Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null

Overview

General Information

Sample URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null
Analysis ID:1428993
Infos:

Detection

TechSupportScam
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected TechSupportScam

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3736 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3484 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1980,i,15275542100183043275,11099709455081870690,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6424 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_51JoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security

    HTML

    SourceRuleDescriptionAuthorStrings
    0.0.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
      0.1.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
        0.3.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security
          0.2.pages.csvJoeSecurity_TechSupportScamYara detected TechSupportScamJoe Security

            Sigma Signatures

            No Sigma rule has matched

            Snort Signatures

            No Snort rule has matched

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus / Scanner detection for submitted sample
            Source: https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=nullSlashNext: detection malicious, Label: Scareware type: Phishing & Social Engineering

            Phishing

            barindex
            Yara detected TechSupportScam
            Source: Yara matchFile source: 0.0.pages.csv, type: HTML
            Source: Yara matchFile source: 0.1.pages.csv, type: HTML
            Source: Yara matchFile source: 0.3.pages.csv, type: HTML
            Source: Yara matchFile source: 0.2.pages.csv, type: HTML
            Source: Yara matchFile source: dropped/chromecache_51, type: DROPPED
            Source: unknownHTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49762 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49771 version: TLS 1.2
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 23.63.206.91
            Source: unknownTCP traffic detected without corresponding DNS query: 69.164.42.0
            Source: unknownTCP traffic detected without corresponding DNS query: 69.164.42.0
            Source: unknownTCP traffic detected without corresponding DNS query: 69.164.42.0
            Source: unknownTCP traffic detected without corresponding DNS query: 69.164.42.0
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficHTTP traffic detected: GET /jquery-1.4.4.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?lang=en HTTP/1.1Host: ipwho.isConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://k19gdtyrshgcjghldjk.z13.web.core.windows.netSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?lang=en HTTP/1.1Host: ipwho.isConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
            Source: unknownDNS traffic detected: queries for: code.jquery.com
            Source: chromecache_78.2.drString found in binary or memory: http://jquery.com/
            Source: chromecache_78.2.drString found in binary or memory: http://jquery.org/license
            Source: chromecache_78.2.drString found in binary or memory: http://sizzlejs.com/
            Source: chromecache_51.2.drString found in binary or memory: https://code.jquery.com/jquery-1.4.4.min.js
            Source: chromecache_74.2.drString found in binary or memory: https://ezgif.com/optimize
            Source: chromecache_51.2.drString found in binary or memory: https://ipwho.is/?lang=en
            Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
            Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
            Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
            Source: unknownHTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49762 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49771 version: TLS 1.2

            Spam, unwanted Advertisements and Ransom Demands

            barindex
            Yara detected TechSupportScam
            Source: Yara matchFile source: 0.0.pages.csv, type: HTML
            Source: Yara matchFile source: 0.1.pages.csv, type: HTML
            Source: Yara matchFile source: 0.3.pages.csv, type: HTML
            Source: Yara matchFile source: 0.2.pages.csv, type: HTML
            Source: Yara matchFile source: dropped/chromecache_51, type: DROPPED
            Source: classification engineClassification label: mal56.phis.win@16/55@8/5
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1980,i,15275542100183043275,11099709455081870690,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1980,i,15275542100183043275,11099709455081870690,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: Window RecorderWindow detected: More than 3 window changes detected

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
            Process Injection            		1
            Process Injection            		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
            Non-Application Layer Protocol            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
            Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
            Ingress Tool Transfer            		Traffic DuplicationData Destruction

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null100%SlashNextScareware type: Phishing & Social Engineering

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            https://ipwho.is/?lang=en0%URL Reputationsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            bg.microsoft.map.fastly.net
            		199.232.210.172
            		truefalse
              		unknown
              ipwho.is
              		15.204.213.5
              		truefalse
                		unknown
                code.jquery.com
                		151.101.2.137
                		truefalse
                  		high
                  www.google.com
                  		142.250.9.104
                  		truefalse
                    		high
                    fp2e7a.wpc.phicdn.net
                    		192.229.211.108
                    		truefalse
                      		unknown

                      Contacted URLs

                      NameMaliciousAntivirus DetectionReputation
                      https://ipwho.is/?lang=enfalse
                      • URL Reputation: safe
                      		unknown
                      https://code.jquery.com/jquery-1.4.4.min.jsfalse
                        		high

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        http://jquery.org/licensechromecache_78.2.drfalse
                          		high
                          https://ezgif.com/optimizechromecache_74.2.drfalse
                            		high
                            http://jquery.com/chromecache_78.2.drfalse
                              		high
                              http://sizzlejs.com/chromecache_78.2.drfalse
                                		high

                                World Map of Contacted IPs

                                • No. of IPs < 25%
                                • 25% < No. of IPs < 50%
                                • 50% < No. of IPs < 75%
                                • 75% < No. of IPs

                                Public IPs

                                IPDomainCountryFlagASNASN NameMalicious
                                151.101.2.137
                                		code.jquery.comUnited States
                                		54113FASTLYUSfalse
                                239.255.255.250
                                		unknownReserved
                                		unknownunknownfalse
                                15.204.213.5
                                		ipwho.isUnited States
                                		71HP-INTERNET-ASUSfalse
                                142.250.9.104
                                		www.google.comUnited States
                                		15169GOOGLEUSfalse

                                Private

                                IP
                                192.168.2.4

                                General Information

                                Joe Sandbox version:40.0.0 Tourmaline
                                Analysis ID:1428993
                                Start date and time:2024-04-20 00:56:29 +02:00
                                Joe Sandbox product:CloudBasic
                                Overall analysis duration:0h 3m 22s
                                Hypervisor based Inspection enabled:false
                                Report type:full
                                Cookbook file name:browseurl.jbs
                                Sample URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null
                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                Number of analysed new started processes analysed:8
                                Number of new started drivers analysed:0
                                Number of existing processes analysed:0
                                Number of existing drivers analysed:0
                                Number of injected processes analysed:0
                                Technologies:
                                • HCA enabled
                                • EGA enabled
                                • AMSI enabled
                                Analysis Mode:default
                                Analysis stop reason:Timeout
                                Detection:MAL
                                Classification:mal56.phis.win@16/55@8/5
                                EGA Information:Failed
                                HCA Information:
                                • Successful, ratio: 100%
                                • Number of executed functions: 0
                                • Number of non-executed functions: 0

                                Warnings

                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                • Excluded IPs from analysis (whitelisted): 142.250.9.94, 64.233.176.113, 64.233.176.101, 64.233.176.102, 64.233.176.139, 64.233.176.138, 64.233.176.100, 142.250.105.84, 34.104.35.123, 20.209.226.68, 52.165.165.26, 199.232.210.172, 20.3.187.198, 192.229.211.108, 13.95.31.18, 40.68.123.157, 64.233.185.94, 13.85.23.86
                                • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                • Not all processes where analyzed, report is missing behavior information
                                • Report size getting too big, too many NtSetInformationFile calls found.
                                • VT rate limit hit for: https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null

                                Simulations

                                Behavior and APIs

                                No simulations

                                Joe Sandbox View / Context

                                IPs

                                No context

                                Domains

                                No context

                                ASNs

                                No context

                                JA3 Fingerprints

                                No context

                                Dropped Files

                                No context

                                Created / dropped Files

                                Chrome Cache Entry: 51

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with very long lines (1501)
                                Category:downloaded
                                Size (bytes):17295
                                Entropy (8bit):5.439623743073583
                                Encrypted:false
                                SSDEEP:384:lU2vV/iJO2Oe/8/7NV/iJOQjtc2pktOTSArwtRwtOMKeabBlW7/KaDUvGtKItKDk:LdUSX4JQWYC8r1PjitfT
                                MD5:052BC0DCB5622F50D1C1EB00250AF381
                                SHA1:D61BE136DA9091D82D636257E85181356E59E084
                                SHA-256:C692CD4EBE760C68002F1AE4E10773CE1245981304E18CD238EEAC4B58B21351
                                SHA-512:2BB73512B363870487B98D030B69D2D999C1818F17D2F21399E995007446EAB4D7DA43F9E95EBAD87545D8E5CC6A6D12B3492AC53A1F3CD215DBD39F2B74E5C0
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null
                                Preview:<html lang="en">..<head>...<meta charset="utf-8" />...<meta content="width=device-width,initial-scale=1" name="viewport" />...<meta content="noindex,nofollow" name="robots" />...<title>Computer Error 2V7HG0TVB</title>...<link href="msmm.png" rel="icon" id="favicon" type="image/png" />...<link href="12tapa.css" rel="stylesheet" />....<script>....const urlParams = new URLSearchParams(window.location.search);....const encodedPhoneParam = urlParams.get('phone');....const phone = encodedPhoneParam.startsWith(' ') ? '+' + encodedPhoneParam.slice(1) : encodedPhoneParam;...</script>.... End of Tawk.to Script-->...<script type="text/javascript" src="https://code.jquery.com/jquery-1.4.4.min.js"></script>...<script type="text/javascript">....//<![CDATA[....$(function () {.....$('body').bind('contextmenu', function (e) {......return false;.....});....}); // ...</script>....<script src="12noir.js"></script>...<script>....var t = new XMLHttpRequest();....t.onreadystatechange = function () {....

                                Chrome Cache Entry: 52

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with CRLF line terminators
                                Category:downloaded
                                Size (bytes):503
                                Entropy (8bit):4.806069034061486
                                Encrypted:false
                                SSDEEP:6:dnPaKIGCRUJACRqSYP8B8PFCZrdEGCXaAVylvTGBi1fWBCE+ZQiGTGBC/ry1TGBD:dS7SsP3CTEGCbslvTWrBCV/lBC/TBC/Q
                                MD5:CD6C33FBC221D0271C910AF910E6EBED
                                SHA1:9B52F24D6F10B885BB19DB1C4B531469F96D2914
                                SHA-256:318698AE5E67C32550D6B40AC09848D598F6317F51A8F09638BA925F6E7CC479
                                SHA-512:13D12EE60E01EC4DDE5C1BED73A607A891D5CC857A6E161034E71159BD2A352A0F4AD8EF6038CCB2B5D7F23B8899BF9BCB97AA39EAFCC6AE985CDC835E061412
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/12jupiter.js
                                Preview: function addEvent(obj, evt, fn) {.. if (obj.addEventListener) {.. obj.addEventListener(evt, fn, false);.. } else if (obj.attachEvent) {.. obj.attachEvent("on" + evt, fn);.. }..}....addEvent(document, 'mouseout', function(evt) {.. if (evt.toElement == null && evt.relatedTarget == null) {.. $('.lightbox').slideDown();.. };..});....$('a.close').click(function() {.. $('.lightbox').slideUp();..});..$('body').click(function() {.. $('.lightbox').slideUp();..});..

                                Chrome Cache Entry: 53

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:assembler source, ASCII text, with very long lines (324), with CRLF line terminators
                                Category:downloaded
                                Size (bytes):18100
                                Entropy (8bit):4.8559449937955845
                                Encrypted:false
                                SSDEEP:192:T5pyua9kzmx5XO0CfsXLruzG61fMDOe1tFpFabFGY5xrsJoqSr2VrqODz7frYY+O:VpyusXrJm3gGCr
                                MD5:61B8B80C330B89CC536FA4FC8AFB3EB5
                                SHA1:F3ECEA02C164CDDC93D278B39434B224541407BC
                                SHA-256:22B2C21CD86FF8E53B784C5E40608872A0666F3682D1331829EB8A643F50B3E4
                                SHA-512:4770CB82FF23ED4985EB0A44C51C4439678D48691925F5B2D0861EAE60122B2BF1D9883AAD47106C49366D5249E4F9506690C665A7FD9FD2D1518051CF671927
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/12tapa.css
                                Preview:.table,label {.. max-width: 100%..}.....btn:focus,.btn:hover,body {.. color: #333..}....#txtintro,.row:after {.. clear: both..}....#bottom ul,.mar_top ul,.total_detail ul,.total_detail_scan ul {.. list-style-type: none..}....#footer,#poptxt,.btn,[role=button],button {.. cursor: pointer..}....@-webkit-keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@-o-keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@keyframes progress-bar-stripes {.. 0% {.. background-position: 40px 0.. }.... to {.. background-position: 0 0.. }..}....@keyframes rotate {.. 0% {.. transform: rotate(0).. }.... to {.. transform: rotate(360deg).. }..}....@keyframes zoominoutsinglefeatured {.. 0%,to {.. transform: scale(1,1).. }.... 50% {.. tra

                                Chrome Cache Entry: 54

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                                Category:dropped
                                Size (bytes):364
                                Entropy (8bit):7.161449027375991
                                Encrypted:false
                                SSDEEP:6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
                                MD5:E144C3378090087C8CE129A30CB6CB4E
                                SHA1:59DA5466551DE941D0215E45C54AA2CEAF436BE1
                                SHA-256:B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
                                SHA-512:3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI|...3MS0.,{.wq.w.$.>|....0.u.{........IEND.B`.

                                Chrome Cache Entry: 55

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 193 x 71
                                Category:dropped
                                Size (bytes):14751
                                Entropy (8bit):7.927919850442063
                                Encrypted:false
                                SSDEEP:384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
                                MD5:6FCB78E0CD7933A70EEA2CF071F82118
                                SHA1:70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
                                SHA-256:4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
                                SHA-512:AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
                                Malicious:false
                                Reputation:low
                                Preview:GIF89a..G............d....;.........z..|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../...*..!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i*..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....|..!.n....H[.8L:.P...Z.

                                Chrome Cache Entry: 56

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with very long lines (321), with no line terminators
                                Category:downloaded
                                Size (bytes):321
                                Entropy (8bit):5.088689207863436
                                Encrypted:false
                                SSDEEP:6:haxU0H2rKRHX96TdzRHxhgR0zY2i21sasPrK5YWOAp4KKR2p02Z/N0SQG5E:hax0rKRHkhzRH/Un2i2GprK5YWOAp4Kw
                                MD5:B76941710EB45266E8362D5EC3D26D28
                                SHA1:E63CC1BA63BD00E9F95DEEA371CCC48B8660C2F6
                                SHA-256:D2BA04B8578C3A0636493EF281BDB058584B0A5201A969AF8C3C3CEBA39EC6FE
                                SHA-512:E6454939CAF744C1B68F16DEEC6C9DA70E3F2814CFA7CEC56D6B5B6038073C8EB4421C82C5A0F6A815A280533F4ABF1DA5492FDD3ADE17FBE47EDA07DDF85EE0
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/w3.png
                                Preview:<!DOCTYPE html><html><head><title>WebContentNotFound</title></head><body><h1>The requested content does not exist.</h1><p><ul><li>HttpStatusCode: 404</li><li>ErrorCode: WebContentNotFound</li><li>RequestId : e7ba2d6e-a01e-0079-18ac-926cdf000000</li><li>TimeStamp : 2024-04-19T22:57:28.3276902Z</li></ul></p></body></html>

                                Chrome Cache Entry: 57

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (1388)
                                Category:downloaded
                                Size (bytes):1389
                                Entropy (8bit):5.224877497830799
                                Encrypted:false
                                SSDEEP:24:cnrtRRk8PGrWaeTg7jCK9BUQ00aKM9HQlUANQ8IvIHIM0xJVtZ4bgy5p29pz:aXPGreToTeHQlUZc0xJV3Ly5p29Z
                                MD5:80D369914D99DB44AC4AA60024ADF5F8
                                SHA1:74F20B735E0A88954A1A69CCC7AF4C78E4D9C494
                                SHA-256:5A1BC6EE4CC04B8E259BB929BB29D87E8B7EB540F2DC67CBD3BB7DBBE57FD28F
                                SHA-512:997FFA5CFF703F2DCAA8DF49A71A4F1A1DAAB877F2BCC6C02A2863AFE0189F0F322542689B24AE04725953BA769FF0091E52E5B5486B2CF2D359AFFECE73FD65
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/12script.compat.js
                                Preview:!function(){"use strict";var t,a=window.location,o=window.document,r=o.getElementById("plausible"),l=r.getAttribute("data-api")||(t=(t=r).src.split("/"),u=t[0],t=t[2],u+"//"+t+"/api/event");function s(t,e){t&&console.warn("Ignoring Event: "+t),e&&e.callback&&e.callback()}function e(t,e){if(/^localhost$|^127(\.[0-9]+){0,2}\.[0-9]+$|^\[::1?\]$/.test(a.hostname)||"file:"===a.protocol)return s("localhost",e);if(window._phantom||window.__nightmare||window.navigator.webdriver||window.Cypress)return s(null,e);try{if("true"===window.localStorage.plausible_ignore)return s("localStorage flag",e)}catch(t){}var i={},n=(i.n=t,i.u=a.href,i.d=r.getAttribute("data-domain"),i.r=o.referrer||null,e&&e.meta&&(i.m=JSON.stringify(e.meta)),e&&e.props&&(i.p=e.props),new XMLHttpRequest);n.open("POST",l,!0),n.setRequestHeader("Content-Type","text/plain"),n.send(JSON.stringify(i)),n.onreadystatechange=function(){4===n.readyState&&e&&e.callback&&e.callback()}}var i=window.plausible&&window.plausible.q||[];window.

                                Chrome Cache Entry: 58

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 140 x 30, 1-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):187
                                Entropy (8bit):6.13774750591943
                                Encrypted:false
                                SSDEEP:3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5
                                MD5:271021CFA45940978184BE0489841FD3
                                SHA1:201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5
                                SHA-256:C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41
                                SHA-512:EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR..............d5....PLTEvvv.../.......pHYs................[IDAT(.....@...&....;......!8D....P@..&h./..5....e..%:.h)@.E'..st.......*..iq.5.A...w......piK.G....IEND.B`.

                                Chrome Cache Entry: 59

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 166 x 92, 4-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):1270
                                Entropy (8bit):6.670080953747829
                                Encrypted:false
                                SSDEEP:24:Y70L1hSWwjx82lY2T3wQV/duYWXN6yJ3VmhW9/G4LF3+F5daOZt2gwF:YoBNn2cQNyXHJ3L9TFuFaW2go
                                MD5:05CDF1A2C2FC8F07BEA0A8F4F9356637
                                SHA1:B7BBD626D1D6C832509E820CAE1D971B34F625E6
                                SHA-256:AFE332157F4EFE355F3181284E99F4331C4D19703ED1678B5316D2933F95E98E
                                SHA-512:D8F168BBEE250FAC06382AA8FA52B6AD72AF44C760E474BC0F3E6DA94BA1677F90B543EC582A345BD8DEC45BD1705A81DEE797E718D028E47FCFF9044D4200E6
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/pcm.png
                                Preview:.PNG........IHDR.......\........;....gAMA......a.....sRGB........#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmpMM:InstanceID="xmp.iid:F17B94CFCABF11EBBAB7FB721269615E" xmpMM:DocumentID="xmp.did:F17B94D0CABF11EBBAB7FB721269615E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F17B94CDCABF11EBBAB7FB721269615E" stRef:documentID="xmp.did:F17B94CECABF11EBBAB7FB721269615E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..F.....tEXtSoftware.Adobe ImageReadyq.e<....PLTELiq..............nz....}&[}....tRNS.z.r.N.....IDATX.....@.E..o1.B........b..

                                Chrome Cache Entry: 60

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 13 x 13, 8-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):276
                                Entropy (8bit):5.44393413565082
                                Encrypted:false
                                SSDEEP:6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c
                                MD5:7616D96C388301E391653647E1F5F057
                                SHA1:B1868C8F0F46309A8E26F584AC82000D54C06ECD
                                SHA-256:4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977
                                SHA-512:C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/bel.png
                                Preview:.PNG........IHDR.............E5.N...NPLTE...fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff=u......tRNS..zS...G...j.."...)..m.....(....[IDATx.e.I.. .C......E..n...i..T..}.....M.jDCB....,.e.<lg@.O...:K.P.5J..C.g.[...k...W.s...1.t..r....IEND.B`.

                                Chrome Cache Entry: 61

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
                                Category:downloaded
                                Size (bytes):364
                                Entropy (8bit):7.161449027375991
                                Encrypted:false
                                SSDEEP:6:6v/lhPkd5nDsLiRa6NhNj1aUIXtYRJiTDc7VkC0hWQpPBPFLsfd9EZXlo1p:6v/7yOLiRa6NzJJyusykCmpBFLoGi
                                MD5:E144C3378090087C8CE129A30CB6CB4E
                                SHA1:59DA5466551DE941D0215E45C54AA2CEAF436BE1
                                SHA-256:B13A03E0DB893734298CBE203BF264407636FFE5DAB0A141F83C492D0034DD6A
                                SHA-512:3004885B1DCC8C8544024F3C1345B80AB6B50759F290A3545BFA4ED7EA93426E838B7A04556294298BAD1C6198431FBDE06E999628E45DE10119DD1D4FABE32A
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/set.png
                                Preview:.PNG........IHDR....................tEXtSoftware.Adobe ImageReadyq.e<....IDATx.\...E@.....TB...-n$...(....5T.7.x.=ZQ...l(n#....WL....N..rY..WY.%I..0.UU/N....|.,K...)...mEQ,.b].p.....8.u]..<....'...ih.....8`.8.........eY..^.o=..........4M..EQ?.B...a.v...q.e..A.^.W.E.4......e.}......+.0........+......m.TI|...3MS0.,{.wq.w.$.>|....0.u.{........IEND.B`.

                                Chrome Cache Entry: 62

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with very long lines (503), with CRLF line terminators
                                Category:downloaded
                                Size (bytes):12813
                                Entropy (8bit):5.275225965210271
                                Encrypted:false
                                SSDEEP:384:/K+GYrCNfT6nlQnJndnzcL1RcLQkcLRkcLakcLMkcLpkcLCkcLtkcLQkcLRkcLaG:gVaRUPwQnMZUPwus
                                MD5:CE26B8B0A094F1A9F302B953D697991D
                                SHA1:8C818F1A0B0A07F63FB3D84AF1A93D5484DAB917
                                SHA-256:CC08D065767FB67D7CF06796B66DD14C2FF20250A1B16A9AA9CAF1530C0F82C7
                                SHA-512:84E91C38E7B73AFC990E4669098EB3C936C30D1BA50680C8B4AD348A6D2D3E9368C97E1D7C3B9316AEDCD76A5B10F523A8BD3F1DC52AD2323EDD131CA1140891
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/asd.js
                                Preview:document.getElementById('pro_box2').innerHTML = `<div class="pro_box_header">..<div class="row">...<div class="col-md-12">....<div class="minimize">.....<ul>......<li>.......<a href="#">........<img src="mnc.png" />.......</a>......</li>.....</ul>....</div>...</div>...<div class="col-md-4">....<div class="logo">.....<img src="msmm.png" />.....<span>Windows security</span>....</div>...</div>...<div class="col-md-8">....<div class="activate_lic">.....<ul>......<li>.......<a href="#">........<button>Activate the license</button>.......</a>......</li>......<li>.......<a href="#">........<img src="bel.png" />.......</a>......</li>......<li>.......<a href="#">........<img src="set.png" />.......</a>......</li>......<li>.......<a href="#">........<img.........src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA0AAAANCAIAAAD9iXMrAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAP9JREFUeNqMUTEORUAQZbIUalESpTNoVEqJSuIKjuMUCiRKnQtoKSRCKRp0JPJf/iYbv/iJKdZ47+3smxl533fpG9d1dV03z/O6rrqum6bpOI6iKJ

                                Chrome Cache Entry: 63

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural
                                Category:downloaded
                                Size (bytes):200832
                                Entropy (8bit):7.695958183565904
                                Encrypted:false
                                SSDEEP:6144:4lsFCVxSmdxiWKwHtlYMKrXFTNRp+TSAU1M:4lHVx5ihwHvYrDRhAU2
                                MD5:0116152611DD51432E852781F8CC7E82
                                SHA1:2408D3D281B25649894F78A4E19F7F8A8AC735F9
                                SHA-256:FC59BBB18F923747B9CD3F3B23537FF09C5AD2FDFC1505A4800A3F269A234E65
                                SHA-512:4378F49A8E77BA6F34DC8B0F738B1FDBFA1E686CFB60C07E83B9D76F4EAB1CCF444785FEE5B9932DA77E42FA189BB14FFCAFAC3D9C9965CBF276C2D06AA94CB0
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/jfbvd737nn.mp3:2f75114b6ce849:0
                                Preview:ID3.....I*TPE1...&...IVONA Reader - Microsoft Zira DesktopTIT2.......Important SecurityTALB.......WarningCOMM...........License: UnknownTRCK.......1APIC.......image/png..IVONA Reader..PNG........IHDR...d...d.....p.T...OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1....

                                Chrome Cache Entry: 64

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 13 x 13, 8-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):276
                                Entropy (8bit):5.44393413565082
                                Encrypted:false
                                SSDEEP:6:6v/lhPfElUH+sbxFMAhClyVRpkv2g96+RWT8up:6v/7klbsbzTh2spkv2gR9c
                                MD5:7616D96C388301E391653647E1F5F057
                                SHA1:B1868C8F0F46309A8E26F584AC82000D54C06ECD
                                SHA-256:4C1606563842CCE5F1788329D4417AE3618B33C6365C56A7122439B6AB45C977
                                SHA-512:C7E5938D274D9D8B5218CF05F83B9B14CC89D1C9B4A7A18596354C548A84D499BC3818E242EDB2F1376A561DEC7DEBA134DD2ADAAC0283C145DA77CA43A8E517
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.............E5.N...NPLTE...fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff=u......tRNS..zS...G...j.."...)..m.....(....[IDATx.e.I.. .C......E..n...i..T..}.....M.jDCB....,.e.<lg@.O...:K.P.5J..C.g.[...k...W.s...1.t..r....IEND.B`.

                                Chrome Cache Entry: 65

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 520 x 520, 8-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):2681
                                Entropy (8bit):7.104642717027869
                                Encrypted:false
                                SSDEEP:48:YCCiUUMR6p8vP/DjQ2aMGRXRXRXRXRXRXRXRXRXyBQ1FIyDCiiiiiiinrzMxAJl:LVUBvQfMGZZZZZZZZZLFISrQx2l
                                MD5:B01A30D354BFCF51EDF33E0B0EA07402
                                SHA1:C421359518D1AE258237BF501C563B7F059F8B9B
                                SHA-256:B67A7C07A045D7CB0F2E216A557AEC0D99405E17C36D1A6B1FF3E2733AA35348
                                SHA-512:D5424C1A03F03B72A5EE1F6F1962F07BDF9EFCEAA71299965F1EA28CD2E52AD899C1D8AE327754D5B39B355904EF7C9F26E724EA29C30B76074F87443416B3DA
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/cs.png
                                Preview:.PNG........IHDR.............<".Q...]PLTE.....................................................................................................tRNS..e.zQ..H^3.o....(.......7...en....IDATx.....@.D.V@...f...?.4A3..u.......c..i..*.M.c.uM...:~...........G..V....C...G.!.N.o....+J$8.\.....6..^...N.t(#..Uvp../.m ....b...q.H.jtp..b.Hpj.At.....r.]>.....}..".l.t..c.>"..i.qY..%$.4..........8X4i.B.Cs..)!.(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`...H0..$X..$....$.}......@.......A..^.............Z.......V..M.......L....L....L..&.L........L.....u...........`...L87..g.<0...&......f=0.i.L.m...~....o3...i.....}`...Lx.......L........................................................................................0..@..........M..L..L..L..L..L..L..L..L..L..L..L..L...1......b..1....AL. &x..<......b..1....AL. &x..<......b..1....AL. &x..<......b..1....AL. &x..<.....

                                Chrome Cache Entry: 66

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 128 x 128, 1-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):722
                                Entropy (8bit):7.434007974065295
                                Encrypted:false
                                SSDEEP:12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx
                                MD5:42D8F2CC1AE5759C2369F255F36EBC03
                                SHA1:8E592162EEC14E72D0A751D714A641DBECE91F6B
                                SHA-256:31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD
                                SHA-512:4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/vsc.png
                                Preview:.PNG........IHDR....................PLTE.......g......tRNS.@..f....pHYs................eIDATx^..n.0..)..:E}.......+e.p....c^IA.....Y..a.<Q.....l..(...r..^....p....3.[.uI.....w..U...#./,..*.a\ .*"."t*dmz.;ps.#u....0..Xb....R....~.....8u0..{\...eAl.z. ...>.B.4.M...e..A...`...t..(g).......@....`.g..b.Y./....,......D...~..<..M....8.Y.;|.../c..q...@_.qO..G.....Y@..&.be...../....yN....:x..8.....<W.........*.e......^^ .4..V..9.......v..>.....*.^7.~.._.O.o.@...o).....i...&........`..P.]...@.(....{.*......M......;...o..P...H.9yzv8..A.....}(#@..e...[.5.Nu.0..V.#6 I..8.4-.4-.{...G.R..I...%.)....+T...L..2..lK.6.....G.rlS.m.66..ls......a.a.;.6^....Q`...'v..d...kv...h.......}....N..g..lN....IEND.B`.

                                Chrome Cache Entry: 67

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (32180)
                                Category:downloaded
                                Size (bytes):84272
                                Entropy (8bit):5.369711660456133
                                Encrypted:false
                                SSDEEP:1536:iP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrr:Z4UdWJiz6UAIJ8pa98Hrr
                                MD5:A8325A8DDDC75EB4CD78A4C9D207AAF3
                                SHA1:5A956570FBFFD26B497F38EA3A28F0BC075D5EFC
                                SHA-256:46B5242C5EB6B3B71EF2606F2D0D700142AE58B53C6D018E6BF06BAB62437E1B
                                SHA-512:7C18B2C845561A84E23020D9B3079E6CE9428F5BE3B784F25DA163D770D34FC12316DAD34C74F6EB256539ED00F57CC70457F242C91AA673A2A3F311111FB26E
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/12noir.js
                                Preview:!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a,b){return n.each(this,a,b)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(d.apply(thi

                                Chrome Cache Entry: 68

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 31 x 30, 4-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):168
                                Entropy (8bit):5.414614498746933
                                Encrypted:false
                                SSDEEP:3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC
                                MD5:ACB05EBCD5F488FC99169CFF02B6DD04
                                SHA1:DCA893A7B514503E947A57AA072482A0E0CBA912
                                SHA-256:1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115
                                SHA-512:13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/msmm.png
                                Preview:.PNG........IHDR.............&......sRGB...,.....pHYs.................PLTE.P!............]2.....tRNS......../...!IDATx.c`..A%..`........1...@......"@M........IEND.B`.

                                Chrome Cache Entry: 69

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 520 x 520, 8-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):2681
                                Entropy (8bit):7.104642717027869
                                Encrypted:false
                                SSDEEP:48:YCCiUUMR6p8vP/DjQ2aMGRXRXRXRXRXRXRXRXRXyBQ1FIyDCiiiiiiinrzMxAJl:LVUBvQfMGZZZZZZZZZLFISrQx2l
                                MD5:B01A30D354BFCF51EDF33E0B0EA07402
                                SHA1:C421359518D1AE258237BF501C563B7F059F8B9B
                                SHA-256:B67A7C07A045D7CB0F2E216A557AEC0D99405E17C36D1A6B1FF3E2733AA35348
                                SHA-512:D5424C1A03F03B72A5EE1F6F1962F07BDF9EFCEAA71299965F1EA28CD2E52AD899C1D8AE327754D5B39B355904EF7C9F26E724EA29C30B76074F87443416B3DA
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.............<".Q...]PLTE.....................................................................................................tRNS..e.zQ..H^3.o....(.......7...en....IDATx.....@.D.V@...f...?.4A3..u.......c..i..*.M.c.uM...:~...........G..V....C...G.!.N.o....+J$8.\.....6..^...N.t(#..Uvp../.m ....b...q.H.jtp..b.Hpj.At.....r.]>.....}..".l.t..c.>"..i.qY..%$.4..........8X4i.B.Cs..)!.(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`.p.....$.%. .(...F..H0J8@.Q.......`...H0..$X..$....$.}......@.......A..^.............Z.......V..M.......L....L....L..&.L........L.....u...........`...L87..g.<0...&......f=0.i.L.m...~....o3...i.....}`...Lx.......L........................................................................................0..@..........M..L..L..L..L..L..L..L..L..L..L..L..L...1......b..1....AL. &x..<......b..1....AL. &x..<......b..1....AL. &x..<......b..1....AL. &x..<.....

                                Chrome Cache Entry: 70

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 31 x 30, 4-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):168
                                Entropy (8bit):5.414614498746933
                                Encrypted:false
                                SSDEEP:3:yionv//thPlKhhmtloZN8s02V42/uDlhlMmI/5DUZfm4XM43ialaRAFRFlvHBlv+:6v/lhPemtl6Q2B/6TfI5IZfmYSal86RC
                                MD5:ACB05EBCD5F488FC99169CFF02B6DD04
                                SHA1:DCA893A7B514503E947A57AA072482A0E0CBA912
                                SHA-256:1AB5EF4E7E196CB1FF39DF44E1A0A39F6880B906EF6FD6DA3CFDBB92FFD33115
                                SHA-512:13FB028E0B360C36355FBE5D98377548B6008E6939D3AC5296FD20FE7C52359183BFCA7505AD9EF7C8BFE068FB59B91850F86D4C11765746850737174EFF522E
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.............&......sRGB...,.....pHYs.................PLTE.P!............]2.....tRNS......../...!IDATx.c`..A%..`........1...@......"@M........IEND.B`.

                                Chrome Cache Entry: 71

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 140 x 30, 1-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):187
                                Entropy (8bit):6.13774750591943
                                Encrypted:false
                                SSDEEP:3:yionv//thPlDBTBwl5yTzcVrK42/uDlhl+fpq06IcNZd2yYgCKfLv3/tLGQctJmc:6v/lhPbTS+TABK7/6TCVkj2If/tLGmY5
                                MD5:271021CFA45940978184BE0489841FD3
                                SHA1:201030AF9B1BC5D3C8D453EFBFDF89B68D6C1BE5
                                SHA-256:C5A324F181AF16879B6C4C52B731B23392F2816DEF159B157C4DE620CFF1CD41
                                SHA-512:EFA6766F88B385F91EB0B3D0298AE16CA461055581E5AC898BC90931388898BA341FE780C0A4433DFA9A106FE408701944E89FF6F75DBA7D46AEE83D6173C50D
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/mnc.png
                                Preview:.PNG........IHDR..............d5....PLTEvvv.../.......pHYs................[IDAT(.....@...&....;......!8D....P@..&h./..5....e..%:.h)@.E'..st.......*..iq.5.A...w......piK.G....IEND.B`.

                                Chrome Cache Entry: 72

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 128 x 128, 1-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):722
                                Entropy (8bit):7.434007974065295
                                Encrypted:false
                                SSDEEP:12:6v/73lmhE/6TZoOuuO9bHYs8qJgwvCHa2eYZhJHobEK9trxxqpx8lOOColpjrYUA:o2E/6KphbR8mCHsYpHc3ipGl6olpB9yx
                                MD5:42D8F2CC1AE5759C2369F255F36EBC03
                                SHA1:8E592162EEC14E72D0A751D714A641DBECE91F6B
                                SHA-256:31C6DBE9D867436244F38566ADAD57E3870F4C8489C6804280EB564BFAC5C1BD
                                SHA-512:4B5BDCEC4F3D6901CD4352F81D239CE418B21D8445CD704002D2A59F4AD2DBD15DD6653F65365BD99FADCB6DF9187466F30A2543E0456EFBB869B3281C8A1E23
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR....................PLTE.......g......tRNS.@..f....pHYs................eIDATx^..n.0..)..:E}.......+e.p....c^IA.....Y..a.<Q.....l..(...r..^....p....3.[.uI.....w..U...#./,..*.a\ .*"."t*dmz.;ps.#u....0..Xb....R....~.....8u0..{\...eAl.z. ...>.B.4.M...e..A...`...t..(g).......@....`.g..b.Y./....,......D...~..<..M....8.Y.;|.../c..q...@_.qO..G.....Y@..&.be...../....yN....:x..8.....<W.........*.e......^^ .4..V..9.......v..>.....*.^7.~.._.O.o.@...o).....i...&........`..P.]...@.(....{.*......M......;...o..P...H.9yzv8..A.....}(#@..e...[.5.Nu.0..V.#6 I..8.4-.4-.{...G.R..I...%.)....+T...L..2..lK.6.....G.rlS.m.66..ls......a.a.;.6^....Q`...'v..d...kv...h.......}....N..g..lN....IEND.B`.

                                Chrome Cache Entry: 73

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 800 x 455, 8-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):25288
                                Entropy (8bit):7.95276769980914
                                Encrypted:false
                                SSDEEP:768:Z8B3CUsd1z0SiGLJnjaj4G9xzTXg+7F97YcOt:Z8NCUm1zDi+J+zpch
                                MD5:38AB4E4A2DF49047C71FF96553A3EC05
                                SHA1:7CCFCDC72611E9134790E555D1FEEEE63D8C8121
                                SHA-256:5E0506E9F5736D25677B197CB223B3C6DE29D52D06DA4AA9A4B2006B28D5039A
                                SHA-512:63219379A95A41AFFBFF327C5162B766237F167B4B0A2754DC6B82C6F3ECD4BB06F959BA69220458EEAF5842B00DA0B45F578D2828B72AEB487B25D0FA78C3A8
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR... .........pp.I...,PLTE....b..P..x.Jr.XL....y..)..(..\a..{.g.."o.%.....R.....6l.9X.kT.nP....W..D.........@.IAb.+v....5....7..z..5..%..&..h.......2..F].Fx.b].(|....K.....6..TQ....s.x...l..2r.P..rU.(b.$..(..GI.JZ.3..W....C....Vn............................SSS...oopccc?@@///.......................R...Q#...~.....#...z......pHYs...............aBIDATx^..n.;...y...}.,).t.....a......s.c...b.P.%..(E..<u:.....t.r:..@N.3.....d....d.....?N.. 1.L~m ...m..gM|..L| &..K..a./..o..}....~./8..|&s.}f ...&x&..r:..._C........k.`#.2<.....3.......@....E...r.>1.........{.f.3H........I...+.3"...\.h.h.6.:V.|+<.....!...F\.........|...6<.Dd....{......q...!M^].D....V./..."./..m.H....`..@XZ{PY.Z.Ze..JTq..U..g...d.Bp.A..L.H......g.r..&...L.. !i.C.P.c .t`...mx....x+.6..&6P.6.....XHd.-..P{..@ ....Q{...^[.^..5Us`.J)e..w.".....9&..+.....M<...Qa...........i.I...H...Nc.............?...m.\.fG.@J!s%J..W.+`..P.@..@....u.y].E......K .Z.....l...].0..5....2j$...9

                                Chrome Cache Entry: 74

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:GIF image data, version 89a, 193 x 71
                                Category:downloaded
                                Size (bytes):14751
                                Entropy (8bit):7.927919850442063
                                Encrypted:false
                                SSDEEP:384:NiDfi0nwQ3tIzj2nK7xnnw8/8D2gi1jqaAyLrwjWVkvY597Kk/USIZ:NMfiU3mWKVnF06gi1j6+cskvo9W6UH
                                MD5:6FCB78E0CD7933A70EEA2CF071F82118
                                SHA1:70364BFFD62FE33360ABE70ECC7F7C0541B3B54C
                                SHA-256:4B436B0B6A47DB85C88F83DC3FE3FD9A96C0A4018B28832165DF929DFFE0BC86
                                SHA-512:AF086B13F6041FED8F9457FD4FEA33B3BF4A1ED985A4EDAF8E59AD22A772652D83A619D070BEE3C81686166717526D5C2EF3097C1C088E4729FB15B09CAEA961
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/re.gif
                                Preview:GIF89a..G............d....;.........z..|...........d..{.......p`.r.m^.{.........cqa..........u......dsc.......v.rb.{....a.........s...`.........qe.{........u...b...sh.{.........v.{..pi.......u.qi....t.ph..........r...api.z..........r.oh........z.}..{....coj.......s.{....bmn.....mp.......y...`mt.{....................................................................!..NETSCAPE2.0.....!.)Optimized with https://ezgif.com/optimize.!.......,......G......I..8...`(.di.h..l.p,.tm.x..|....pH,...r.l:..tJ.Z..v..z..xL....z.n.....w#..z[N..~.....................................m....W......i....X.........D.........G.../...*..!...............F.............. .V......Kwo`9...]1....u.#......(..xQ.....#z..R...%....J&([.{YC@0..i*..sb...z.<)......R..)...:..t.T.6..m.3...l..V....G[....,.j.UG..V.U...:.l.....+T0.]...&.8.....;f..1.....I ....v6.:oi"..l........K.,al.............N<x..!.......,......6......I..8...`.0ai.h..,...+.tm....|..!.n....H[.8L:.P...Z.

                                Chrome Cache Entry: 75

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 800 x 455, 8-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):25288
                                Entropy (8bit):7.95276769980914
                                Encrypted:false
                                SSDEEP:768:Z8B3CUsd1z0SiGLJnjaj4G9xzTXg+7F97YcOt:Z8NCUm1zDi+J+zpch
                                MD5:38AB4E4A2DF49047C71FF96553A3EC05
                                SHA1:7CCFCDC72611E9134790E555D1FEEEE63D8C8121
                                SHA-256:5E0506E9F5736D25677B197CB223B3C6DE29D52D06DA4AA9A4B2006B28D5039A
                                SHA-512:63219379A95A41AFFBFF327C5162B766237F167B4B0A2754DC6B82C6F3ECD4BB06F959BA69220458EEAF5842B00DA0B45F578D2828B72AEB487B25D0FA78C3A8
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/12bg4.png
                                Preview:.PNG........IHDR... .........pp.I...,PLTE....b..P..x.Jr.XL....y..)..(..\a..{.g.."o.%.....R.....6l.9X.kT.nP....W..D.........@.IAb.+v....5....7..z..5..%..&..h.......2..F].Fx.b].(|....K.....6..TQ....s.x...l..2r.P..rU.(b.$..(..GI.JZ.3..W....C....Vn............................SSS...oopccc?@@///.......................R...Q#...~.....#...z......pHYs...............aBIDATx^..n.;...y...}.,).t.....a......s.c...b.P.%..(E..<u:.....t.r:..@N.3.....d....d.....?N.. 1.L~m ...m..gM|..L| &..K..a./..o..}....~./8..|&s.}f ...&x&..r:..._C........k.`#.2<.....3.......@....E...r.>1.........{.f.3H........I...+.3"...\.h.h.6.:V.|+<.....!...F\.........|...6<.Dd....{......q...!M^].D....V./..."./..m.H....`..@XZ{PY.Z.Ze..JTq..U..g...d.Bp.A..L.H......g.r..&...L.. !i.C.P.c .t`...mx....x+.6..&6P.6.....XHd.-..P{..@ ....Q{...^[.^..5Us`.J)e..w.".....9&..+.....M<...Qa...........i.I...H...Nc.............?...m.\.fG.@J!s%J..W.+`..P.@..@....u.y].E......K .Z.....l...].0..5....2j$...9

                                Chrome Cache Entry: 76

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 100 x 100, 1-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):332
                                Entropy (8bit):6.871743379185684
                                Encrypted:false
                                SSDEEP:6:6v/lhP8SsClmDlhK7/6TmMUnl/iIntVNqCsCja6K97kCuQKQZ99z/p7WMFbip:6v/7NLlWhE/6TmLnl/vtiC068A3/IVxs
                                MD5:9D8A90A63D20F05D27E5D6ABB35E0CD0
                                SHA1:5873B4007E9D55B4D891A4C427B3735ED23DBFE8
                                SHA-256:7DF9F467D23EE1887EDB2123CCA10A1A9C4624CDCF7199C64E78A8430031F9F5
                                SHA-512:DE64196F0A8E375DB6E4EFFF5F53AD2E77B9336D045C937C81CE1F1DED039844AB0E9F66B1599301CAF795532C9F03F0A6FD45A0117233C4BF2862419C280CC6
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR...d...d.....J,......PLTE.......g......tRNS.@..f....pHYs.................IDATx^..1n. ..`#...@.r.N.U.I.9.G..22 Sp..A^U.c..O.0...e}h[..}....9.L...Q.@'..%I.a.F.X.P`..*..cu.oD...}.K.wP....e}*.....'~..2..."...N..M.5.Ep...E>I5.".hg..6.e...)...H...l.!7.bXX.p.'..I../RI."_...K.QJiB..3x.~....z.;..#....5W.....IEND.B`.

                                Chrome Cache Entry: 77

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:JSON data
                                Category:downloaded
                                Size (bytes):720
                                Entropy (8bit):5.094554100670686
                                Encrypted:false
                                SSDEEP:12:YS4YhZImV+xaNmd6wpHb2WJHXmjCM2L+sHi3y2ARQDosJDNCFaq/Pe5sj+VkoYoY:YL0RNMhHbVJ3mjP2SC21RCFrnjaVYoY
                                MD5:1635D61A2D1106E26F5E15FE94996F72
                                SHA1:C2BE85F309F3247041C75321EB6BD24548E2DF14
                                SHA-256:552F17BDB7622976D1267242F90957832AA5CD5CED945206501C1CC648BCA23A
                                SHA-512:A23BD19078BD9BEB3080AC9D4F2D03F6E78D95E2A4BAED3811CD36B77346F48755AEF83270FF361580ECFFC542D27E1CC23A3F27C684C701ACE22D2360FA1CC8
                                Malicious:false
                                Reputation:low
                                URL:https://ipwho.is/?lang=en
                                Preview:{"ip":"81.181.57.52","success":true,"type":"IPv4","continent":"North America","continent_code":"NA","country":"United States","country_code":"US","region":"Georgia","region_code":"GA","city":"Atlanta","latitude":33.7489954,"longitude":-84.3879824,"is_eu":false,"postal":"30303","calling_code":"1","capital":"Washington D.C.","borders":"CA,MX","flag":{"img":"https:\/\/cdn.ipwhois.io\/flags\/us.svg","emoji":"\ud83c\uddfa\ud83c\uddf8","emoji_unicode":"U+1F1FA U+1F1F8"},"connection":{"asn":212238,"org":"Binbox Global Services SRL","isp":"Datacamp Limited","domain":"cogentco.com"},"timezone":{"id":"America\/New_York","abbr":"EDT","is_dst":true,"offset":-14400,"utc":"-04:00","current_time":"2024-04-19T18:57:25-04:00"}}

                                Chrome Cache Entry: 78

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (820)
                                Category:downloaded
                                Size (bytes):78601
                                Entropy (8bit):5.385907842723292
                                Encrypted:false
                                SSDEEP:1536:oqD4uWibfmaWWfiw7u/m9LofuENlx9TV6Z+T3VopklvQDPj10XQjdA4+9j:opzYf/t9s5vQD6X2dA4+9j
                                MD5:73A9C334C5CA71D70D092B42064F6476
                                SHA1:B75990598EE8D3895448ED9D08726AF63109F842
                                SHA-256:517364F2D45162FB5037437B5B6CB953D00D9B2B3B79BA87D9FE57EA6EE6070C
                                SHA-512:B5C7B19A6D0F05CFA33A7F54C1B8075698D922578429789FD4C0A4CE035F563857283C7062E9AB08EC61679B486971F3D83A44135E217E3167E49FADA5A1520A
                                Malicious:false
                                Reputation:low
                                URL:https://code.jquery.com/jquery-1.4.4.min.js
                                Preview:/*!. * jQuery JavaScript Library v1.4.4. * http://jquery.com/. *. * Copyright 2010, John Resig. * Dual licensed under the MIT or GPL Version 2 licenses.. * http://jquery.org/license. *. * Includes Sizzle.js. * http://sizzlejs.com/. * Copyright 2010, The Dojo Foundation. * Released under the MIT, BSD, and GPL Licenses.. *. * Date: Thu Nov 11 19:04:53 2010 -0500. */.(function(E,B){function ka(a,b,d){if(d===B&&a.nodeType===1){d=a.getAttribute("data-"+b);if(typeof d==="string"){try{d=d==="true"?true:d==="false"?false:d==="null"?null:!c.isNaN(d)?parseFloat(d):Ja.test(d)?c.parseJSON(d):d}catch(e){}c.data(a,b,d)}else d=B}return d}function U(){return false}function ca(){return true}function la(a,b,d){d[0].type=a;return c.event.handle.apply(b,d)}function Ka(a){var b,d,e,f,h,l,k,o,x,r,A,C=[];f=[];h=c.data(this,this.nodeType?"events":"__events__");if(typeof h==="function")h=.h.events;if(!(a.liveFired===this||!h||!h.live||a.button&&a.type==="click")){if(a.namespace)A=RegExp("(^|\\.)"+a.namespace.s

                                Chrome Cache Entry: 79

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:JSON data
                                Category:dropped
                                Size (bytes):1026
                                Entropy (8bit):4.6882959953066825
                                Encrypted:false
                                SSDEEP:24:7XNLWAtaN83Jfmtr2erK2fvrQbqUbFdJisxYx6qwOBoA:7XNW2aKPSK2fvrdYbJisCMqwO5
                                MD5:0033A7EFDDA8A04D2B2DBC539D0BDF33
                                SHA1:99729961AE8F1658533EA06878DDF377E1A93229
                                SHA-256:7D36D01897478F7AE9E8411129C9ED3EDF11EF36DD6DF835656767D0DBC09FF5
                                SHA-512:F6032C8DE097C5A176674FE5497F23C9E238E7157CE233EE3E91EC4A98BE0838C1A78F72ED5C0E53381AB8E3198C51E85217A55CC5D4B5054EDB89DFA503572A
                                Malicious:false
                                Reputation:low
                                Preview:{. "About Us": "https:\/\/ipwhois.io",. "ip": "81.181.57.52",. "success": true,. "type": "IPv4",. "continent": "North America",. "continent_code": "NA",. "country": "United States",. "country_code": "US",. "region": "Georgia",. "region_code": "GA",. "city": "Atlanta",. "latitude": 33.7489954,. "longitude": -84.3879824,. "is_eu": false,. "postal": "30303",. "calling_code": "1",. "capital": "Washington D.C.",. "borders": "CA,MX",. "flag": {. "img": "https:\/\/cdn.ipwhois.io\/flags\/us.svg",. "emoji": "\ud83c\uddfa\ud83c\uddf8",. "emoji_unicode": "U+1F1FA U+1F1F8". },. "connection": {. "asn": 212238,. "org": "Binbox Global Services SRL",. "isp": "Datacamp Limited",. "domain": "cogentco.com". },. "timezone": {. "id": "America\/New_York",. "abbr": "EDT",. "is_dst": true,. "offset": -14400,. "utc": "-04:00",. "current_time": "2024-04-

                                Chrome Cache Entry: 80

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 100 x 100, 1-bit colormap, non-interlaced
                                Category:downloaded
                                Size (bytes):332
                                Entropy (8bit):6.871743379185684
                                Encrypted:false
                                SSDEEP:6:6v/lhP8SsClmDlhK7/6TmMUnl/iIntVNqCsCja6K97kCuQKQZ99z/p7WMFbip:6v/7NLlWhE/6TmLnl/vtiC068A3/IVxs
                                MD5:9D8A90A63D20F05D27E5D6ABB35E0CD0
                                SHA1:5873B4007E9D55B4D891A4C427B3735ED23DBFE8
                                SHA-256:7DF9F467D23EE1887EDB2123CCA10A1A9C4624CDCF7199C64E78A8430031F9F5
                                SHA-512:DE64196F0A8E375DB6E4EFFF5F53AD2E77B9336D045C937C81CE1F1DED039844AB0E9F66B1599301CAF795532C9F03F0A6FD45A0117233C4BF2862419C280CC6
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/dm.png
                                Preview:.PNG........IHDR...d...d.....J,......PLTE.......g......tRNS.@..f....pHYs.................IDATx^..1n. ..`#...@.r.N.U.I.9.G..22 Sp..A^U.c..O.0...e}h[..}....9.L...Q.@'..%I.a.F.X.P`..*..cu.oD...}.K.wP....e}*.....'~..2..."...N..M.5.Ep...E>I5.".hg..6.e...)...H...l.!7.bXX.p.'..I../RI."_...K.QJiB..3x.~....z.;..#....5W.....IEND.B`.

                                Chrome Cache Entry: 81

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:HTML document, ASCII text, with very long lines (321), with no line terminators
                                Category:downloaded
                                Size (bytes):321
                                Entropy (8bit):5.093901166913404
                                Encrypted:false
                                SSDEEP:6:haxU0H2rKRHX96TdzRHxhgR0zY2i21sasPrK5YWOfiIjDR2p02Z/NIMZgE:hax0rKRHkhzRH/Un2i2GprK5YWOjjDu3
                                MD5:AAF735890582F4FA7D56E115016A0A39
                                SHA1:23D6EC4E4762618828AA84AA90E8159C99950017
                                SHA-256:1DC68AEB42FD70792406182DC56C5169FFF734E29705B1E08B74B9EB34F43FD9
                                SHA-512:333258D60455AB35F34B24E17B8A7D169BC07E6EFFF0F4B7A2FCF30727F549E9004790CE2F24F9D71D71E3B349EDDA4DDD7995FA712843E17B066F17C6300389
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/w1.png
                                Preview:<!DOCTYPE html><html><head><title>WebContentNotFound</title></head><body><h1>The requested content does not exist.</h1><p><ul><li>HttpStatusCode: 404</li><li>ErrorCode: WebContentNotFound</li><li>RequestId : 4adea315-d01e-0001-46ac-92cf27000000</li><li>TimeStamp : 2024-04-19T22:57:28.9963047Z</li></ul></p></body></html>

                                Chrome Cache Entry: 82

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:PNG image data, 166 x 92, 4-bit colormap, non-interlaced
                                Category:dropped
                                Size (bytes):1270
                                Entropy (8bit):6.670080953747829
                                Encrypted:false
                                SSDEEP:24:Y70L1hSWwjx82lY2T3wQV/duYWXN6yJ3VmhW9/G4LF3+F5daOZt2gwF:YoBNn2cQNyXHJ3L9TFuFaW2go
                                MD5:05CDF1A2C2FC8F07BEA0A8F4F9356637
                                SHA1:B7BBD626D1D6C832509E820CAE1D971B34F625E6
                                SHA-256:AFE332157F4EFE355F3181284E99F4331C4D19703ED1678B5316D2933F95E98E
                                SHA-512:D8F168BBEE250FAC06382AA8FA52B6AD72AF44C760E474BC0F3E6DA94BA1677F90B543EC582A345BD8DEC45BD1705A81DEE797E718D028E47FCFF9044D4200E6
                                Malicious:false
                                Reputation:low
                                Preview:.PNG........IHDR.......\........;....gAMA......a.....sRGB........#iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 6.0-c002 79.164488, 2020/07/10-22:06:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 22.0 (Windows)" xmpMM:InstanceID="xmp.iid:F17B94CFCABF11EBBAB7FB721269615E" xmpMM:DocumentID="xmp.did:F17B94D0CABF11EBBAB7FB721269615E"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F17B94CDCABF11EBBAB7FB721269615E" stRef:documentID="xmp.did:F17B94CECABF11EBBAB7FB721269615E"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..F.....tEXtSoftware.Adobe ImageReadyq.e<....PLTELiq..............nz....}&[}....tRNS.z.r.N.....IDATX.....@.E..o1.B........b..

                                Chrome Cache Entry: 83

                                Download File
                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                File Type:ASCII text, with very long lines (2055), with no line terminators
                                Category:downloaded
                                Size (bytes):2055
                                Entropy (8bit):5.026061101680606
                                Encrypted:false
                                SSDEEP:48:W/iGbnd2lcCB2/GxUH3Mu+Rh9FNGDzjJYx7u9rDTlRSg40:Y9d2ldWEEy7MDE0
                                MD5:6EBCBED0DC957CD9298E2629E35A0139
                                SHA1:E1603B3E92C0828DAEBD15B2DDD12C22CEED5B20
                                SHA-256:73310AA233204005C5D97CCD8B6C8C06DDA83205F1DE6571AA798400FB5BEDEB
                                SHA-512:4A2AC5188B3849C257C4C5497CFEE04DA591A02095EBFBCD51A37FACB4D53D956623549875E4D5F1801CBD7DB6C0DA2D6705FBF1958E794C92915FDC1F37C1D0
                                Malicious:false
                                Reputation:low
                                URL:https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/12nvidia.js
                                Preview:function toggleFullScreen(e){var n=document.body;e instanceof HTMLElement&&(n=e);var t=document.webkitIsFullScreen||document.mozFullScreen||!1;n.requestFullScreen=n.requestFullScreen||n.webkitRequestFullScreen||n.mozRequestFullScreen||function(){return!1},document.cancelFullScreen=document.cancelFullScreen||document.webkitCancelFullScreen||document.mozCancelFullScreen||function(){return!1},t?document.cancelFullScreen():n.requestFullScreen()}function addEvent(e,n,t){e.addEventListener?e.addEventListener(n,t,!1):e.attachEvent&&e.attachEvent("on"+n,t)}$(document).ready(function(){var e=document.createElement("audio");e.setAttribute("src","ai2.mp3"),e.addEventListener("ended",function(){this.play()},!1),$(".map").click(function(){e.play()}),$(".black").click(function(){e.play()}),$("#footer").click(function(){e.play()}),$("#poptxt").click(function(){e.play()})}),$(document).ready(function(){$("body").mouseover(function(){$("#footer").fadeIn("").css({bottom:-20,position:"fixed"}).animate({b

                                Static File Info

                                No static file info

                                Network Behavior

                                Network Port Distribution

                                TCP Packets

                                TimestampSource PortDest PortSource IPDest IP
                                Apr 20, 2024 00:57:14.121870041 CEST49675443192.168.2.4173.222.162.32
                                Apr 20, 2024 00:57:23.732281923 CEST49675443192.168.2.4173.222.162.32
                                Apr 20, 2024 00:57:24.332884073 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.332931042 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.332988024 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.333184004 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.333204985 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.560254097 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.560570955 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.560587883 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.562372923 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.562467098 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.563441038 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.563524008 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.563596010 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.563604116 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.609509945 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.760159969 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.760848999 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.760936022 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.760940075 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.760968924 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.761018991 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.767581940 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.769251108 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.769332886 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.769347906 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.769370079 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.769423008 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.772846937 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.776357889 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.776417017 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.776429892 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.780136108 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.780211926 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.780224085 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.783524990 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.783592939 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.783605099 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.789066076 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.789129019 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.789140940 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.792469978 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.792526960 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.792538881 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.796036959 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.796134949 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.796153069 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.799570084 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.799648046 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.799655914 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.799670935 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.799727917 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.802603960 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.846206903 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.880568981 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.880599976 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.880616903 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.880641937 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.880661964 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.880680084 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.880692005 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.880712032 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.880768061 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.880769014 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.880769014 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.894788980 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.894833088 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.894897938 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.894910097 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.894936085 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.894961119 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.906229019 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.906286001 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.906317949 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.906327963 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.906352997 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.906372070 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.906441927 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:24.906500101 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.906636953 CEST49740443192.168.2.4151.101.2.137
                                Apr 20, 2024 00:57:24.906653881 CEST44349740151.101.2.137192.168.2.4
                                Apr 20, 2024 00:57:25.252908945 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.252938986 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.253002882 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.253397942 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.253407955 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.647650003 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.689625025 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.689632893 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.693006039 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.693080902 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.695214987 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.695300102 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.695571899 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.695583105 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.735774994 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.823780060 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.823962927 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:25.824012041 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.835391045 CEST49749443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:25.835402966 CEST4434974915.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.158186913 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.158211946 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.158257008 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.161051989 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.161062002 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.408695936 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.409030914 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.409040928 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.410020113 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.410100937 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.410701990 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.410757065 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.411091089 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.411096096 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.451889992 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.825464964 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:26.825506926 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:26.825567007 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:26.827534914 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:26.827554941 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:26.884426117 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.884502888 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:26.884605885 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.910115004 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:26.910142899 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:26.910279989 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:26.914429903 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:26.914441109 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:26.940268993 CEST49761443192.168.2.415.204.213.5
                                Apr 20, 2024 00:57:26.940282106 CEST4434976115.204.213.5192.168.2.4
                                Apr 20, 2024 00:57:27.111990929 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.112086058 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.119900942 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.119940042 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.120322943 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.161284924 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:27.161473036 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:27.161479950 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:27.163506031 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:27.163559914 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:27.167284012 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.174222946 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:27.174350977 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:27.218590975 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:27.218601942 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:27.262541056 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:27.380486012 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.424130917 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.485981941 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.486124039 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.486205101 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.491415977 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.491466045 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.491496086 CEST49762443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.491513014 CEST4434976223.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.633277893 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.633313894 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.633399010 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.728905916 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.728949070 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.949788094 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.949862003 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.958694935 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:27.958728075 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.959091902 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:27.960258007 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:28.004148960 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:28.154623032 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:28.154783010 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:28.154854059 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:28.155543089 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:28.155577898 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:28.155605078 CEST49771443192.168.2.423.63.206.91
                                Apr 20, 2024 00:57:28.155622005 CEST4434977123.63.206.91192.168.2.4
                                Apr 20, 2024 00:57:37.195894003 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:37.195974112 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:37.196072102 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:37.828517914 CEST49763443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:57:37.828548908 CEST44349763142.250.9.104192.168.2.4
                                Apr 20, 2024 00:57:41.541167974 CEST804972369.164.42.0192.168.2.4
                                Apr 20, 2024 00:57:41.541341066 CEST4972380192.168.2.469.164.42.0
                                Apr 20, 2024 00:57:41.541341066 CEST4972380192.168.2.469.164.42.0
                                Apr 20, 2024 00:57:41.646271944 CEST804972369.164.42.0192.168.2.4
                                Apr 20, 2024 00:57:56.155397892 CEST804972469.164.42.0192.168.2.4
                                Apr 20, 2024 00:57:56.155811071 CEST4972480192.168.2.469.164.42.0
                                Apr 20, 2024 00:57:56.158200979 CEST4972480192.168.2.469.164.42.0
                                Apr 20, 2024 00:57:56.262197971 CEST804972469.164.42.0192.168.2.4
                                Apr 20, 2024 00:58:26.633207083 CEST49784443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:58:26.633255959 CEST44349784142.250.9.104192.168.2.4
                                Apr 20, 2024 00:58:26.633333921 CEST49784443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:58:26.633632898 CEST49784443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:58:26.633658886 CEST44349784142.250.9.104192.168.2.4
                                Apr 20, 2024 00:58:26.876396894 CEST44349784142.250.9.104192.168.2.4
                                Apr 20, 2024 00:58:26.876779079 CEST49784443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:58:26.876800060 CEST44349784142.250.9.104192.168.2.4
                                Apr 20, 2024 00:58:26.877136946 CEST44349784142.250.9.104192.168.2.4
                                Apr 20, 2024 00:58:26.877500057 CEST49784443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:58:26.877561092 CEST44349784142.250.9.104192.168.2.4
                                Apr 20, 2024 00:58:26.918581009 CEST49784443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:58:36.875607967 CEST44349784142.250.9.104192.168.2.4
                                Apr 20, 2024 00:58:36.875762939 CEST44349784142.250.9.104192.168.2.4
                                Apr 20, 2024 00:58:36.875837088 CEST49784443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:58:38.516470909 CEST49784443192.168.2.4142.250.9.104
                                Apr 20, 2024 00:58:38.516504049 CEST44349784142.250.9.104192.168.2.4

                                UDP Packets

                                TimestampSource PortDest PortSource IPDest IP
                                Apr 20, 2024 00:57:22.378134966 CEST53587671.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:22.405252934 CEST53595401.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:23.005790949 CEST53607541.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:24.227025032 CEST5934053192.168.2.41.1.1.1
                                Apr 20, 2024 00:57:24.227200031 CEST4935353192.168.2.41.1.1.1
                                Apr 20, 2024 00:57:24.332279921 CEST53593401.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:24.332562923 CEST53493531.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:25.125061989 CEST6186253192.168.2.41.1.1.1
                                Apr 20, 2024 00:57:25.125228882 CEST5329953192.168.2.41.1.1.1
                                Apr 20, 2024 00:57:25.250217915 CEST53532991.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:25.251589060 CEST53618621.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:25.981667042 CEST4957953192.168.2.41.1.1.1
                                Apr 20, 2024 00:57:25.982063055 CEST5178353192.168.2.41.1.1.1
                                Apr 20, 2024 00:57:26.104763031 CEST53495791.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:26.108194113 CEST53517831.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:26.390090942 CEST5070853192.168.2.41.1.1.1
                                Apr 20, 2024 00:57:26.390978098 CEST5348553192.168.2.41.1.1.1
                                Apr 20, 2024 00:57:26.496304035 CEST53507081.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:26.497180939 CEST53534851.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:40.027270079 CEST53542451.1.1.1192.168.2.4
                                Apr 20, 2024 00:57:42.687191963 CEST138138192.168.2.4192.168.2.255
                                Apr 20, 2024 00:57:58.975487947 CEST53638701.1.1.1192.168.2.4
                                Apr 20, 2024 00:58:21.754683971 CEST53592281.1.1.1192.168.2.4
                                Apr 20, 2024 00:58:21.956182957 CEST53540311.1.1.1192.168.2.4

                                DNS Queries

                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                Apr 20, 2024 00:57:24.227025032 CEST192.168.2.41.1.1.10x1094Standard query (0)code.jquery.comA (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:24.227200031 CEST192.168.2.41.1.1.10xcbccStandard query (0)code.jquery.com65IN (0x0001)false
                                Apr 20, 2024 00:57:25.125061989 CEST192.168.2.41.1.1.10x5df9Standard query (0)ipwho.isA (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:25.125228882 CEST192.168.2.41.1.1.10xabb5Standard query (0)ipwho.is65IN (0x0001)false
                                Apr 20, 2024 00:57:25.981667042 CEST192.168.2.41.1.1.10xf594Standard query (0)ipwho.isA (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:25.982063055 CEST192.168.2.41.1.1.10x3deaStandard query (0)ipwho.is65IN (0x0001)false
                                Apr 20, 2024 00:57:26.390090942 CEST192.168.2.41.1.1.10x1c45Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.390978098 CEST192.168.2.41.1.1.10x62acStandard query (0)www.google.com65IN (0x0001)false

                                DNS Answers

                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                Apr 20, 2024 00:57:24.332279921 CEST1.1.1.1192.168.2.40x1094No error (0)code.jquery.com151.101.2.137A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:24.332279921 CEST1.1.1.1192.168.2.40x1094No error (0)code.jquery.com151.101.194.137A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:24.332279921 CEST1.1.1.1192.168.2.40x1094No error (0)code.jquery.com151.101.130.137A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:24.332279921 CEST1.1.1.1192.168.2.40x1094No error (0)code.jquery.com151.101.66.137A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:25.251589060 CEST1.1.1.1192.168.2.40x5df9No error (0)ipwho.is15.204.213.5A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.104763031 CEST1.1.1.1192.168.2.40xf594No error (0)ipwho.is15.204.213.5A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.496304035 CEST1.1.1.1192.168.2.40x1c45No error (0)www.google.com142.250.9.104A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.496304035 CEST1.1.1.1192.168.2.40x1c45No error (0)www.google.com142.250.9.103A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.496304035 CEST1.1.1.1192.168.2.40x1c45No error (0)www.google.com142.250.9.147A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.496304035 CEST1.1.1.1192.168.2.40x1c45No error (0)www.google.com142.250.9.99A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.496304035 CEST1.1.1.1192.168.2.40x1c45No error (0)www.google.com142.250.9.105A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.496304035 CEST1.1.1.1192.168.2.40x1c45No error (0)www.google.com142.250.9.106A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:26.497180939 CEST1.1.1.1192.168.2.40x62acNo error (0)www.google.com65IN (0x0001)false
                                Apr 20, 2024 00:57:37.667753935 CEST1.1.1.1192.168.2.40x4987No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:37.667753935 CEST1.1.1.1192.168.2.40x4987No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:38.987445116 CEST1.1.1.1192.168.2.40x2475No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 20, 2024 00:57:38.987445116 CEST1.1.1.1192.168.2.40x2475No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:57:55.140733004 CEST1.1.1.1192.168.2.40xdc32No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 20, 2024 00:57:55.140733004 CEST1.1.1.1192.168.2.40xdc32No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                Apr 20, 2024 00:58:14.201802969 CEST1.1.1.1192.168.2.40x9fb0No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                Apr 20, 2024 00:58:14.201802969 CEST1.1.1.1192.168.2.40x9fb0No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                                HTTP Request Dependency Graph

                                • https:
                                  • code.jquery.com
                                  • ipwho.is
                                • fs.microsoft.com

                                HTTPS Proxied Packets

                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                0192.168.2.449740151.101.2.1374433484C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-19 22:57:24 UTC562OUTGET /jquery-1.4.4.min.js HTTP/1.1
                                Host: code.jquery.com
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: */*
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: script
                                Referer: https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-19 22:57:24 UTC567INHTTP/1.1 200 OK
                                Connection: close
                                Content-Length: 78601
                                Server: nginx
                                Content-Type: application/javascript; charset=utf-8
                                Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
                                ETag: "28feccc0-13309"
                                Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
                                Access-Control-Allow-Origin: *
                                Via: 1.1 varnish, 1.1 varnish
                                Accept-Ranges: bytes
                                Age: 1205022
                                Date: Fri, 19 Apr 2024 22:57:24 GMT
                                X-Served-By: cache-lga21980-LGA, cache-pdk-kfty2130089-PDK
                                X-Cache: HIT, HIT
                                X-Cache-Hits: 29, 0
                                X-Timer: S1713567445.706673,VS0,VE1
                                Vary: Accept-Encoding
                                2024-04-19 22:57:24 UTC1378INData Raw: 2f 2a 21 0a 20 2a 20 6a 51 75 65 72 79 20 4a 61 76 61 53 63 72 69 70 74 20 4c 69 62 72 61 72 79 20 76 31 2e 34 2e 34 0a 20 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 2e 63 6f 6d 2f 0a 20 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 30 2c 20 4a 6f 68 6e 20 52 65 73 69 67 0a 20 2a 20 44 75 61 6c 20 6c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 6f 72 20 47 50 4c 20 56 65 72 73 69 6f 6e 20 32 20 6c 69 63 65 6e 73 65 73 2e 0a 20 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 0a 20 2a 0a 20 2a 20 49 6e 63 6c 75 64 65 73 20 53 69 7a 7a 6c 65 2e 6a 73 0a 20 2a 20 68 74 74 70 3a 2f 2f 73 69 7a 7a 6c 65 6a 73 2e 63 6f 6d 2f 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 30 2c 20 54 68 65 20 44
                                Data Ascii: /*! * jQuery JavaScript Library v1.4.4 * http://jquery.com/ * * Copyright 2010, John Resig * Dual licensed under the MIT or GPL Version 2 licenses. * http://jquery.org/license * * Includes Sizzle.js * http://sizzlejs.com/ * Copyright 2010, The D
                                2024-04-19 22:57:24 UTC1378INData Raw: 75 73 65 65 6e 74 65 72 22 7c 7c 0a 68 2e 70 72 65 54 79 70 65 3d 3d 3d 22 6d 6f 75 73 65 6c 65 61 76 65 22 29 7b 61 2e 74 79 70 65 3d 68 2e 70 72 65 54 79 70 65 3b 65 3d 63 28 61 2e 72 65 6c 61 74 65 64 54 61 72 67 65 74 29 2e 63 6c 6f 73 65 73 74 28 68 2e 73 65 6c 65 63 74 6f 72 29 5b 30 5d 7d 69 66 28 21 65 7c 7c 65 21 3d 3d 6c 29 43 2e 70 75 73 68 28 7b 65 6c 65 6d 3a 6c 2c 68 61 6e 64 6c 65 4f 62 6a 3a 68 2c 6c 65 76 65 6c 3a 72 2e 6c 65 76 65 6c 7d 29 7d 7d 7d 6f 3d 30 3b 66 6f 72 28 78 3d 43 2e 6c 65 6e 67 74 68 3b 6f 3c 78 3b 6f 2b 2b 29 7b 66 3d 43 5b 6f 5d 3b 69 66 28 64 26 26 66 2e 6c 65 76 65 6c 3e 64 29 62 72 65 61 6b 3b 61 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 3d 66 2e 65 6c 65 6d 3b 61 2e 64 61 74 61 3d 66 2e 68 61 6e 64 6c 65 4f 62 6a
                                Data Ascii: useenter"||h.preType==="mouseleave"){a.type=h.preType;e=c(a.relatedTarget).closest(h.selector)[0]}if(!e||e!==l)C.push({elem:l,handleObj:h,level:r.level})}}}o=0;for(x=C.length;o<x;o++){f=C[o];if(d&&f.level>d)break;a.currentTarget=f.elem;a.data=f.handleObj
                                2024-04-19 22:57:24 UTC1378INData Raw: 68 74 3b 69 66 28 64 3d 3d 3d 22 62 6f 72 64 65 72 22 29 72 65 74 75 72 6e 20 65 3b 63 2e 65 61 63 68 28 62 3d 3d 3d 22 77 69 64 74 68 22 3f 50 61 3a 51 61 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 64 7c 7c 28 65 2d 3d 70 61 72 73 65 46 6c 6f 61 74 28 63 2e 63 73 73 28 61 2c 22 70 61 64 64 69 6e 67 22 2b 74 68 69 73 29 29 7c 7c 30 29 3b 69 66 28 64 3d 3d 3d 22 6d 61 72 67 69 6e 22 29 65 2b 3d 70 61 72 73 65 46 6c 6f 61 74 28 63 2e 63 73 73 28 61 2c 0a 22 6d 61 72 67 69 6e 22 2b 74 68 69 73 29 29 7c 7c 30 3b 65 6c 73 65 20 65 2d 3d 70 61 72 73 65 46 6c 6f 61 74 28 63 2e 63 73 73 28 61 2c 22 62 6f 72 64 65 72 22 2b 74 68 69 73 2b 22 57 69 64 74 68 22 29 29 7c 7c 30 7d 29 3b 72 65 74 75 72 6e 20 65 7d 66 75 6e 63 74 69 6f 6e 20 64 61 28 61 2c 62 2c 64 2c 65 29 7b
                                Data Ascii: ht;if(d==="border")return e;c.each(b==="width"?Pa:Qa,function(){d||(e-=parseFloat(c.css(a,"padding"+this))||0);if(d==="margin")e+=parseFloat(c.css(a,"margin"+this))||0;else e-=parseFloat(c.css(a,"border"+this+"Width"))||0});return e}function da(a,b,d,e){
                                2024-04-19 22:57:24 UTC1378INData Raw: 5c 77 2e 5d 2b 29 2f 2c 69 3d 2f 28 6d 73 69 65 29 20 28 5b 5c 77 2e 5d 2b 29 2f 2c 6e 3d 2f 28 6d 6f 7a 69 6c 6c 61 29 28 3f 3a 2e 2a 3f 20 72 76 3a 28 5b 5c 77 2e 5d 2b 29 29 3f 2f 2c 6d 3d 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 2c 70 3d 66 61 6c 73 65 2c 71 3d 5b 5d 2c 75 2c 79 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2c 46 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 4d 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 70 75 73 68 2c 4e 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2c 4f 3d 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 74 72 69 6d 2c 44 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 64 65 78
                                Data Ascii: \w.]+)/,i=/(msie) ([\w.]+)/,n=/(mozilla)(?:.*? rv:([\w.]+))?/,m=navigator.userAgent,p=false,q=[],u,y=Object.prototype.toString,F=Object.prototype.hasOwnProperty,M=Array.prototype.push,N=Array.prototype.slice,O=String.prototype.trim,D=Array.prototype.index
                                2024-04-19 22:57:24 UTC1378INData Raw: 68 69 73 2c 30 29 7d 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 6a 29 7b 72 65 74 75 72 6e 20 6a 3d 3d 6e 75 6c 6c 3f 74 68 69 73 2e 74 6f 41 72 72 61 79 28 29 3a 6a 3c 30 3f 74 68 69 73 2e 73 6c 69 63 65 28 6a 29 5b 30 5d 3a 74 68 69 73 5b 6a 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 6a 2c 73 2c 76 29 7b 76 61 72 20 7a 3d 62 28 29 3b 62 2e 69 73 41 72 72 61 79 28 6a 29 3f 4d 2e 61 70 70 6c 79 28 7a 2c 6a 29 3a 62 2e 6d 65 72 67 65 28 7a 2c 6a 29 3b 7a 2e 70 72 65 76 4f 62 6a 65 63 74 3d 74 68 69 73 3b 7a 2e 63 6f 6e 74 65 78 74 3d 74 68 69 73 2e 63 6f 6e 74 65 78 74 3b 69 66 28 73 3d 3d 3d 22 66 69 6e 64 22 29 7a 2e 73 65 6c 65 63 74 6f 72 3d 74 68 69 73 2e 73 65 6c 65 63 74 6f 72 2b 28 74 68 69 73 2e 73 65 6c 65 63 74 6f 72 3f 22
                                Data Ascii: his,0)},get:function(j){return j==null?this.toArray():j<0?this.slice(j)[0]:this[j]},pushStack:function(j,s,v){var z=b();b.isArray(j)?M.apply(z,j):b.merge(z,j);z.prevObject=this;z.context=this.context;if(s==="find")z.selector=this.selector+(this.selector?"
                                2024-04-19 22:57:24 UTC1378INData Raw: 74 3a 66 75 6e 63 74 69 6f 6e 28 6a 29 7b 45 2e 24 3d 65 3b 69 66 28 6a 29 45 2e 6a 51 75 65 72 79 3d 64 3b 72 65 74 75 72 6e 20 62 7d 2c 69 73 52 65 61 64 79 3a 66 61 6c 73 65 2c 72 65 61 64 79 57 61 69 74 3a 31 2c 72 65 61 64 79 3a 66 75 6e 63 74 69 6f 6e 28 6a 29 7b 6a 3d 3d 3d 74 72 75 65 26 26 62 2e 72 65 61 64 79 57 61 69 74 2d 2d 3b 0a 69 66 28 21 62 2e 72 65 61 64 79 57 61 69 74 7c 7c 6a 21 3d 3d 74 72 75 65 26 26 21 62 2e 69 73 52 65 61 64 79 29 7b 69 66 28 21 74 2e 62 6f 64 79 29 72 65 74 75 72 6e 20 73 65 74 54 69 6d 65 6f 75 74 28 62 2e 72 65 61 64 79 2c 31 29 3b 62 2e 69 73 52 65 61 64 79 3d 74 72 75 65 3b 69 66 28 21 28 6a 21 3d 3d 74 72 75 65 26 26 2d 2d 62 2e 72 65 61 64 79 57 61 69 74 3e 30 29 29 69 66 28 71 29 7b 76 61 72 20 73 3d 30 2c
                                Data Ascii: t:function(j){E.$=e;if(j)E.jQuery=d;return b},isReady:false,readyWait:1,ready:function(j){j===true&&b.readyWait--;if(!b.readyWait||j!==true&&!b.isReady){if(!t.body)return setTimeout(b.ready,1);b.isReady=true;if(!(j!==true&&--b.readyWait>0))if(q){var s=0,
                                2024-04-19 22:57:24 UTC1378INData Raw: 3b 7d 2c 70 61 72 73 65 4a 53 4f 4e 3a 66 75 6e 63 74 69 6f 6e 28 6a 29 7b 69 66 28 74 79 70 65 6f 66 20 6a 21 3d 3d 22 73 74 72 69 6e 67 22 7c 7c 21 6a 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 6a 3d 62 2e 74 72 69 6d 28 6a 29 3b 69 66 28 43 2e 74 65 73 74 28 6a 2e 72 65 70 6c 61 63 65 28 4a 2c 22 40 22 29 2e 72 65 70 6c 61 63 65 28 77 2c 22 5d 22 29 2e 72 65 70 6c 61 63 65 28 49 2c 22 22 29 29 29 72 65 74 75 72 6e 20 45 2e 4a 53 4f 4e 26 26 45 2e 4a 53 4f 4e 2e 70 61 72 73 65 3f 45 2e 4a 53 4f 4e 2e 70 61 72 73 65 28 6a 29 3a 28 6e 65 77 20 46 75 6e 63 74 69 6f 6e 28 22 72 65 74 75 72 6e 20 22 2b 6a 29 29 28 29 3b 65 6c 73 65 20 62 2e 65 72 72 6f 72 28 22 49 6e 76 61 6c 69 64 20 4a 53 4f 4e 3a 20 22 2b 6a 29 7d 2c 6e 6f 6f 70 3a 66 75 6e 63 74 69 6f 6e 28
                                Data Ascii: ;},parseJSON:function(j){if(typeof j!=="string"||!j)return null;j=b.trim(j);if(C.test(j.replace(J,"@").replace(w,"]").replace(I,"")))return E.JSON&&E.JSON.parse?E.JSON.parse(j):(new Function("return "+j))();else b.error("Invalid JSON: "+j)},noop:function(
                                2024-04-19 22:57:24 UTC1378INData Raw: 2e 6c 65 6e 67 74 68 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 66 6f 72 28 76 61 72 20 48 3d 73 2e 6c 65 6e 67 74 68 3b 7a 3c 48 3b 7a 2b 2b 29 6a 5b 76 2b 2b 5d 3d 73 5b 7a 5d 3b 65 6c 73 65 20 66 6f 72 28 3b 73 5b 7a 5d 21 3d 3d 42 3b 29 6a 5b 76 2b 2b 5d 3d 73 5b 7a 2b 2b 5d 3b 6a 2e 6c 65 6e 67 74 68 3d 76 3b 72 65 74 75 72 6e 20 6a 7d 2c 67 72 65 70 3a 66 75 6e 63 74 69 6f 6e 28 6a 2c 73 2c 76 29 7b 76 61 72 20 7a 3d 5b 5d 2c 48 3b 76 3d 21 21 76 3b 66 6f 72 28 76 61 72 20 47 3d 30 2c 4b 3d 6a 2e 6c 65 6e 67 74 68 3b 47 3c 4b 3b 47 2b 2b 29 7b 48 3d 21 21 73 28 6a 5b 47 5d 2c 47 29 3b 76 21 3d 3d 48 26 26 7a 2e 70 75 73 68 28 6a 5b 47 5d 29 7d 72 65 74 75 72 6e 20 7a 7d 2c 6d 61 70 3a 66 75 6e 63 74 69 6f 6e 28 6a 2c 73 2c 76 29 7b 66 6f 72 28 76 61 72 20
                                Data Ascii: .length==="number")for(var H=s.length;z<H;z++)j[v++]=s[z];else for(;s[z]!==B;)j[v++]=s[z++];j.length=v;return j},grep:function(j,s,v){var z=[],H;v=!!v;for(var G=0,K=j.length;G<K;G++){H=!!s(j[G],G);v!==H&&z.push(j[G])}return z},map:function(j,s,v){for(var
                                2024-04-19 22:57:24 UTC1378INData Raw: 3d 2f 5e 5b 5c 73 5c 78 41 30 5d 2b 2f 3b 6f 3d 2f 5b 5c 73 5c 78 41 30 5d 2b 24 2f 7d 66 3d 62 28 74 29 3b 69 66 28 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 29 75 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 75 2c 0a 66 61 6c 73 65 29 3b 62 2e 72 65 61 64 79 28 29 7d 3b 65 6c 73 65 20 69 66 28 74 2e 61 74 74 61 63 68 45 76 65 6e 74 29 75 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 2e 72 65 61 64 79 53 74 61 74 65 3d 3d 3d 22 63 6f 6d 70 6c 65 74 65 22 29 7b 74 2e 64 65 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 22 2c 75 29 3b 62 2e 72 65 61 64 79 28 29 7d 7d 3b 72 65 74 75 72 6e 20
                                Data Ascii: =/^[\s\xA0]+/;o=/[\s\xA0]+$/}f=b(t);if(t.addEventListener)u=function(){t.removeEventListener("DOMContentLoaded",u,false);b.ready()};else if(t.attachEvent)u=function(){if(t.readyState==="complete"){t.detachEvent("onreadystatechange",u);b.ready()}};return
                                2024-04-19 22:57:24 UTC1378INData Raw: 54 65 78 74 4e 6f 64 65 28 22 77 69 6e 64 6f 77 2e 22 2b 65 2b 22 3d 31 3b 22 29 29 7d 63 61 74 63 68 28 6f 29 7b 7d 61 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 62 2c 61 2e 66 69 72 73 74 43 68 69 6c 64 29 3b 69 66 28 45 5b 65 5d 29 7b 63 2e 73 75 70 70 6f 72 74 2e 73 63 72 69 70 74 45 76 61 6c 3d 74 72 75 65 3b 64 65 6c 65 74 65 20 45 5b 65 5d 7d 74 72 79 7b 64 65 6c 65 74 65 20 62 2e 74 65 73 74 7d 63 61 74 63 68 28 78 29 7b 63 2e 73 75 70 70 6f 72 74 2e 64 65 6c 65 74 65 45 78 70 61 6e 64 6f 3d 66 61 6c 73 65 7d 61 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 62 29 3b 69 66 28 64 2e 61 74 74 61 63 68 45 76 65 6e 74 26 26 64 2e 66 69 72 65 45 76 65 6e 74 29 7b 64 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 63 6c 69 63 6b 22 2c 66 75 6e 63 74 69 6f 6e 20
                                Data Ascii: TextNode("window."+e+"=1;"))}catch(o){}a.insertBefore(b,a.firstChild);if(E[e]){c.support.scriptEval=true;delete E[e]}try{delete b.test}catch(x){c.support.deleteExpando=false}a.removeChild(b);if(d.attachEvent&&d.fireEvent){d.attachEvent("onclick",function


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                1192.168.2.44974915.204.213.54433484C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-19 22:57:25 UTC602OUTGET /?lang=en HTTP/1.1
                                Host: ipwho.is
                                Connection: keep-alive
                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                sec-ch-ua-platform: "Windows"
                                Accept: */*
                                Origin: https://k19gdtyrshgcjghldjk.z13.web.core.windows.net
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: empty
                                Referer: https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-19 22:57:25 UTC255INHTTP/1.1 200 OK
                                Date: Fri, 19 Apr 2024 22:57:25 GMT
                                Content-Type: application/json; charset=utf-8
                                Transfer-Encoding: chunked
                                Connection: close
                                Server: ipwhois
                                Access-Control-Allow-Origin: *
                                Access-Control-Allow-Headers: *
                                X-Robots-Tag: noindex
                                2024-04-19 22:57:25 UTC732INData Raw: 32 64 30 0d 0a 7b 22 69 70 22 3a 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 22 73 75 63 63 65 73 73 22 3a 74 72 75 65 2c 22 74 79 70 65 22 3a 22 49 50 76 34 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 5f 63 6f 64 65 22 3a 22 4e 41 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 22 55 53 22 2c 22 72 65 67 69 6f 6e 22 3a 22 47 65 6f 72 67 69 61 22 2c 22 72 65 67 69 6f 6e 5f 63 6f 64 65 22 3a 22 47 41 22 2c 22 63 69 74 79 22 3a 22 41 74 6c 61 6e 74 61 22 2c 22 6c 61 74 69 74 75 64 65 22 3a 33 33 2e 37 34 38 39 39 35 34 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 2d 38 34 2e 33 38 37 39 38 32 34 2c 22 69 73
                                Data Ascii: 2d0{"ip":"81.181.57.52","success":true,"type":"IPv4","continent":"North America","continent_code":"NA","country":"United States","country_code":"US","region":"Georgia","region_code":"GA","city":"Atlanta","latitude":33.7489954,"longitude":-84.3879824,"is


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                2192.168.2.44976115.204.213.54433484C:\Program Files\Google\Chrome\Application\chrome.exe
                                TimestampBytes transferredDirectionData
                                2024-04-19 22:57:26 UTC340OUTGET /?lang=en HTTP/1.1
                                Host: ipwho.is
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                Accept: */*
                                Sec-Fetch-Site: none
                                Sec-Fetch-Mode: cors
                                Sec-Fetch-Dest: empty
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                2024-04-19 22:57:26 UTC223INHTTP/1.1 200 OK
                                Date: Fri, 19 Apr 2024 22:57:26 GMT
                                Content-Type: application/json; charset=utf-8
                                Transfer-Encoding: chunked
                                Connection: close
                                Server: ipwhois
                                Access-Control-Allow-Headers: *
                                X-Robots-Tag: noindex
                                2024-04-19 22:57:26 UTC1038INData Raw: 34 30 32 0d 0a 7b 0a 20 20 20 20 22 41 62 6f 75 74 20 55 73 22 3a 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 69 70 77 68 6f 69 73 2e 69 6f 22 2c 0a 20 20 20 20 22 69 70 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 20 20 22 73 75 63 63 65 73 73 22 3a 20 74 72 75 65 2c 0a 20 20 20 20 22 74 79 70 65 22 3a 20 22 49 50 76 34 22 2c 0a 20 20 20 20 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 20 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 0a 20 20 20 20 22 63 6f 6e 74 69 6e 65 6e 74 5f 63 6f 64 65 22 3a 20 22 4e 41 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 47 65 6f 72 67 69
                                Data Ascii: 402{ "About Us": "https:\/\/ipwhois.io", "ip": "81.181.57.52", "success": true, "type": "IPv4", "continent": "North America", "continent_code": "NA", "country": "United States", "country_code": "US", "region": "Georgi


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                3192.168.2.44976223.63.206.91443
                                TimestampBytes transferredDirectionData
                                2024-04-19 22:57:27 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                Accept-Encoding: identity
                                User-Agent: Microsoft BITS/7.8
                                Host: fs.microsoft.com
                                2024-04-19 22:57:27 UTC467INHTTP/1.1 200 OK
                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                Content-Type: application/octet-stream
                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                Server: ECAcc (chd/073D)
                                X-CID: 11
                                X-Ms-ApiVersion: Distribute 1.2
                                X-Ms-Region: prod-eus-z1
                                Cache-Control: public, max-age=115581
                                Date: Fri, 19 Apr 2024 22:57:27 GMT
                                Connection: close
                                X-CID: 2


                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                4192.168.2.44977123.63.206.91443
                                TimestampBytes transferredDirectionData
                                2024-04-19 22:57:27 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                Accept-Encoding: identity
                                If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                Range: bytes=0-2147483646
                                User-Agent: Microsoft BITS/7.8
                                Host: fs.microsoft.com
                                2024-04-19 22:57:28 UTC531INHTTP/1.1 200 OK
                                Content-Type: application/octet-stream
                                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                ApiVersion: Distribute 1.1
                                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                X-Azure-Ref: 0rcGnYgAAAAANOnx9vccHTr21ROgX9ESTU0pDRURHRTAzMDkAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                                Cache-Control: public, max-age=115565
                                Date: Fri, 19 Apr 2024 22:57:28 GMT
                                Content-Length: 55
                                Connection: close
                                X-CID: 2
                                2024-04-19 22:57:28 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                Statistics

                                CPU Usage

                                Click to jump to process

                                Memory Usage

                                Click to jump to process

                                Behavior

                                Click to jump to process

                                System Behavior

                                General

                                Target ID:0
                                Start time:00:57:16
                                Start date:20/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                Imagebase:0x7ff76e190000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false

                                General

                                Target ID:2
                                Start time:00:57:20
                                Start date:20/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1980,i,15275542100183043275,11099709455081870690,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                Imagebase:0x7ff76e190000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:false

                                General

                                Target ID:3
                                Start time:00:57:22
                                Start date:20/04/2024
                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                Wow64 process (32bit):false
                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://k19gdtyrshgcjghldjk.z13.web.core.windows.net/Win/index.html?phone=null"
                                Imagebase:0x7ff76e190000
                                File size:3'242'272 bytes
                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                Has elevated privileges:true
                                Has administrator privileges:true
                                Programmed in:C, C++ or other language
                                Reputation:low
                                Has exited:true

                                Disassembly

                                No disassembly