Windows Analysis Report
https://sites.google.com/view/familyfocusfederalcreditunion/home

Overview

General Information

Sample URL: https://sites.google.com/view/familyfocusfederalcreditunion/home
Analysis ID: 561856
Infos:

Detection

HTMLPhisher
Score: 64
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Antivirus / Scanner detection for submitted sample
Yara detected HtmlPhish20
Antivirus detection for URL or domain

Classification

AV Detection
barindex
Antivirus / Scanner detection for submitted sample
Source: https://sites.google.com/view/familyfocusfederalcreditunion/home SlashNext: detection malicious, Label: Fake Login Page type: Phishing & Social Engineering
Antivirus detection for URL or domain
Source: https://protective-glistening-people.glitch.me/a.html SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing
barindex
Yara detected HtmlPhish20
Source: Yara match File source: 40546.0.pages.csv, type: HTML
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49743 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49768 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49769 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.186.182:443 -> 192.168.2.3:49815 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.225:443 -> 192.168.2.3:49816 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.186.164:443 -> 192.168.2.3:49819 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49902 version: TLS 1.2
Source: unknown DNS traffic detected: queries for: sites.google.com
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown Network traffic detected: HTTP traffic on port 49903 -> 443
Source: global traffic HTTP traffic detected: GET /view/familyfocusfederalcreditunion/home HTTP/1.1Host: sites.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /js/client.js?onload=gapiLoaded HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=L8fFvzSSImKqJLxWn4iQ8XuB6uQhK5D_HxcrcstFO4E-7pNxgn8NRrbCRYUzVUos9R-FYZTpziGEhy_9AtCATfeKAS1_stcIQpnPwTObrX2O8y_H4mhgeBPICYSX_YxvQVGRwnNcLo1LBoHZARIib_gs620avl2obbhSV91NSGg
Source: global traffic HTTP traffic detected: GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://sites.google.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /Wd_wknVICrI7GuuM4qtcie9snyzQVNZlz5S7a_zFU3iPl0IhAU8q0AT1d42cO26VJH1v43FVWNqjcSg_jAE_lxo=w16383 HTTP/1.1Host: lh5.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /4baYZrcHmiE7ZKGZJ663qknfJkZmpMlivEutAcwAujKEjiOGeaAyt6SjBmKy6ezrP90V1MjzXW7qsr-3iIdzq_M=w16383 HTTP/1.1Host: lh5.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://sites.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://sites.google.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=PT%20Sans%3A400%2C700%7CMerriweather%3A400%2C700&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://sites.google.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=PT%20Sans%3A400%2C700%7CMerriweather%3A400%2C700&display=swapAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /4baYZrcHmiE7ZKGZJ663qknfJkZmpMlivEutAcwAujKEjiOGeaAyt6SjBmKy6ezrP90V1MjzXW7qsr-3iIdzq_M=w16383 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lh5.googleusercontent.com
Source: global traffic HTTP traffic detected: GET /Wd_wknVICrI7GuuM4qtcie9snyzQVNZlz5S7a_zFU3iPl0IhAU8q0AT1d42cO26VJH1v43FVWNqjcSg_jAE_lxo=w16383 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lh5.googleusercontent.com
Source: global traffic HTTP traffic detected: GET /Wd_wknVICrI7GuuM4qtcie9snyzQVNZlz5S7a_zFU3iPl0IhAU8q0AT1d42cO26VJH1v43FVWNqjcSg_jAE_lxo=w16383 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lh5.googleusercontent.comIf-None-Match: "v1"
Source: global traffic HTTP traffic detected: GET /MXrI3IRfodt8Nim2WSoCFDX0pNnpfit5w-fNMptyaPzYiSWVN_Duz0kGq6hMyIg_Yh4X68o80Dl0P5xg0ntXqi7kaWKLabeZqDRbG7S90qHOJsd-W5BqUj41wpMDdsDG6A=w1280 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lh4.googleusercontent.com
Source: global traffic HTTP traffic detected: GET /IDlwhHCxbd6E8qTLmYz1qoEuA4weX9ToGtcAeBJclSnecrRMrrhPjj81JcYhluDpBaK-wU8poPbo0QzeqDLH6XRQgXkg-CkAaQLXHM6ssO1yIUsM5fvKJiW2yoHWLo4tyA=w1280 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lh4.googleusercontent.com
Source: global traffic HTTP traffic detected: GET /NvVfoDKaFqFbEYmY_0YGEeQhwCvwBGhLxbrHdo0C20j3iuFyJmoRIOu-aLlkWDAW8peDka8D6p5vDV7Kvu8jYnw=w16383 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lh6.googleusercontent.com
Source: global traffic HTTP traffic detected: GET /66XogdyLACCqlQsth4mS_y6PCkflhGbJcwdxwJxyBeBGBRwe5LvVMxJMQHaSBl0EXaX2VC9Ykw4Pde5t1Gfg9QsD84JW5FJvUqwvKTU7n3DMpWctVBX7OUrSSqKR6GpBwg=w1280 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lh3.googleusercontent.com
Source: global traffic HTTP traffic detected: GET /url?q=https%3A%2F%2Fprotective-glistening-people.glitch.me%2Fa.html&sa=D&sntz=1&usg=AFQjCNE3AXCYZpM83juSb429VtosyK-bUg HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=L8fFvzSSImKqJLxWn4iQ8XuB6uQhK5D_HxcrcstFO4E-7pNxgn8NRrbCRYUzVUos9R-FYZTpziGEhy_9AtCATfeKAS1_stcIQpnPwTObrX2O8y_H4mhgeBPICYSX_YxvQVGRwnNcLo1LBoHZARIib_gs620avl2obbhSV91NSGg
Source: global traffic HTTP traffic detected: GET /NvVfoDKaFqFbEYmY_0YGEeQhwCvwBGhLxbrHdo0C20j3iuFyJmoRIOu-aLlkWDAW8peDka8D6p5vDV7Kvu8jYnw=w16383 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lh6.googleusercontent.comIf-None-Match: "v1"
Source: global traffic HTTP traffic detected: GET /a.html HTTP/1.1Host: protective-glistening-people.glitch.meConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/url?q=https%3A%2F%2Fprotective-glistening-people.glitch.me%2Fa.html&sa=D&sntz=1&usg=AFQjCNE3AXCYZpM83juSb429VtosyK-bUgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593 HTTP/1.1Host: cdn.glitch.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://protective-glistening-people.glitch.me/a.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP/1.1Host: cloud.webtype.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://protective-glistening-people.glitch.me/a.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP/1.1Host: cloud.typenetwork.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://protective-glistening-people.glitch.me/a.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png HTTP/1.1Host: cdn.glitch.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://protective-glistening-people.glitch.me/a.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /projects/5027/fontface.css/ HTTP/1.1Host: cloud.typenetwork.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: protective-glistening-people.glitch.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://protective-glistening-people.glitch.me/a.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /technologies/cookies HTTP/1.1Host: policies.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.google.com/policies/technologies/cookies/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=L8fFvzSSImKqJLxWn4iQ8XuB6uQhK5D_HxcrcstFO4E-7pNxgn8NRrbCRYUzVUos9R-FYZTpziGEhy_9AtCATfeKAS1_stcIQpnPwTObrX2O8y_H4mhgeBPICYSX_YxvQVGRwnNcLo1LBoHZARIib_gs620avl2obbhSV91NSGg
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: www.google.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 27 Jan 2022 22:05:37 GMTContent-Type: text/html; charset=utf-8Content-Length: 1930Connection: closeCache-Control: max-age=0ETag: W/"78a-v/0NQwFUHD+MwdUDXLgAso0Y8f8"
Source: global traffic HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 27 Jan 2022 22:05:38 GMTContent-Type: text/html; charset=utf-8Content-Length: 1930Connection: closeCache-Control: max-age=0ETag: W/"78a-v/0NQwFUHD+MwdUDXLgAso0Y8f8"
Source: angular.js.2.dr String found in binary or memory: http://angularjs.org
Source: data_3.4.dr String found in binary or memory: http://crl.pki.goog/gsr1/gsr1.crl0;
Source: data_3.4.dr String found in binary or memory: http://crl.pki.goog/gtsr1/gtsr1.crl0W
Source: data_3.4.dr String found in binary or memory: http://crls.pki.goog/gts1c3/QOvJ0N1sT2A.crl0
Source: data_3.4.dr String found in binary or memory: http://crls.pki.goog/gts1c3/QqFxbi9M48c.crl0
Source: data_3.4.dr String found in binary or memory: http://crls.pki.goog/gts1c3/fVJxbV-Ktmk.crl0
Source: data_3.4.dr String found in binary or memory: http://crls.pki.goog/gts1c3/moVDfISia2k.crl0
Source: data_3.4.dr String found in binary or memory: http://crls.pki.goog/gts1c3/zdATt0Ex_Fk.crl0
Source: angular.js.2.dr String found in binary or memory: http://errors.angularjs.org/1.6.4-local
Source: data_1.4.dr, Favicons.2.dr, History.2.dr, Current Session.2.dr String found in binary or memory: http://google.com/
Source: History.2.dr String found in binary or memory: http://google.com/Google
Source: History.2.dr String found in binary or memory: http://google.com/Google/55
Source: pnacl_public_x86_64_pnacl_sz_nexe.2.dr, pnacl_public_x86_64_pnacl_llc_nexe.2.dr String found in binary or memory: http://llvm.org/):
Source: data_3.4.dr String found in binary or memory: http://ocsp.pki.goog/gsr10)
Source: data_3.4.dr String found in binary or memory: http://ocsp.pki.goog/gts1c301
Source: data_3.4.dr String found in binary or memory: http://ocsp.pki.goog/gtsr100
Source: data_3.4.dr String found in binary or memory: http://pki.goog/gsr1/gsr1.crt02
Source: data_3.4.dr String found in binary or memory: http://pki.goog/repo/certs/gts1c3.der0
Source: data_3.4.dr String found in binary or memory: http://pki.goog/repo/certs/gts1c3.der0M
Source: data_3.4.dr String found in binary or memory: http://pki.goog/repo/certs/gts1c3.der0c
Source: data_3.4.dr String found in binary or memory: http://pki.goog/repo/certs/gtsr1.der04
Source: mirroring_hangouts.js.2.dr String found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: mirroring_hangouts.js.2.dr String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: data_1.4.dr, Favicons.2.dr, History.2.dr, Network Action Predictor.2.dr String found in binary or memory: http://www.google.com/
Source: data_1.4.dr String found in binary or memory: http://www.google.com/Content-Type:
Source: History.2.dr String found in binary or memory: http://www.google.com/Google
Source: History.2.dr String found in binary or memory: http://www.google.com/Google/55
Source: mirroring_hangouts.js.2.dr String found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
Source: mirroring_hangouts.js.2.dr String found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
Source: Reporting and NEL.4.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=5zFkm%2FnLrdTzQlMfulMVvjMaAOr5aMyswTowNINz8CUMbXwy5qfC%2BF1
Source: Reporting and NEL.4.dr String found in binary or memory: https://a.nel.cloudflare.com/report/v3?s=evTxnEDZnJh50rwXPIimXn0J4nPbMQ%2BaGVv9%2BkwEF56unvw0%2FXohd
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, 90959df8-82ae-45e7-8e3b-35dc247353ab.tmp.4.dr, manifest.json3.2.dr String found in binary or memory: https://accounts.google.com
Source: craw_window.js.2.dr String found in binary or memory: https://accounts.google.com/MergeSession
Source: data_3.4.dr String found in binary or memory: https://apis.google.com
Source: Network Action Predictor.2.dr String found in binary or memory: https://apis.google.com/
Source: data_1.4.dr String found in binary or memory: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fQLVS3SAB_U.O/m=gapi_iframes
Source: data_1.4.dr String found in binary or memory: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=client/rt=j/sv=1/d=1/
Source: mirroring_common.js.2.dr String found in binary or memory: https://apis.google.com/js/client.js
Source: data_1.4.dr String found in binary or memory: https://apis.google.com/js/client.js?onload=gapiLoaded
Source: data_1.4.dr String found in binary or memory: https://apis.google.com/js/client.js?onload=gapiLoadedWj
Source: mirroring_common.js.2.dr String found in binary or memory: https://castedumessaging-pa.googleapis.com/v1
Source: data_1.4.dr, data_2.4.dr String found in binary or memory: https://cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1
Source: data_1.4.dr, data_2.4.dr String found in binary or memory: https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
Source: data_2.4.dr String found in binary or memory: https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.pngServe
Source: data_1.4.dr String found in binary or memory: https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.pngr
Source: pnacl_public_x86_64_libpnacl_irt_shim_dummy_a.2.dr String found in binary or memory: https://chromium.googlesource.com/a/native_client/pnacl-clang.git
Source: pnacl_public_x86_64_libpnacl_irt_shim_dummy_a.2.dr String found in binary or memory: https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, 90959df8-82ae-45e7-8e3b-35dc247353ab.tmp.4.dr String found in binary or memory: https://clients2.google.com
Source: mirroring_hangouts.js.2.dr, mirroring_cast_streaming.js.2.dr String found in binary or memory: https://clients2.google.com/cr/report
Source: manifest.json0.2.dr, manifest.json3.2.dr, manifest.json.2.dr String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, 90959df8-82ae-45e7-8e3b-35dc247353ab.tmp.4.dr String found in binary or memory: https://clients2.googleusercontent.com
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://clients6.google.com
Source: Network Action Predictor.2.dr String found in binary or memory: https://cloud.typenetwork.com/
Source: data_1.4.dr, data_2.4.dr String found in binary or memory: https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
Source: data_2.4.dr String found in binary or memory: https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.cssReport-To:
Source: data_1.4.dr String found in binary or memory: https://cloud.typenetwork.com/projects/5027/fontface.css/
Source: data_1.4.dr, data_2.4.dr String found in binary or memory: https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
Source: data_1.4.dr String found in binary or memory: https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css??
Source: pnacl_public_x86_64_ld_nexe.2.dr String found in binary or memory: https://code.google.com/p/nativeclient/issues/entry
Source: pnacl_public_x86_64_ld_nexe.2.dr String found in binary or memory: https://code.google.com/p/nativeclient/issues/entry%s:
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr String found in binary or memory: https://content-autofill.googleapis.com
Source: data_1.4.dr String found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIUCUMm1IiBWOoFEgk
Source: data_1.4.dr String found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIUCfXVVDuyAKTxEgk
Source: manifest.json3.2.dr String found in binary or memory: https://content.googleapis.com
Source: common.js.2.dr, mirroring_cast_streaming.js.2.dr String found in binary or memory: https://crash.corp.google.com/samples?reportid=&q=
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://creativecommons.org/publicdomain/zero/1.0/.
Source: data_2.4.dr, data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/apps-themes
Source: data_2.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy:
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/apps-themescross-origin-resource-policy:cross-origincross-origin-open
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signerscross-origin-resource-policy:cro
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/botguard-scs
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/botguard-scscross-origin-resource-policy:cross-origincross-origin-ope
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/cloudview
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/cloudviewcross-origin-resource-policy:cross-origincross-origin-opener
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/gws-team
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/gws-teamcross-origin-resource-policy:cross-origincross-origin-opener-
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/gws/cdt1
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/gws/cdt1bfcache-opt-in:unloadcontent-disposition:attachment;
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/gws/cdt1bfcache-opt-in:unloaddate:Thu
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/gws/cdt1bfcache-opt-in:unloadp3p:CP=
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/one-google-eng
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/one-google-engcross-origin-resource-policy:cross-origincross-origin-o
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-sites
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/botguard-scs
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/cloudview
Source: Reporting and NEL.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-ICoFJ9VXgvj-MamPyZ8u8P8wifEU_jWh0oMT5PP7Ad4_5
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/gws-team
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/one-google-eng
Source: Reporting and NEL.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/one-google-engl
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/static-on-bigtable
Source: Reporting and NEL.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/static-on-bigtableQ
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/youtube
Source: Reporting and NEL.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/report-to/youtube_
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/social-frontend-mpm-access
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/social-frontend-mpm-accesscross-origin-resource-policy:cross-origincr
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/static-on-bigtable;
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/youtube
Source: data_3.4.dr String found in binary or memory: https://csp.withgoogle.com/csp/youtubecross-origin-opener-policy-report-only:same-origin;
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, 90959df8-82ae-45e7-8e3b-35dc247353ab.tmp.4.dr, e6aabcb6-1d63-45c6-a58b-05e8d31de655.tmp.4.dr, dee34e74-6561-453b-a342-a54e6df20d3c.tmp.4.dr String found in binary or memory: https://dns.google
Source: mirroring_common.js.2.dr String found in binary or memory: https://docs.google.com
Source: manifest.json3.2.dr String found in binary or memory: https://feedback.googleusercontent.com
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, 90959df8-82ae-45e7-8e3b-35dc247353ab.tmp.4.dr String found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor.2.dr String found in binary or memory: https://fonts.googleapis.com/
Source: data_1.4.dr String found in binary or memory: https://fonts.googleapis.com/css?family=Google
Source: data_1.4.dr String found in binary or memory: https://fonts.googleapis.com/css?family=PT%20Sans%3A400%2C700%7CMerriweather%3A400%2C700&display=swa
Source: manifest.json3.2.dr String found in binary or memory: https://fonts.googleapis.com;
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com
Source: Network Action Predictor.2.dr String found in binary or memory: https://fonts.gstatic.com/
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2I
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-cSZMZ-Y.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-cyZMZ-Y.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2)
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2)
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2CgkKBw29hYMPGgA=
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZVcf6lvg.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2)
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2J
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0-ExdGM.woff2)
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2)
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2LY9
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0aExdGM.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0yExdGM.woff2)
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0OOtLQ0Z.woff2)
Source: data_3.4.dr String found in binary or memory: https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2)
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2tf
Source: data_1.4.dr String found in binary or memory: https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Source: manifest.json3.2.dr String found in binary or memory: https://fonts.gstatic.com;
Source: material_css_min.css.2.dr, angular.js.2.dr String found in binary or memory: https://github.com/angular/material
Source: craw_window.js.2.dr, craw_background.js.2.dr String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: data_2.4.dr String found in binary or memory: https://glitch.com/help/kb/article/72
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://hangouts.clients6.google.com
Source: manifest.json3.2.dr String found in binary or memory: https://hangouts.google.com/
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://hangouts.google.com/hangouts/_/logpref
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr String found in binary or memory: https://i.ytimg.com
Source: data_1.4.dr String found in binary or memory: https://i.ytimg.com/vi_webp/TBR-xtJVq7E/sddefault.webp
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr String found in binary or memory: https://jnn-pa.googleapis.com
Source: data_1.4.dr String found in binary or memory: https://lh3.googleusercontent.com/66XogdyLACCqlQsth4mS_y6PCkflhGbJcwdxwJxyBeBGBRwe5LvVMxJMQHaSBl0EXa
Source: data_1.4.dr String found in binary or memory: https://lh3.googleusercontent.com/qjBzkJDM4122hyfmyamFygXomy-ge4NWgOcHdqadCAC_j_XnH0Or_VjmZpOp3MBr1G
Source: data_1.4.dr String found in binary or memory: https://lh4.googleusercontent.com/IDlwhHCxbd6E8qTLmYz1qoEuA4weX9ToGtcAeBJclSnecrRMrrhPjj81JcYhluDpBa
Source: data_1.4.dr String found in binary or memory: https://lh4.googleusercontent.com/MXrI3IRfodt8Nim2WSoCFDX0pNnpfit5w-fNMptyaPzYiSWVN_Duz0kGq6hMyIg_Yh
Source: data_1.4.dr String found in binary or memory: https://lh4.googleusercontent.com/z03a-o6CHwzRo9STnzxvPVjrD72NV1fpucyDQwBKKcTdxYIa2D2lrSICkSdgpIiL_3
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr String found in binary or memory: https://lh5.googleusercontent.com
Source: data_1.4.dr String found in binary or memory: https://lh5.googleusercontent.com/4baYZrcHmiE7ZKGZJ663qknfJkZmpMlivEutAcwAujKEjiOGeaAyt6SjBmKy6ezrP9
Source: data_1.4.dr String found in binary or memory: https://lh5.googleusercontent.com/Wd_wknVICrI7GuuM4qtcie9snyzQVNZlz5S7a_zFU3iPl0IhAU8q0AT1d42cO26VJH
Source: data_1.4.dr String found in binary or memory: https://lh6.googleusercontent.com/9s6jsiXCfts8JvW8nF65AIcEzSxNKbA5YXJlI60L6vo2SamYiMY0xFgoRPA1dwzP5f
Source: data_1.4.dr String found in binary or memory: https://lh6.googleusercontent.com/NvVfoDKaFqFbEYmY_0YGEeQhwCvwBGhLxbrHdo0C20j3iuFyJmoRIOu-aLlkWDAW8p
Source: data_1.4.dr String found in binary or memory: https://lh6.googleusercontent.com/kHlEB5WpAev1ZZPKAXj0I1cjB9U75w7MXhI0OtXaa5FiRS5KIsuCM8Kd-zddhdwbNe
Source: data_1.4.dr String found in binary or memory: https://lh6.googleusercontent.com/pJkqabniSswFXr0z1N5zTfd-_A8QgzCjH0LAN0FSeg0ZGouNhpdgtAcWfTc1MTslyE
Source: mirroring_common.js.2.dr String found in binary or memory: https://meet.google.com
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://meetings.clients6.google.com
Source: mirroring_common.js.2.dr String found in binary or memory: https://networktraversal.googleapis.com/v1alpha
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, 90959df8-82ae-45e7-8e3b-35dc247353ab.tmp.4.dr String found in binary or memory: https://ogs.google.com
Source: craw_window.js.2.dr, manifest.json.2.dr String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: data_3.4.dr String found in binary or memory: https://pki.goog/repository/0
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, 90959df8-82ae-45e7-8e3b-35dc247353ab.tmp.4.dr String found in binary or memory: https://play.google.com
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: Current Session.2.dr String found in binary or memory: https://policies.google.com
Source: Current Session.2.dr String found in binary or memory: https://policies.google.com#
Source: Network Action Predictor.2.dr, Current Session.2.dr String found in binary or memory: https://policies.google.com/
Source: data_1.4.dr String found in binary or memory: https://policies.google.com/_/IdentityPoliciesUi/manifest.json
Source: data_1.4.dr String found in binary or memory: https://policies.google.com/_/IdentityPoliciesUi/manifest.jsonJ
Source: Current Session.2.dr String found in binary or memory: https://policies.google.com/technologies/cookies
Source: Current Session.2.dr String found in binary or memory: https://policies.google.com/technologies/cookies2
Source: Current Session.2.dr String found in binary or memory: https://policies.google.com/technologies/cookies2How
Source: History.2.dr String found in binary or memory: https://policies.google.com/technologies/cookiesHow
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://preprod-hangouts-googleapis.sandbox.google.com
Source: Network Action Predictor.2.dr String found in binary or memory: https://protective-glistening-people.glitch.me/
Source: Current Session.2.dr String found in binary or memory: https://protective-glistening-people.glitch.me/a.html
Source: data_2.4.dr String found in binary or memory: https://protective-glistening-people.glitch.me/a.htmlCache-Control:
Source: History.2.dr String found in binary or memory: https://protective-glistening-people.glitch.me/a.htmlOops
Source: data_1.4.dr String found in binary or memory: https://protective-glistening-people.glitch.me/favicon.ico
Source: data_1.4.dr String found in binary or memory: https://protective-glistening-people.glitch.me/favicon.ico/
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr String found in binary or memory: https://r4---sn-4g5lznek.gvt1.com
Source: data_3.4.dr String found in binary or memory: https://r4---sn-4g5lznek.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic?cms_redirect=yes&mh=I2&mip=84.17
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr String found in binary or memory: https://redirector.gvt1.com
Source: data_1.4.dr String found in binary or memory: https://redirector.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic
Source: craw_window.js.2.dr, manifest.json.2.dr String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, Current Session.2.dr String found in binary or memory: https://sites.google.com
Source: 000003.log2.2.dr, Network Action Predictor.2.dr String found in binary or memory: https://sites.google.com/
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/faq
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/faqE
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/faqFamily
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.a887fllea086
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.a887fllea086Family
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.a887fllea086W
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.a887fllea086Z$
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.afyj9j9g00b0
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.afyj9j9g00b0:
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.afyj9j9g00b0Family
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.wz7mar23iqyu
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.wz7mar23iqyuFamily
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/history#h.wz7mar23iqyuW
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/historyE
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/historyFamily
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/historyM
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/home
Source: History Provider Cache.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/home2
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/homeFamily
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/homeG
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.a4rji4pxv1xr
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.a4rji4pxv1xr(Family
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.a4rji4pxv1xrFamily
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.a4rji4pxv1xrW
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.a4rji4pxv1xry
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.mc9c3iu9koq0
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.mc9c3iu9koq0(Family
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.mc9c3iu9koq0Family
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.mc9c3iu9koq0T
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.qfch9jlvl9zz
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.qfch9jlvl9zz(Family
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.qfch9jlvl9zzFamily
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.qfch9jlvl9zzT
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.u12q2quik1io
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.u12q2quik1io(Family
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.u12q2quik1ioFamily
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team#h.u12q2quik1ioT
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team(
Source: Current Session.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/team(Family
Source: History.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/teamFamily
Source: Favicons.2.dr String found in binary or memory: https://sites.google.com/view/familyfocusfederalcreditunion/teamH
Source: data_3.4.dr String found in binary or memory: https://ssl.gstatic.com
Source: data_1.4.dr, Favicons.2.dr String found in binary or memory: https://ssl.gstatic.com/atari/images/public/favicon.ico
Source: data_1.4.dr, Favicons.2.dr String found in binary or memory: https://ssl.gstatic.com/policies/favicon.ico
Source: Favicons.2.dr String found in binary or memory: https://ssl.gstatic.com/policies/favicon.ico;
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr String found in binary or memory: https://stats.g.doubleclick.net
Source: data_1.4.dr String found in binary or memory: https://store.typenetwork.com/account/licenses
Source: messages.json74.2.dr, messages.json0.2.dr, messages.json15.2.dr, messages.json67.2.dr, messages.json50.2.dr, messages.json17.2.dr, messages.json76.2.dr, messages.json16.2.dr, messages.json62.2.dr, messages.json51.2.dr, messages.json75.2.dr, messages.json5.2.dr, messages.json49.2.dr, messages.json46.2.dr, messages.json81.2.dr, messages.json66.2.dr, messages.json18.2.dr, messages.json28.2.dr, messages.json65.2.dr, messages.json79.2.dr, messages.json63.2.dr String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json74.2.dr, messages.json0.2.dr, messages.json15.2.dr, messages.json67.2.dr, messages.json50.2.dr, messages.json17.2.dr, messages.json76.2.dr, messages.json16.2.dr, messages.json62.2.dr, messages.json51.2.dr, messages.json75.2.dr, messages.json5.2.dr, messages.json49.2.dr, messages.json46.2.dr, messages.json81.2.dr, messages.json66.2.dr, messages.json18.2.dr, messages.json28.2.dr, messages.json65.2.dr, messages.json79.2.dr, messages.json63.2.dr String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: craw_window.js.2.dr, craw_background.js.2.dr String found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: data_3.4.dr String found in binary or memory: https://www.google-analytics.com
Source: data_3.4.dr String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: data_3.4.dr String found in binary or memory: https://www.google.com
Source: 000003.log2.2.dr, Network Action Predictor.2.dr, manifest.json.2.dr String found in binary or memory: https://www.google.com/
Source: Current Session.2.dr String found in binary or memory: https://www.google.com/?gws_rd=ssl
Source: data_1.4.dr String found in binary or memory: https://www.google.com/?gws_rd=sslCache-Control:
Source: History.2.dr String found in binary or memory: https://www.google.com/?gws_rd=sslGoogle
Source: craw_window.js.2.dr String found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: data_1.4.dr String found in binary or memory: https://www.google.com/client_204?&atyp=i&biw=1280&bih=869&ei=ZBfzYYOGE_SS9u8P5fWQwA8
Source: data_1.4.dr String found in binary or memory: https://www.google.com/client_204?cs=1
Source: data_1.4.dr String found in binary or memory: https://www.google.com/client_204?cs=1D
Source: data_1.4.dr String found in binary or memory: https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&hl=de-CH&authuser=0&psi=ZBfzYYOG
Source: data_1.4.dr, Favicons.2.dr String found in binary or memory: https://www.google.com/favicon.ico
Source: Favicons.2.dr String found in binary or memory: https://www.google.com/favicon.ico0
Source: data_1.4.dr String found in binary or memory: https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Source: data_1.4.dr String found in binary or memory: https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_74x24dp.png
Source: craw_window.js.2.dr String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.2.dr String found in binary or memory: https://www.google.com/images/dot2.gif
Source: data_1.4.dr String found in binary or memory: https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Source: craw_window.js.2.dr String found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.2.dr String found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: data_1.4.dr String found in binary or memory: https://www.google.com/js/th/-Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js
Source: data_1.4.dr String found in binary or memory: https://www.google.com/js/th/-Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.jsd
Source: mirroring_hangouts.js.2.dr String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: data_1.4.dr String found in binary or memory: https://www.google.com/manifest?pwa=webhp
Source: Current Session.2.dr String found in binary or memory: https://www.google.com/policies/technologies/cookies/
Source: History.2.dr String found in binary or memory: https://www.google.com/policies/technologies/cookies/How
Source: data_1.4.dr String found in binary or memory: https://www.google.com/policies/technologies/cookies/f
Source: feedback_script.js.2.dr String found in binary or memory: https://www.google.com/tools/feedback
Source: History.2.dr String found in binary or memory: https://www.google.com/url?q=https%3A%2F%2Fprotective-glistening-people.glitch.me%2Fa.html&sa=D&sntz
Source: data_1.4.dr String found in binary or memory: https://www.google.com/xjs/_/js/k=xjs.s.de_CH.FlsMbQHIWNI.O/am=CCgA2EoAAAhmIAAAAAAAAAAEAg8GAEAAJJIAA
Source: data_2.4.dr String found in binary or memory: https://www.google.com/xjs/_/js/k=xjs.s.de_CH.FlsMbQHIWNI.O/ck=xjs.s.C4SKK1Nkd4I.L.W.O/am=CCgA2EoAAA
Source: manifest.json3.2.dr String found in binary or memory: https://www.google.com;
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr, craw_window.js.2.dr, 90959df8-82ae-45e7-8e3b-35dc247353ab.tmp.4.dr, craw_background.js.2.dr String found in binary or memory: https://www.googleapis.com
Source: manifest.json.2.dr String found in binary or memory: https://www.googleapis.com/
Source: data_3.4.dr String found in binary or memory: https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri
Source: manifest.json3.2.dr String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json3.2.dr String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json.2.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.2.dr String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json3.2.dr String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json3.2.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json3.2.dr String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json3.2.dr String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json3.2.dr String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json.2.dr String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.2.dr String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json3.2.dr String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: mirroring_common.js.2.dr String found in binary or memory: https://www.googleapis.com/calendar/v3
Source: mirroring_common.js.2.dr String found in binary or memory: https://www.googleapis.com/hangouts/v1
Source: data_3.4.dr String found in binary or memory: https://www.gstatic.com
Source: Network Action Predictor.2.dr String found in binary or memory: https://www.gstatic.com/
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Ew0MmwB_oRo.O/d=0/rs=AGEqA5l3UDf6kAnJtbEyOtGu-
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.Ew0MmwB_oRo.O/d=1/rs=AGEqA5l3UDf6kAnJtbEyOtGu-
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/_/atari/_/ss/k=atari.vw.he5Xaj-WEyw.L.W.O/d=1/rs=AGEqA5nV3ElEYIOcO096gH8XqPt
Source: data_2.4.dr String found in binary or memory: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdentityPoliciesUi.en_US.VvUNLlSoNk4.
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Source: common.js.2.dr String found in binary or memory: https://www.gstatic.com/hangouts_echo_detector/release/%
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.jwekfjYLLn8.O/rt=j/m=q_dnp
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.jwekfjYLLn8.O/rt=j/m=qabr
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/og/_/ss/k=og.qtm.kDNwmoEj9qY.L.W.O/m=qcwid/excm=qaaw
Source: data_1.4.dr String found in binary or memory: https://www.gstatic.com/og/_/ss/k=og.qtm.kDNwmoEj9qY.L.W.O/m=qmd
Source: manifest.json3.2.dr String found in binary or memory: https://www.gstatic.com;
Source: 000003.log3.2.dr String found in binary or memory: https://www.youtube-nocookie.com
Source: 000003.log2.2.dr, Network Action Predictor.2.dr String found in binary or memory: https://www.youtube-nocookie.com/
Source: Current Session.2.dr String found in binary or memory: https://www.youtube-nocookie.com/embed/TBR-xtJVq7E?rel=0&showinfo=0&theme=light&version=3&hl=en&cc_l
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/generate_204?pAGr2Q
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/generate_204?yyp_HQ
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/generate_204?yyp_HQ7;
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/8ad9c87a/fetch-polyfill.vflset/fetch-polyfill.js
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/8ad9c87a/player_ias.vflset/en_US/base.js
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/8ad9c87a/player_ias.vflset/en_US/embed.js
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/8ad9c87a/player_ias.vflset/en_US/remote.js
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/8ad9c87a/player_ias.vflset/en_US/remote.js=e
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/8ad9c87a/www-player-webp.css
Source: data_1.4.dr String found in binary or memory: https://www.youtube-nocookie.com/s/player/8ad9c87a/www-player-webp.cssY
Source: 44cfde47-23ff-49fe-aa35-19697b9947b0.tmp.4.dr String found in binary or memory: https://yt3.ggpht.com
Source: data_1.4.dr String found in binary or memory: https://yt3.ggpht.com/ytc/AKedOLQhCqLTkEGQeSzNuaSndU18yVP8hqtaW-zJ4-ylRlw=s68-c-k-c0x00ffffff-no-rj
Source: unknown HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49744 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49743 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49756 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49768 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49769 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.186.182:443 -> 192.168.2.3:49815 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.225:443 -> 192.168.2.3:49816 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.186.164:443 -> 192.168.2.3:49819 version: TLS 1.2
Source: unknown HTTPS traffic detected: 142.250.185.65:443 -> 192.168.2.3:49902 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Temp\119ea12b-e59f-428b-b50d-e0df24594a52.tmp Jump to behavior
Source: classification engine Classification label: mal64.phis.win@54/273@34/23
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://sites.google.com/view/familyfocusfederalcreditunion/home
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1500,6052585006456171848,1810093256929191656,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1500,6052585006456171848,1810093256929191656,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=4252 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1500,6052585006456171848,1810093256929191656,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=4220 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1500,6052585006456171848,1810093256929191656,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1500,6052585006456171848,1810093256929191656,131072 --lang=en-US --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=4252 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1500,6052585006456171848,1810093256929191656,131072 --lang=en-US --service-sandbox-type=video_capture --enable-audio-service-sandbox --mojo-platform-channel-handle=4220 /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61F395AB-1A74.pma Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: agree
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Automated click: agree
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic Jump to behavior
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 561856 URL: https://sites.google.com/vi... Startdate: 27/01/2022 Architecture: WINDOWS Score: 64 24 yt3.ggpht.com 2->24 26 www.google.com 2->26 28 9 other IPs or domains 2->28 40 Antivirus detection for URL or domain 2->40 42 Antivirus / Scanner detection for submitted sample 2->42 44 Yara detected HtmlPhish20 2->44 7 chrome.exe 15 395 2->7         started        signatures3 process4 dnsIp5 30 192.168.2.1 unknown unknown 7->30 32 239.255.255.250 unknown Reserved 7->32 18 C:\...\pnacl_public_x86_64_pnacl_sz_nexe, ELF 7->18 dropped 20 C:\...\pnacl_public_x86_64_pnacl_llc_nexe, ELF 7->20 dropped 22 C:\Users\user\...\pnacl_public_x86_64_ld_nexe, ELF 7->22 dropped 11 chrome.exe 58 7->11         started        14 chrome.exe 7->14         started        16 chrome.exe 1 6 7->16         started        file6 process7 dnsIp8 34 adservice.google.com 142.250.184.226, 443, 49931 GOOGLEUS United States 11->34 36 gstaticadssl.l.google.com 142.250.184.227, 443, 49560, 49724 GOOGLEUS United States 11->36 38 31 other IPs or domains 11->38
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
192.229.233.123
 cs549.wac.deltacdn.net United States
15133 EDGECASTUS false
142.250.185.78
 youtube-ui.l.google.com United States
15169 GOOGLEUS false
52.44.125.193
 protective-glistening-people.glitch.me United States
14618 AMAZON-AESUS false
142.250.185.206
 google.com United States
15169 GOOGLEUS false
142.250.74.206
 sites.google.com United States
15169 GOOGLEUS false
52.84.174.111
 cdn.glitch.me United States
16509 AMAZON-02US false
142.250.185.225
 photos-ugc.l.googleusercontent.com United States
15169 GOOGLEUS false
142.250.186.110
 plus.l.google.com United States
15169 GOOGLEUS false
142.250.184.226
 adservice.google.com United States
15169 GOOGLEUS false
142.250.184.227
 gstaticadssl.l.google.com United States
15169 GOOGLEUS false
172.217.16.141
 accounts.google.com United States
15169 GOOGLEUS false
142.250.185.65
 googlehosted.l.googleusercontent.com United States
15169 GOOGLEUS false
172.217.16.142
 policies.google.com United States
15169 GOOGLEUS false
142.250.186.78
 play.google.com United States
15169 GOOGLEUS false
142.250.186.182
 i.ytimg.com United States
15169 GOOGLEUS false
74.125.140.156
 stats.l.doubleclick.net United States
15169 GOOGLEUS false
188.114.96.7
 cloud.webtype.com European Union
13335 CLOUDFLARENETUS false
239.255.255.250
 unknown Reserved
unknown unknown false
52.84.174.66
 cdn.glitch.com United States
16509 AMAZON-02US false
142.250.185.174
 www-google-analytics.l.google.com United States
15169 GOOGLEUS false
142.250.186.164
 www.google.com United States
15169 GOOGLEUS false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name IP Active
gstaticadssl.l.google.com 142.250.184.227 true
cdn.glitch.me 52.84.174.111 true
google.com 142.250.185.206 true
accounts.google.com 172.217.16.141 true
plus.l.google.com 142.250.186.110 true
www-google-analytics.l.google.com 142.250.185.174 true
stats.l.doubleclick.net 74.125.140.156 true
cloud.webtype.com 188.114.96.7 true
i.ytimg.com 142.250.186.182 true
sites.google.com 142.250.74.206 true
policies.google.com 172.217.16.142 true
adservice.google.com 142.250.184.226 true
youtube-ui.l.google.com 142.250.185.78 true
cdn.glitch.com 52.84.174.66 true
cs549.wac.deltacdn.net 192.229.233.123 true
play.google.com 142.250.186.78 true
photos-ugc.l.googleusercontent.com 142.250.185.225 true
www.google.com 142.250.186.164 true
clients.l.google.com 142.250.185.78 true
protective-glistening-people.glitch.me 52.44.125.193 true
googlehosted.l.googleusercontent.com 142.250.185.65 true
yt3.ggpht.com unknown unknown
lh6.googleusercontent.com unknown unknown
lh3.googleusercontent.com unknown unknown
stats.g.doubleclick.net unknown unknown
clients2.googleusercontent.com unknown unknown
lh5.googleusercontent.com unknown unknown
clients2.google.com unknown unknown
cloud.typenetwork.com unknown unknown
apis.google.com unknown unknown
lh4.googleusercontent.com unknown unknown
www.youtube-nocookie.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://lh5.googleusercontent.com/Wd_wknVICrI7GuuM4qtcie9snyzQVNZlz5S7a_zFU3iPl0IhAU8q0AT1d42cO26VJH1v43FVWNqjcSg_jAE_lxo=w16383 false
    		high
    https://sites.google.com/view/familyfocusfederalcreditunion/team#h.u12q2quik1io false
      		high
      https://policies.google.com/technologies/cookies false
        		high
        https://sites.google.com/view/familyfocusfederalcreditunion/home false
          		high
          https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 false
            		high
            https://www.google.com/url?q=https%3A%2F%2Fprotective-glistening-people.glitch.me%2Fa.html&sa=D&sntz=1&usg=AFQjCNE3AXCYZpM83juSb429VtosyK-bUg false
              		high
              https://sites.google.com/view/familyfocusfederalcreditunion/home false
                		high
                https://apis.google.com/js/client.js?onload=gapiLoaded false
                  		high
                  https://lh3.googleusercontent.com/66XogdyLACCqlQsth4mS_y6PCkflhGbJcwdxwJxyBeBGBRwe5LvVMxJMQHaSBl0EXaX2VC9Ykw4Pde5t1Gfg9QsD84JW5FJvUqwvKTU7n3DMpWctVBX7OUrSSqKR6GpBwg=w1280 false
                    		high
                    https://protective-glistening-people.glitch.me/a.html false
                    • SlashNext: Fake Login Page type: Phishing & Social Engineering
                    		 high
                    https://cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593 false
                      		high
                      https://sites.google.com/view/familyfocusfederalcreditunion/team#h.mc9c3iu9koq0 false
                        		high
                        https://lh4.googleusercontent.com/IDlwhHCxbd6E8qTLmYz1qoEuA4weX9ToGtcAeBJclSnecrRMrrhPjj81JcYhluDpBaK-wU8poPbo0QzeqDLH6XRQgXkg-CkAaQLXHM6ssO1yIUsM5fvKJiW2yoHWLo4tyA=w1280 false
                          		high
                          https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css false
                            		high
                            https://protective-glistening-people.glitch.me/favicon.ico false
                              		high