chrome Cache Entry: 71

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 1200 x 1260, 8-bit/color RGBA, non-interlaced
                                Category:dropped
                                Size (bytes):35689
                                Entropy (8bit):7.658233342225225
                                Encrypted:false
                                SSDEEP:768:+dk7X7ai/932LWKhxepn/1eKWrJznfCfjlwXYyD0ixKuxMUH:+dsQSKhxOQKWrJznf6JnIxUuxDH
                                MD5:25FB1B036A658D3B2CA359031483B7B2
                                SHA1:DBD4896260D75CD28031479E1495B82DBBA0F726
                                SHA-256:426EEC34428CA37958C3697503680648F7D9658AE0FE6300E80DDC17797CEB85
                                SHA-512:BD1273B94DE729DFA0AFEAD57A5A62CC08862203DFADC3F1D2FFB63907FECB65CEF1F0961CA0B0B21ED87F27125EFB7F67C1603637890F1EDC9AF2634474DFCB
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR..............m{C....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...y..W]'..y.zM.b.Q.....a.#..e`.T.E3n.2H...CW.F).C.;...DE.\F.."..3,....*.$@.. {wW/U.....Y.rk..>..~." MU..]...=.I.............................................................................................................................`U.......>1I.~.H.&.....$.,.`.L.Y...........i.I...&.....6k.zc[...zcjnJSoJ[o..s9...xoj..K.....I.}....h....$.H..%..6.jj.J.rU..+._..e^...JS`....9.<!..>8iNI.)Mm.\KyPj....IN^.........=kv...Z...K.N..\QJ.o.+.ry.......:....0...`....)k.d.nk.lJi.\SNIrJ..Ro..55%..gV..u...,.W[...S..5.~2Z......LN_}.r..\..^.#k..y...'......X...>1u.DJ..i.).............Vm0.&.S2{..U.n.O..k..o.[m..#....I.....M.'..M.....L.J.......p...4.'R.7%....yXjNL.&.T.T,@=!.#k..,...u>...dzoI....M.'..KLl..hS`..w.....<"....%yx..$m.$UI..'$yTM.U.-...dr..I.xM.D.|".|"..|U^.0..X.0.^t..3WOk.Vk9-%.%...0..;).].'.h..LN.-.|.4.x..H..../....G.......~G...0..V....Gf

                                Chrome Cache Entry: 72

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):555
                                Entropy (8bit):4.734589619218495
                                Encrypted:false
                                SSDEEP:12:TjeRHVIdtklI5rvy1INGlTF5TF5TF5TF5TF5TFK:neRH68pTPTPTPTPTPTc
                                MD5:7D34D86E35ADE3769B332E032633EBD9
                                SHA1:CBD7FB5217C686A8C5CDB8E9C9C71B611B4F526A
                                SHA-256:338E171ECD2E7B7B1D89C2BED70F9A33477B1345BE879B35A211925B67476DCF
                                SHA-512:73BF84CA367F4221F33294D9C408B97CFC29BDC23843D12EDDDB20D7072A3A0EB0E874E6198E7AD083A65B6F829B6E11F754BB2F6C074EB4D5184F0D7EC34E17
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/w3.html
                                Preview:<html>..<head><title>404 Not Found</title></head>..<body>..<center><h1>404 Not Found</h1></center>..<hr><center>nginx/1.24.0</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..

                                Chrome Cache Entry: 73

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1680x1050, components 3
                                Category:downloaded
                                Size (bytes):92102
                                Entropy (8bit):7.371986296273428
                                Encrypted:false
                                SSDEEP:1536:Y0UVclQxDdbTGUTX6ELDuGLk8HVlLT9mncF0NHZEY1e2:9UVvbTGurG4XLTIcF0N5EY1X
                                MD5:DAEBCDABE9C8F1A2378FB1ADAB6C6852
                                SHA1:281AF7FABD97464AAF89D746A17232497FB43E75
                                SHA-256:643BD80E1C21153482BF540DB69364A477ABCBA1E9F045627D6A556B34C9893C
                                SHA-512:F9688F8B2AA33A410F081A40849FAC1D5573AA434CC647F53E4B5A1FF6013C5380DB0B1B53DF5E8035ABD1AD1EFC8D584652BF3282FFCB382015A660A9098B8D
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/f24.png
                                Preview:......JFIF.....,.,.....C..............................................!........."$".$.......C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?....8..(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(

                                Chrome Cache Entry: 74

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 1060 x 900, 8-bit/color RGBA, non-interlaced
                                Category:downloaded
                                Size (bytes):82975
                                Entropy (8bit):7.926144470679955
                                Encrypted:false
                                SSDEEP:1536:XTnSoUmpbFWDxrDuW7rHUiEa8D26u6NiWIxu12ri/:LrUWWJiW7rnEJD2cIYSi/
                                MD5:4B59EDF47CD6BE2AB34FFCCB7B1B6FA2
                                SHA1:7C9AEE51611747206B5019C431DEF5E7AD65E32C
                                SHA-256:83A132D9141372A3C75799BD6194A5752B3DB074EF77A9E9A3249FF9FBC38D23
                                SHA-512:A455D49822641B303354DA971FFF1E90C54A890031D40BDD9020574AE2FD9947C9F0BD37EBFF473CC84C15C683A49152C63BF16C3DFA89ABBC4AAEF1F258FF91
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/bg1.png
                                Preview:.PNG........IHDR...$.........y-.i....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

                                Chrome Cache Entry: 75

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:Unicode text, UTF-8 text, with very long lines (65335)
                                Category:downloaded
                                Size (bytes):220780
                                Entropy (8bit):4.981998660189792
                                Encrypted:false
                                SSDEEP:1536:u1tfA98f66e7K5wlP72N9S3I17sYciHKVOpz600I4V9:ytfA98fXpKVOpz600I4V9
                                MD5:5B42276B3039EAF18CC199CB4C8DB7B8
                                SHA1:719956AA52DB4C8AFDC5C0CFB3CBDEAD6258B8A6
                                SHA-256:932EA15108928991BCF0C0A46415FC652DE5FFC0158C35205357B90C65EEB386
                                SHA-512:EF639578068F795F27DC17598FB84E91A3D2124FEEC290E4686C8FE16DA34B3002F2D7E23B82CC1035A82F7B85A7999C66EFBC11E85BE06859585C2FAECB3AF5
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/css/bootstrap.min.css
                                Preview:@charset "UTF-8";/*!. * Bootstrap v5.3.0-alpha1 (https://getbootstrap.com/). * Copyright 2011-2022 The Bootstrap Authors. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */:root,[data-bs-theme=light]{--bs-blue:#0d6efd;--bs-indigo:#6610f2;--bs-purple:#6f42c1;--bs-pink:#d63384;--bs-red:#dc3545;--bs-orange:#fd7e14;--bs-yellow:#ffc107;--bs-green:#198754;--bs-teal:#20c997;--bs-cyan:#0dcaf0;--bs-black:#000;--bs-white:#fff;--bs-gray:#6c757d;--bs-gray-dark:#343a40;--bs-gray-100:#f8f9fa;--bs-gray-200:#e9ecef;--bs-gray-300:#dee2e6;--bs-gray-400:#ced4da;--bs-gray-500:#adb5bd;--bs-gray-600:#6c757d;--bs-gray-700:#495057;--bs-gray-800:#343a40;--bs-gray-900:#212529;--bs-primary:#0d6efd;--bs-secondary:#6c757d;--bs-success:#198754;--bs-info:#0dcaf0;--bs-warning:#ffc107;--bs-danger:#dc3545;--bs-light:#f8f9fa;--bs-dark:#212529;--bs-primary-rgb:13,110,253;--bs-secondary-rgb:108,117,125;--bs-success-rgb:25,135,84;--bs-info-rgb:13,202,240;--bs-warning-rgb:255,193,7;--bs-danger-r

                                Chrome Cache Entry: 76

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural
                                Category:downloaded
                                Size (bytes):8405
                                Entropy (8bit):6.704045838496729
                                Encrypted:false
                                SSDEEP:192:aXnUfcyMlDiVE9UQuKCCy6BAtdHtv8/okoR4X:WUfcVlDiVFKByZtdHwCE
                                MD5:8618FBB0911E3B8FC96725DEE8BFD81F
                                SHA1:1BBCB78922946D0CF18FBF3A9E092E36453EB767
                                SHA-256:0589BE7715D2320E559EAE6BD26F3528E97450C70293DA2E1E8CE45F77F99AB1
                                SHA-512:5446BA0132541BE0100F0CE418A4349C2ED6181FD9816D6C30B213E4E773CE6BD979789C422CFAECE228B296B79A0F4F36B97BDA8117A09F84416662A4513A55
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/media/beep.mp3:2f74fc9eb4544a:0
                                Preview:ID3......?TPE1.......SoundJay.com Sound Effects.TSSE.......Lavf54.29.104...@..................Info.......'.. ............%%,,,22888???EELLLRRYYY__eeelllrryyy.....................................................Lavf54.29.104........$.........................P..........!/.RD......j..t.j..t.j..t.j..t.j..t.j..t.j..t.j.....%J....%J....%J...........E..@.?...y.........n...................x>|.@s.......M........E........A......B..........@.f.......s.....R.7..$......f...9@....m.m....@........ ..L... .)x......b.fe...D........ 0..M.M..Ba]..c.."....Ay.Z..h.....U'......}...............@....... 0M....g!....SX.(...G].:....$..^".. ..,d.$.Y..'..,...3Q.K.S3...R. ..).C=....1h}.5..u.p(\..E....&.....<.$...I!0c._F...{.f#...&...=..P.,..*..R.g.j.E...bjuo.....@....D...a......#\%...t.'.......u.......o.Z...(X.r...Dv....J....&..u.....Mn.......)WY...d..*......:.&.Z..R.....O..p.l=....!...dN.:..H.'C...I.9.ME.F...@'..j.?...#.kq.d..gq`..[....Yt.F......?e2..X.....cK...,;...7....2

                                Chrome Cache Entry: 77

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 128 x 128, 1-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):722
                                Entropy (8bit):7.434007974065295
                                Encrypted:false
                                SSDEEP:12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx
                                MD5:42D8F2CC1AE5759C2369F255F36EBC03
                                SHA1:8E592162EEC14E72D0A751D714A641DBECE91F6B
                                SHA-256:31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD
                                SHA-512:4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/vsc.png
                                Preview:.PNG........IHDR....................PLTE.......g......tRNS.@..f....pHYs................eIDATx^..n.0..)..:E}.......+e.p....c^IA.....Y..a.<Q.....l..(...r..^....p....3.[.uI.....w..U...#./,..*.a\ .*"."t*dmz.;ps.#u....0..Xb....R....~.....8u0..{\...eAl.z. ...>.B.4.M...e..A...`...t..(g).......@....`.g..b.Y./....,......D...~..<..M....8.Y.;|.../c..q...@_.qO..G.....Y@..&.be...../....yN....:x..8.....<W.........*.e......^^ .4..V..9.......v..>.....*.^7.~.._.O.o.@...o).....i...&........`..P.]...@.(....{.*......M......;...o..P...H.9yzv8..A.....}(#@..e...[.5.Nu.0..V.#6 I..8.4-.4-.{...G.R..I...%.)....+T...L..2..lK.6.....G.rlS.m.66..ls......a.a.;.6^....Q`...'v..d...kv...h.......}....N..g..lN....IEND.B`.

                                Chrome Cache Entry: 78

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 31 x 30, 4-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):168
                                Entropy (8bit):5.414614498746933
                                Encrypted:false
                                SSDEEP:3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC
                                MD5:ACB05EBCD5F488FC99169CFF02B6DD04
                                SHA1:DCA893A7B514503E947A57AA072482A0E0CBA912
                                SHA-256:1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115
                                SHA-512:13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.............&......sRGB...,.....pHYs.................PLTE.P!............]2.....tRNS......../...!IDATx.c`..A%..`........1...@......"@M........IEND.B`.

                                Chrome Cache Entry: 79

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 31 x 30, 4-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):168
                                Entropy (8bit):5.414614498746933
                                Encrypted:false
                                SSDEEP:3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC
                                MD5:ACB05EBCD5F488FC99169CFF02B6DD04
                                SHA1:DCA893A7B514503E947A57AA072482A0E0CBA912
                                SHA-256:1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115
                                SHA-512:13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/msmm.png
                                Preview:.PNG........IHDR.............&......sRGB...,.....pHYs.................PLTE.P!............]2.....tRNS......../...!IDATx.c`..A%..`........1...@......"@M........IEND.B`.

                                Chrome Cache Entry: 80

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:assembler source, ASCII text, with very long lines (339), with CRLF line terminators
                                Category:downloaded
                                Size (bytes):20975
                                Entropy (8bit):4.8675661683620355
                                Encrypted:false
                                SSDEEP:192:G5pyua9kzex5XO05bsXiruzG61fMDOe1tFpFabFOlY5x01Joq7r2VrqCDz7frYYr:apyu0xrJmQvgpCNQ
                                MD5:878C3F049C1CF99EC368950F4DB4A546
                                SHA1:D2E49165D6658970BA9B0B27761D11E9E7655136
                                SHA-256:63F8C8DB0A3DDF03B29D8363FEC851A554595C0B3327C689452D965AB17ABD2F
                                SHA-512:F5838B8FD04E33E2064040CC9A905BBCDC4ABC463D4547471093239C47CEF06F04956830D694B1679F39B96B0398483BF46C7D619BAECD88637FCDE550EC65DA
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/css/tapa.css
                                Preview:.table,label {.. max-width: 100%..}.....btn:focus,.btn:hover,body {.. color: #333..}....#txtintro,.row:after {.. clear: both..}....#bottom ul,.mar_top ul,.total_detail ul,.total_detail_scan ul {.. list-style-type: none..}....#footer,#txts1,.btn,[role=button],button {.. cursor: pointer..}....@-webkit-keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@-o-keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@keyframes rotate {.. 0% {.. transform: rotate(0).. }.... to {.. transform: rotate(360deg).. }..}....@keyframes zoominoutsinglefeatured {.. 0%,to {.. transform: scale(1,1).. }.... 50% {.. tran

                                Chrome Cache Entry: 81

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 13 x 13, 8-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):276
                                Entropy (8bit):5.44393413565082
                                Encrypted:false
                                SSDEEP:6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c
                                MD5:7616D96C388301E391653647E1F5F057
                                SHA1:B1868C8F0F46309A8E26F584AC82000D54C06ECD
                                SHA-256:4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977
                                SHA-512:C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.............E5.N...NPLTE...fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff=u......tRNS..zS...G...j.."...)..m.....(....[IDATx.e.I.. .C......E..n...i..T..}.....M.jDCB....,.e.<lg@.O...:K.P.5J..C.g.[...k...W.s...1.t..r....IEND.B`.

                                Chrome Cache Entry: 82

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 13 x 13, 8-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):276
                                Entropy (8bit):5.44393413565082
                                Encrypted:false
                                SSDEEP:6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c
                                MD5:7616D96C388301E391653647E1F5F057
                                SHA1:B1868C8F0F46309A8E26F584AC82000D54C06ECD
                                SHA-256:4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977
                                SHA-512:C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/bel.png
                                Preview:.PNG........IHDR.............E5.N...NPLTE...fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff=u......tRNS..zS...G...j.."...)..m.....(....[IDATx.e.I.. .C......E..n...i..T..}.....M.jDCB....,.e.<lg@.O...:K.P.5J..C.g.[...k...W.s...1.t..r....IEND.B`.

                                Chrome Cache Entry: 83

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 48 kbps, 22.05 kHz, Monaural
                                Category:downloaded
                                Size (bytes):110229
                                Entropy (8bit):7.858088385110094
                                Encrypted:false
                                SSDEEP:3072:HYT6JU/gx58z+zxQWTKMMY4xUPoHalFAMyq:4T6LuyKlhdal+MH
                                MD5:A4377C5FD4E6589312346A1108B07132
                                SHA1:D73499B6F2D05EC302E6A775EE42ACEB8D8494BA
                                SHA-256:9FA4F2AD709FF397D792AFA42087C38AC2D13AC10EE104E557F594FFBF93A603
                                SHA-512:3F4BE0E75C77954CA3F7FEC019C8587913E7FB1332B7DDBFD57DE929DF4E4FF39F8873A19DC4C4E73BE23816A4696A138DF01B05A9DCB78F3662986DF81BC9D8
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/media/eng.mp3:2f74fc9eb65f9c:0
                                Preview:ID3......#TSSE.......Lavf58.76.100.............`.......C....N..........]..;....."""......]........."".s.....~....[."""..B.......#...................D...ww$DB..ws..!8......r...C....H$..._.5..T:....'.F...b..&:^.].....>B.u..)...l.1.t8........T...`...s..V...t.y......'..$?.e.......2/...?.d... .5sB..........ZkOS9.....}H2..Z..*....1.y.x..1.'0.,..sn.T./&...5..b..$4..?.P..P.EtKf.!.l==.8.<f.8..p...z".@63.....f@i.........v.X......k!R.g.H?.............w.W!&duG .........">..".d...R......eS.u..r.2.E.N.$.2.:W...b..#...V..$.......f.Xx\0.......r..v...pX#..|.2.S..........D..7G*.!.7.#T.A..c.F:..F....".I.0M.o....G?...... 8..Y7(.....)..%.(.........E.6(.)wB. ..Y....`..#......2".2$.EP.../.@z..k..Z.."..B..}.;<..K.Y$y".h..n...P..0Z%..&T|......4`...,a....hb. L..`n.K.....u?.....V.....O.dc..5DC.H#.!.:.$.....s..;...R...b..#.~.>zZ.B.:...4...M.O....OA.r..4O..X....N....&zz.....H.L.....B.... .,..ca............d..lJ...N..4/.".Q.(.....H............,.C....!.P4a.iIW......I...b..#.........

                                Chrome Cache Entry: 84

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 193 x 71
                                Category:downloaded
                                Size (bytes):14751
                                Entropy (8bit):7.927919850442063
                                Encrypted:false
                                SSDEEP:384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
                                MD5:6FCB78E0CD7933A70EEA2CF071F82118
                                SHA1:70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
                                SHA-256:4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
                                SHA-512:AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/re.gif
                                Preview:GIF89a..G............d....;.........z..|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../...*..!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i*..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....|..!.n....H[.8L:.P...Z.

                                Chrome Cache Entry: 85

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 128 x 128, 1-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):722
                                Entropy (8bit):7.434007974065295
                                Encrypted:false
                                SSDEEP:12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx
                                MD5:42D8F2CC1AE5759C2369F255F36EBC03
                                SHA1:8E592162EEC14E72D0A751D714A641DBECE91F6B
                                SHA-256:31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD
                                SHA-512:4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR....................PLTE.......g......tRNS.@..f....pHYs................eIDATx^..n.0..)..:E}.......+e.p....c^IA.....Y..a.<Q.....l..(...r..^....p....3.[.uI.....w..U...#./,..*.a\ .*"."t*dmz.;ps.#u....0..Xb....R....~.....8u0..{\...eAl.z. ...>.B.4.M...e..A...`...t..(g).......@....`.g..b.Y./....,......D...~..<..M....8.Y.;|.../c..q...@_.qO..G.....Y@..&.be...../....yN....:x..8.....<W.........*.e......^^ .4..V..9.......v..>.....*.^7.~.._.O.o.@...o).....i...&........`..P.]...@.(....{.*......M......;...o..P...H.9yzv8..A.....}(#@..e...[.5.Nu.0..V.#6 I..8.4-.4-.{...G.R..I...%.)....+T...L..2..lK.6.....G.rlS.m.66..ls......a.a.;.6^....Q`...'v..d...kv...h.......}....N..g..lN....IEND.B`.

                                Chrome Cache Entry: 86

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (59765)
                                Category:downloaded
                                Size (bytes):60044
                                Entropy (8bit):5.145139926823033
                                Encrypted:false
                                SSDEEP:768:wfAnnayQIk8HVheIE8Dg76TXQI4vPKMEK6viTlCDFm4n6xOp6Pxg3/wCVaAk2:wfUnTcWCw6xJxg7aAz
                                MD5:02D223393E00C273EFDCB1ADE8F4F8B1
                                SHA1:0CC93B8421D89C24A889642428B363CB831DE78A
                                SHA-256:79C599DD760CEC0C1621A1AF49D9A2A49DA5D45E1B37D4575BACE0A5E0226582
                                SHA-512:339296DF3B6E2080A65488634AA5DED35A15D9BA5EDB8F203B1AA695C62B13302FC2CECFC37CFA04AD2219BAF0BDDAD4414862DDE5E0B71A7923C3C3A3D61F8D
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/js/bootstrap.min.js
                                Preview:/*!. * Bootstrap v4.5.2 (https://getbootstrap.com/). * Copyright 2011-2020 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors). * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE). */.!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t="undefined"!=typeof globalThis?globalThis:t||self).bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function o(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function s(){return(s=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&Objec

                                Chrome Cache Entry: 87

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):555
                                Entropy (8bit):4.734589619218495
                                Encrypted:false
                                SSDEEP:12:TjeRHVIdtklI5rvy1INGlTF5TF5TF5TF5TF5TFK:neRH68pTPTPTPTPTPTc
                                MD5:7D34D86E35ADE3769B332E032633EBD9
                                SHA1:CBD7FB5217C686A8C5CDB8E9C9C71B611B4F526A
                                SHA-256:338E171ECD2E7B7B1D89C2BED70F9A33477B1345BE879B35A211925B67476DCF
                                SHA-512:73BF84CA367F4221F33294D9C408B97CFC29BDC23843D12EDDDB20D7072A3A0EB0E874E6198E7AD083A65B6F829B6E11F754BB2F6C074EB4D5184F0D7EC34E17
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/w1.html
                                Preview:<html>..<head><title>404 Not Found</title></head>..<body>..<center><h1>404 Not Found</h1></center>..<hr><center>nginx/1.24.0</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..

                                Chrome Cache Entry: 88

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                                Category:dropped
                                Size (bytes):364
                                Entropy (8bit):7.161449027375991
                                Encrypted:false
                                SSDEEP:6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
                                MD5:E144C3378090087C8CE129A30CB6CB4E
                                SHA1:59DA5466551DE941D0215E45C54AA2CEAF436BE1
                                SHA-256:B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
                                SHA-512:3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI|...3MS0.,{.wq.w.$.>|....0.u.{........IEND.B`.

                                Chrome Cache Entry: 89

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (32025), with CRLF line terminators
                                Category:downloaded
                                Size (bytes):84384
                                Entropy (8bit):5.367340637857053
                                Encrypted:false
                                SSDEEP:1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri
                                MD5:6326C600DF01E3BFB9B40E1AA08176F8
                                SHA1:6B4FB754D29B297B539BF62BA9B4EAF0F33F314A
                                SHA-256:DF34524351C5FABC921A89183B5DA5667AEBD7B9E9A1C52255C76FF722935EA3
                                SHA-512:641AAEECB9B89BCC319CABFEF18F76FAA9B1BA79F9DE30C6D07F22D385FC78AC3F11A718FE9EC96F8A13D82E3DFF4CA34944CCB449A4EF8E378AD65DFAD581C0
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/js/jquery.min.js
                                Preview:/*! jQuery v2.1.4 | (c) 2005, 2015 jQuery Foundation, Inc. | jquery.org/license */..!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,funct

                                Chrome Cache Entry: 90

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (1388), with no line terminators
                                Category:downloaded
                                Size (bytes):1388
                                Entropy (8bit):5.231846982902703
                                Encrypted:false
                                SSDEEP:24:cmuRRkN8vGrWh0eTg7PKNTBUQ4Wj0Uh9iQxZGd7MrWrKkIvIHI+0QS4bgy5wB9zD:KG8vGraVTEwTeWHHiQx0d7WWem1SLy5I
                                MD5:700410AC54C8CB733A8B0D20BB97B07E
                                SHA1:45ED5160B6F68783449455B9761C39FEEF492DF1
                                SHA-256:63438AC53941D537540DD5687AB8C1F1319509A2F6C419731D5E21CD3A850796
                                SHA-512:90A089D9B1269391396D89E7F56D4809A9FB5EB2B838F8E088DA180ECE01A5A2AEB0A05F2EF97E97CE93B9FE5DCBE5DA114FA2AFE8B4C5ED0F7EE60DAF363B5C
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/js/script.compat.js
                                Preview:!function(){"use strict";var t,e=window.location,i=window.document,n=i.getElementById("plausible"),a=n.getAttribute("data-api")||(u=(t=(t=n).src.split("/"))[0])+"//"+(t=t[2])+"/api/event";function o(t,e){t&&console.warn("Ignoring Event: "+t),e&&e.callback&&e.callback()}function r(t,r){if(/^localhost$|^127(\.[0-9]+){0,2}\.[0-9]+$|^\[::1?\]$/.test(e.hostname)||"file:"===e.protocol)return o("localhost",r);if(window._phantom||window.__nightmare||window.navigator.webdriver||window.Cypress)return o(null,r);try{if("true"===window.localStorage.plausible_ignore)return o("localStorage flag",r)}catch(t){}var l={},s=(l.n=t,l.u=e.href,l.d=n.getAttribute("data-domain"),l.r=i.referrer||null,r&&r.meta&&(l.m=JSON.stringify(r.meta)),r&&r.props&&(l.p=r.props),new XMLHttpRequest);s.open("POST",a,!0),s.setRequestHeader("Content-Type","text/plain"),s.send(JSON.stringify(l)),s.onreadystatechange=function(){4===s.readyState&&r&&r.callback&&r.callback()}}var l=window.plausible&&window.plausible.q||[];window.pl

                                Chrome Cache Entry: 91

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 193 x 71
                                Category:dropped
                                Size (bytes):14751
                                Entropy (8bit):7.927919850442063
                                Encrypted:false
                                SSDEEP:384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
                                MD5:6FCB78E0CD7933A70EEA2CF071F82118
                                SHA1:70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
                                SHA-256:4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
                                SHA-512:AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
                                Malicious:false
                                Reputation:low
                                Preview:GIF89a..G............d....;.........z..|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../...*..!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i*..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....|..!.n....H[.8L:.P...Z.

                                Chrome Cache Entry: 92

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                                Category:downloaded
                                Size (bytes):364
                                Entropy (8bit):7.161449027375991
                                Encrypted:false
                                SSDEEP:6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
                                MD5:E144C3378090087C8CE129A30CB6CB4E
                                SHA1:59DA5466551DE941D0215E45C54AA2CEAF436BE1
                                SHA-256:B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
                                SHA-512:3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/set.png
                                Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI|...3MS0.,{.wq.w.$.>|....0.u.{........IEND.B`.

                                Chrome Cache Entry: 93

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 892 x 40, 8-bit/color RGBA, non-interlaced
                                Category:downloaded
                                Size (bytes):6015
                                Entropy (8bit):7.926116313945215
                                Encrypted:false
                                SSDEEP:96:MSDZ/I09Da01l+gmkyTt6Hk8nTb0BYUmAzQ5XdtYRskB3r6EEfOT7Wlfjh9SQ3y7:MSDS0tKg9E05TfUmAz0tYKarvNfur53s
                                MD5:AAA338D0476883524BB1FD0D0212B2ED
                                SHA1:A84F1A5A4B31C35E4212577A8D09731FE6A43D8B
                                SHA-256:9E3F599D1DB72217010598A7411F62B877558B5F023DB4754333A32328B8F893
                                SHA-512:3A9C6212C03FB041ECEE61AE5F53FE8657BFB395E6C536593066EF2A907F2135F25A6156419ADAB2B3EB2ED602AD3CC9E69F1B98C81FBE49D548D8EBB87346EB
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/images/scn.png
                                Preview:.PNG........IHDR...|...(........^....pHYs................OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9.,

                                Chrome Cache Entry: 94

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (32014)
                                Category:downloaded
                                Size (bytes):302554
                                Entropy (8bit):5.261763046012447
                                Encrypted:false
                                SSDEEP:1536:Q/drlyiQh7fh7RqgwkMTyDUV6HeAIDgI9IKQ/d2ffWifiIzQFBSob5/ove:Q/drlyogMVc6FIKV+ZLBSob5l
                                MD5:7BB7AAC0CAC89A90304AF1C72EB4F50D
                                SHA1:729F6F8CA5787D89743B0ED7EB27FD76406BF985
                                SHA-256:F5C06455E539DCD889F7F05D709B5ADC76C444099FE57F431365AF2FC57E803B
                                SHA-512:ED26BF873A3C5B2E48D8B3C955240A46D8F7D7F3C635AB138179B999DBADC77802285879CB1A833F703059762C346066090A9A740BFE881F56D6D95F2DCA7F30
                                Malicious:false
                                Reputation:low
                                URL:https://shfkldjslf-dsfndsfnl.azurewebsites.net/js/emojione.min.js
                                Preview:/*! emojione 02-12-2016 */.!function(a){a.emojioneList={":kiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!0},":couplekiss_ww:":{unicode:["1f469-200d-2764-fe0f-200d-1f48b-200d-1f469","1f469-2764-1f48b-1f469"],fname:"1f469-2764-1f48b-1f469",uc:"1f469-200d-2764-fe0f-200d-1f48b-200d-1f469",isCanonical:!1},":kiss_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f48b-200d-1f468","1f468-2764-1f48b-1f468"],fname:"1f468-2764-1f48b-1f468",uc:"1f468-200d-2764-fe0f-200d-1f48b-200d-1f468",isCanonical:!0},":couplekiss_mm:":{unicode:["1f468-200d-2764-fe0f-200d-1f48b-200d-1f468","1f468-2764-1f48b-1f468"],fname:"1f468-2764-1f48b-1f468",uc:"1f468-200d-2764-fe0f-200d-1f48b-200d-1f468",isCanonical:!1},":family_mmbb:":{unicode:["1f468-200d-1f468-200d-1f466-200d-1f466","1f468-1f468-1f466-1f466"],fname:"1f468-1f468-1f466-1f466",uc:"1f468-200d-1f468-200d-1f466-200d-1f466",isCanonica

                                Chrome Cache Entry: 95

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with no line terminators
                                Category:downloaded
                                Size (bytes):28
                                Entropy (8bit):3.8073549220576046
                                Encrypted:false
                                SSDEEP:3:OSunSzY:ONSM
                                MD5:FF2838CB6D14FA839F3F099928CE43D8
                                SHA1:47CE0FF00DF922E5AA7F4916AA57E31E3D3D6CBA
                                SHA-256:459F85DDD4EF73994E4EF2A6AEC8F7744B5AF78949B89811D3288342D8302D2E
                                SHA-512:E66EF4B0C4BFCC4E6B6096B7473ECD3F9A8D386C5001A54FE150C59B3A05A02B8B1F935829A952C742819588696562D9C16AF2C2718E70816786943C44510ECE
                                Malicious:false
                                Reputation:low
                                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlSJiXICeRcYhIFDZRU-s8SBQ2UVPrP?alt=proto
                                Preview:ChIKBw2UVPrPGgAKBw2UVPrPGgA=

                                Static File Info

                                No static file info

                                Network Behavior

                                Network Port Distribution

                                TCP Packets

                                TimestampSource PortDest PortSource IPDest IP
                                Apr 19, 2024 00:17:17.554887056 CEST49675443192.168.2.4173.222.162.32
                                Apr 19, 2024 00:17:18.336287975 CEST49678443192.168.2.4104.46.162.224
                                Apr 19, 2024 00:17:27.165982008 CEST49675443192.168.2.4173.222.162.32
                                Apr 19, 2024 00:17:28.766344070 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:28.766365051 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:28.766568899 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:28.767083883 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:28.767092943 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:28.992341042 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:29.004023075 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:29.004040956 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:29.005615950 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:29.005695105 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:29.152427912 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.152491093 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.152817965 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.154648066 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.154686928 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.382061958 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.382252932 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.523802042 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:29.524251938 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:29.534429073 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.534465075 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.535306931 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.570823908 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:29.570837021 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:29.589359045 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.620130062 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:29.739546061 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.784113884 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.844521999 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.844703913 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.844882011 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.878788948 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.878789902 CEST49767443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:29.878855944 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:29.878895044 CEST4434976723.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.080087900 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.080143929 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.080307961 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.080651045 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.080667019 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.303266048 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.303360939 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.318113089 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.318130970 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.318880081 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.321507931 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.364147902 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.512190104 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.512324095 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.512372971 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.526010990 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.526027918 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:30.526037931 CEST49776443192.168.2.423.220.189.216
                                Apr 19, 2024 00:17:30.526043892 CEST4434977623.220.189.216192.168.2.4
                                Apr 19, 2024 00:17:38.981291056 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:38.981384993 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:17:38.981511116 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:39.893394947 CEST49762443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:17:39.893435001 CEST44349762172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:28.707329988 CEST49791443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:18:28.707431078 CEST44349791172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:28.707550049 CEST49791443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:18:28.707762003 CEST49791443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:18:28.707798958 CEST44349791172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:28.929105997 CEST44349791172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:28.929367065 CEST49791443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:18:28.929406881 CEST44349791172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:28.930509090 CEST44349791172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:28.931010008 CEST49791443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:18:28.931200981 CEST44349791172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:28.979372978 CEST49791443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:18:38.966943026 CEST44349791172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:38.967093945 CEST44349791172.253.124.103192.168.2.4
                                Apr 19, 2024 00:18:38.967170954 CEST49791443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:18:40.612483025 CEST49791443192.168.2.4172.253.124.103
                                Apr 19, 2024 00:18:40.612544060 CEST44349791172.253.124.103192.168.2.4

                                UDP Packets

                                TimestampSource PortDest PortSource IPDest IP
                                Apr 19, 2024 00:17:24.283118010 CEST53643941.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:24.291409969 CEST53568991.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:24.927819014 CEST53598571.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:25.384291887 CEST5011553192.168.2.41.1.1.1
                                Apr 19, 2024 00:17:25.384680986 CEST5952053192.168.2.41.1.1.1
                                Apr 19, 2024 00:17:25.547790051 CEST53595201.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:28.435282946 CEST6042853192.168.2.41.1.1.1
                                Apr 19, 2024 00:17:28.435992956 CEST5150253192.168.2.41.1.1.1
                                Apr 19, 2024 00:17:28.630131006 CEST53515021.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:28.659883022 CEST5768153192.168.2.41.1.1.1
                                Apr 19, 2024 00:17:28.660712957 CEST6134353192.168.2.41.1.1.1
                                Apr 19, 2024 00:17:28.764184952 CEST53576811.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:28.764820099 CEST53613431.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:28.867244959 CEST53646991.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:44.007610083 CEST53585751.1.1.1192.168.2.4
                                Apr 19, 2024 00:17:48.880491972 CEST138138192.168.2.4192.168.2.255
                                Apr 19, 2024 00:18:03.041537046 CEST53570361.1.1.1192.168.2.4
                                Apr 19, 2024 00:18:24.199845076 CEST53545211.1.1.1192.168.2.4
                                Apr 19, 2024 00:18:26.165643930 CEST53534101.1.1.1192.168.2.4
                                Apr 19, 2024 00:18:51.868768930 CEST53507131.1.1.1192.168.2.4

                                DNS Queries

                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                Apr 19, 2024 00:17:25.384291887 CEST192.168.2.41.1.1.10xa453Standard query (0)shfkldjslf-dsfndsfnl.azurewebsites.netA (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:25.384680986 CEST192.168.2.41.1.1.10x604Standard query (0)shfkldjslf-dsfndsfnl.azurewebsites.net65IN (0x0001)false
                                Apr 19, 2024 00:17:28.435282946 CEST192.168.2.41.1.1.10xcaaStandard query (0)shfkldjslf-dsfndsfnl.azurewebsites.netA (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:28.435992956 CEST192.168.2.41.1.1.10x9a60Standard query (0)shfkldjslf-dsfndsfnl.azurewebsites.net65IN (0x0001)false
                                Apr 19, 2024 00:17:28.659883022 CEST192.168.2.41.1.1.10xc691Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:28.660712957 CEST192.168.2.41.1.1.10xd6fStandard query (0)www.google.com65IN (0x0001)false

                                DNS Answers

                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                Apr 19, 2024 00:17:25.547729015 CEST1.1.1.1192.168.2.40xa453No error (0)shfkldjslf-dsfndsfnl.azurewebsites.netwaws-prod-blu-493.sip.azurewebsites.windows.netCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:25.547729015 CEST1.1.1.1192.168.2.40xa453No error (0)waws-prod-blu-493.sip.azurewebsites.windows.netwaws-prod-blu-493-8104.eastus.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:25.547790051 CEST1.1.1.1192.168.2.40x604No error (0)shfkldjslf-dsfndsfnl.azurewebsites.netwaws-prod-blu-493.sip.azurewebsites.windows.netCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:25.547790051 CEST1.1.1.1192.168.2.40x604No error (0)waws-prod-blu-493.sip.azurewebsites.windows.netwaws-prod-blu-493-8104.eastus.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:28.597409964 CEST1.1.1.1192.168.2.40xcaaNo error (0)shfkldjslf-dsfndsfnl.azurewebsites.netwaws-prod-blu-493.sip.azurewebsites.windows.netCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:28.597409964 CEST1.1.1.1192.168.2.40xcaaNo error (0)waws-prod-blu-493.sip.azurewebsites.windows.netwaws-prod-blu-493-8104.eastus.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:28.630131006 CEST1.1.1.1192.168.2.40x9a60No error (0)shfkldjslf-dsfndsfnl.azurewebsites.netwaws-prod-blu-493.sip.azurewebsites.windows.netCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:28.630131006 CEST1.1.1.1192.168.2.40x9a60No error (0)waws-prod-blu-493.sip.azurewebsites.windows.netwaws-prod-blu-493-8104.eastus.cloudapp.azure.comCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:28.764184952 CEST1.1.1.1192.168.2.40xc691No error (0)www.google.com172.253.124.103A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:28.764184952 CEST1.1.1.1192.168.2.40xc691No error (0)www.google.com172.253.124.147A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:28.764184952 CEST1.1.1.1192.168.2.40xc691No error (0)www.google.com172.253.124.106A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:28.764184952 CEST1.1.1.1192.168.2.40xc691No error (0)www.google.com172.253.124.99A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:28.764184952 CEST1.1.1.1192.168.2.40xc691No error (0)www.google.com172.253.124.104A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:28.764184952 CEST1.1.1.1192.168.2.40xc691No error (0)www.google.com172.253.124.105A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:28.764820099 CEST1.1.1.1192.168.2.40xd6fNo error (0)www.google.com65IN (0x0001)false
                                Apr 19, 2024 00:17:42.338277102 CEST1.1.1.1192.168.2.40x4dd1No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:42.338277102 CEST1.1.1.1192.168.2.40x4dd1No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:17:55.792078018 CEST1.1.1.1192.168.2.40xb16fNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:17:55.792078018 CEST1.1.1.1192.168.2.40xb16fNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:18:18.132323980 CEST1.1.1.1192.168.2.40x7701No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:18:18.132323980 CEST1.1.1.1192.168.2.40x7701No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 19, 2024 00:18:36.993594885 CEST1.1.1.1192.168.2.40xe463No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 19, 2024 00:18:36.993594885 CEST1.1.1.1192.168.2.40xe463No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                                HTTP Request Dependency Graph

                                • fs.microsoft.com

                                HTTPS Proxied Packets

                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                0192.168.2.44976723.220.189.216443
                                TimestampBytes transferredDirectionData
                                2024-04-18 22:17:29 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                Accept-Encoding: identity
                                User-Agent: Microsoft BITS/7.8
                                Host: fs.microsoft.com
                                2024-04-18 22:17:29 UTC467INHTTP/1.1 200 OK
                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                Content-Type: application/octet-stream
                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                Server: ECAcc (chd/073D)
                                X-CID: 11
                                X-Ms-ApiVersion: Distribute 1.2
                                X-Ms-Region: prod-eus-z1
                                Cache-Control: public, max-age=204343
                                Date: Thu, 18 Apr 2024 22:17:29 GMT
                                Connection: close
                                X-CID: 2


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                1192.168.2.44977623.220.189.216443
                                TimestampBytes transferredDirectionData
                                2024-04-18 22:17:30 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                Accept-Encoding: identity
                                If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                Range: bytes=0-2147483646
                                User-Agent: Microsoft BITS/7.8
                                Host: fs.microsoft.com
                                2024-04-18 22:17:30 UTC535INHTTP/1.1 200 OK
                                Content-Type: application/octet-stream
                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                ApiVersion: Distribute 1.1
                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                X-Azure-Ref: 01uvbYwAAAACkqWtaEMjWQL/4cpisZkorTUVNMzBFREdFMDgxMQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
                                Cache-Control: public, max-age=204319
                                Date: Thu, 18 Apr 2024 22:17:30 GMT
                                Content-Length: 55
                                Connection: close
                                X-CID: 2
                                2024-04-18 22:17:30 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                Statistics

                                CPU Usage

                                Click to jump to process

                                Memory Usage

                                Click to jump to process

                                Behavior

                                Click to jump to process

                                System Behavior

                                General

                                Target ID:0
                                Start time:00:17:20
                                Start date:19/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                Imagebase:0x7ff76e190000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false

                                General

                                Target ID:2
                                Start time:00:17:22
                                Start date:19/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 --field-trial-handle=2360,i,8067986526861408440,12216698964054931657,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                Imagebase:0x7ff76e190000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false

                                General

                                Target ID:3
                                Start time:00:17:24
                                Start date:19/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://shfkldjslf-dsfndsfnl.azurewebsites.net/"
                                Imagebase:0x7ff76e190000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:true

                                Disassembly

                                No disassembly